The Balancing Act of Digital Privacy & Digital Services in Libraries
1. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
The Balancing Act
of Digital Privacy &
Digital Services
in Libraries
Heather Braum, NExpress Coordinator, NEKLS
Robin Hastings, Director of Technology, NEKLS
5. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#3: “We protect each library
user's right to privacy and
confidentiality with respect to
information sought or
received and resources
consulted, borrowed, acquired
or transmitted.”
ALA Code of Ethics: http://www.ala.org/advocacy/proethics/codeofethics/codeethics
6. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#6: “We do not advance
private interests at the
expense of library users,
colleagues, or our employing
institutions. ”
ALA Code of Ethics: http://www.ala.org/advocacy/proethics/codeofethics/codeethics
8. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#1.What digital services
does your library utilize —
where patron info is used?
Sources: https://goo.gl/JNNiVA
9. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#2. Do you use the same
password for every
online service?
Sources: http://goo.gl/T932e1
10. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#3. How are your staff
computers secured?
11. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#4.Who has access to
your ILS & its database?
Where is that data held?
12. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Last Fall…
Sources: https://goo.gl/hgnOJr & http://t.co/iDFZEZhcnK
13. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#5. Do you ask
questions of your
vendors?
14. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Example Questions to Ask
1. How is our data secured on the server and during
communications to other devices?
2. Is our data easily & quickly portable?
3. How often is our service monitored for security
threats?
4. How is our data backed up?
5. Who has access to our data?
6. What are the browser & security recommendations
for local computers using your service?
Sources: Based from Hastings, R. (2014). Making the most of the cloud: How to choose and implement the best
services for your library, 76. & http://goo.gl/QwIc52 & https://goo.gl/M1q5q3
15. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
More Questions to Ask
1. Is there a formal process in place to report data
breaches if/when they occur?
2. If patron data is stored by the vendor, is it encrypted?
3. Does the vendor purge patron search history
records on a regular basis?
4. Can the average patron read and fully understand the
vendor’s terms of use policy?
Source: Measuring LibraryVendor Cyber Security: Seven Easy Questions Every Librarian Can Ask,
Code4Lib Journal,April 2016, http://journal.code4lib.org/articles/11413
16. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
More Questions to Ask
5. Does the vendor use Google Analytics or other
tracking software to monitor users?
6. Does the vendor’s website enforce secure
connections only? (HTTPS or better?)
7. Does the vendor’s website participate in ad
networks?
Source: Measuring LibraryVendor Cyber Security: Seven Easy Questions Every Librarian Can Ask,
Code4Lib Journal,April 2016, http://journal.code4lib.org/articles/11413
17. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
#6. How secure is your library
network, online sites &
data pathways?
Sources: http://cheezburger.com/8762972160 & https://goo.gl/9xsYzP
18. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Action Plan
1. Review Contracts & Terms of Services
2. Ask questions of vendors like the ones
discussed today
3. What information are you trading for
digital services and is the tradeoff worth it?
4. Privacy Audit and Privacy Policy review
19. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Source: https://goo.gl/wGowjh
20. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Resources
• Slides — https://goo.gl/wPi3xt
• 1-pg Handout — https://goo.gl/sWG6Mf
• Handout from PLA conference: https://goo.gl/mKy3z1
• ALA Code of Ethics — http://goo.gl/uI5jrx
• ALA’s Resources on Privacy — http://goo.gl/1RUdy
• Google Doc of More Resources — https://goo.gl/PnWrKB
21. Heather Braum &
Robin Hastings,
NEKLS Innovation Day
April 2016
Contact Us
• Robin — rhastings@nekls.org, @webgoddess
• Heather — hbraum@nekls.org, @hbraum
Sources: http://goo.gl/sIyE3 & http://goo.gl/wKRcyU & http://goo.gl/yhXcnn