Re: [CODE4LIB] best practices for keeping / using library circ data
This email provoked zero responses on list. Was my timing off, is it a poorly framed question, or are people just not doing much in this realm? (By resending, I'm controlling for the timing factor...) - Tom On Jun 7, 2014, at 3:20 AM, Tom Cramer wrote: I'm looking for best practices for keeping and using library usage data--real life examples of libraries gathering and using things like circulation data or e-resource traffic statistics to inform service and strategy decisions while safeguarding patron privacy. I'm less interested in operational logging for security / authorization purposes, and more interested in things like gathering data to make recommendations (people who checked this out also checked this out...), collection management / licensing / deaccessioning decisions, or overall library / collection usage reporting--especially if the data are tracked and used at more than a gross level (i.e., faculty v. graduate v. undergrad usage). What usage data do you keep that may be correlated to patron identity? How do you use it? What do you do to anonymize / aggregate / cleanse / protect patron privacy? Does anyone have an approach that they regard as state of the art? Or pointers to previous work done in this space? Thanks in advance, - Tom
Re: [CODE4LIB] best practices for keeping / using library circ data
Harvard's Innovation Lab at their law library was working with this type of data, I believe... Try reaching out to them directly: http://librarylab.law.harvard.edu/about.html Tom Blake Digital Projects Manager Boston Public Library 700 Boylston St. Boston, MA 02116 617 859-2039 Free To All -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Tom Cramer Sent: Tuesday, June 17, 2014 11:27 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] best practices for keeping / using library circ data This email provoked zero responses on list. Was my timing off, is it a poorly framed question, or are people just not doing much in this realm? (By resending, I'm controlling for the timing factor...) - Tom On Jun 7, 2014, at 3:20 AM, Tom Cramer wrote: I'm looking for best practices for keeping and using library usage data--real life examples of libraries gathering and using things like circulation data or e-resource traffic statistics to inform service and strategy decisions while safeguarding patron privacy. I'm less interested in operational logging for security / authorization purposes, and more interested in things like gathering data to make recommendations (people who checked this out also checked this out...), collection management / licensing / deaccessioning decisions, or overall library / collection usage reporting--especially if the data are tracked and used at more than a gross level (i.e., faculty v. graduate v. undergrad usage). What usage data do you keep that may be correlated to patron identity? How do you use it? What do you do to anonymize / aggregate / cleanse / protect patron privacy? Does anyone have an approach that they regard as state of the art? Or pointers to previous work done in this space? Thanks in advance, - Tom
Re: [CODE4LIB] best practices for keeping / using library circ data
U. Huddersfield's Library Impact Data Project also comes to mind: https://library3.hud.ac.uk/blogs/lidp/ I know they looked at circulation data pretty extensively and did indeed make some if you're looking at X, you may be interested in Y type conjectures. Best, Eric Phetteplace Systems Librarian California College of the Arts On Tue, Jun 17, 2014 at 8:35 AM, Blake, Tom tbl...@bpl.org wrote: Harvard's Innovation Lab at their law library was working with this type of data, I believe... Try reaching out to them directly: http://librarylab.law.harvard.edu/about.html Tom Blake Digital Projects Manager Boston Public Library 700 Boylston St. Boston, MA 02116 617 859-2039 Free To All -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Tom Cramer Sent: Tuesday, June 17, 2014 11:27 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] best practices for keeping / using library circ data This email provoked zero responses on list. Was my timing off, is it a poorly framed question, or are people just not doing much in this realm? (By resending, I'm controlling for the timing factor...) - Tom On Jun 7, 2014, at 3:20 AM, Tom Cramer wrote: I'm looking for best practices for keeping and using library usage data--real life examples of libraries gathering and using things like circulation data or e-resource traffic statistics to inform service and strategy decisions while safeguarding patron privacy. I'm less interested in operational logging for security / authorization purposes, and more interested in things like gathering data to make recommendations (people who checked this out also checked this out...), collection management / licensing / deaccessioning decisions, or overall library / collection usage reporting--especially if the data are tracked and used at more than a gross level (i.e., faculty v. graduate v. undergrad usage). What usage data do you keep that may be correlated to patron identity? How do you use it? What do you do to anonymize / aggregate / cleanse / protect patron privacy? Does anyone have an approach that they regard as state of the art? Or pointers to previous work done in this space? Thanks in advance, - Tom
[CODE4LIB] COMMUNIA policy paper on digitization agreements
An important new paper by the folks at COMMUNIA: http://www.communia-association.org/2014/06/13/communia-policy-paper-on-digitization-agreements/ Definitely worth a read! The embargoes placed by Ancestry.com and others through agreements with NARA are concerning. -- Tod Robbins Digital Asset Manager, MLIS todrobbins.com | @todrobbins http://www.twitter.com/#!/todrobbins
Re: [CODE4LIB] Does 'Freedom to Read' require us to systematically privilege HTTPS over HTTP?
