Category Archives: Privacy

Once More to the Breach

ACRLog welcomes a guest post from Mark Herring, Dean of Library Services at Winthrop University.

Summer’s over, I know, but we must go once more to the breach of web privacy. A California librarian recently complained about Amazon’s new Kindle ebooks lending program for libraries. The complaint focuses on Amazon’s privacy policy and advertising. In a ten minute video (the transcript of which is here), the librarian argues that in our hasty “greed” to get books into the hand of readers, librarians violated one of our sacred trusts: privacy protection. Amazon keeps a record of all books lent on Kindles via corporate servers. This information is later used like it is on the website, both to recommend new titles and of course advertise products by selling that information elsewhere. While the story was picked up in the library press and on Slashdot, it wasn’t widely publicized, at least not to the extent of the story of Amazon’s lending program. The reason why is simple: web privacy is now a non-starter.

This isn’t the first such story about Web privacy (or lack thereof), and it is not likely to be the last. But it is a non-issue and will remain so as far as cyberspace extends. It’s not as if we weren’t warned.

As long as go as 1999, in a widely publicized story (perhaps forgotten now?), Scott McNealy, CEO of Sun Microsystems, told a group that the issue of privacy on the Web was a “red herring” (no relation by the way). McNealy went on to say that “You have zero privacy anyway. Get over it.” McNealy wasn’t the only one to argue in this manner, and neither is Amazon the only company with a patent disregard for privacy. Frankly, any company or social network on the Web puts privacy on low priority. Don’t get me wrong. Privacy isn’t an absolute right. I can think of times when not disclosing someone’s shenanigans would border on the criminal. But our patrons should be able to do basic library business without being hounded.

To be sure, the strength of the poisoned privacy varies among various Web apothecaries. With Facebook rapidly approaching one billion users, only a tiny minority remain who can care about privacy. Only last year Zuckerberg reminded all of us that “the age of privacy is over.” At the time, some saw this as an about-face. But anyone who followed Facebook helter-skelter knew otherwise. James Grimmelmann remarked once that of all the social networks, Facebook had the best privacy statement, and it was awful.

But I like the way Zuckerberg phrased it because I think it sums up nicely where we are about the Web and privacy. It’s a brave new world, and those not yet on board are from another, older and quite possibly, flat one. This was never made clearer to me than a few years ago.

I had the distinct pleasure to visit MIT in 2009 and learn of new web-related inventions in the proverbial “pipeline.” Amid our somewhat graying profession were these twentysomethings, naturally, all exceedingly bright. Some of what we saw has already come to pass, while others remain in development. There were toys, apps, and so on. But what really caught my eye was a broach or lapel pin.

This pin, our attractive, late twentysomething, explained to us, made certain you never forgot a name or a face again. I’m terrible with names, so naturally I perked up even more. When you approach a person, she said, the pin casts his or her “vitals” on their chest, visible to you but not to them. Commonly known things, she said, like age, marital status, number of children, where they work, recent vacations or even recent accomplishments. This way, she told us cheerfully, you’re never at a loss what to talk about. You know, how are the kids, is Peter enjoying Harvard, and how was the vacation in the Caymans?

Several of us, all over 50, let out an audible gasp. But isn’t that a violation of privacy, we asked, almost in unison. Oh, no, she reassured us. It’s all on the Web anyway. And then she said something that I don’t think I’ll ever forget. When asked about the ethics of it all, she replied, again cheerily, “Those are issues taken up by another department. We don’t really engage in the ethics part of it.” And that’s when I knew. We are of a different age because even the developers no longer think about these things, assuming they once did. Ethics will ponder that matter and get back to you. But don’t call us; we’ll call you.

None of us want to remain fully anonymous, but many of us–at least those of us over 50–would prefer to remain somewhat private. Not anymore. Everything we are or hope to be, whether true or not, is on the Web; and someone is or will be making use of it. In this brave new world, we all live our lives on the backs of so many digital postcards that travel the globe daily.

This isn’t about going back, or trying to recapture the genie or clean up the toothpaste. Those days are over. Rather this is about how we librarians have become students of change and must now weigh those changes regularly. As the Web changes books, it also changes the libraries that house them. And so McLuhan was right after all: We shape our tools and thereafter our tools shape us.

And so here we are, once more to the breach. Habent sua fata libelli: books have their fates. The only question that remains today is this one: is this the fate we want for them, for our libraries?

