Category: privacy

Libraries in a Post-Truth World: The Conversation Continues

Jenny4 Comments

Back in January, there was a one-day conference called “Libraries in a Post-Truth World,” where panelists, presenters, and participants discussed the problem of “fake news,” the spread of misinformation/disinformation, the nature of truth, and what role librarians can play to help boost information literacy and media literacy. (And more. It was a pretty packed conference. See blog posts one | two | three.)

Another conference this month grew out of that one; the Massachusetts Library Association (MLA) Intellectual Freedom / Social Responsibilities Committee planned it, and it was held at Tower Hill Botanic Garden in Boylston, MA, which is by far the most beautiful place I’ve ever attended a conference.

View of Wachusett from Tower Hill Botanic Garden
View from Tower Hill Botanic Garden

The first speaker was Gail Slater, General Counsel for the Internet Association, based in Washington, DC. She had also spoken at ALA’s Midwinter conference in Boston, where she said she realized that “Librarians are the first responders and guardians of the Constitution” (a nice way to win over your librarian audience right away).

Slater’s topic was “The Right to Be Forgotten: Rulings in the EU, Their Impact on Global Internet Companies and Pending Legislation in the United States.” She spoke about “a wave of public policy challenges” to do with the internet now; one of the key questions is about internet companies’ (“online intermediaries”) responsibilities in terms of content posted by users. At the moment, Section 230 of the Communications Decency Act protects them from liability, but this “safe harbor” law may change.

Slater then moved on to speak about the Right to Be Forgotten. In a key case from Spain in May 2014, the European Court of Justice ruled that search engines are responsible for the content they point to. People in the EU have the right to be forgotten; they can petition Google to de-index links to content about themselves, as Mario Costeja Gonzalez did in the Spanish case. The information itself still exists, but a search engine won’t bring it up.

Plants in hanging basket
A hanging plant, Tower Hill Botanic Garden

Google handles these requests, weighing the public’s right to know against the individual’s right to privacy. Slater explained that in the EU, they place a higher value on the right to privacy, while in the US, we place a higher value on the right to know and free speech. This is “one of the bigger issues” on the geopolitical scale.

During the Q&A, someone asked a very good question: If a person can claim the Right to Be Forgotten or right of erasure, can a corporation claim it? Slater thought there were two reasons this was unlikely, even in the EU: first, the definition of a “data subject” is an individual citizen, not a corporation; and second, the request itself would become a news event, reminding everyone of the original story that the corporation is trying to erase.

Someone else asked what librarians can do about some of these issues. Slater said librarians can speak out about the importance of speech and the right to know. In the EU, privacy is considered a human right, but free speech is important too. She spoke of these as “competing equities” that require a careful balance.

Reflecting pool with turtle fountains
Turtle fountains in the Winter Garden, Tower Hill Botanic Garden

The second speaker was Shawn McIntosh, Assistant Professor of English and Digital Journalism & Communications at Massachusetts College of Liberal Arts. His topic was “Journalism Today: Learning to Trust the First Rough Draft of History.” Unlike Slater, he read a prepared speech, in the manner of a formal lecture. Rather ironically, he quoted Jay Rosen: “Journalism is a conversation, not a lecture.”

McIntosh spoke about what has and hasn’t changed in journalism. “Fake news” isn’t new, of course – there has always been propaganda, biased and partisan writing, and satire. However, “Willingness to accept the lies or spin them as ‘alternative facts’ or not caring is new.”

McIntosh said that his background in strategic communications (a.k.a. PR, a.k.a. “the dark side”) had been helpful: knowing how and why persuasion works, and how attitudes can be impervious to change even/especially when confronted with facts gives perspective to the news climate today. “Beliefs,” he said, “eat facts for lunch.” Research shows that presenting facts to counter someone’s beliefs does not work to change their minds (a disappointing thing for a roomful of librarians to hear).

Over the past few decades, McIntosh said, there has been a broad shift that is “dangerous to our civic and cultural life,” an erosion of public trust in experts and institutions. Journalists are seen as biased and untrustworthy sources. (Librarians, on the other hand, enjoy a high degree of social trust.)

