Category Archives: Information Ethics

Once More to the Breach

ACRLog welcomes a guest post from Mark Herring, Dean of Library Services at Winthrop University.

Summer’s over, I know, but we must go once more to the breach of web privacy. A California librarian recently complained about Amazon’s new Kindle ebooks lending program for libraries. The complaint focuses on Amazon’s privacy policy and advertising. In a ten minute video (the transcript of which is here), the librarian argues that in our hasty “greed” to get books into the hand of readers, librarians violated one of our sacred trusts: privacy protection. Amazon keeps a record of all books lent on Kindles via corporate servers. This information is later used like it is on the website, both to recommend new titles and of course advertise products by selling that information elsewhere. While the story was picked up in the library press and on Slashdot, it wasn’t widely publicized, at least not to the extent of the story of Amazon’s lending program. The reason why is simple: web privacy is now a non-starter.

This isn’t the first such story about Web privacy (or lack thereof), and it is not likely to be the last. But it is a non-issue and will remain so as far as cyberspace extends. It’s not as if we weren’t warned.

As long as go as 1999, in a widely publicized story (perhaps forgotten now?), Scott McNealy, CEO of Sun Microsystems, told a group that the issue of privacy on the Web was a “red herring” (no relation by the way). McNealy went on to say that “You have zero privacy anyway. Get over it.” McNealy wasn’t the only one to argue in this manner, and neither is Amazon the only company with a patent disregard for privacy. Frankly, any company or social network on the Web puts privacy on low priority. Don’t get me wrong. Privacy isn’t an absolute right. I can think of times when not disclosing someone’s shenanigans would border on the criminal. But our patrons should be able to do basic library business without being hounded.

To be sure, the strength of the poisoned privacy varies among various Web apothecaries. With Facebook rapidly approaching one billion users, only a tiny minority remain who can care about privacy. Only last year Zuckerberg reminded all of us that “the age of privacy is over.” At the time, some saw this as an about-face. But anyone who followed Facebook helter-skelter knew otherwise. James Grimmelmann remarked once that of all the social networks, Facebook had the best privacy statement, and it was awful.

But I like the way Zuckerberg phrased it because I think it sums up nicely where we are about the Web and privacy. It’s a brave new world, and those not yet on board are from another, older and quite possibly, flat one. This was never made clearer to me than a few years ago.

I had the distinct pleasure to visit MIT in 2009 and learn of new web-related inventions in the proverbial “pipeline.” Amid our somewhat graying profession were these twentysomethings, naturally, all exceedingly bright. Some of what we saw has already come to pass, while others remain in development. There were toys, apps, and so on. But what really caught my eye was a broach or lapel pin.

This pin, our attractive, late twentysomething, explained to us, made certain you never forgot a name or a face again. I’m terrible with names, so naturally I perked up even more. When you approach a person, she said, the pin casts his or her “vitals” on their chest, visible to you but not to them. Commonly known things, she said, like age, marital status, number of children, where they work, recent vacations or even recent accomplishments. This way, she told us cheerfully, you’re never at a loss what to talk about. You know, how are the kids, is Peter enjoying Harvard, and how was the vacation in the Caymans?

Several of us, all over 50, let out an audible gasp. But isn’t that a violation of privacy, we asked, almost in unison. Oh, no, she reassured us. It’s all on the Web anyway. And then she said something that I don’t think I’ll ever forget. When asked about the ethics of it all, she replied, again cheerily, “Those are issues taken up by another department. We don’t really engage in the ethics part of it.” And that’s when I knew. We are of a different age because even the developers no longer think about these things, assuming they once did. Ethics will ponder that matter and get back to you. But don’t call us; we’ll call you.

None of us want to remain fully anonymous, but many of us–at least those of us over 50–would prefer to remain somewhat private. Not anymore. Everything we are or hope to be, whether true or not, is on the Web; and someone is or will be making use of it. In this brave new world, we all live our lives on the backs of so many digital postcards that travel the globe daily.

This isn’t about going back, or trying to recapture the genie or clean up the toothpaste. Those days are over. Rather this is about how we librarians have become students of change and must now weigh those changes regularly. As the Web changes books, it also changes the libraries that house them. And so McLuhan was right after all: We shape our tools and thereafter our tools shape us.

And so here we are, once more to the breach. Habent sua fata libelli: books have their fates. The only question that remains today is this one: is this the fate we want for them, for our libraries?