Personal Content Capitalism

I’ve been hearing less and less about Google+ lately, the social network launched by the search giant over the summer. I can’t comment on its functionality because I haven’t tried it; while I’m interested, I’ve got a couple of big projects going on and don’t have the bandwidth right now for an additional flavor of social media. However, my partner is on Google+ and recently let me know that he added me to a circle. I have a Google account and use lots of other Google services, but feels weird that people I know can add me to Google+ circles even though I’m not using the service.

It’s worth thinking about the way social media and internet services are monetizing (or trying to monetize) our personal content. Like many librarians and academics I rely on these services frequently, though I’ve lately begun to question whether the advantages and convenience that they provide are worth it. Last month the professional social networking website LinkedIn retreated from an earlier decision to include photographs from their users’ profile pages in ads for the service. This was just the latest in what seems to be an ever-increasing number of news items about social media companies that push their users’ comfort levels with privacy a bit to far.

A few months ago I quit Facebook because I was concerned that their privacy policies are growing evermore fluid at the same time that everyone seems to be using it to post information about events, photos, etc. Every time I commented on a friend’s wall or uploaded a picture of my kid I felt like I wasn’t getting nearly as much out of my end of the relationship as Facebook was from me. I have to admit, though, that I do miss the easy access to information from a wide range of folks I know from many stages of my life.

Like Facebook, Google uses our personal content to sell ads. Of course, selling internet ads is Google’s whole business: we are Google’s product, and the longer Google can keep us online, the more money they can make selling ads. I don’t use Gmail because I have another email provider. But I’m a heavy user of other Google services. I keep my personal schedule in Google Calendar because at our library we use it for our internal scheduling. I use Docs to collaborate with colleagues everywhere: in my library (though we are shifting to an internal wiki for much of that), with colleagues across the university system where I work, and with long-distance collaborators. And checking in with Google Reader is a staple of my daily routine.

But lately I’m reconsidering all of the personal content I’ve willingly given to internet services. I’m not sure how to ramp down my use of these tools that I’ve become so dependent on, especially given the number of people I work and communicate with who use the same tools. What’s the appropriate balance of control over our personal content and convenient, useful services? And how should we help guide students in making these same decisions?

Another Case of the Missing Library

Steven just remarked on the Educause training toolkit for information literacy that somehow missed the fact that libraries have been working on it for some time. D’oh! This presentation on an Annenberg School-sponsored media survey also struck me as a place where “library” as a source of information is noticeably absent. (So are books.) Admittedly, the focus is on how media can recapture people’s attention as a trusted source of information, and it’s really focused on “how do we get consumers to pay attention to our advertising so we can recover that revenue stream.” But still … the survey asked about where people turn to find trusted information. The library is not one of the options. (See especially slides 20 and 24.)

The survey focused entirely on sources of information that can be optimized for advertising dollars – and how to drive the public toward news media for purchasing decisions – so they may have just decided libraries don’t belong on the list. But when they ask about “where you go for information” and libraries aren’t there, it suggests value is only attached to information sources that exist to generate advertising dollars and stock dividends.

The study reports that people are increasingly skeptical about mass media and that “word of mouth” is more important than being told what to read through PR and marketing. In other words, you PR flaks have shot yourselves in the foot and are now trying to learn how to talk like a human.

Maybe our users need to get a little more outspoken. Libraries have net assets worth billions! You can claim your dividend every time you use them! You can use them online with no pay wall! And no harvesting of personal information or annoying banner ads!

I think we have an edge, here, if only we were able to get the word out.

Some Thoughts on Privacy 2.0

The Pew Internet in American Life project has just come out with a report on how people feel about their online identity. Digital Footprints examines who keeps track of personal information available online, how they feel about inaccuracies they might find, and whether they are nervous that so much personal information is publicly available.

The majority of Internet users responding to the survey say they don’t worry about it. Most would like to control their digital image – but don’t take steps to do it. (Interestingly teens are more likely to limit access to their profiles. Many adults feel an unlimited online presence is necessary for their careers – and teens may feel limiting their profile is an equally smart move for their future careers.) Technology has changed our expectations: the interactivity of Web 2.0 and the addition of new data formats and geotagging will only increase the fine grain of our digital footprint. But so have external events. The public grew far more tolerant of having their privacy invaded after 9/11, according to several studies in a fascinating section of the report.

My guess is that we’ve been equally desensitized by advertising that is driven by harvesting and analyzing our searches, and by banks and other corporation routinely mining our lives for personal information. (Fortunately Senator Dodd thinks there should be some limits to corporate spying, at least when it contributes to a violation of the constitution.)