On 06/17/2014 08:49 AM, Galen Charlton wrote: On Sun, Jun 15, 2014 at 4:03 PM, Stuart Yeates stuart.yea...@vuw.ac.nz wrote: As I read it, 'Freedom to Read' means that we have to take active steps to protect that rights of our readers to read what they want and in private. [snip] * building HTTPS Everywhere-like functionality into LMSs (such functionality may already exist, I'm not sure) Many ILSs can be configured to require SSL to access their public interfaces, and I think it would be worthwhile to encourage that as a default expectation for discovery interfaces. However, I think that's only part of the picture for ILSs. Other parts would include: * staff training on handling patron and circulation data * ensuring that the ILS has the ability to control (and let users control) how much circulation and search history data gets retained * ensuring that the ILS backup policy strikes the correct balance between having enough for disaster recovery while not keeping individually identifiable circ history forever * ensuring that contracts with ILS hosting providers and services that access patron data from the ILS have appropriate language concerning data retention and notification of subpoenas. Compared to other contributors to this thread, I appear to be (a) less worried about state actors than our commercial partners and (b) keener to see relatively straight forward technical fixes that just work 'for free' across large classes of library systems. Things like: * An ILS module that pulls the HTTPS Everywhere ruleset from https://gitweb.torproject.org/https-everywhere.git/tree/HEAD:/src/chrome/content/rules and applies those rules as a standard data-cleanup step on all imported data (MARC, etc). * A plugin to the CMS that drives the library's websites / blogs / whatever and uses the same rulesets to default all links to HTTPS. * An EzProxy plugin (or howto) on silently redirectly users to HTTPS over HTTP sites. cheers stuart
[CODE4LIB] Adding reference product hits to discovery layer results
Hi All - We are a very small institution with a limited number of users and a limited number of electronic products. We do subscribe to several Oxford Reference Online products, e.g biographical/subject dictionaries. Has anyone tried metasearching such products along with their discovery layer, or obtained indexes that could be added to a discovery layer? To be honest, we haven't yet developed subject guides for these areas, so that would be the first step in marketing, but I wondered about the DL approach. Cindy Harper Electronic Services and Serials Librarian Virginia Theological Seminary 3737 Seminary Road Alexandria VA 22304 703-461-1794 char...@vts.edu
Re: [CODE4LIB] Does 'Freedom to Read' require us to systematically privilege HTTPS over HTTP?
On 06/18/2014 12:36 PM, Brent E Hanner wrote: Stuart Yeates wrote: Compared to other contributors to this thread, I appear to be (a) less worried about state actors than our commercial partners and (b) keener to see relatively straight forward technical fixes that just work 'for free' across large classes of library systems. Things like: * An ILS module that pulls the HTTPS Everywhere ruleset from https://gitweb.torproject.org/https-everywhere.git/tree/HEAD:/src/chrome/content/rules and applies those rules as a standard data-cleanup step on all imported data (MARC, etc). * A plugin to the CMS that drives the library's websites / blogs / whatever and uses the same rulesets to default all links to HTTPS. * An EzProxy plugin (or howto) on silently redirectly users to HTTPS over HTTP sites. So let me see if I understand this. Your concern is that commercial partners are putting HTTP links in their systems rather than HTTPS. Because HTTPS only protects from a third party so the partner will still have access to all the information about what the user read. IP6 will improve the HTTPS issue but something like HTTPS Everywhere ( https://www.eff.org/https-everywhere ) is actually the simplest solution, especially as you can't be sure every link will have HTTPS. My concern is that by referring users to resources and services via HTTP rather than HTTPS, we are encouraging users to leak more personal information (reading habits, location, language settings, etc) to third parties. These third parties include our networking providers, our hosting providers, our content providers, the next person who uses the users' public computer, etc., etc. HTTPS protects in multiple ways. Firstly it protects the data 'on the wire' (but that is rarely a problem in practice). Secondly HTTPS protects from web caching attacks. Thirdly the fact that a connection is HTTPS causes almost all tools and applications to use a more secure set of options and preferences, covering everything from cookie handling, to not remembering passwords, not storing local caches, using shorter timeouts, etc. This last category is where the real protection is. There are lots of privacy breaches that HTTPS won't deter (a thorough compromise of the users' machine, a thorough compromise of the content provider's machine, etc.), but it raises the bar and protects against a significant number of breaches that become impossible or much, much harder / less likely. My understanding is that that HTTPS and EzProxy can potentially protect readers identity very effectively (assuming the library systems are secure and no one turns up with a warrant). And having just read the Freedom to Read Statement, this issue has no bearing on it. Freedom to Read is about accessibility to materials, not privacy. While no doubt there is some statement somewhere about that, Freedom to Read is a statement about diversity of materials and not the ability to read them without anyone knowing about it. If materials are only available at the cost of personal privacy, are they really available? In repressive regimes all across the world people are actively discriminated against (or worse) for read the wrong book, being in the wrong place or communicating in the wrong language. How many of us live in countries where currently (or in living memory) people are been derided for speaking a non-English language? cheers stuart
[CODE4LIB] Code4Lib NorCal
Code4Lib Northern California (the SF Bay Area and surrounds, sorry Humboldt and Del Norte, you must organize as Way Northern California), is tooling up to organize a local get-together. So if you want to participate in the planning, please sign up for this Google Group: https://groups.google.com/forum/#!forum/code4lib-norcal Any events will be announced on the main Code4Lib list, however, so if you want to attend but not help plan you don't need to do anything. Just hang loose until you hear from us. Thanks, Roy for the planning group