The Bearer of Bad News

One of the college service projects I’m working on involves the creation of a new digital platform for teaching and learning at my college. As faculty have begun to use the platform for their courses this semester, I’m finding that there’s been an uptick in the number of questions I field about posting course readings online. We don’t have an ereserve system at my library, and while I take any opportunity I can get to promote direct linking into our article databases, inevitably there are readings that faculty need to assign to their students that aren’t available in the databases.

It’s so interesting to see the range of awareness about copyright issues among my faculty colleagues. When they ask me whether then can post scanned book chapters or articles on their password-protected course sites, I respond by mentioning the Georgia State copyright case and urging caution. Many (most?) of the faculty I’ve spoken with aren’t aware of the case, perhaps because, like so many other aspects of the scholarly communications system, it seems like a library problem?

I like talking with faculty about copyright alternatives: about open access publishing, public domain materials, creative commons licenses, and how openness benefits researchers and the public — I could go on for hours. And I sympathize with faculty who struggle to get course materials to their students in the most efficient way possible. But I don’t like it when there are no acceptable alternatives. That’s tough to talk about, and I hate the hollow awkwardness that comes with telling colleagues that it’s not advisable to do something that is already such an accepted practice in faculty culture.

The Georgia State trial has ended. Once the verdict is announced, whatever the decision, we’ll have another opportunity for conversations about copyright alternatives with faculty. How can we promote awareness across the academy and emphasize that copyright isn’t just a library issue?

Personal Content Capitalism

I’ve been hearing less and less about Google+ lately, the social network launched by the search giant over the summer. I can’t comment on its functionality because I haven’t tried it; while I’m interested, I’ve got a couple of big projects going on and don’t have the bandwidth right now for an additional flavor of social media. However, my partner is on Google+ and recently let me know that he added me to a circle. I have a Google account and use lots of other Google services, but feels weird that people I know can add me to Google+ circles even though I’m not using the service.

It’s worth thinking about the way social media and internet services are monetizing (or trying to monetize) our personal content. Like many librarians and academics I rely on these services frequently, though I’ve lately begun to question whether the advantages and convenience that they provide are worth it. Last month the professional social networking website LinkedIn retreated from an earlier decision to include photographs from their users’ profile pages in ads for the service. This was just the latest in what seems to be an ever-increasing number of news items about social media companies that push their users’ comfort levels with privacy a bit to far.

A few months ago I quit Facebook because I was concerned that their privacy policies are growing evermore fluid at the same time that everyone seems to be using it to post information about events, photos, etc. Every time I commented on a friend’s wall or uploaded a picture of my kid I felt like I wasn’t getting nearly as much out of my end of the relationship as Facebook was from me. I have to admit, though, that I do miss the easy access to information from a wide range of folks I know from many stages of my life.

Like Facebook, Google uses our personal content to sell ads. Of course, selling internet ads is Google’s whole business: we are Google’s product, and the longer Google can keep us online, the more money they can make selling ads. I don’t use Gmail because I have another email provider. But I’m a heavy user of other Google services. I keep my personal schedule in Google Calendar because at our library we use it for our internal scheduling. I use Docs to collaborate with colleagues everywhere: in my library (though we are shifting to an internal wiki for much of that), with colleagues across the university system where I work, and with long-distance collaborators. And checking in with Google Reader is a staple of my daily routine.

But lately I’m reconsidering all of the personal content I’ve willingly given to internet services. I’m not sure how to ramp down my use of these tools that I’ve become so dependent on, especially given the number of people I work and communicate with who use the same tools. What’s the appropriate balance of control over our personal content and convenient, useful services? And how should we help guide students in making these same decisions?

Stranger Than Fiction

My head’s been buzzing since I first read yesterday on the New York Times Bits Blog that coder and activist Aaron Swartz was indicted under federal hacking laws for illegally downloading millions of articles from JSTOR (the full text of the indictment is embedded at the bottom of the post). Since then I’ve read through lots of articles and tweets, news about the case having all but taken over my Twitter stream, including a more in-depth story in today’s Times. And I’m finding that with every article I read I have more questions than answers.