Tree with fall foliage
A tree with fall foliage, Tower Hill Botanic Garden

What are the obstacles? Journalists are overworked and underpaid, and employees and coverage are being cut back, so there is more use of wire service content and less reporting on local issues. Less advertising leads to more cutbacks in a downward spiral. And the 24-hour news cycle certainly doesn’t help.

What can be done? “Journalism has to get back to its roots and break free from its modern traditions.” Rather than attempting or pretending to be objective, journalists must provide context for their stories. “Narrative and stories are how we make sense of the world….News is socially constructed. Acknowledge that.” Furthermore, because of mass communication and social media, the lecture style of journalism no longer works; it must be a conversation.  Within this conversation, though, “people will seek trusted voices,” and curation (the librarian ears perk up) “will play more of a role than it has so far.”

In this environment, McIntosh said, “Developing higher-order critical thinking skills is crucial….News literacy and information literacy skills are vital.” Librarians, of course, are on board with information literacy and media literacy, but McIntosh also said, “It can’t be all consumption, it must be production too.” People need to look under the hood to get an idea of how things work. Here, he said, is a “natural place for libraries, educations, journalists to meet.” People meeting face to face in libraries and classrooms can lead to “exchanges and dialogues between people of different views, [which] can start to break down polarization.”

Stone bench and plants

After a lunch break and a walk around the beautiful grounds, we reconvened in the conference room for a panel on “Combating Disinformation in Your Library.” I spoke, along with Andrea Fiorillo of the Reading Public Library and Bernadette Rivard of the Bellingham Public Library, about what we have done in our libraries to increase information literacy and media literacy.

Photo of panel from a conference attendee's Twitter account
Bernadette Rivard, Jenny Arch, Andrea Fiorillo

Last December, Bernadette wrote a blog post encouraging library users to “think before you share,” and giving tips on how to evaluate news sources. Andrea ran a “civil civics” series, bringing in speakers such as Melissa Zimdars (who was on the panel at the January conference; she also got online access to newspapers for the library’s patrons. (Most libraries still subscribe to newspapers in print, but because most people read the news online, digital subscriptions are another way the library can help connect people with quality information.) I spoke about my “What Is Fake News?” pamphlet, display, and library blog posts, and went over some tips that I’ll be sharing in a future library blog post.

View of the pergolas from the Secret Garden
View of the pergolas from the Secret Garden

After the panel, we returned to our tables for small group discussion on the following four questions:

  1. What does the term “fake news” mean for librarians and the communities we serve?
  2. What are some creative and traditional approaches for librarians to support First Amendment awareness and education?
  3. What are your library’s barriers and supports to promoting media literacy?
  4. What has your library done and what would you like to do to support media literacy?

Conference organizers will be compiling the replies and sending them out to participants, so I may share those here later. At our table alone, we had a mix of public librarians (children’s and adult) and school librarians; I imagine academic librarians would have had a different set of answers. The hashtag for the conference, #mlafreedom, purposely didn’t include a date, so it may be used for related events in the future.

What does your library do to promote information literacy and media literacy? What role(s) do you think librarians can play in our current information environment? Do you have blog posts or handouts to share?

 

 

 

 

 

On Display: Highlighting what the library has to offer

Jenny1 Comment

Arts and crafts didn’t end after elementary school like I expected they might. I put some basic arts and crafts (and graphic design) skills to work almost every month at the library (File under: “things they didn’t teach you in library school”). We have three main display tables, plus a set of shelves used seasonally (teen summer reading prizes in the summer, holiday CDs in November and December), and we change the displays every month. Rob’s awesome displays challenge the rest of us to up our game!

What’s the purpose of library displays? They convey information; they offer entertainment or humor; they ask passers-by to stop and engage (many of our displays have interactive elements); they highlight parts of the library collection; and they give people something to look at while they wait in line.

Your faveorite book here

This is the simplest possible display: empty book stands with a sign that reads “[YOUR FAVORITE BOOK HERE]” and directions for how to add a book to the display. This display encourages engagement and participation by asking library users to recommend books (or movies or music) to each other.

