Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Physical-Equivalent Privacy

Physical-Equivalent Privacy

Given for the NASIG 2021 conference.

Dorothea Salo

May 20, 2021
Tweet

More Decks by Dorothea Salo

Other Decks in Education

Transcript

  1. Physical-Equivalent


    Privacy
    Dorothea Salo


    the iSchool at UW-Madison


    NASIG 2021
    Background: Evelyn Flint, “Vintage Film 2” https://www.flickr.com/photos/evelynflint/16887278850/ CC-BY, proportions changed
    Hi, everybody, I’m Dorothea and
    ti
    me is short today, so let’s get on with Physical-Equivalent Privacy.

    View Slide

  2. I do want to men
    ti
    on that I’m sorry we couldn’t all be together in my hometown of Madison, and to extend my invita
    ti
    on to all of you in
    NASIG to visit here another
    ti
    me, we’d love to have you!

    View Slide

  3. Thank you, NASIG!
    And to thank NASIG, because the idea behind this talk comes from a talk NASIG invited me to give half a decade ago, and if you were there
    you may recognize the slide design!

    View Slide

  4. Thank you,


    Serials Librarian!
    And I also want to publicly thank the editors of Serials Librarian, because I sent them the paper a whole en
    ti
    re month late and they STILL
    accepted it. Thank you!

    View Slide

  5. Physical-Equivalent
    Privacy
    All right. Back to our topic, physical-equivalent privacy. In libraries, overall ethics codes aside, we have kind of two formal ways of assessing
    and declaring our commitments to privacy.

    View Slide

  6. Privacy Policies


    and Statements
    One is with actual privacy policies, and the occasional special statement about a speci
    fi
    c issue.

    View Slide

  7. What we claim


    we care about


    and are doing
    And these amount to “what we claim we care about and are doing” about privacy. Whether we actually care more than performa
    ti
    vely, much
    less whether we’re actually doing privacy-protec
    ti
    ve things, well… if you
    fi
    nd that at all, it won’t be in the actual policy or statement, that’s
    not what policies and statements are for.

    View Slide

  8. As an example privacy policy, here’s one I like that you can go check out from the San Francisco Public Library. As these things go it’s short and
    clear, and it’s honest, it isn’t trying to hide anything in doublespeak.

    View Slide

  9. And as an example of a privacy statement, at ALA Midwinter, there was a resolu
    ti
    on on the misuse of behavioral data surveillance, which, I
    don’t love the
    ti
    tle because it implies that behavioral data can be used in some way that ISN’T misuse, but y’all know me, I’m hardcore about
    this stu
    ff
    . Anyway, it’s a good resolu
    ti
    on, check it out, and kudos to Erin Berman for shepherding it through.

    View Slide

  10. Privacy Audits
    So because policies and statements aren’t designed to be where the rubber actually hits the road, we also have privacy audits, voluntary or
    in-.

    View Slide

  11. What we’re
    actually doing* **
    * ignores what third parties (like vendors, or campus/municipal IT)
    are doing
    ** ignores whether we’re actually doing what policies claim we are
    And these audits measure what we’re actually doing… with a couple of caveats. Caveat one, as ALA structures privacy audits, the audit is
    SOLELY of systems and services completely under the library’s control. There’s no audi
    ti
    ng of non-library third par
    ti
    es who also handle library
    or patron data, like campus or municipal IT, or an e-resource vendor.


    Caveat two, audits don’t o
    ft
    en measure prac
    ti
    ces against claims in privacy policies or ethics codes or anywhere else. It’s just, okay, here’s what
    we do.

    View Slide

  12. Duke Libraries did a privacy audit in twenty-nineteen and published their report in twenty-twenty. And it’s solid work, and I recommend it,
    but when I
    fi
    nished reading it, it le
    ft
    me curiously unsa
    ti
    s
    fi
    ed. There was all this detail about Duke’s prac
    ti
    ces, but at the end of the day, I
    couldn’t actually answer the ques
    ti
    on “are Duke Libraries protec
    ti
    ng patron privacy acceptably, especially with respect to e-resources?”


    And that’s partly on me, actually, because I didn’t really know what protec
    ti
    ng patron privacy acceptably online MEANT.

    View Slide

  13. Are we protecting
    privacy?
    Because nowhere in ALA’s audit guidelines is there anything that answers the ques
    ti
    on, what’s an acceptable amount of privacy? Or an
    acceptable amount of privacy viola
    ti
    on, if you want to turn it around.

