I went to a staff meeting on Friday at the local library where I sometimes work. We did some strategic planning, some walking around the building looking at stuff that could be improved, and some “how to download various digital media format” exercises. We use Overdrive via Listen Up Vermont which gives us access to audiobooks and ebooks in EPUB and Kindle formats. I’m pretty okay at this sort of thing so we clicked around and saw how stuff worked and had a few little glitches but basically stuff was okay. I’ve been following the Amazon book lending story through the blogs the past few weeks and I’ve been skeptical but more curious than anything. I don’t have a Kindle but I’ve seen how popular they are and I was curious how this would all work. Well, as some bloggers have pointed out, it sort of doesn’t. Or, rather, it seems to require compromises to our systems and more importantly to our professional values. I’m hoping these issues can be resolved, but honestly if we can’t lend with some modicum of patron privacy, we shouldn’t be lending.

This is all leading up to an email exchange I had with a reader who was wondering the best way to raise concerns with his librarian about the user experience of borrowing a Kindle book from his library to use with the Kindle app on a non-Kindle device. Apparently, while the process to obtain the book wasn’t too difficult, the process to actually get RID of the book once returned [without a lot of pesky "hey maybe you should BUY this" cajoling] was actually fairly difficult. The default settings are, not surprisingly, strongly urging that the patron purchase (not renewal, not some sort of overdue notification) the book that they have just “returned.” I’ll let the patron speak for himself on this process. His name is Dan Smith and this is reprinted with his express permission.
______

My first experience at “borrowing a Kindle book from the library” has left me with a bad taste in my mouth. It did not feel like borrowing a book from a library. It felt like a salesperson had sold me a book with a “no-risk free home trial” and was pestering me to buy it at the end of the trial period.

I feel that Amazon’s commercial promotion is excessive, and imposes inappropriately on public library patrons. Would you allow distributor’s rep to stand in the hall, grabbing people on their way to the return slot, saying “Stop! Why RETURN it when you can BUY it instantly for just $12.95?”

Yes, some of the irritations can be sidestepped, and as a savvy user I now know how. But Amazon took advantage of my innocence.

FIrst, the book was all marked up! Dotted underlines here and there on almost every page. It was like taking out a library book and finding someone had gone over it with a highlighter! Amazon allow “library” ebooks to be marked and annotated. Instead of cleaning them up for the next patron, it leaves them in place, and encourages you make your own marks for other people to see. I thought this was just some misguided idea about social networking, but it’s more sinister than that.

I turns out that there is a global setting, “Popular Highlights,” which controls whether you see these marks. But it is on by default! I never knew it was there, because it is only activated when a book has lots of them, and this was the first Kindle book I’ve read that had them. The setting to turn them off is buried, and couldn’t find it right away. Blame me for stupidity, but also blame Amazon, because I don’t think most readers want their books scribbled up, and I think Amazon defaults the setting to “on” to serve their own agenda.

Second, at the end of the loan period, instead of politely announcing that the book would be returned… or offering a renewal… or possibly even sending overdue fines to the library :) … I was instead confronted by intrusive ads, both in my Kindle application and in my regular email, urging me to buy the book from Amazon.

The email made a point of saying “If you purchase ‘The Bed of Procrustes’ or borrow it again from your local library, all of your notes and highlights will be preserved.” So, that’s why they encourage readers to scribble in library books: they want to hold our marginalia up for ransom.

Third, when the book is returned, it does not simply evaporate. The title, jacket and all, remained visible on my Kindle, exactly as if it were still there, but the behind the book cover is nothing but a notice that it has gone back to the library–and a button I can press. Renewal was not an option. The only option shown is to buy it from Amazon.

It looks like a book, but it’s a wolf in book’s clothing.

