Scope Creep: Privacy During Lockdown | Metropolitan New York Library Council

Online/Virtual Event

Tuesday, May 26th 2020 from 4:00pm to 5:00pm

The following is a summary of the event by Traci Mark, Program Manager - Equity, Archives, and Media Preservation, METRO, published on June 18, 2020.

As society moved into lockdown, everyone who could do so collectively turned to online platforms like Zoom for our social sustenance. We flocked to Libby and OverDrive for access to ebooks and audiobooks. And, of course, we spent our shopping money on Amazon. How did the safety and protection of our data privacy change in this new environment?

Erin Berman, Division Director for Alameda County Library System’s Learning Group, William Marden, Director of Data Privacy and Compliance at the New York Public Library and Gary Price, Co-founder and Editor of Library Journal’s infoDOCKET, joined Davis Erin Anderson, the Assistant Director for Programs and Partnerships at METRO Library Council, on Tuesday, May 26, 2020 to discuss the changes in privacy that have accompanied a massive shift to the internet for nearly every aspect of our lives. They talked about the challenges to privacy that came with "the new normal" and how digital providers—both large and small—came under increased scrutiny as libraries and their patrons were impacted by the closure of physical facilities while increasing the use of online services.

Privacy issues have come to the forefront now that many of us are spending more time online. Our work days often revolve around Zoom calls and adapting different software to our personal and professional needs.

One of the first steps for our panelists during shelter-in-place was to figure out safe ways for their patrons and staff to work online without compromising their privacy. For William Marden at NYPL, this included creating workflows for software that were tested by staff within their Digital department. Deciding which program fit with the right content was part of this process. He uses the example of having author Neil Geiman do a reading, and using YouTube instead of Zoom for this purpose.

Erin Berman mentioned that, understandably during this time, many libraries have favoured access over privacy. But does it have to be one or the other? “Generally speaking, we are people who got into this profession because we wanted to help people,” Berman said. She acknowledged that it’s difficult to not act immediately to help during this time, even though it might be beneficial in the long run, even in a state of emergency, to take a moment to assess the ways in which we might protect privacy and provide access at the same time.

Gary Price echoed this by speaking about the library community immediately turning to Zoom as a primary platform. He stressed the importance of transparency in how personal information and data are being shared online through platforms and vendors, particularly within library systems. If personal data is being shared through online services, then the patron should be alerted before they choose to continue. Price proposes that an important initiative could include educating library staff about digital safety and teaching their patron base how to remove their personal data from third-party services.

All of our panelists emphasized how important it is to read privacy policies before giving your personal data. The more you read, you’ll start to notice patterns in language that obscures important information about keeping your personal data safe. Berman spoke about the value in urging vendors and online services to use plain language in their privacy policies to ensure accessibility.

Our panelists offered many suggestions to ameliorating these issues, including creating our own standards to which vendors should adhere, or using a variety of open tools to create our own software. Libraries could work with technology companies to create products that are safer and less invasive. “I think what we’re getting at is the word trust. How well do you trust third parties who are providing these services?” Price asked. As librarians, archivists, and cultural workers, we have the public’s trust; it is up to us to ensure that their private information stays private instead of being tracked and monitored by third party companies.

Helpful Links

https://chooseprivacyeveryday.org/ – Choose Privacy Everyday. ALA’s privacy-related initiative
https://nycdigitalsafety.org/ – NYC Digital Safety. Privacy curriculum developed by New York City’s three library systems
Plainlanguage.gov – Guidelines on using plain language in privacy policies.
http://privaseer.ist.psu.edu/about/ – Subject-specific database of over 1 million privacy policies.
http://www.ala.org/advocacy/privacy/guidelines/vendors – Library privacy guidelines for vendors.
http://www.ala.org/advocacy/sites/ala.org.advocacy/files/content/Privacy%20Audit%20Presentation.pdf – “A Practical Guide to Privacy Audits”. Powerpoint Presentation by Erin Berman and Julie Orborny

Many thanks to our panelists for these excellent insights and considerations. Please join us at one of our future events; a full listing can be found at https://metro.org/events.