    View Slide

  14. Image: media.digest, “Ruler |” https://www.flickr.com/photos/photo-digest/8757143845/ CC-BY
    There’s no yards
    ti
    ck. Nothing to measure against, especially online where things get slippery and there are giant new modes of privacy
    viola
    ti
    on — Gabriel’s going to talk about this, I won’t steal his thunder — but giant new modes of privacy viola
    ti
    on that most of us, myself
    included some
    ti
    mes, have trouble even
    fi
    guring out how to think about.

    View Slide

  15. Image: Mike Fernwood, “Jessy makes a movie” https://www.flickr.com/photos/ultimateslug/67568147/ CC-BY
    So then I got to thinking about that NASIG talk I gave, and there was this slide in it — yes, this is the actual slide! — where I posited some
    librarian saying “We’re going to follow you around the library and record what you’re reading with cameras and video, and we’ll keep that
    data inde
    fi
    nitely, but don’t worry, we totally won’t ask you your name, and we’re only following you around in order to Improve Our
    Services!”


    And I was like, in what world would that not be totally creepy?


    View Slide

  16. Physical-Equivalent
    Privacy
    And then I was like, whoa. That’s it. That’s the yards
    ti
    ck. And that’s what I want you all to take home, the idea that you can measure the
    privacy a
    ff
    ordances of an e-resource by
    fi
    guring out as best you can what-all data is being hoovered up, where it’s going, how iden
    ti fi
    able it is,
    and then imagining trying to hoover up and spread around the same kind of data for a patron using a bound volume in the stacks!


    And if the bound-volume scenario just gets u
    tt
    erly intrusive and gross and we would never — well, I think the e-resource scenario is just as
    intrusive, just as gross, and it really shouldn’t be happening.


    And that’s it. That’s physical-equivalent privacy in a nutshell.

    View Slide

  17. —American Library Association


    Code of Ethics


    Article I
    “We provide the highest level of service to all
    library users through… equitable service
    policies; equitable access…”
    And I think there are good reasons to do this comparison, beyond just the enlightenment of having a yards
    ti
    ck
    fi
    nally. One is captured in
    Ar
    ti
    cle I of the ALA Code of Ethics, which runs in part, “we provide the highest level of service to all library users through equitable service
    policies and equitable access.”


    I just can’t construe privacy-viola
    ti
    ng service as the highest level of service. And I can’t see how a systema
    ti
    c decrease in privacy when patrons
    use electronic rather than physical resources is in any way equitable service or equitable access!


    I think we can and should aim higher and do be
    tt
    er.

    View Slide

  18. —American Library Association


    Code of Ethics


    Article VI
    “We do not advance private interests at the
    expense of library users, colleagues, or our
    employing institutions.”
    And then there’s ar
    ti
    cle six, which goes “we do not advance private interests at the expense of library users.” I don’t think anybody is under
    ANY ILLUSIONS here that most systema
    ti
    c surveillance of e-resource users advances anything but private interests.

    View Slide

  19. What data gets collected? Shared?
    Would we do that?


    Should we be okay with it?
    What would we have to do


    to collect or share the same data


    about the user of a physical resource?
    So if that’s the yards
    ti
    ck, how do you use it?


    In prac
    ti
    ce, it’s a three-step process. The
    fi
    rst step is
    fi
    guring out what data gets collected and shared, and I don’t have to tell you that’s an art
    not a science, but we do the best we can, I discuss methods in the paper. Once we have an idea what’s going on, we imagine the same patron
    using the same informa
    ti
    on, just in physical form, and we think about what it’d take to collect and share that same data about that same
    patron.


    Then we ask ourselves, would we do that? And should we be okay with it? And that’s it. That’s how it works.

    View Slide

  20. Read more!
    https://doi.org/
    10.1080/0361526X.2021.


    1875962
    https://digital.library.wisc.edu/
    1793/81297

    View Slide

  21. “protect each library user's right


    to privacy and confidentiality


    with respect to information sought or received
    and resources consulted, borrowed,


    acquired or transmitted”
    NO EXCEPTIONS.
    library user
    reader
    My overall vision hasn’t changed since that last NASIG talk. ALA Code of Ethics, Ar
    ti
    cle III. {Read aloud if
    ti
    me.}

    View Slide

  22. Thank you!
    This presentation is copyright 2021 by Dorothea Salo.
    It is available under a


    Creative Commons Attribution 4.0 International
    license. Please respect licenses on included images.
    Dorothea Salo


    the iSchool at UW-Madison


    [email protected]

    View Slide