Fourth, it was hard to clean that ad out of my Kindle application. I could not find any “delete” option. There is an “archive” option, but all it does is move the book into an “archived items” list, where it continued to sit, looking just like the real books I’ve paid for and might want to re-download. Except that if you click on this one, all you get is a choice of “cancel” or “purchase.” Who would want to save that? But neither I nor an Amazon rep was able to find any deletion option within the Kindle application. The rep claims that the actual Kindle device has this capability, but could not explain why the Kindle application doesn’t. I was able to remove it by using a Web browser, logging into my account on the Amazon website, navigating to a “Manage Your Kindle” page, and deleting it via regular Web access. Fine. Now I know. Twenty minutes of my life wasted finding out.

I’ve now gotten a SECOND email solicitation from Amazon urging me to buy this book. How many I more I will receive?

Amazon gets plenty of promotion just by being the only Kindle book source. Their pushy “Don’t RETURN it, BUY it” attitude is out of bounds.

The government more than quadrupled its use of secret court subpoenas, known as 215 orders, which give the government access to “any tangible thing,” including a wide range of sensitive information such as financial records, medical records, and even library records. In 2010, the FBI made 96 applications, up from just 21 in 2009.

I’ve been reading with interest the news stories lately about Epsilon. For those of you who don’t know Epsilon is a company that does marketing. Many companies give Epsilon customer lists and Epsilon uses that information to, say, email you about the latest Hilton Honors promotions. Except that there was a data breach and Epsilon lost up to 250 million email addresses along with information such as who those people were customers of. So, for example, they’d have my email address and the knowledge that I was a Hilton Honors member. So, a lot of people got emails in the last mont from companies saying “Um, be especially on the lookout for phishing attacks” and a lot of people were asking “Why did Epsilon have my email address in the first place, didn’t I sign a privacy policy with Company X?” And the answer is complicated. When you let Hilton Honors use your information to send you marketing information you are, in a way, letting them give the email address to marketing companies.

The reason I care about this at all is two reasons. One, there is a useful analog with libraries and how they handle their email lists of patrons. Obviously patron data is private and comes under whatever privacy laws a state has and whatever policies the library has. But is a library allowed to market to patrons? Or give these lists to peopl to market on the library’s behalf? This was the concern when the public library in Dixon California emailed patrons to let them know about ongoing library renovation plans and asked them to consider making donations. People who are not pleased with the library renovations, the Dixon Carnegie Library Preservation Society, is arguing that the librarian acted improperly when they gave patron email addresses to a consulting company without patron consent. Now let me just state I pretty well side with the library on this one, but it’s sure to be an increasingly contentious topic as libraries have more and more diffrent kinds of patron data to keep private.

And the second reson is just a cautionary tale. Many people with iphones are aware by now that the phone tracks where you go. I mean it has to in order to be a phone, but it stores this data in unencrypted form on both the phone and the synced compueter, forever. This means that anyone with access to a simple open source tool such as this one can make lovely maps like the one above. Good to know, and good to understand. As libraries move more towards mobile applications and mobile awareness generally, understanding how this sort of data works will be an important part of making sure we know how, when and why to keep it private.

• Phone box becomes mini-library – small community in Somerset turns old phone box into a lending library/free box for books.
• Portsmouth (NH) public library is having a documentary showing of DIY Nation + artist get together this weekend which looks like fun and a nifty type of program to boot. Plus I sort of stupidly like that they can link right to the book in their catalog. It’s 2009, how many of us can do that yet?
• One line update/coda to the Des Moines photography situation from the DMPL marketing manager “At this month’s meeting, our board voted to remove the requirement that permission be granted for photos to be taken in our library.” Woo!
• Curious to know what’s going to happen at the Hayward (CA) libraries when they go to a Netflix model for lending [pay up front, then no overdue fees]. Looking forward to seeing the crunched numbers at the end of this.
• In another neat model, ArchivesNext reports on the Amsterdam City Archives’ “you ask we scan” approach to digitization. There are some linked slideshows and further data. Interesting model.

I have less of an opinion on OCLC entering the OPAC market because none of my libraries can afford them, still. I do believe that more sharing is a good thing, data monopolies are a bad thing, and murky policies that consolidate power anywhere other than “with the people” isn’t really solving a problem for libraries in general.

