I’ve been thinking a lot about privacy lately.
For this reflection, I was originally going to focus on AI’s role in Hyperlinked Environments, but some things happened recently* which have made me very aware of how easy it is to find my address on the internet. A hyperlinked environment full of the latest technology means that information flows freely. It’s never been easier for me to find out whether that restaurant I liked is still open, which of my old classmates work at a company with an interesting job posting, or what people with similar reading habits think of the book with a pretty cover that I just spotted on the library’s display table. By the same token, all the available technology means that whoever digs deep enough can find my reading preferences, every place I’ve ever worked, my mother’s maiden name, and exactly where I live. From a privacy and personal safety standpoint, that scares me.
At my old job working on anti-abuse infrastructure for a big tech company, there always seemed to be a tradeoff between privacy and safety–that is, a user’s right to privacy for their own data, vs. the company’s ability to fight abuse. And the stakes were high: we could not report CSAM to the proper agencies without, for example, searching a user’s personal photo library. That’s a case where safety does outweigh privacy. But many are not so clear, and especially in today’s political environment, where does the scale tip? And how does that apply to a space like a public library? How much data should the library store about users’ catalog browsing, checkouts, computer usage, and print history? Should a reference librarian be required to report a patron who asks questions about getting an abortion or about their dubious immigration status? What if the law says they have to?
I don’t have firm answers, although I have my own ideas about where some lines should go.
In the meantime, it’s worth thinking about the role that libraries can play in educating patrons about how to protect their privacy and well-being. For another class, I just read about how Chisholm & Hartman-Caverly (2022) are examining privacy as part of a larger umbrella of digital wellness, avoiding algorithms that keep us doom-scrolling, and educating users about the “surveillance capitalist practices that increasingly influence their actions and shape their world.” I was heartened to see that IFLA dedicated an entire issue to privacy, including highlighting the right to be forgotten and the IFLA code of ethics which prioritizes “the confidential nature of the relationship between library and information personnel and their users, and the importance of not sharing data beyond the needs of the immediate transaction” (Cooke, 2018). I’m also glad to see librarians laying out practical steps for protecting patron privacy, like in this article from the ALA: https://americanlibrariesmagazine.org/2017/04/21/protect-patrons-digital-privacy/.
I hope that as a future information professional, my knowledge of technology and privacy mean that I can help shape library policies that protect users and their data while balancing security needs. At least I won’t be in it alone.
*I’m being vague on purpose here. They are actually very good things, but I cannot talk about them publicly yet!
References
Chisholm, A. & Hartman-Caverly, S. (2022). Privacy literacy: From doomscrolling to digital wellness. Portal (Baltimore, Md.), 22(1), 53–79. https://doi.org/10.1353/pla.2022.0009
Cooke, L. (2018). Privacy, libraries and the era of big data. IFLA Journal, 44(3), 167-169. https://doi.org/10.1177/0340035218789601
Hi rogue librarian, great job on your post. You brought up an interesting point about how to create hyperlinked environments in library institutions while still protecting user’s privacy. It made me think about another important related topic: cybersecurity. Last semester I took a course where we had to find information about a library disaster and discuss how it was remediated. I was able to find a story about how the Toronto Public Library system was the victim of a ransomware attack on October 2023 that resulted in a 5 month disruption of library services and an astonishing million book backlog. In this particular attack hackers were able to seize personnel information for current and former employees, but patron information was not affected. With library systems collecting more and more information about their patrons, this incident highlights the need for public institutions to stay vigilant and be prepared for cyberattacks. Feel free to read more about the story here:
https://www.ipc.on.ca/en/cases-of-note/toronto-public-library-cyberattack
Thank you, @dgonzalez2, and goodness what a nightmare! That’s another great reason for libraries to be careful about what patron data they store.
@jrogoff–Thank you for sharing this really thought-provoking post! I’m looking forward to reading the article on doomscrolling and digital wellness when I have a chance. The quote you mentioned, “surveillance capitalist practices that increasingly influence their actions and shape their world,” really struck a chord with me. Do algorithms benefit anyone other than the individuals who make money? It’s particularly troubling when there are stories about how social media surveils and targets teens.
@ginamik You’ve gotten me thinking! Unfortunately there seems to be a tipping point where whoever provides the service must monetize and extract as much as they can from users. (See Cory Doctorow’s article on enshittification: https://pluralistic.net/2023/01/21/potemkin-ai/) But before that point, algorithms at their best can connect people with content they enjoy and community. We’re putting a lot of trust in social media providers when we give them our data and content, and a lot of them have learned how to take advantage of addictive behaviors or the fact that our community is there in order to keep us there long after it’s no longer helping us.