The recent OCLC report on Sharing, Privacy, and Trust in our Networked World found that only about half of respondents want libraries to keep their activities private, in contrast to librarians, who are more likely to find privacy important. In general, this report jibes with Pew’s in that people want to control what they share. They just aren’t very aware of what they’re sharing when they’re not in control. The degree of trust in information services that store their searches and use that information commercially either means there’s a disconnect between wanting to control what they share and letting corporations harvest information from their searches – or they simply don’t recognize the extent to which it’s happening.

The OCLC report urges libraries to do more social networking to develop trust.

We know that privacy is important to users, and to librarians, but we also know that sharing and open access matter. Privacy matters, but sharing matters more. If the axiom “convenience trumps quality” was the trade-off that gave rise to the search portals as providers of “good enough” information, it might be said of the social Web that “sharing trumps privacy.”

Unfortunately the example they use as a success in this area is the banking industry (huh?), not sites that seem to take both readers and privacy more seriously, like LibraryThing (which is not mentioned in the OCLC report, though it’s doing largely what the report recommends libraries do). And it seems to contradict the report’s belief that people are desperate to share that there are only seven comments at the site OCLC created to discuss the report.

The blogger Rudibrarian has a brilliant post on this issue.

Something I think about whenever I see a list of Cool 2.0 Free Tools You Can Implement At Your Library is privacy (or more accurately, confidentiality). Why are they free? Who’s getting what? Does the user retain ownership of their information? Is the library facilitating the sale or use of users’ information when offering this tool?

I *only* think about this when I see others’ implementations or lists of tools. I almost never think about it when I myself am doing something where I ought to think about it. Like, perhaps, when adding applications to my facebook….

…Users ought to worry about this stuff but the information world has gone completely mad and out of control and is being monetized and ramified in all sorts of ways they can’t even begin to understand when they take their first gateway drug (which might be a DisneyPhone designed to allow their parents to track their every movement and thus desensitize them further!)

So, librarians used to have this bill of rights to guide library services which states

IV. Libraries should cooperate with all persons and groups concerned with resisting abridgment of free expression and free access to ideas.

Which I read to mean that libraries and librarians work to support the statement that all individuals are free to read whatever they choose and that such reading is nobody’s business but their own. Essentially, that libraries and librarians are (or should be) committed to protecting patron privacy and confidentiality (two similar but not identical goals).

So, questions to ponder for later parsing:

1. Are libraries still committed to this?
2. Should we care that our patrons (especially academic library patrons, since that’s my ball of string) don’t care about their own privacy or confidentiality? Should their naiveté trump our responsibilities?
3. Does our desire to do more for our patrons hold hands with their naiveté to further sexy goals, or is it OK to not let them know what we’re doing (or that we don’t know!)?
4. Does anyone know how much info we’re giving away though Facebook? or other username/password identity sites?
5. Is it still within our power to prevent Minority Report from becoming reality?

To which I’d add: Aren’t these all questions we should be asking ourselves, right now, urgently?

Ketchup is a Form of Exercise

Catching up on a couple of previous posts . . .

There are two must-read discussions over at if:book on the NEA’s latest threnody for reading. The first looks at Matthew Kirschenbaum’s interesting take, previously published in the Chronicle. The NEA report assumes one sort of reading – solitary, linear, purposeless, and sustained. Yet there is a certain kind of reading that is lateral (and very common in academic libraries) – comparing texts, following footnotes, pursuing leads from one line of thought to another, books spread out for easier access – that has been around long before the digital era. (And, of course, now we even have a primer on how to talk about books we haven’t read.) The NEA assumes there is only one sort of reading that has value. I like a long, sustained read as much as anyone (I was a Russian Lit major, fer cripe’s sake!) but I do plenty of the other, and it’s valuable, too.

The other if:book instant classic is Nancy Kaplan looking at the NCES data that the NEA uses to link declines in “reading” (narrowly defined) and reading test scores. The NEA report skews it – and they’ve been outed. This is an important critique, and a fascinating example that demonstrates critical information literacy. This would actually make for a good classroom exercise – look at press coverage, go to the NEA source, then look at the underlying data. It’s a corker!

Finally – Facebook faced up to the storm of criticism that met their plan to broadcast to members’ friends what members are buying at other sites. (A few Christmas present surprises were spoiled in the process.) They’ve decided to make it opt-in, not opt-out. Let’s hope they learned something in the process.