Why’d he do it? Swartz is well known as an information activist and open access advocate, so this question’s not hard to answer. I’d hazard that it’s also not a stretch for many librarians to sympathize with Swartz at least a little bit. After all, we spend our days helping people find information, and we know all too well the frustrations of not being able to access the information we and our patrons need. I’ve read that Swartz wanted to use the data for research, but as JSTOR points out in the official statement, there are procedures in place for scholars who want to use large parts of JSTOR’s database for research.

What, exactly, did he do? This has been difficult to tease out, and the information in the many articles around the internet is highly varied. The indictment accuses Swartz of installing a laptop in a wiring closet at MIT to download large portions of JSTOR’s content. But it’s interesting to see terms like “hacking” and “stealing” used as synonyms with “illegal downloading” and “violating license terms” in many articles describing the case. As noted in an article in Wired:

Swartz used guest accounts to access the network and is not accused of finding a security hole to slip through or using stolen credentials, as hacking is typically defined.

On the other hand, Demand Progress, the progressive political organization founded by Swartz, has compared Swartz’s actions to “allegedly checking too many books out of the library” (a quote that’s been heavily retweeted). Of course, this analogy doesn’t really hold up, since books and databases operate under very different ownership models.

Why JSTOR? I’d guess that this is a question only a librarian would have, but I can’t help wondering why JSTOR? Why didn’t Swartz pick on one of the giant scholarly journal publishers with well-publicized huge profit margins? Perhaps JSTOR was easiest for him to access? Or maybe, because JSTOR isn’t one of the biggies, he suspected that if he got caught they wouldn’t press charges? It’s been reported that JSTOR secured the return of the downloaded content and did not press charges; the case is being brought by the U.S. Attorney’s Office.

What does this mean for libraries? And for the open access movement? As I was sitting down to finish writing this my CUNY colleague Stephen Francoeur sent out a link to this post on the Forbes blog that terms Swartz’s actions “reckless and counterproductive.” The post gets at something that’s been nagging at me since yesterday: it points out the possibility that the reputation of the open access movement could be damaged by association. And I’m still not sure how exactly to articulate it, but I worry that there may be fallout from this event that could have a negative effect on academic libraries, too.

Social Hacking at the Library

I’m always interested to read about ideas that folks outside of librarianship have about libraries. The other day my partner forwarded me a tweet from tech publisher Tim O’Reilly:

Interesting note about an MIT professor who “hacked” (socially) the library as a way of recruiting interesting students http://bit.ly/k4qzrl

O’Reilly links to Harvard’s Library Innovation Lab blog to a brief post by Matt Phillips that discusses an obituary for an MIT professor. The obituary noted that this faculty member kept many library books in his office long after they were due, because:

the library would send him the students who wanted those books, and he would interview them as potential assistants

Phillips goes on to write:

People connect through works held at the library and the library should encourage these connections.

Many of the thoughts that ran through my head after reading this are expressed in the comments for the blog post. How could the library reveal which patron had checked out those books?! Doesn’t LibraryThing (among other social reading tools) already help readers connect over similar interests? And what about the poor students who didn’t feel like going over to that faculty member’s office — wasn’t he holding those books hostage?

While the specifics of this situation are probably somewhat unique to the institution, I do think that providing opportunities for patrons to connect around library collections is an interesting idea. But the privacy concerns are a big deal. Protecting our patrons’ privacy is a core value of librarianship, and revealing to another patron who has checked out a book flies directly in the face of that.

Perhaps we could provide the opportunity for patrons to opt-in to a service that would allow them to connect with other interested readers, to give our users a choice between keeping their reading history private and sharing it. Though I worry that it can sometimes be easier to see the short term benefits of decreased privacy than the possible longer term detriments. With so many services incrementally moving to public by default (yes, Facebook, I’m looking at you) it’s getting easier to share more and more of our information, and it seems like the more we share the easier it gets.

There are also technical issues. Barbara wrote about academic libraries using LibraryThing a couple of years ago, but it seems like most libraries that have added LibraryThing to their catalogs feature tags and related readings only, not the kinds of social connections that are available on the main LibraryThing site. Would it be possible to layer what is essentially social networking on top of our library catalogs? I’m sure the feasibility of this would vary between catalogs. There are some promising social networking applications out there, including open source options like BuddyPress, a plugin for the WordPress blogging platform, which might be a candidate for a social catalog hack.

I’m sure there are lots of other possibilities for making our catalogs (and databases?) more social and helping our readers connect over their shared interests. If you’re experimenting with these kinds of features in your library, I’d love to hear about your experiences.