The Executive Assistant wishes everyone a happy Festivus season! It’s time to gather around the Festivus pole for the Airing of Grievances, in which we suspect there are many grievances to be aired given how 2021 played out. Nevertheless, a new year brings new opportunities and fewer grievances – unless you’re the Executive Assistant. There is the perpetual grievance of not having enough tuna in the office.
We will be back after the New Year. We have you covered if you need some privacy reads and videos to tie you over the holiday break. 2021 has been a hectic year in the privacy world, and while we covered a lot in the blog this year, there’s a lot more that we didn’t get to in our posts. Here are some of the reads that you might have missed this past year:
The Thing that Gets Us to the Thing – Shea Swauger’s talk delves into the library profession’s problematic framing of and approach to privacy. Shea challenges the profession to reconceptualize privacy – “Privacy isn’t the thing, it’s the thing that gets us to the thing.”
There’s a saying that makes the rounds at the LDH office – “same problems, different day.” While there is no shortage of unique and exciting privacy challenges out there, eventually there will be a version of a previous privacy issue we dealt with in the past that pops up in our daily work. The same goes for the general privacy discourse in the library world. It’s been a busy couple of weeks in the library discourse where we see versions of the same topics and issues discussed in the past. It can feel like we’re stuck in a time loop, reliving the same conversations.
Luckily, this gives LDH the opportunity to highlight relevant posts from the Tip of The Hat! Whether you missed the posts the first time around or are looking to revisit some of our older content, the newsletter-turned-blog has covered a lot of ground in the library privacy world. Let’s take some time to review some of those posts as the library world revisits several privacy conversations this week.
Mergers and Acquisitions and Consolidation oh my!
It’s official – Clarivate’s acquisition of Proquest is finally complete, furthering the consolidation of the library vendor marketplace. The acquisition isn’t the first one that led many in the library community to worry about the consequences of having only a handful of companies controlling the marketplace and what effects this consolidation would have on data privacy. In addition, there’s the practical concern of what exactly happens to patron data when a business is acquired or goes bankrupt. Here are some previous posts that touch on the relationship between vendors and library data privacy:
Libraries full of dusty books. Librarians reading all day on the job. Librarians shushing patrons. No matter where you go, there’s always a version of one of these tropes whenever libraries come up in the conversation. Most of the time, you find these tropes being brought up by people who don’t work at libraries, be it news reporters with cringeworthy article openers (“Libraries are no longer for books!”) to everyday conversation (“library quiet”). However, sometimes libraries themselves indulge in using library tropes for their own purposes. This week was no different with a social media account for a public library system in the US creating a meme about how the library doesn’t track patron use of library materials.
Longtime readers of the blog might recall our library privacy trope post from last year detailing the dangers of the trope to libraries and patrons. While the profession has a strong ethical mandate to protect patron privacy, including patron data, the reality is that libraries are subject to the same data privacy constraints and issues that show up in any other industry. For example, libraries and their vendors keep track of which patrons use specific resources and services. A library failing to let patrons know how the library or vendor collects, processes, and shares patron data or misrepresents library data privacy practices in communications to patrons is at risk of an ethics breach, losing the trust of their patrons.
When Privacy and Security Become a Barrier unto Themselves
A recent Twitter thread touched on many patrons’ struggles with multifactor authentication and how library workers encounter this struggle daily. Take some time to read the thread and the replies. It is a good reminder that not all privacy and security controls work for everyone. In some cases, these controls create barriers to using the library. These controls can disproportionally affect patrons who, for example, do not have reliable access to a mobile phone or limited phone service if the library or vendor requires all patrons to use multifactor authentication for using library resources or services.
[Related – sometimes your data privacy and security policies for staff are a liability in themselves! We touched on this liability last October using administrator privileges on work computers. As you think about what data privacy and security measures to put in place at your library, take some time to think about the costs and benefits of each measure. Sometimes it’s better – both for the bottom line and for data privacy and security – to accept certain risks.]