It’s time now for the library world to step back and consider what, if anything, they want to do about restricting library data in a fast-moving, digital world. Some, including some who’ve deplored OCLC’s process and the policy, want restrictions on how library data is distributed and used. Once monopoly and rapid, coerced adoption are off the table, that’s a debate worth having, and one with arguments on both sides.

Wow. A research company hired by OCLC seems to be unclear on the difference between a survey and a push poll.

If you haven’t given your feedback yet, even if you’re not an OCLC member, please do.

I also often feel that one of the reasons we’re in this strange place is because many privacy issues are ones that technology could be solving for us. Yet, at the same time the technology we’re working with doesn’t allow us the granularity of making, for example, patron reading information available in the aggregate while still keeping the patron’s identity completely private. We have many patrons

Patron 1 wants to make sure no one ever knows what they are reading. Tells the OPAC to not keep his reading list. Knows his PIN. Wants to make sure the public access PCs don’t retain records of the sites he’s visited. Is a bit horrified that the library data we do keep isn’t in some way encrypted or otherwise protected.
Patron 2 wants to know every book she has ever checked out. Wants the library to leave the name of the book she has on hold on her answering machine. Wants her friend to be able to pick the book up for her at the library. Doesn’t remember her PIN and finds it vaguely annoying that she needs more than her library card number to use the OPAC.

A privacy solution that works for Patron 1 becomes a usability impediment to Patron 2. While libraries have the responsibility to keep both patrons’ data safe, they also have the responsibility to be usable and accomodating to both patrons. Technology, in my opinion, can address these issues but librarians have to a) embrace it b) request it from their vendors c) be willing to tolerate the learning curve that comes with any new technology.

I’m off to the tiny library today to help them with their slow automation project. In the meantime, these are the articles I have been reading about privacy lately. They’re about the information the mailman has, not the librarian, but it could apply to any of us at our job as well. The blog post is about an NPR story following a mail carrier on her route. She talks about what she knows about the world and the economy based on what people are getting delivered. She is supposed to keep people’s mail private, and she never mentions any names. Yet, there’s a lot of metadata in mail delivery, things the mailman knows. The blog’s author wonders how simple it would be to identify the people getting mail delivered from the information the mail carrier imparts. Feel free to read the rest.

• What Your Mailman Knows
• Abandoning the Envelope Analogy

You think you’re my friend; I disagree. We may be able to work together in real life without needing to confront the basic fact that you like me but not vice versa. But if you Facebook-add me and say “We dated,” what am I supposed to do? Uncheck that box and check “I don’t even know this person?” Divergences are made manifest, sometimes to mutual chagrin.

Facebook’s reputation on privacy matters is terrible. When people use “Facebook” and “privacy” in the same sentence, the word in between is never “protects.” Facebook’s privacy missteps haven’t just drawn the attention of bloggers, journalists, scholars, watchdog groups, and regulators, they’ve also sparked mass outrage among Facebook users. An anti-Beacon group attracted over 70,000 members. and an anti-News Feed group over 700,000. Facebook’s pattern—launch a problematic feature, offer a ham-handed response to initial complaints, and ultimately make a partial retreat—hasn’t given it much privacy credibility. In short, consumers don’t, can’t, couldn’t, and shouldn’t rely on Facebook’s privacy policy to protect their personal information as they use it.

If you read all the way down to page 40 or so, you’ll get some analysis of legal attempts at social networking site use restrictions including DOPA which many librarians should be familiar with.

First off let me say that I’m quoting from news stories only. Our official staff position is “no comment” and I’m sticking to that. Here is why this is a library issue.

