Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Kyle Banerjee]

You need to cut holes so you can see -- I should have mentioned that. Be
sure to wear sunglasses to confound remote retinal scanners...


On Sat, Aug 16, 2014 at 1:59 PM, Cary Gordon  wrote:

> I tried a paper bag, but it was very hard to find books.
>
>
> On Fri, Aug 15, 2014 at 4:34 PM, Kyle Banerjee 
> wrote:
>
> > On Fri, Aug 15, 2014 at 3:02 PM, Jason Bengtson  >
> > wrote:
> >
> > > ...
> > >
> > > Generally speaking, I think  surveillance is wretched stuff. But there
> > is a
> > > point at which the hand wringing becomes a bit much. I agree with Jon
> in
> > > that, while things are at a critical point, the technologies of
> security
> > > and anonymity will inevitable improve. In fact, the cruddy state of
> > things
> > > has been adding momentum to that progress...
> > >
> >
> > And there are always the tried and tested technologies that have been
> > around for ages. For example, if users wore paper bags over their heads,
> it
> > would protect their anonymity and afford some privacy while they used
> > resources in the library -- particularly when they need assistance.
> >  Anonymous checkout privileges secured with a bitcoin deposit could
> ensure
> > accountability.
> >
> > As things stand, many if not most library staff know all kinds of things
> > about their users. The paper bag solution (actually another material
> should
> > be chosen to make it safer for smokers) is a major step towards
> rectifying
> > this privacy and service issue. ;-)
> >
>
>
>
> --
> Cary Gordon
> The Cherry Hill Company
> http://chillco.com
>

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Cary Gordon]

I tried a paper bag, but it was very hard to find books.


On Fri, Aug 15, 2014 at 4:34 PM, Kyle Banerjee 
wrote:

> On Fri, Aug 15, 2014 at 3:02 PM, Jason Bengtson 
> wrote:
>
> > ...
> >
> > Generally speaking, I think  surveillance is wretched stuff. But there
> is a
> > point at which the hand wringing becomes a bit much. I agree with Jon in
> > that, while things are at a critical point, the technologies of security
> > and anonymity will inevitable improve. In fact, the cruddy state of
> things
> > has been adding momentum to that progress...
> >
>
> And there are always the tried and tested technologies that have been
> around for ages. For example, if users wore paper bags over their heads, it
> would protect their anonymity and afford some privacy while they used
> resources in the library -- particularly when they need assistance.
>  Anonymous checkout privileges secured with a bitcoin deposit could ensure
> accountability.
>
> As things stand, many if not most library staff know all kinds of things
> about their users. The paper bag solution (actually another material should
> be chosen to make it safer for smokers) is a major step towards rectifying
> this privacy and service issue. ;-)
>



-- 
Cary Gordon
The Cherry Hill Company
http://chillco.com

[CODE4LIB] Privacy audits Re: [CODE4LIB] Library Privacy, RIP

[Karen Coyle]

Some years ago I did a few privacy audits for local public libraries, 
where they went through all of their data-gathering points (circulation, 
summer reading programs, vendors, patron letters to the library 
director...) [1] It was very useful for them to discover where data 
might "leak". At the time, none of the libraries I was working with was 
terribly involved with social networking.


I think it would be good to provide libraries with more information 
about what data is gathered via social networks, along with an analysis 
of where they are putting their patrons' privacy at risk. My guess is 
that many librarians are unaware of the data gathering done behind 
something like Google Analytics -- they just see a service that they 
need. And there's no use us complaining about it if we can't give good, 
solid information about 1) what data is gathered 2) what is the 
alternative.


I think a "Code4lib guide to library privacy" or something of that 
nature would be a valuable contribution. I'd be happy to work with folks 
on it.


kc
[1] http://kcoyle.net/privacy_audit.html


On 8/16/14, 10:12 AM, Riley Childs wrote:

I think that pretty much sums up the situation ;)

Sent from my Windows Phone

From: Eric Hellman
Sent: ‎8/‎16/‎2014 1:06 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
AddThis)

I think what we want is http://socialitejs.com/

On Aug 16, 2014, at 12:52 PM, Riley Childs  wrote:


Another question for someone who utilizes these services: What analytics does 
this provide and are the social analytics worth losing  your user's privacy? (I 
think not)
Can't we make our own non dynamic share links




Sent from my Windows Phone

From: Eric Hellman
Sent: ‎8/‎16/‎2014 12:25 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
AddThis)

So, 2 points worth discussing here.

1. I'll bet you most proxy servers are not proxying AddThis.com or 
Sharethis.com. So there wouldn't be any effect of proxying on the user tracking 
they do.

