to anyone who can source the slide title) •That would be because somebody is, on the Internet. Guaranteed. •Lots of somebodies, in fact... •Our friends at the National Security Agency, along with who knows what other nation-level trafﬁc snoops •Our friends at Facebook and other social-media properties (but especially Facebook) who pay their bills by selling personal and behavioral information •Our friends at Google, increasingly •Our marketing friends, who love to track our peregrinations across the web •Our black-hat hacker un-friends
public realizing? •(via Ars Technica, http://arstechnica.com/tech-policy/2013/09/let-us-count-the-ways-how-the- feds-legally-technically-get-our-data/ Categories mine.) •Social engineering •A company volunteers to help (and gets paid for it) •A company complies under legal duress •Spooks inﬁltrate a company •Spooks coerce upstream companies (and standards agencies?) to weaken crypto in their products/install backdoors •Actual technology breakage •Spooks copy the trafﬁc directly off the ﬁber (sometimes without owner’s knowledge) •Spooks brute force the crypto •Spooks compromise a digital certiﬁcate •Spooks hack a target computer directly, stealing keys and/or data; sabotage.
Association: III. We protect each library user's right to privacy and conﬁdentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted. VI. We do not advance private interests at the expense of library users, colleagues, or our employing institutions. •Does this include patron Internet access? Well, why wouldn’t it?
not like we’re going to deep-sea-dive to prevent data from being lifted off overseas ﬁber! •Interdependence is the nature of the Internet; we don’t have much choice but to trust some possibly-untrustworthy actors. •We can’t always stop people from compromising their own privacy and security, sometimes in really amazingly thoughtless ways. •You have my blessing not to ﬁx all the things! •I don’t think that’s license to throw up our hands and do nothing. I hope you agree.
against? •How much will this disrupt the patron experience? The librarian’s day? •The ideal: nobody notices, but everybody is safer. •How much care and feeding does this take? •Installation and upgrading •Support •For some strategies, bandwidth •Can a librarian turn this off? A patron? •The correct answer is ideally “yes, but you won’t want to.”
expensive. I know it’s time- consuming, including the time to learn the new version. •Do it anyway. Including for any browser plugins you install. •Black hats love to pwn older software. •So do spooks. •Red alert: if you’re using any software that’s gone past its last support date. This is hideously dangerous. Don’t do it! •If your IT shop is recalcitrant about patches and upgrades... this is actually a hill you DO want to die on.
misuse nonexistent data. •So don’t keep data whenever you can avoid it. •Patron-speciﬁc circulation data (we’re used to this) •Chat-reference logs •Access data on electronic resources, especially if tied to an individual patron •Behavior data on patron computers, e.g. use logs, browser caches, browser history, search logs. Return computers to a neutral state as often as feasible. •Website behavior data (I know, I know!) •Keep (as little) aggregate data (as possible) when you have a speciﬁc need for it. Otherwise, pitch that too! •You never know when “reidentiﬁcation” strategies will bite someone.
GSU’s electronic reserves violated their copyright. •Among other things in the ruling (my paraphrase): “If students didn’t read it, copyright wasn’t infringed.” •I have my doubts this will hold up on appeal (IANAL), but even so... •... doesn’t that mean that if publishers can’t prove students read anything, it’s harder for them to prove infringement? •If so, that means forget about student analytics, delete course-management system logs!!!!!! •(“Student/learning analytics” is getting to be stunningly creepy anyway. School and academic librarians, we should be questioning this movement.)
Facebook Like button? Is a web bug. •If a patron is logged into Facebook, Facebook records pages they browse that have Like buttons on them. Even if the patron never clicks Like! •Facebook swears it doesn’t track logged-out users any more. That they once did inclines me not to believe them. •And Facebook is just the one we happen to know about. •Getty embedded-image program: includes surveillance by web bug! •If you must have social-media buttons in the more social parts of your web presence, okay, I can’t stop you. •But not in your OPAC! Not ever! Hat tip: Sarah Houghton-Jan
that stands a chance of working. •It’s not a big chance, mind you... •Write clear policy and procedure about who can have what data when, and after what formalities. •Train staff on it. With role-playing exercises. •Trust me, you are doing them a favor. Social engineering is used to attack private individuals all the time! •Write clear policy and procedure on data retention or (ideally) lack thereof. •This is just common cover-your-posterior sense.
it! •Browsers let you change the default site searched with the browser search bar, or via the URL bar. •Better option: DuckDuckGo •Better option: Ixquick •Patrons may notice the difference; leave a spiel at the ref desk.