True Crime

Sometimes displays feature a specific area of the collection; in this case, I highlighted our true crime books. It was very easy to pull books for this display, as they’re helpfully grouped in 364 (for Dewey nerds). I was pleased that I was able to pull off my vision of getting the words “TRUE CRIME” to look as though they were behind bars while still being legible. (The stone statue behind the table is not part of the display.)

NaNoWriMo

Some displays are annual; this one is part of last year’s National Novel Writing Month display. We hosted “Write-Ins” throughout the month. The display table included the schedule of write-ins and a word count calendar, along with some library books about writing, and the official NaNoWriMo poster for that year.

Not everyone knows what NaNoWriMo is, so I wanted to find a way to include both the whole name and the nickname; I achieved the effect by changing the background color behind the text. (I made this in Publisher, which gives the user more control and precision than Canva, plus it has the eyedropper tool that allows you to pick colors from a graphic or image and use that exact color for text or background; I used colors from the one of the NaNoWriMo graphics. Canva has other strengths, though!)

Banned Books Week

I always put up a display for Banned Books Week at the end of September; this one features a poster, a quote from the ALA Code of Ethics, an infographic from the ALA Office of Intellectual Freedom, some “I read banned books” buttons that I made, a small fake bonfire, and – my favorite interactive element – the “books change lives” jar, with comment cards and a cup of pens. The week after Banned Books Week, I pull the responses from the jar and write a blog post for the library.

Choose Privacy Week 2017

Choose Privacy Week is another annual display, in the first week of May. For this display, I designed two poster boards using simple, bold graphics and bright colors. The poster on the right in the photo that asks “Why is privacy important?” answers its own question in part by including the titles of library books that people might not want others to know they had checked out, from Managing Your Depression to What to Expect When You’re Expecting to It Gets Better.

I also included a fact sheet from ALA and books and DVDs about privacy from the library collection. People are always welcome to take library materials from the display to check out.

For Choose Privacy Week in 2015, I used a series of “True or False?” questions about privacy with answers under a flap of paper, so patrons were encouraged to interact with the display to get the answers.

What Is Fake News

I started off the year with a “What is fake news?” display. Instead of using a tablecloth or butcher paper to cover the table, I used old newspaper. I put together three informational poster boards (a bit more text-heavy than usual), and included copies of a pamphlet with information about “fake news”: what is it, how it spreads, how to avoid spreading it yourself. (Basically, how to be a responsible information consumer. A PDF of the pamphlet is available here.)

I updated one of the boards (“What is the filter bubble?”), as I will be bringing them to a conference and a class later this month.

Fake News updated boards

None of these are particularly flashy – Rob might say I don’t use enough glitter, for one thing, and I could use more 3D objects and props – but I hope they get the point across. Do you make displays for your library? What are some of the ones you’re proud of? What materials and techniques do you like to use?

 

 

Libraries in a Post-Truth World

Jenny8 Comments

On Thursday, January 26, I attended a one-day conference hosted by Phillips Academy in Andover called “Libraries in a Post-Truth World.” There was some helpful pre-conference reading about fake news and hoaxes, information overload, and media literacy:

Why America is Self-Segregating” and “Did Media Literacy Backfire?” by danah boyd, January 9 & 10, 2017

Many Americans Believe Fake News Is Sowing Confusion,” Pew Research Center, December 15, 2016

The Real History of Fake News,” Columbia Journalism Review, December 15, 2016

At Sea in a Deluge of Data,” Alison J. Head and John Wihbey, The Chronicle of Higher Education, July 7, 2014

Mike Barker, Director of Academy Research and Library Services at Phillips Academy, introduced the morning’s panelists:

John Palfrey, Head of School, Phillips Academy, and author
Mary Robb, Teacher, Media Literacy and Democracy, Andover High School
Adam Schrader, Former Facebook editor and news fact checker
Damaso Reyes, Program Coordinator, The News Literacy Project
Melissa Zimdars, PhD, Assistant Professor of Communication at Merrimack College
Catherine Tousignant, English Instructor, Phillips Academy
Alison Head, PhD, Project Information Literacy
John Wihbey, Assistant Professor of Journalism and New Media at Northeastern University
Claire Wardle, First Draft News
Ben Sobel, Fellow, Berkman Klein Center for Internet and Society, Harvard University

The panelists were all informed and articulate, experts in their fields; they could have spoken for much longer, but we used the rest of the day for two presentation sessions (Damaso Reyes on The News Literacy Project and Checkology, Alison J. Head on Project Information Literacy), identifying areas of focus for the afternoon discussion, reforming into discussion topic groups, and reporting our results to the other participants.