2. It really doesn't matter if you identify yourself to the catalog or not. 
You're being tracked across sites all over the internet. If you identify 
yourself to one of them, you can be identified. Note that the main concern here 
is if you use your own device to access the library's catalog.


On Aug 15, 2014, at 5:52 PM, Karen Coyle  wrote:


On 8/15/14, 12:07 PM, Eric Hellman wrote:

AddThis and ShareThis, on the other hand have TOS that let them use tracking 
for advertising, and that's what their business is. So, hypothetically, a teen 
could look at library catalog records for books about childbirth, and as a 
result, later be shown ads for pregnancy tests, and that would be something the 
library has permitted.

Eric, I'm wondering about the full scenario that you are envisioning. Many 
libraries use proxy servers, so individual users are not identified. (Meaning 
that an 80-yr-old man may get the ad for the pregnancy test, not the teen.) In 
addition, in many cases the machine wipes itself clean daily, replacing all 
potential user files. (Someone else can explain this MUCH better than I just 
did.)

In my public library, I do not identify myself to the use the catalog on site 
-- not even to use journal article databases, because 1) authentication takes 
place in the library system 2) the proxy server's IP is my identity for those 
services. I have no idea what exits the library when I hook my laptop to the 
open network. Shouldn't all of these factors be taken into account? Can anyone 
articulate them from the point of view of a public library?

Note: At the university here at Berkeley, no network use is allowed without an 
account, so there is no anonymous use, at least on the human side of any proxy 
server that they run. But at the public library there is no log-on. So what is 
AddThis getting in those two situations?

kc

--
Karen Coyle
kco...@kcoyle.net http://kcoyle.net
m: +1-510-435-8234
skype: kcoylenet/+1-510-984-3600


--
Karen Coyle
kco...@kcoyle.net http://kcoyle.net
m: +1-510-435-8234
skype: kcoylenet/+1-510-984-3600

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Riley Childs]

I think that pretty much sums up the situation ;)

Sent from my Windows Phone

From: Eric Hellman
Sent: ‎8/‎16/‎2014 1:06 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
AddThis)

I think what we want is http://socialitejs.com/

On Aug 16, 2014, at 12:52 PM, Riley Childs  wrote:

> Another question for someone who utilizes these services: What analytics does 
> this provide and are the social analytics worth losing  your user's privacy? 
> (I think not)
> Can't we make our own non dynamic share links
>
>
>
>
> Sent from my Windows Phone
> 
> From: Eric Hellman
> Sent: ‎8/‎16/‎2014 12:25 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
> AddThis)
>
> So, 2 points worth discussing here.
>
> 1. I'll bet you most proxy servers are not proxying AddThis.com or 
> Sharethis.com. So there wouldn't be any effect of proxying on the user 
> tracking they do.
>
> 2. It really doesn't matter if you identify yourself to the catalog or not. 
> You're being tracked across sites all over the internet. If you identify 
> yourself to one of them, you can be identified. Note that the main concern 
> here is if you use your own device to access the library's catalog.
>
>
> On Aug 15, 2014, at 5:52 PM, Karen Coyle  wrote:
>
>> On 8/15/14, 12:07 PM, Eric Hellman wrote:
>>> AddThis and ShareThis, on the other hand have TOS that let them use 
>>> tracking for advertising, and that's what their business is. So, 
>>> hypothetically, a teen could look at library catalog records for books 
>>> about childbirth, and as a result, later be shown ads for pregnancy tests, 
>>> and that would be something the library has permitted.
>>
>> Eric, I'm wondering about the full scenario that you are envisioning. Many 
>> libraries use proxy servers, so individual users are not identified. 
>> (Meaning that an 80-yr-old man may get the ad for the pregnancy test, not 
>> the teen.) In addition, in many cases the machine wipes itself clean daily, 
>> replacing all potential user files. (Someone else can explain this MUCH 
>> better than I just did.)
>>
>> In my public library, I do not identify myself to the use the catalog on 
>> site -- not even to use journal article databases, because 1) authentication 
>> takes place in the library system 2) the proxy server's IP is my identity 
>> for those services. I have no idea what exits the library when I hook my 
>> laptop to the open network. Shouldn't all of these factors be taken into 
>> account? Can anyone articulate them from the point of view of a public 
>> library?
>>
>> Note: At the university here at Berkeley, no network use is allowed without 
>> an account, so there is no anonymous use, at least on the human side of any 
>> proxy server that they run. But at the public library there is no log-on. So 
>> what is AddThis getting in those two situations?
>>
>> kc
>>
>> --
>> Karen Coyle
>> kco...@kcoyle.net http://kcoyle.net
>> m: +1-510-435-8234
>> skype: kcoylenet/+1-510-984-3600

