Anyone remember this ad? I was young when this aired, sure but I’m definitely dating myself here, anyway — THIS is what PSAs USED to be like back when TV still ruled the media landscape for the most part — straight-up bone-chilling.
It frames the idea of how library privacy intersects with freedom of information, freedom of speech quite well. As an aside, the AD Council produced this in 2002 in a wave of nationalistic PSAs about “protecting” freedom and American Exceptionalism in the wake of the attacks on 9/11, which, is of course, incredibly ironic considering that the PATRIOT Act and NSA Domestic Surveillance Program ushered in our current era of warrantless and unprecedented mass surveillance of U.S. citizens, but I digress.
Or, well I guess maybe I don’t digress, it’s actually really, really important to understanding the content in this module.
People are concerned about their data privacy, sure… and yeah we absolutely need legislation to create some kind of baseline… and yes, sure we could all take better personal steps, libraries can make sure the relationships with ISPs and vendors and library computer settings are ideal.
All of these things are great, and they are, I think, also largely ineffectual. I would liken it to trying to put out a wildfire with a garden hose, or, a spray bottle, or a pipette. Even with terms and conditions, disclosures and cookies preferences pop-ups, etc., etc., the fundamental issue is that this current market, the actual set of relations between individuals and corporations and other organizations providing services in the digital space is predicated on the exchange, or rather, the extraction of some kind of data/information about you. The whole system has been gradually built around this, and in most cases, we’re freely volunteering it just through our desire to participate and exist on social media platforms and the broader web. What we search for, the videos we watch, how long you hovered on that tiktok before swiping up, it all makes up this “digital information, quintillions of bytes of data generated every day.” We don’t know how exactly any of it’s being used, and we don’t understand what we’re agreeing to when we sign up. I’m not going to sit and read a terms and conditions document written in legal boilerplate that I don’t understand, and neither are you. I’m not saying any of this is okay, I’m not one of those “privacy is a myth get over it” people, but it is where we’re at.
I’ll point out that even our most robust government regulatory agencies (which are being hollowed out by the second Trump-go-round) usually are only capable of enforcement to the tune of a few million here and there, which means generally very little to corporations with astronomical market-capitalizations. With the exception of the truly landmark, nationwide class-action lawsuits against, say, big-tobacco or opioid manufacturers, the consequences never seem bad enough for executives to not do a little cost-benefit analysis when they consider how much money they can generate for the shareholders when bending or breaking the law a little.
Aren’t we also past credulity at this point, post-shock, the news a perpetual stream of scandal and wrongdoing? Returning to the political climate that produced our AD Council library secret police surveillance nightmare, the revelations of NSA spying and the PATRIOT Act stirred us then, sure, but was this rolled-back? No. Big-tech has always been cozy with Federal law enforcement and the Intelligence Community, so who’s to say they wouldn’t just exigent circumstances their way past any US version of a GDPR??
My solution? A radical, personal re-ordering of one’s own participation in this system. We should know by now that the state will likely be ineffectual if not negligent in ensuring our protection from corporations, and we ought to take personal responsibility for our own willing participation in an environment that actually treats us like a resource to be extracted. Did big-tech and everyone else involved conceal what was being done with our data, trick us like big tobacco, big oil, big forever chemical? Yes. After the revelations started to come out did we stop what we were doing? Some of us probably did. I didn’t. We probably should.
While I do think that personal responsibility has a lot to do with it, I also think institutions like libraries, especially one’s working with the service style and model we discuss in this course, can be leaders and build community-oriented infrastructure to this effect. After all, one will still need to use the internet. In “Ethics, Encryption, and Evolving Concepts of Personal Privacy in the “Black Box Library” David Irvin discusses many possibilities for libraries to lead.
Irvin’s article engages with the issue of privacy as a key aspect of intellectual freedom. As library services become increasingly networked and integrated with the internet, data collection and data security has made library patrons’ privacy and by extension, their intellectual freedom, deeply insecure. Irvin surveys how in researching an intellectual curiosity we might have, it travels from its only place of true privacy (our interior thoughts) through different information systems (a library catalog, an internet search, etc.), leaving trace details as data that are tied to us and generally not frequently expunged from records.
He highlights that as data collection has become more ubiquitous, our consent has been gradually ceded to the point where it is taken as granted. This leaves us highly vulnerable to surveillance, tracking, and exploitation from a myriad of forces, whether private corporations, government agencies, or criminal actors. Aside from those dangerous consequences, the mere fact of being cognizant of being surveilled leads to an internalized self-censorship and compliance in advance.
What Irvin proposes is for libraries to become sites of extraordinary privacy. He lays out plans for libraries to train staff in the strictest possible information security standards, encrypting and anonymizing library search and circulation records, and routing all internet traffic through Tor browsers. He further suggests that libraries collectively bargain for these conditions by withholding contracts from vendors until they assure encryption and elimination of user data from external systems. By increasing data security and protection to extraordinary levels, libraries could set new societal standards for intellectual freedom and reposition libraries as being indispensable institutions, truly safeguarding knowledge and curiosity.
This American Libraries Magazine article is definitely in this ball-park, I was very happy to see VPNs and ToR mentioned!!! To wrap up this rant, we shouldn’t reasonably expect the government or corporate tech to do the right thing any time soon (or ever!) and accordingly, individuals making good choices, coming together in community at a place like a hyperlinked yet black-box library, just might be able to start shifting something, from the ground up.
here’s that article in apa reference if anyone needs:
Irvin, D. (2021). Ethics, encryption, and evolving concepts of personal privacy in the “black box library”. Serials Librarian, 81(1), 35–41. https://doi.org/10.1080/0361526X.2021.1875960Links to an external site.
@kgkgkg Thanks for this exploration and for sharing your ideas about privacy and what is happening right now. I am all for librarians stepping up to be champions of anonymity and privacy. That video was 😳.