Lightbeams and Stickers and Summer, Oh My!

Welcome to this week’s Tip of the Hat and to the unofficial start of summer. This week’s newsletter comes to you in two parts as you get back into the work routine after the holiday weekend.

Trackers, trackers everywhere

Many of you probably have at least some protection against web site trackers in your browser of choice, but do you know the true extent of user tracking on the web – perhaps even the website for your library or business? The Firefox Lightbeam add-on provides a comprehensive overview of the various trackers on a website that you’d otherwise miss if you try to compile this information on your own. The overview not only captures trackers from the web site but also third-party trackers. Once you have installed the add-on, disable your tracker blockers and browse the web, and Lightbeam will visualize how you are being tracked throughout your entire web browsing session. Give this tool a try if you want to get a sense of the extent of tracking of library patrons visiting multiple sites across different owners (for example, a patron going from a library home page to search for an ebook, landing on a results page in the discovery layer, and then going to the ebook vendor’s site). H/T to SwiftOnSecurity for tweeting about the extension!

Stickers, stickers everywhere

The Executive Assistant has been busy as LDH prepares for our trip to ALA Annual in DC, but she’s found some time to give us a sneak peek of what will be available at our table…

A brown hat sticker placed on top of a black cat looking at the camera.
For those who will be at the Exhibit Hall Grand Opening on Friday, June 21st, we will have laptop stickers! Below are the two designs that will be available: a hat sticker and a hexagon sticker.

 Two stickers: one hexagon sticker with a brown hat, and the other a brown hat.

Subscribers to this newsletter don’t have to wait until Annual to get their stickers – reply to this email and we will mail a few stickers your way. Stick them to your laptop, your door, your water bottle, or any other place where you want to tell folks that you care about library privacy and to “Follow The Hat.” Many thanks to Scott Carlson for creating the sticker design.

Humans, Tech, and Ethical Design: A Summit Reflection

Welcome to this week’s Tip of the Hat!

Last Saturday LDH attended the All Tech Is Human Summit with 150+ other technologists, designers, ethics professionals, academics, and others in discussing issues surrounding technology and social issues. There were many good conversations, some of which we’re passing along to you all as you consider how your organization could approach these issues.

The summit takes inspiration from the Ethics OS Toolkit which identifies eight risk zones in designing technology:

  1. Truth, Disinformation, Propaganda
  2. Addiction & the Dopamine Economy
  3. Economic & Asset Inequalities
  4. Machine Ethics & Algorithmic Biases
  5. Surveillance State
  6. Data Control & Monetization
  7. Implicit Trust & User Understanding
  8. Hateful & Criminal Actors

Each risk zone has the potential to create social harm, and the Toolkit helps planners, designers, and others in the development process to mitigate those risks. One of the ways you can mitigate risk in many of the areas in the design process (like the Data Control and Surveillance zones) is incorporating privacy into the design and development processes. Privacy by Design is an example of integrating privacy throughout the entire process, instead of waiting to do it at the end. Much like technical debt, incorporating privacy and other risk mitigation strategies throughout the design and development process will lessen the need for intensive resource investment on short notice when something goes wrong.

Another way to approach ethical design comes from George Aye, co-founder of the Greater Good Studio. In his lightning talk, George identified three qualities of good design:

  • Good design honors reality
  • Good design creates ownership
  • Good design builds power

Viewed through a privacy lens (or, in the case of LDH, with our data privacy hat on), these qualities can also help approach designers and planners in addressing the realities surrounding data privacy:

  • Honoring reality – how can the product or service meet the demonstrated/declared needs of the organization while honoring the many different expectations of privacy among library patrons? Which patron privacy expectations should be elevated, and what is the process to determine that prioritization? What societal factors should be taken into account when doing privacy risk assessments?
  • Creating ownership – how can the product or service give patrons a sense that they have ownership over their data and privacy? How can organizations cultivate that sense of ownership through various means, including policies surrounding the product? For vendors, what would it take to cultivate a similar relationship between library customers and the products they buy or license?
  • Building power – building off of the ownership questions, what should the product or service do in order to provide agency to patrons surrounding data collection and sharing when using the product or service? What data rights must be present to allow patrons control over their interactions with the product or process? Libraries – how can patrons have a voice in the design process, including those more impacted by the risk of privacy harm? Vendors – how can customers have a voice in the design process? All – how will you ensure that the process will not just be a “mark the checkbox” but instead an intentional act to include and honor those voices in the design process?