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Eric Hellman]

I think what we want is http://socialitejs.com/

On Aug 16, 2014, at 12:52 PM, Riley Childs  wrote:

> Another question for someone who utilizes these services: What analytics does 
> this provide and are the social analytics worth losing  your user's privacy? 
> (I think not)
> Can't we make our own non dynamic share links
> 
> 
> 
> 
> Sent from my Windows Phone
> 
> From: Eric Hellman
> Sent: ‎8/‎16/‎2014 12:25 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
> AddThis)
> 
> So, 2 points worth discussing here.
> 
> 1. I'll bet you most proxy servers are not proxying AddThis.com or 
> Sharethis.com. So there wouldn't be any effect of proxying on the user 
> tracking they do.
> 
> 2. It really doesn't matter if you identify yourself to the catalog or not. 
> You're being tracked across sites all over the internet. If you identify 
> yourself to one of them, you can be identified. Note that the main concern 
> here is if you use your own device to access the library's catalog.
> 
> 
> On Aug 15, 2014, at 5:52 PM, Karen Coyle  wrote:
> 
>> On 8/15/14, 12:07 PM, Eric Hellman wrote:
>>> AddThis and ShareThis, on the other hand have TOS that let them use 
>>> tracking for advertising, and that's what their business is. So, 
>>> hypothetically, a teen could look at library catalog records for books 
>>> about childbirth, and as a result, later be shown ads for pregnancy tests, 
>>> and that would be something the library has permitted.
>> 
>> Eric, I'm wondering about the full scenario that you are envisioning. Many 
>> libraries use proxy servers, so individual users are not identified. 
>> (Meaning that an 80-yr-old man may get the ad for the pregnancy test, not 
>> the teen.) In addition, in many cases the machine wipes itself clean daily, 
>> replacing all potential user files. (Someone else can explain this MUCH 
>> better than I just did.)
>> 
>> In my public library, I do not identify myself to the use the catalog on 
>> site -- not even to use journal article databases, because 1) authentication 
>> takes place in the library system 2) the proxy server's IP is my identity 
>> for those services. I have no idea what exits the library when I hook my 
>> laptop to the open network. Shouldn't all of these factors be taken into 
>> account? Can anyone articulate them from the point of view of a public 
>> library?
>> 
>> Note: At the university here at Berkeley, no network use is allowed without 
>> an account, so there is no anonymous use, at least on the human side of any 
>> proxy server that they run. But at the public library there is no log-on. So 
>> what is AddThis getting in those two situations?
>> 
>> kc
>> 
>> --
>> Karen Coyle
>> kco...@kcoyle.net http://kcoyle.net
>> m: +1-510-435-8234
>> skype: kcoylenet/+1-510-984-3600

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Riley Childs]

Another question for someone who utilizes these services: What analytics does 
this provide and are the social analytics worth losing  your user's privacy? (I 
think not)
Can't we make our own non dynamic share links




Sent from my Windows Phone

From: Eric Hellman
Sent: ‎8/‎16/‎2014 12:25 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
AddThis)

So, 2 points worth discussing here.

1. I'll bet you most proxy servers are not proxying AddThis.com or 
Sharethis.com. So there wouldn't be any effect of proxying on the user tracking 
they do.

2. It really doesn't matter if you identify yourself to the catalog or not. 
You're being tracked across sites all over the internet. If you identify 
yourself to one of them, you can be identified. Note that the main concern here 
is if you use your own device to access the library's catalog.


On Aug 15, 2014, at 5:52 PM, Karen Coyle  wrote:

> On 8/15/14, 12:07 PM, Eric Hellman wrote:
>> AddThis and ShareThis, on the other hand have TOS that let them use tracking 
>> for advertising, and that's what their business is. So, hypothetically, a 
>> teen could look at library catalog records for books about childbirth, and 
>> as a result, later be shown ads for pregnancy tests, and that would be 
>> something the library has permitted.
>
> Eric, I'm wondering about the full scenario that you are envisioning. Many 
> libraries use proxy servers, so individual users are not identified. (Meaning 
> that an 80-yr-old man may get the ad for the pregnancy test, not the teen.) 
> In addition, in many cases the machine wipes itself clean daily, replacing 
> all potential user files. (Someone else can explain this MUCH better than I 
> just did.)
>
> In my public library, I do not identify myself to the use the catalog on site 
> -- not even to use journal article databases, because 1) authentication takes 
> place in the library system 2) the proxy server's IP is my identity for those 
> services. I have no idea what exits the library when I hook my laptop to the 
> open network. Shouldn't all of these factors be taken into account? Can 
> anyone articulate them from the point of view of a public library?
>
> Note: At the university here at Berkeley, no network use is allowed without 
> an account, so there is no anonymous use, at least on the human side of any 
> proxy server that they run. But at the public library there is no log-on. So 
> what is AddThis getting in those two situations?
>
> kc
>
> --
> Karen Coyle
> kco...@kcoyle.net http://kcoyle.net
> m: +1-510-435-8234
> skype: kcoylenet/+1-510-984-3600

