Another year has come and gone, and with it, another OLITA Digital Odyssey has passed! On June 10th, 2016, OLITA held their annual professional development event at Hamilton Public Library. In case you missed it, here is a recap of the day’s sessions, as well as a few ways you can implement some of what was covered, in your own libraries! The following was written by Eric Liebregts, eServices Specialist at St. Thomas Public Library.
This year’s Digital Odyssey was a fantastic collection of speakers talking about an issue that many IT professionals and library patrons feel is of importance: privacy in the digital age. It was a privilege to get to share ideas with such impressive and inspiring professionals.
The keynote speaker was Laura Tribe, Digital Rights Specialist at OpenMedia.org, a Canadian organization that seeks to improve privacy through political activism. Her presentation was an exposé of the frightening reach that governments, corporations, and criminals have when it comes to personal information in the digital age. She outlined a philosophical basis for privacy in general, and provided rebuttals to the oft-cited “nothing to hide, nothing to fear” justification for state surveillance.
Karen Louse Smith outlined practical ways to raise public awareness about privacy and digital literacy through a series of activities and privacy badges. Activities include tracing the “digital trail” that a person leaves as they go through a typical day, highlighting personally identifiable information (PII) that can be gleaned from online activities, and discussing the importance of technical networking concepts (like IP addresses) and how they relate to tracking online activity.
Dan Scott provided a case for Chromebooks as being ideal for public-access kiosks and loaner laptops, because of the privacy settings that they allow (…provided you trust Google to protect your information, of course! ).
Myron Groover presented the results of a study into the state of privacy and security of library catalogues, websites, and public access computers. His studies suggest that most libraries in Canada and the US are seriously lacking when it comes to enacting basic measures to protect their customers’ information.
Michel Castagne outlined some tools and techniques for evaluating the security and privacy of library products, such as websites. He used an online tool that gives an A-to-F rating of a website’s security.
The final speaker of the day was Alison Macrina, who is a librarian and privacy activist. She provided a more technical discussion of specific privacy and security tools and techniques, including schemes for creating good passwords, using Tor to anonymize web surfing, and using VPNs. She also provided excellent rebuttals to the argument that “only criminals need these tools”.
This year’s Digital Odyssey provided many actionable technical and programming ideas that could be implemented in libraries. During a lunchtime discussion with nearby colleagues, we brainstormed ideas for actually executing some of these technical measures on public Internet computer terminals. We recognized that the critical challenge is balancing privacy and usability. Our preferred method would be to allow customers to choose their own privacy levels. One option could be to create two separate Windows login options for library patrons: one with “standard” settings, and the other with “enhanced privacy” settings. The second login would need to include a notice that increased privacy often entails decreased usability. Another option could be to designate certain public machines “standard” and others “enhanced privacy” machines.
The final session of the day was essentially a blueprint for educating library patrons about the importance of online privacy and security. Educating end-users about this stuff is increasingly vital, as hard security is useless without users having the soft skills to be able to detect suspicious activities and avoid risky behaviors. Libraries could design a public education course that focuses entirely on the techniques that regular people (i.e. not techies!) can use to protect their online data. Such a program could be structured as follows:
- What is privacy? Why is privacy important? Why the “nothing to hide, nothing to fear” justification for surveillance is dangerous and wrong. How the simple act of me using privacy tools helps protect people in oppressive regimes and living situations.
- Exploring your personal “data trail”. Understanding how technical things like IP addresses work and how they can be used to track you online. Showing customers how much personal information is available about them online. Discussing covert state surveillance operations being conducted at this very moment (in Canada!), e.g. stingrays.
- Techniques for improving online security and privacy. Good passwords, using VPNs, the TOR browser, encryption, identifying malware, keeping software up-to-date.
Finally, as a way to keep privacy and security in the digital age “top of mind” for all library staff, you could implement a monthly “cyber health and safety” component to staff meetings, for example. This is just one way you can make it a priority to ensure that your staff, and patrons, fully understand, and are comfortable with, online privacy and security.
Can’t wait until next year, to see what OLITA’s Digital Odyssey comes up with next!
This content is published under the Attribution-Noncommercial-Share Alike 3.0 Unported license.