Privacy and Library Systems
description
Transcript of Privacy and Library Systems
![Page 1: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/1.jpg)
Privacy and Library Systems
Karen Coylefor InfoPeople
November, 2004
![Page 2: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/2.jpg)
Privacy Today
111-22-3333
![Page 3: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/3.jpg)
“Data Mining”
SSN
zip code
date of birthpublic records
![Page 4: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/4.jpg)
Privacy Today – in Libraries
Computer systems create records where none existed before
Library services go beyond library walls Library network is part of a larger
networked world
![Page 5: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/5.jpg)
Privacy Today – in Libraries
Computer systems create records where none existed before
Library services go beyond library walls Library network is part of a larger
networked world Any library data is in the context of the
“data soup”
![Page 6: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/6.jpg)
What libraries can do....
Be responsible keepers of information about our patrons and library use
Be honest and informative
![Page 7: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/7.jpg)
Service and Privacy
More service can require more user information
“Personalization” is ... personal
![Page 8: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/8.jpg)
Security and Privacy
An insecure system cannot protect the privacy of users
Desire for security can lead to monitoring and logging of use
![Page 9: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/9.jpg)
Systems & Privacy
Library application systemsWeb site and serversPublic workstationsRemote services
![Page 10: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/10.jpg)
Rules for data collection
Only gather data that is absolutely necessary to perform the function
Do not keep data longer than is needed to perform the function
Limit access to those persons who must work with the data
![Page 11: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/11.jpg)
Library Application Systems
Patron database Circulation records Fines and payments Document delivery ILL requests and fulfillments Electronic reserves OPAC logs
Circulation and Borrower Records
![Page 12: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/12.jpg)
Library Application Systems
Saved searches or bibliographiesAutomated search profiles (SDI)Virtual reference“my library” personal viewemail services
Personalized Services
![Page 13: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/13.jpg)
Library Web Site
Web server logs Proxy server logs Cookies Forms and email
![Page 14: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/14.jpg)
Sample web log
204.123.28.31 - - [23/Jun/2002:02:21:31 -0400] "GET /reach.html HTTP/1.0" 200 2186 "-" "Mercator-2.0"204.123.28.31 - - [23/Jun/2002:02:21:39 -0400] "GET /htdig/search.html HTTP/1.0" 200 1083 "-" "Mercator-2.0"204.123.28.31 - - [23/Jun/2002:02:21:47 -0400] "GET /privacy-policy.html HTTP/1.0" 200 4406 "-" "Mercator-2.0"204.123.28.31 - - [23/Jun/2002:02:21:54 -0400] "GET /best.html HTTP/1.0" 200 5780 "-" "Mercator-2.0"204.123.28.31 - - [23/Jun/2002:02:22:01 -0400] "GET /upto.html HTTP/1.0" 200 4171 "-" "Mercator-2.0"204.123.28.31 - - [23/Jun/2002:02:22:13 -0400] "GET /cfp2002.html HTTP/1.0" 200 4745 "-" "Mercator-2.0"
![Page 15: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/15.jpg)
Sample web log
Internet address of user: 204.123.28.31
Date and time: [23/Jun/2002:02:21:23 -0400]
Requested document: "GET /topiclist.html "
204.123.28.31 - - [23/Jun/2002:02:21:23 -0400] "GET /topiclist.html HTTP/1.0" 200 17602 "-" "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)""
Browser: "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)"
![Page 16: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/16.jpg)
Sample web log
Internet address of user: 204.123.28.31
Date and time: [23/Jun/2002:02:21:23 -0400]
Requested document: "GET /topiclist.html "
204.123.28.31 - - [23/Jun/2002:02:21:23 -0400] "GET /topiclist.html HTTP/1.0" 200 17602 "-" "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)""
Browser: "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)"
![Page 17: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/17.jpg)
Sample web log
Internet address of user: 204.123.28.31
Date and time: [23/Jun/2002:02:21:23 -0400]
Requested document: "GET /topiclist.html "
204.123.28.31 - - [23/Jun/2002:02:21:23 -0400] "GET /topiclist.html HTTP/1.0" 200 17602 "-" "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)""
Browser: "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)"
![Page 18: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/18.jpg)
Sample web log
Internet address of user: 204.123.28.31
Date and time: [23/Jun/2002:02:21:23 -0400]
Requested document: "GET /topiclist.html "
204.123.28.31 - - [23/Jun/2002:02:21:23 -0400] "GET /topiclist.html HTTP/1.0" 200 17602 "-" "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)""
Browser: "Mozilla/3.01-C-MACOS8 (Macintosh; I; PPC)"
![Page 19: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/19.jpg)
Sample Web Log
“http:www.google.com/search?hl=en&ie=UTF-8&oe=UTF8&q=library+not+safe+place"
Can include searches
![Page 20: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/20.jpg)
Public Workstations
Browser cache and history Cookies Saved data Login records Sign-up sheets or systems
![Page 21: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/21.jpg)
Remote Services
Logons (in library or from home)PersonalizationStatistics
Databases and licensed services
![Page 22: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/22.jpg)
Remote Services
User education
Internet use
The Internet is outside of the library
![Page 23: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/23.jpg)
Privacy audit materials
http://www.kcoyle.net/infopeople/
![Page 24: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/24.jpg)
![Page 25: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/25.jpg)
For each:
What data exists?
Where is it located?
Who has access?
How long is the data kept?
![Page 26: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/26.jpg)
For each:
What data exists?
Where is it located?
Who has access?
How long is the data kept?
What is gathered and what does reveal?
Who must have access to do their job?
How long is this data really needed?
Is it within the library’s control?
![Page 27: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/27.jpg)
Example: Saved bibliography
What? Who? How long?
List of record IDs + Patron ID + Date created.Saved on server
Patron has access to their own; system admin has access to all; no other staff access
Purged at the end of each academic year; patrons can delete
![Page 28: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/28.jpg)
Example: Saved bibliography
Remind users to delete saved bibliographies they are no longer using
Remove bibliographies for user accounts that are no longer active
Inform users that although the library wishes to provide a secure environment, it cannot guarantee the privacy of these files.
![Page 29: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/29.jpg)
Example: Web logs
What? Who? How long?
Each request sent to library web server; includes: IP address of sender; item requested; browser...
Only systems staff have access
Stay on server until log file fills up; about 6 weeks
![Page 30: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/30.jpg)
Example: Web logs
If using web logs for statistics, gather statistics immediately and then purge the logs
If logs must be kept, “anonymize” the user’s identity by removing all or part of the user’s incoming Internet address
![Page 31: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/31.jpg)
Summary
Identify system areas where data is stored
Determine how long it is needed, and who should have access
Educate staff and educate users
![Page 32: Privacy and Library Systems](https://reader035.fdocuments.net/reader035/viewer/2022062723/56813ff8550346895dab274d/html5/thumbnails/32.jpg)
Thank You.
Karen Coyle
http://www.kcoyle.net