“Librarians are good at ferreting out what exists and good at making partnerships. Librarians are in the right position to make an impact.” -Alison Head

I attended Damaso Reyes’ presentation on Checkology (“how to know what to believe”), a news literacy program designed for 6th-12th grade students. Reyes showed us videos created for the program (Peter Sagal was in one!) and guided us briefly through the four modules: (1) Filtering news and information; (2) exercising civic freedoms; (3) navigating today’s information landscape; and (4) how to know what to believe. Some key takeaways:

  • “Information literacy is not what it should be in our society, and that’s a threat to our democracy.”
  • When reading/listening to/watching news, ask: What is the primary purpose of this information? (To inform, to entertain, to convince, to provoke, etc.)
  • Consider the role of algorithms and personalization. The information you’re getting is filtered – think about how and why.
  • Trying to teach students to be skeptical, not cynical.
  • Critical thinking & skepticism is an important skill, and should not be outsourced to technology even if it could be (e.g. plugins). “We shouldn’t depend too much on technology to save us.”
  • What you share online has your credibility attached to it.
  • We are all susceptible to confirmation bias.
  • Society stops functioning if we can’t agree on some things (i.e. facts). A fact is something we can all agree on but it is also something we can independently verify.

After the presentation, we talked in small groups to come up with discussion topics for the afternoon. Two of the Phillips Academy librarians sorted our ideas into loose categories:

Partnerships & Collaboration with Faculty
Partnerships & Collaboration with Community
Professional Development
Fact, Truth, & Trust (I was in this group)
Access to Information
Lesson Plans
Teaching Approach
“Other”

I will be writing another blog post (or two) soon about the morning panel and the afternoon discussion. In the meantime, I’d like to share a handout I made for my library to accompany our display on media literacy. Here is the PDF of the tri-fold pamphlet: updated 2/16/17, 3/1/2017 – I have made a new version without the Robbins Library logo, with a Creative Commons license. Please feel free to use and share: 2017-01-fakenewsbrochure-update-2017-03

Blog posts elsewhere: privacy tools and summer reading lists

JennyLeave a comment

In addition to blogging here and at my personal blog (mostly photos of the dog or the garden, with occasional recipes), I also write for the Robbins Library blog and, nominally at least, I’m a contributor to Teaching the Tools, a blog about libraries and technology education.

Library Freedom Project logoI just wrote my first full-length blog post for Teaching the Tools, a recap of Alison Macrina’s (The Library Freedom Project) presentation to the Minuteman Library Network (MLN) Teaching Technology Interest Group (TTIG), which I co-chaired for the past two years. Alison, who used to be a librarian at the Watertown Free Library, was kind enough to come to our June TTIG meeting and present about a variety of privacy tools. You can learn about the TOR Browser, Duck Duck Go, Privacy Badger, HTTPS Everywhere, Let’s Encrypt, and KeePass at Teaching the Tools.

While I was there (and writing the annual report for the TTIG group), I added a blog post to recap our March meeting, including a link to the presentation slides on Teaching Technology: Assessment and Evaluation. If you teach technology at your library – even if your instruction is no more formal that tech-related questions at the reference desk – check it out.

Cover image of In the Unlikely EventIf you’re in the mood for lighter fare – looking for a few summer reading books, perhaps? – I’ve been writing about books for the Robbins Library blog. Here’s an annotated list of lists: the top summer reading books according to various sources. I also wrote a recap of a Book Talk I did with my co-worker, separated into fiction and nonfiction. I’m looking forward to Judy Blume’s adult novel this summer, In the Unlikely Event, and a whole slew of new books this fall, including novels from David Mitchell and Rainbow Rowell. There’s always something to look forward to (or back on, if you’re revisiting classics) in the book world…

MLA 2015: Through the Library Lens, Part II

Jenny2 Comments

Here we go, Day Two of MLA! Read about Monday sessions here.

