by Steve Zalusky
Facebook’s Cambridge Analytica data scandal and Facebook CEO Mark Zuckerberg’s testimony before Congress has served as a wake-up call to our nation about the pitfalls of “big data” and its impact on our privacy.
It is also calling attention to the important role played by librarians in safeguarding our privacy, even in the face of attempts by data analytics companies offering themselves to libraries themselves. That role will be in the spotlight from May 1-8, when the American Library Association celebrates Choose Privacy Week. The theme for this year’s celebration – “Big Data is Watching You” - is eerily apropos.
Choose Privacy Week promotes the importance of individual privacy rights and celebrates libraries and librarians' unique role in protecting privacy, focuses on growing threat of "big data" analytics, especially in a time when technology, mobile computing, social media and the growing adoption of "big data" analytics pose new threats to everyone's right to privacy.
Deborah Caldwell-Stone, deputy director of the ALA’s Office for Intellectual Freedom (OIF), said privacy is embedded in the association’s Code of Ethics, which states, “We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.”
Librarians have put themselves on the line to protect that right, she said, noting the example of Zoia Horn, who was jailed for refusing to disclose information that could be used against the Harrisburg Seven, anti-war activists accused of plotting against the government. Other examples have included George Christian, executive director of Library Connection, Inc., who received a National Security Letter from the FBI.
The week offers libraries and librarians a special opportunity to host privacy-centered programming, displays and other learning opportunities that assist patrons and librarians alike to learn, think critically and make more informed choices about privacy.
Caldwell-Stone said that could involve patron education, inviting speakers to speak about privacy or presenting programs that talk about the implications of the Patriot Act and the Cambridge Analytica scandal. In addition, she said, “it’s also an opportunity for libraries to examine their own privacy practices.”
For patrons, Choose Privacy Week is a great opportunity to take advantage of all your library has to offer in order to learn about protecting individual privacy, as well as to learn how much platforms like Facebook are collecting about you.
During Choose Privacy Week, the American Library Association invites librarians and library users to engage in a conversation about "big data" in the library and its impact on individuals' right to privacy via a week-long online forum that features commentaries by librarians, educators, and privacy experts. Featured writers include:
Eric Hellman, president, Free E-book Foundation and founder, Unglue.it and T.J. Lamanna, chair, New Jersey Intellectual Freedom Committee and emerging technologies librarian at the Cherry Hill Public Library, "Your Library Organization is Watching You."
Caldwell-Stone said, “We have seven guest bloggers lined up. They’re going to be talking about the broad theme of big data analytics in libraries, and how libraries should grapple with that ethically and practically.”
A number of products are available to libraries that offer to provide information about their users that they can connect with a patron’s record in order to market the library.
She said there is a major ethical issue here, “because the more data you gather and have on hand, the greater the risk of a data breach.” There is also the problem of consent. Did the user actually consent to the use of their data for the purpose for which it is being used?
She said, “I think all libraries want to protect patron privacy in those contexts. But we are engaged in this larger conversation. What does that mean in an era when big data analytics can improve marketing and the library perceives a need for marketing? What’s the obligation of the library? What kind of cybersecurity should the library have to protect the data it does collect? What’s its obligation to get rid of data. Because one of the aphorisms of good privacy practice is you don’t collect data you don’t need and you get rid of the data you did collect when you stopped needing it.”
One of the bloggers, Berman, is especially sensitive to the dangers posed by big data. She said her library has just finished conducting a privacy audit internally. It was done, she said, in accordance with the ALA’s privacy guidelines.
She said the library has also created an online self-defense course, which will teach people about being a good digital citizen, how to create strong passwords and how to avoid cyberattacks. “We’ll talk about phishing, malware and ransomware, and we actually have a little section on smartphone safety,” she said.
She said privacy is important, because, “I personally respect and view libraries as really that cornerstone of democracy. One of the reasons that a free democracy exists is because people can have free access to information without fear of reprisals from their government. They can look at things and interact with information and learn things without anybody looking at their stuff.”
She said the online world is still the Wild West in many ways. “I just don’t think people were aware until recently of exactly how their information is bought and sold online and how it’s used.”
Libraries provide a safe space where you can access information, she said, emphasizing that many of our libraries deal with some of our most vulnerable populations, including the undocumented, the mentally ill, the homeless and members of the LGBTQ community.
She said libraries, which foster several kinds of literacy, have added to their plate privacy literacy. “People now need to know how to safely interact online. Because their online identities are the same as their offline identities,” she said.
And given attempts by big data to market libraries, she said, “It’s our democratic duty as librarians to help our customers and not sell their information because we think it’s going to get us better marketing.”
She said, “I think we are on a very slippery slope when it comes to utilizing some of the data analytics companies that are out there that have basically been telling librarians you’re not going to be relevant anymore if you don’t offer the personalized services that all of these online tools have.”
However, she said, “Nobody is talking about the fact that you’re eroding the trust that people have in libraries in being these sanctuaries of privacy. If libraries choose to use these tools, they should use them very intentionally and should allow their customers the option to have their information tracked and understand what the consequences of that really are.”
She said her library has conducted a privacy audit, with all of the departments going through a checklist of items. Any department that touches customer information is taking a deep dive, asking themselves what information they collect, why they collect it, whether they need to collect it, how they collect and how it is stored. They then start to make changes based on those practices.
She said for Choose Privacy Week, the library system has added shredders to all of its branches. For a lot of patrons, the library might be the only place they can visit to shred sensitive information for free.
She said, “I think the library is really central for the general online world. People should have the right to determine where their information is going to go and who it is going to be sold to. That we should give them a choice. People should just be able to be informed and have a choice as to how they interact