• The initial reports, when the girl was simply missing, was that she had met a sexual predator online via her MySpace page. That garnered the predictable media outcry as well as some very good stories about safety online.
• It also resulted in law enforcement coming to the library to take the public PCs. You can read the library director’s statements about this in this article in the Burlington Free Press. The librarians waited for a court order, and gave the computers to the police once they received one. The computers have since been returned. The library had an internet policy in place to guide their actions in this situation.
• As more details emerged it became clear that the MySpace angle was not just untrue, it was the opposite of what people had thought. The person who abducted Brooke had actually logged in to her MySpace page to try to create a fake scenario where she was meeting a “predator” when in reality she was meeting him. IP addresses from these interactions were given to law enforcement by MySpace and were, as near as I can tell, instrumental in helping them determine the sequence of events of this crime and narrow down the suspect list considerably. The older articles still reflect the “internet predator” angle when, like most abductions, the criminal was someone from the victim’s own family.
• And as far as data goes, danah boyd has a very good article about MySpace when DOPA was more on the table in 2006. One of her useful facts “Statistically speaking, kids are more at risk at a church picnic or a boy scout outing than they are when they go on MySpace. Less than .01% of all youth abductions nationwide are stranger abductions and as far as we know, no stranger abduction has occurred because of social network services.”
• The accused man is being charged, as of this writing, with kidnaping. This is because kidnaping at a federal level carries a possible death penalty sentence and is, I assume, a bargaining chip. The law regarding this is one that I wasn’t totally aware of “the 2006 Adam Walsh law — named for another abducted child — allowed federal prosecution of such crimes when they are facilitated by the Internet.” Worth knowing for any of us who provide Internet access to the public, I think.
• The library has set up a book display dealing with this very difficult topic — books on MySpace, the death of a child, dealing with grief — and encouraging conversations.

So, this is all incredibly upsetting and destabilizing to the community here. While I hope that you never have to deal with something like this at your library, there may be some instructive or useful pieces of information here that I felt might be worthwhile to pass on.

During the panel, we were talking about things you’d want to keep private that you don’t necessarily need to keep secret. Sex and bathroom activities were two obvious examples. This then led to a discussion, more like hitting on a few points, about library records and how there is a difference between trashing them — so you can legitimately say “we don’t have any records to show you” — and obscuring them, say through encryption, so that the records are available to, say, patrons and yet not to librarians or, it follows, to law enforcement. I found this idea intriguing. Now that we’ve done a decent job making the point that patron library data is data that we protect, maybe we can make that protection more sophisticated so we don’t have to protect it by completely eradicating it. Maybe.

Anyhow, I got grabbed outside of the panel by Library Journal and I talked a little bit about this.

Also can I just say that Library Journal’s coverage of ALA was really engaging and worth reading this year? I haven’t been following ALA conferences in a while but I was surprised how much I enjoyed reading about this one in addition to attending it.

Do libraries still care if their information is being tracked, if they don’t should they?

NOLA ALA Council spurred this initiative. Soros funded.

Dan Roth – Wired senior writer

Privacy from a business perspective. “No one talks about their privacy policy” in business. Talked about a past disaster losing tapes with private info on it. Deep storage place said “that happens all the time”

“if you can’t get journalists excited about this how are you going to get people to write about it and get average people to care about their private information being lost”

People try to say “we’re more private than Google” way of brand differentiation. Ask.com and Microsoft.com

Ponemon, interviews Chief Privacy Officers & Marketers. CPO said we don’t share info, marketers said “oh sure we do”

Free Economy, companies embracing this as a business model “Arms race brewing” as companies who depend on free start competing, they serve up more private data about users.

Fortune tech coverage too

Beth Givens – Privacy Right Clearinghouse

Eleven years as a librarian. Privacy pie: info privacy (PRC, EPIC) vs. constitutional privacy (ACLU, EFF). Small staffing. They give people practical information about protecting personal information. Scott McNeely “You have no privacy get over it” [from Sun]

Informational self-determination is the way they describe it in Germany. Canada and Europe do a better job

Fair Credit Reporting Act gives you the right of access to your credit report – LEGALLY. Credit report is limited – LEGALLY.