Flexibility in Library Design, or Agile Libraries that Evolve with You, presented by Lauren Stara and Rosemary Waltos of the MBLC and Sal Genovese of the Walpole Public Library (Tuesday, May 5, 8:30am)

Three cheers for Lauren Stara, who posted her presentation slides online in advance of this session. Check out her slides for lots of great visuals of “lightweight, portable, modular, convenient, approachable” furniture, from service desks to comfy chairs; she included examples from many libraries in the U.S. and Canada. (The presenters’ contact info and a link to several useful Pinterest boards are available through that link as well.) There were tons of tweets during this session (see below), and between those and the slides, I don’t have much to add except that I’m in favor of flexible, adaptable design in libraries and I want to use at least 75% of these ideas right away. Also, I’ve added Aaron Schmidt’s Useful, Useable, Desirable to my ever-growing to-read list.

Screenshot of tweets including What is the first thing a new user sees when they enter your library building?Screenshot of tweets including If you're gonna have movable furniture, make sure it fits in your elevator.Screenshot of tweets, including "When we opened the new building, we put a piece of furniture everywhere there was a window and an outlet."

An Introduction to Fighting Surveillance and Promoting Privacy in Libraries, presented by Alison Macrina of the Library Freedom Project and Kade Crockford of the ACLU (Tuesday, May 5, 9:50am)

I’ve heard Kade and Alison before, but even though most of their presentation was familiar, it’s worth hearing and sharing again – plus I picked up a couple of new tips, as usual. Alison introduced a whole series of online privacy tools, which are also collected on the Library Freedom Project’s resources page.

Libraries can introduce patrons to some of these tools by installing them on public computers, and posting signs to explain the changes and raise awareness about protecting online privacy. The TOR browser is one option (“it’s not just for criminals anymore!”), and the Firefox browser with the DuckDuckGo search engine and HTTPS Everywhere and Privacy Badger plugins is another great choice. (I’m planning to switch from the Ghostery plugin to Privacy Badger, after learning that Ghostery sells information to advertisers – though this is something you can control in your settings if you do have it installed.) Good privacy options (secure texting and phone calls) for mobile phones  can be downloaded from Open Whisper Systems.

Screenshot of tweets, including Libraries can help educate patrons how to protect their digital privacy. Try duckduckgo instead of google search.

Screenshot of tweets, including Book rec from @flexlibris: The Filter Bubble by Eli Pariser #masslib15

Advocacy and Your Library, with panelists Edward M. Augustus, Jr., City Manager of Worcester; Representative Kate Hogan, 3rd Middlesex, Chair, Public Library Caucus; John Arnold, Town Moderator, Westborough. Moderators: Susan McAlister, Dinah O’Brien, and Beverly Shank, MLA Legislative Committee Co-Chairs  (Tuesday, May 5, 11:15am)

The takeaway point from this session: the importance of building a relationship with local legislators so that your only contact with them isn’t when you’re asking for money. (At the same time, “You are never going to get what you want if you don’t ask for it.”) It’s important for library staff to be involved, and also to encourage library trustees and patrons to advocate for the library; often, a patron’s voice is more persuasive to a legislator than a librarian’s. When librarians do speak on behalf of the library, the focus ought to be “We’re not here to preserve my job, we’re trying to make the community a better place.”

Demonstrating real outcomes for real people, through qualitative (anecdotes, stories) and quantitative (numbers and statistics) evidence, is most effective. Collaborating and building coalitions with other community groups is also helpful; there are many groups and limited resources. That said, libraries do a lot with a little – specifically, with 0.07% of the Massachusetts state budget.

Screenshot of tweets, including Be aggressive and persistent. There are an endless number of worthy causes competing for limited resources. #advocacyScreenshot of tweets, including Library budget is 7 one-hundredths of the total operating budget (.07%) in Mass!!