•Do not let the browser keep history. •Wiping at the end of a session is ﬁne. •Do not let the browser share location information without informing the patron. •If your bandwidth can stand it, turn browser caching off. •If patrons notice slow browsing, then let the browser cache, but set it to delete the cache on quit. •Shortcut to a lot of this: “private browsing” mode by default.
https:// www.google.com/settings/ads •(for best results, log into any Google account you have ﬁrst; or compare logged-in and logged-out states) •Pretty creepy, huh? Yeah. Thought so. •There’s a few teensy opt-out links toward the bottom of the page. Go ahead and use them. (I’ll wait.) •Now go and show this to others! (And imagine Facebook’s. Shudder.) •Glutton for punishment? •http://juliaangwin.com/privacy-tools-opting-out-from-data-brokers/ Hat tip: Stephen Francoeur
of dead-man’s-switch for surveillance. •It may be illegal to tell a patron they’re being surveilled (Patriot Act)... •... but is it illegal to tell them they’re not? Or, um, stop telling them they’re not? •Important caveat: we don’t actually know. Nobody’s taken a warrant canary to court yet. •Useful publicity stunt as part of education? •Also, watch warrant canaries from service and equipment providers.
have to remember. You just have to remember your password manager’s password! •You probably can’t implement these in your library... •... but you CAN and SHOULD evangelize them! •Solid choices: •LastPass (Win, Mac, Linux, iOS, WinMobile, Android, BlackBerry) •1Password (Win, Mac, iOS, Android) •KeePass Password Safe (open-source, cross-platform)
“web bugs” •They do not block ads! They do help keep ads from damaging privacy. •Several available, e.g. •Ghostery: ghostery.com •DoNotTrackMe: dnt.abine.com •Disconnect: disconnect.me •In my experience, when these are working well they are completely unobtrusive. •Test ﬁrst! I personally have had Ghostery issues on Firefox/Mac. •Leave “how to disable” instructions at the ref desk, just in case.
get that. •If you decide against ad blockers on that basis, we’re still friends. •I do not buy the “but our site is paid for by advertising!” argument. Not in libraries. •ALA Code of Ethics VI •The winner and still champ: getadblock.com •Add EasyList for automatic blocking of many ads. •Patrons may notice... usually in a good way! •Training/tech support: Suggest installing an adblocker in the browser of an Internet-naïve or otherwise scam-vulnerable person.
•Most browsers have a preference for this anyway, but a few don’t. •Mostly unobtrusive when used to block so-called “third-party cookies.” •I won’t swear you won’t run into the occasional issue, however. •Very obtrusive when used to block all cookies preemptively. I don’t recommend this. •Cookie Monster (Firefox): addons.mozilla.org/en-US/ ﬁrefox/addon/cookie-monster/
it; uninstall it if it’s there” camp. •Big caveat: web conferencing, including Adobe Connect and Elluminate/Blackboard, often depends on it. •So if you must have it, don’t let it auto-run anything ever.
WIRELESS. Talk to your nerds about this. •WPA2 is better than WPA, which is better than WEP, which is (marginally) better than nothing. •... they’re all kind of bad, honestly. But it’s what we have. •“Coffeehouse wiﬁ” may be most practical: one prominently-posted username/password combo •(This is lousy security. But again, it’s the better-than-nothing scenario. With WPA, this doesn’t actually mean that wireless users on your network can snoop other wireless users’ trafﬁc.)
trafﬁc •Routes bits and bytes through a labyrinth •Will slow down browsing appreciably! •Probably overrides web-ﬁltering software, if you’re using it (hint, hint) •Does help create “herd immunity” to surveillance, however. •Not quite the nuclear option, but... rocket-launcher option, maybe?