There’s a lot to think about in those questions above, but the questions illustrate the importance of addressing those questions while still in the design process. It’s hard to build privacy into a product or services once the product is already out there collecting and sharing high-risk data. Addressing the hard ethical and privacy questions during the design process not only avoids the pitfalls of technical debt and high-risk practices, but also provides the valuable opportunity to build valuable relationships between libraries, patrons, and vendors.

AI, Read The Privacy Policy For Me

Welcome to this week’s Tip of the Hat! Last week we took a deep dive into ALA’s privacy policy to figure out where our information was going if we agreed to receive information from exhibitors while registering for the Annual Conference.

[Which, ICYMI, LDH will be exhibiting at Annual! Let us know if you want to meet up and talk about all things privacy and libraries!]

As we encountered last week, privacy policies are not the most exciting documents to read. In fact, you can test out this theory by checking out the impressive list of electronic resource vendor privacy policies generated by the folks at York University (the code is available on GitHub). Try picking out a couple of privacy policies and read them from start to finish now. We’ll be here waiting for you.

…..

……. all done?

Chances are, you probably found yourself skimming the policies if you made it all the way to the bottom. If so, you’re not alone – studies have shown that the majority of folks do not read these policies, which could lead to surprises and confusion when your data is collected, shared, or breached. The fact is that it takes a long time to get through long, detailed documents – a recent study showed that many privacy policies require a high reading level and up to around a half hour to read. What’s a busy person to do?

One way some folks are addressing this is to let the machines do the reading for you. The last few years have seen several tools that use AI and machine learning (ML) to analyze privacy policies, selecting the very important parts that users should know. For example, the Usable Privacy Policy Project, an NSF funded project, used a collection of 115 privacy policies annotated by law students to train machine classifiers to annotate over 7000 privacy policies. Another group of researchers used the same 115 annotated privacy policies for ML training, creating two different tools for AI-generated analysis of policies. The first is Polisis, which creates a Sankey diagram based off of the AI’s analysis of the policy, while the second is Pribot, a chatbot that allows users to explore and ask questions about specific privacy policies.

Each AI privacy analysis tool takes a different approach in displaying the results to the end users. Let’s use OverDrive’s privacy policy as our test policy. [1] The Usable Privacy site uses different colored fonts to indicate which parts of the policy belong to 10 different categories. The site also directs us to another policy analysis of OverDrive’s Privacy Policy for Children. Users can click on a category to only show the colored sections of the policy, or to exclude it.

A screenshot of Usable Privacy's analysis of the OverDrive privacy policy.

For Polisis’ analysis of OverDrive’s policy, the site takes the same ten categories and creates separate visualizations for most of them. Users can click on a stream to highlight it in the diagram – for example, showing what information is shared and for what reason.

A screenshot of Polisis' analysis of OverDrive's privacy policy.

We are still a ways away before widespread adoption of AI-annotated privacy policies; however, the possibilities are promising. With GDPR, CCPA, and other upcoming privacy regulations, AI and ML could help end users in keeping up with all the changes in policies, as well as dig through mountains of text in a fraction of the time it would have taken to manually read all of the text. It will still take a considerable human role in training the AI and supervising the ML to ensure proper analysis, though, as well as human labor in creating effective and accessible interfaces. Perhaps one day there could be an API service that can have AI analyze the privacy policies listed on the York University page.