A Whale of a Good Time: Summer Library Programming for All Ages, presented by Jennifer Harris and Margaret McGrath of the Plymouth Public Library (Tuesday, May 5, 2:30pm)

Attendees had two choices during this session: get inspired, or take your ball and glove and go home, because this was a hell of a summer reading program/community read (“One Book, One Community”). First of all, they got people to read Moby-Dick, which is impressive on its own. Second, they did a massive PR push, with mailings to 25,000 households and visits to all the elementary schools, raising awareness for all ages; high school art students were recruited to help with PR design. Third, they used every last drop of a $3,000 programming budget, spreading programs for all ages throughout the summer. Programs included three book discussions (it’s 600+ pages, folks), concerts on the lawn in front of the library, knot-tying lessons, a mini-readathon, a craft program series for teens, a hard tack tasting (verdict: not tasty), a movie screening, a Melville impersonator, a field trip to the New Bedford Whaling Museum, and visits from two separate inflatable whales.

Key to the success of the Plymouth Public Library program was staff buy-in and great brainstorming sessions, as well as a healthy budget, good planning, and great PR (in addition to the mailings, they were active on Facebook, Twitter, Flickr, and Pinterest, and events appeared in the Boston Globe and on local TV as well).

Our library does a Community Read (Arlington Reads Together) in the spring, separate from our summer reading programs for children, teens, and adults. I’m curious how many other libraries combine their Community Read with summer reading.

Screenshot of tweet: PR: The message has to go out so that we can bring the people in. #summerreading #masslib15Screenshot of tweet: "If someone doesn't call you back, and you call a few days later and they still don't call you back, move on!" #lifeadvice #masslib15Screenshot of tweets: A Melville impersonator for Moby Dick summer reading program. I'm thinking of the Ben Franklin episode of The Office. #masslib15

RA Toolbox: Staying Alive – Readers’ Advisory Continuing Education, presented by Laurie Cavanaugh of the Holmes Public Library, Nanci Milone Hill of the Parker Memorial Library, Molly Moss, of the Forbes Library, and Leane M. Ellis of the Lucius Beebe Memorial Library (Tuesday, May 5, 4:15pm)

Each panelist in this session had been the recipient of a LSTA grant for readers’ advisory, administered through the MBLC, so each panelist talked about how they’d implemented the grant, as well as how they’d come to be interested (and expert) in readers’ advisory. Molly had a background in science and academic libraries; readers’ advisory was the most intimidating part of working at a public library reference desk for her. She tackled the task and became involved in the Adult Reading Round Table (ARRT) of Illinois. There is now a Readers’ Advisory Round Table (RART) for every region of Massachusetts (Northeast, West, Metrowest, Southeast), and each one has a blog.

Grant money can be put toward speaker fees, conference fees, materials (books), shelf talker materials (those plastic things that clip on to shelves), staff time, and mileage. Nanci invited Duncan Smith from NoveList to speak to her staff, as well as the Sisters in Crime; Molly invited Barry Trott of the Williamsburg (VA) Regional Library. The WRL was the first library to put a “reader profile form” online; many libraries, including the Forbes in Northampton and the Robbins in Arlington, have adapted the form (with permission) to use on their own websites. Librarians at the Forbes have also done blitz-style RA, asking patrons to post to the library’s Facebook wall with a book they liked, and recommending another book based on that one.

All the panelists talked about genre studies. A typical model includes monthly or bi-monthly meetings where participants read one “benchmark” book in a genre or subgenre, and one secondary selection. This allows for common ground (the book everyone read) and new recommendations. Genre studies can be done within a library, in partnership between two libraries, and through the round table groups across the state. Virtual participants are welcome in the Massachusetts Readers’ Advisory Goodreads group.

Laurie said that readers’ advisory was “customer service in the digital age,” providing a personal touch. Leane, too, said that RA was “public service on a personal level for your readers and potential readers.” Customized forms are just one way to provide great recommendations to patrons; other models include “five to try” booklists, “If you like [author/title, TV show, etc.], you might also like [___],” subgenre booklists, and staff picks lists.