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Eric Hellman]

So, 2 points worth discussing here.

1. I'll bet you most proxy servers are not proxying AddThis.com or 
Sharethis.com. So there wouldn't be any effect of proxying on the user tracking 
they do.

2. It really doesn't matter if you identify yourself to the catalog or not. 
You're being tracked across sites all over the internet. If you identify 
yourself to one of them, you can be identified. Note that the main concern here 
is if you use your own device to access the library's catalog.


On Aug 15, 2014, at 5:52 PM, Karen Coyle  wrote:

> On 8/15/14, 12:07 PM, Eric Hellman wrote:
>> AddThis and ShareThis, on the other hand have TOS that let them use tracking 
>> for advertising, and that's what their business is. So, hypothetically, a 
>> teen could look at library catalog records for books about childbirth, and 
>> as a result, later be shown ads for pregnancy tests, and that would be 
>> something the library has permitted.
> 
> Eric, I'm wondering about the full scenario that you are envisioning. Many 
> libraries use proxy servers, so individual users are not identified. (Meaning 
> that an 80-yr-old man may get the ad for the pregnancy test, not the teen.) 
> In addition, in many cases the machine wipes itself clean daily, replacing 
> all potential user files. (Someone else can explain this MUCH better than I 
> just did.)
> 
> In my public library, I do not identify myself to the use the catalog on site 
> -- not even to use journal article databases, because 1) authentication takes 
> place in the library system 2) the proxy server's IP is my identity for those 
> services. I have no idea what exits the library when I hook my laptop to the 
> open network. Shouldn't all of these factors be taken into account? Can 
> anyone articulate them from the point of view of a public library?
> 
> Note: At the university here at Berkeley, no network use is allowed without 
> an account, so there is no anonymous use, at least on the human side of any 
> proxy server that they run. But at the public library there is no log-on. So 
> what is AddThis getting in those two situations?
> 
> kc
> 
> -- 
> Karen Coyle
> kco...@kcoyle.net http://kcoyle.net
> m: +1-510-435-8234
> skype: kcoylenet/+1-510-984-3600

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Gary McGath]

On 8/16/14 8:38 AM, Dan Scott wrote:
> I think the primary concern rises from users accessing the catalogue from
> their own machine / browser, where services can easily and reliably
> correlate web usage behavior of an individual over time across many web
> properties.

The annoyance of inappropriate (or overly appropriate) ads is one aspect
of this concern; a potentially much bigger one is the privacy of amateur
or professional investigative journalists. If someone looks at a lot of
books and sites about terrorism, violent doctrines, and explosives, for
the purpose of researching terrorists and terrorism, and if overzealous
government agencies observe this pattern, they might flag the researcher
as a potential terrorist suspect.


-- 
Gary McGath, Professional Software Developer
http://www.garymcgath.com

Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

[Dan Scott]

On Aug 15, 2014 5:52 PM, "Karen Coyle"  wrote:
>
> On 8/15/14, 12:07 PM, Eric Hellman wrote:
>>
>> AddThis and ShareThis, on the other hand have TOS that let them use
tracking for advertising, and that's what their business is. So,
hypothetically, a teen could look at library catalog records for books
about childbirth, and as a result, later be shown ads for pregnancy tests,
and that would be something the library has permitted.
>
>
> Eric, I'm wondering about the full scenario that you are envisioning.
Many libraries use proxy servers, so individual users are not identified.
(Meaning that an 80-yr-old man may get the ad for the pregnancy test, not
the teen.)

You're right, using the public access machines inside a library would be
relatively free from being able to track an individual, particularly if
they are purely anonymous sessions (such as a dedicated catalogue kiosk).

I think the primary concern rises from users accessing the catalogue from
their own machine / browser, where services can easily and reliably
correlate web usage behavior of an individual over time across many web
properties.