Principles of Fair Info Practices [FIPS]
- access
- consent
- purpose specitification
- accuracy enforcement
- colleciton limitation
- security, accountability & uage limitation

“privacy policies are really disclosure policies”

Giving up is not the answer – suggests taking every opportunity we can to opt out. “Privacy basics and opt-out opportunities”

Identity Theft smartiepants – cares about consumers

Cory Doctorow – author/blogger, BoingBoing & etc.

dystopian novel – Transparent Society – we have to give up privacy but we are allowed to spy on our governments the way they can spy on us.

Architecture is politics, building networked societies and systems we wind up involving the systems that grow out of them.

Social networking – “I’m pretty upset about it in a lot of ways”

How can you say information is private but not secret? [obvious retorts: peeing, sex]

The more raw power you have the more power you have about the disclosure of your personal information.

outsourcing – we don’t even have the option to set policies on, for example, our RFID tags

Discusses regulation being the solution. You could make a brakeless car and it would be cheaper, but

Vendors are not treating libraries as first class citizens w/ its DRM and etc. Libraries have a moral obligation to do this for their patrons.

This is a business model that no one wants.

Undermines personal security and social security. In surveillance societies, no one trusts each other. There’s not enough social cohesion to form societies. We get surveillance instead of policing. “cameras are forensic, they only solve crimes after the fact”

Thinks it’s harder to find information as we collect more and more.

QUESTIONS
Kent Oliver Q What’s at stake overall?

Beth – we will lose it, just like minority report, worries abotu biometrics tracking us everywhere
Dan – what happens when our health records can be read by our employers
Cory – “personal information is like Uranium” a little bit is no big deal but combined in huge databases is toxic. “all this information we’ve created will be like smog, there will be no way to destroy it” “you’re loading the gun and handing it to all their successors forever.”

Minority Report & GATTACA mentioned

Q. Isn’t the horse out of the barn? How do we get back to before we gave away all this data?

Cory – pmog [justin hall's multiplayer game], sxip
Dan Roth – consumers have no idea why we should care
Beth – check out your own profiles and see what people know about you. Get the “right of access” into law.

Kate – How to be invisible, should we all try that?

Beth – you can’t really do that or you have to rely on other people
Cory – “I don’t think privacy should be a hair shirt” This is the American dream sybaritic. DEFAULTS MATTER esp in the free and open source world .talk to just ahndful of geeks and you can make enormous contributions across the world.
Dan – talking to HP chief privacy office talking about how they took care of privacy issues in the EU where it’s required but NOT in the US where it’s not necessary.

Kent – how do we make the average person care

Cory – Pablo “hackerbot” hacky idea about letting people know what can be known about them [prius example]
Beth – creative ways to educate and inform people “talking the talk and walking the walk” how do we get the message across creatively.

Kate Q. how do we balance users wanting details but us trying to protect privacy?
Cory – encryption

Librarian Q. how do we talk to or administration about this
Beth – data breach will be ugly and expensive to clean up
Cory – best way to avoid a data breach is to not have the data

Q. bought a house, 9/11, now I feel all my data is everywhere. tips how to leave less personal information?
Beth – create a living trust & put property in the name of the trust. “the younger you start, having a PO box and only a PO box…” “working with young people in so important”
Cory – 1. take control of your tech 2. taking control of your debate “this doesn’t make us safer” “if you want to keep people safe you have to keep them safe from the important threats” 3. regime change

Q. surveillance society “the bigger danger to me is more like social control”
Cory – safety and security are not platonically divided. does being safe from terrorists mean being less safe from governments?

Q. isnt there some sort of “cool factor” to sharing all this personal information?
Dan – talked about reading the family blog of a private squirrely CEO

Q. our inconvient truth, we need to be talking about information footprints the same way that people talk about carbin footprints
Dan – people will ignore you if it looks like you’re going to make things more difficult for them, people feel like giving away private information gets them something
there’s a third alternative between being a refusenik and giving in. taking control of the information they can gather from you.