This session concentrated on the LSTA RA grant and implementing genre studies, rather than specific RA tips such as including appeal factors as well as a summary when talking or writing about a book (and no spoilers!). The RA interview was covered in a previous session, RA Toolbox: Conversing with the Reader – the Readers’ Advisory Interview. Additional RA tips and resources are available from MLS. The MLA RA Toolbox handout should, hopefully, be available soon on the Presentations & Handouts page of the conference site.

Screenshot of tweets including #readadv is a public service on a personal level for your readers and potential readers.Screenshot of tweets including Making sure entire library staff is on board with #readadv as an essential library service. #masslib15Screenshot of tweets including Writing about a book can cement information about it in your mind. Create booklists. #readadv #masslib15 2 retweets 1 favorite

Overall, a great conference experience that gave me plenty of ideas and resources to follow up on in the coming weeks, plus an opportunity to see friendly faces from grad school, past library work, fellow committee members, and even friends from Twitter.

If you have questions about any of these recaps, or have written your own recaps to share, please ask or link in the comments!

 

MLA 2015: Through the Library Lens, Part I

Jenny4 Comments

Thanks to my library’s wonderful support for professional development, once again I got to attend the Massachusetts Library Association (MLA) annual conference. This year’s theme was “through the library lens,” though none of the sessions I went to specifically addressed what that might mean. (Could it just be a joke about how most of us wear glasses?) (Probably not.) The conference hashtag was #masslib15 and several of us were active on Twitter during the conference.

Throughout my session recaps, I will include links to presentations and slides when possible; most aren’t available online yet, but they should be posted on the presentations & handouts page of the MLA site. (I spoke to a conference organizer about maybe having the materials posted online before the conference started; she said it was hard enough to get the details of everyone’s programs in advance of the conference, getting presentations ahead of time would be next to impossible.)

Bite-Size Learning: Staff Training a Little at a Time, presented by Michelle Filleul, Amy Lannon, and Patty O’Donnell of the Reading Public Library (Monday, May 4, 10:30am)

This session started off with a seven-minute video (“Did You Know 2014“); it’s worthwhile, but I recommend watching it without the sound. The main point is that the world is changing rapidly, especially technology. Libraries can encourage their staff to be “lifetime learners” and create a learner-centric culture by implementing a “bite-size learning” program: each participating staff member gets to spend an hour a week learning something new. This learning is self-directed, internally motivated, goal-oriented, and self-paced; it is relevant to the individual, and is experiential (learn by doing).

Individuals might choose to familiarize themselves with Overdrive or read storytime blogs; they might explore Ancestry.com or take a webinar on any number of subjects. Managers/leaders can start with competency checklists and tailor them to their departments. Staff set specific goals and check in with their supervisor each week to track progress; supervisors participate in the program too. Seeing department heads and directors learn new things sets a good example and breaks down the fear of failure that can accompany trying something out of one’s comfort zone.

A paralibrarian from Reading spoke movingly about how the bite-size learning helped her; she said, “Technology isn’t my thing, but learning is….I don’t want to become a senior citizen who didn’t keep up with technology. I want to communicate with the younger generation on their terms….We have to know how to do these things.” Learning new skills builds confidence in one’s ability to learn, and in one’s ability to help others – a pretty big payoff in exchange for an hour a week.

Screenshot of tweet: Self-directed learning: internally motivated, goal oriented, self-paced, relevant to learner, experiential #masslib15Screenshot of two tweets: Cross-training helps staff better understand and appreciate others' work in the library -and- Bite size learning: Overcome fear of failure, learn something new, increase confidence.

Stealth Reference: Reaching Non-Library Users, presented by Margot Malachowski from the Baystate Health Sciences Library, Anne Gancarz from the Chicopee Public Library, and John Walsh from the Newton Free Library (Monday, May 4, 1:15pm)

“Stealth reference” is a very cool name for what is usually referred to as “outreach.” Margot from Baystate talked about identifying your vulnerable populations, and aligning programs with community needs. She teaches the public directly, taking questions and answering them by mail (five stars for follow-up!), and she also teaches the people who teach the public, like The Literacy Project.