[1] Both sites are analyzing older versions of OverDrive’s privacy policy. The most up to date privacy policy is at https://company.cdn.overdrive.com/policies/privacy-policy.htm.

Monday Mystery: Conference Information Sharing

Welcome to this week’s Tip of the Hat! It seems that spring has just arrived for many of us in the US; however, the calendar tells us that we are only weeks away from the ALA Annual Conference in Washington DC in June. Our Executive Assistant was going through the PDF registration form the other day and noticed the following question:

A text box with the following text: "Attendees may receive exciting advance information from exhibitors like invitations, contests and other hot news. COUNT ME IN!" Yes/No checkboxes are next to the last sentence.

The above question on the registration form asks if the person (or in this case, cat) wants to receive information from conference exhibitors. The Executive Assistant paused. What does checking the “Yes” box all entail? Since we’re in the data privacy business, this is a perfect Monday Mystery for us to investigate.

After a quick search of the conference website, we land on ALA’s Privacy Policy at http://www.ala.org/privacypolicy. If you haven’t spent time with a privacy policy, it can seem daunting or downright boring. Let’s walk through this policy to find out what happens when we check the “Yes” box.

The “Information Collection & Use” section lays out what information is collected and when. They define “personal data” as information that can be used to identify someone: name, email, address, etc. The section breaks down some common actions and situations when ALA collects data, including event registration. We already guessed that ALA was collecting our information for event registration purposes, but we need to dig deeper into the policy to answer our question.

We then find a section labeled “Information Sharing” in which we might find our answer! The section lists who ALA shares information with in detail, including the type of data and circumstances that the data is shared. “Services Providers” seems promising – that is until we get into the details. The data listed that is shared to service providers is mostly technical data – location data, log files, and cookies – and has nothing regarding giving information to receive updates from exhibitors. Back to square one.

Moving down the policy, we arrive at the “Your Rights and Choices Regarding Your Information” section, which lists the following right:

Object to processing – You have the right to object to your Personal Data used in the following manners: (a) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); (b) direct marketing (including profiling); and (c) processing for purposes of scientific/historical research and statistics;”

Okay, we have the right to ask ALA not to use our personal data for marketing purposes. That’s a very important right to have, though that doesn’t exactly solve the mystery of what happens when we click on the “Yes” box.

This, readers, is where we are going to cheat in this investigation. It’s time to put our exhibitor hat on!

Exhibitors at major conferences are usually offered some form of registrant/member list as a means to promote their business before the conference. ALA does the same with Annual, and exhibitors can rent attendee lists. From https://2019.alaannual.org/list-rental, exhibitors have the option to “[t]arget buyers by industry segment, demographic profile or geographic area.” So, just not names and emails are shared!

On the exhibitor side, having that information would allow for targeted marketing – instead of blasting the entire attendee list, exhibitors can reach out to those most likely to be receptive to their service or product. On the attendee side, some want to have this type of targeted marketing to plan their time at the conference efficiently, or to do homework before hitting the exhibit hall. For other attendees, though, it means more emails that they’ll just delete or unsubscribe. And then there’s the question about what happens to that attendee data after the conference…

In the end, we still have a bit of a mystery on our hands. The only reason we got this far in our little Monday Mystery investigation is that LDH has been bombarded with emails trying to sell us attendee lists which tipped us off to start looking at the exhibitor section of the conference site. Your average conference attendee wouldn’t have that information and would be left scratching their heads due to the lack of information at the point of registration about what information is shared on these attendee lists. While we don’t have a clear answer to end today’s investigation, we hope that this gives our readers a little reminder to do some research the next time they are asked a similar question on a registration form.

Speaking of ALA Annual, LDH Consulting Services is excited to announce that we will be exhibiting in DC in booth 844! Many thanks to Equinox Open Library Initiative for making exhibiting at ALA Annual possible for LDH. Give us a ping if you will be at Annual and would like to talk more about LDH can do for your organization.