Screenshot of tweet: If a user population isn't using the library, the library may not be serving them effectively.

Anne from Chicopee asked herself, “Who am I seeking? What am I offering?” and asked what motivation potential users had to come to the library. Anne, I suspect, doesn’t sleep much: she has gone into schools, visited homebound patrons, worked with teens, connected to the visually impaired community, gone to the farmers’ market, worked with the sheriff and ex-offenders, and worked with the Council on Aging (COA); there is a bookmobile in her future. Anne suggested collaboration: with town departments like Parks & Rec, the COA, planning boards, and local events. She noticed that program popularity is cyclical; what works one year may not work the next year. “We’re always awesome and helpful,” she said, “but people don’t always know that.” If every library had a Community Services Librarian like Anne, more people would know about all the things libraries have to offer.

Screenshot of tweets and RTs, including "Any opportunity to discuss your library gives you the opportunity to engage your community of potential library users"

Last but not least, John also talked about leaving the library building, going where the people you want to be users are, and showing them what they’re missing. “They don’t know they want things” or they don’t think the library has them. He recommended contacting businesses in the area; even chains like Starbucks and Whole Foods sometimes have community relations people who may be eager to help. Bring some handouts with you, he advised, but those handouts should be immediately useful – a calendar of events, a link to the digital media catalog, etc.

One of the challenges libraries face with outreach efforts – assuming that library leadership supports it – is finding the time for staff to leave the building. Many public libraries are short-staffed, and most won’t consider leaving the reference desk unattended while librarians are at the farmers’ market, the high school, or the senior center. Off-desk hours are precious too – that’s when we order books and other materials, plan programs, create booklists and displays and flyers and a hundred other things – but starting small is better than nothing at all.

Connecting the Dots of Internet Freedom: The Future of Free Speech, presented by Evan Greer from Fight for the Future (Monday, May 4, 2:45pm)

Like many privacy advocates, Evan is an impassioned speaker. She concentrated on four modern threats to freedom of expression on the Internet: (1) attacks on Net Neutrality, (2) mass surveillance, (3) overzealous copyright enforcement, and (4) secretive trade deals, e.g. the Trans-Pacific Partnership (TPP). Her presentation was both entertaining and convincing, though I suspect the people in attendance were convinced before they showed up. I tweeted throughout this session; see below for tweets and additional links.

Screenshot of tweets, including Net Neutrality is the First Amendment of the Internet. Slowness equals censorship. Screenshot of tweets, including PEN America report on chilling effect of mass surveillance: http://pen.org/global-chill #masslib15Screenshot of tweets including TPP will export US copyright law to the rest of the world - minus Fair Use. Congress loves phone calls https://www.stopfasttrack.com/ Links:

Power of the Written Word: Librarian Influence Through Writing Reviews, presented by Kristi Chadwick of the Massachusetts Library System, Rebecca Vnuk of Booklist, and Nanci Milone Hill of the M.G. Parker Memorial Library in Dracut (Monday, May 4, 4:00pm)

Rebecca, Kristi, and Nanci all gave general advice about writing reviews as well as specific tips for which publications are looking for reviewers and whether or not they pay (mostly they don’t, but book reviewing shows engagement with the profession and looks good to potential future employers, etc.). They also talked about how they got started; they all “fell into it” (but only if “falling into it” means seeking out and creating opportunities for writing reviews and honing their blogging skills).

Rebecca (Shelf Renewal) talked about some of the standard review publications – Library Journal and SLJ, Booklist, Kirkus, VOYA – and their different style guides. Find your voice: is it conversational or formal? Figure out what you want to say and who your audience is. Incorporate readers’ advisory aspects (e.g. appeal factors) into your reviews, and a sense of humor. If you do get your reviews published in one of these sources, cut out your printed review and compare it to what you submitted, line by line; this will improve your reviews. Take cues from existing blogs and websites, and practice writing reviews on Amazon, Goodreads, or LibraryThing.

Kristi’s advice: find your review style, decide your limits, have a review policy, and don’t read other reviews of the book you’re reviewing (beware unintentional plagiarism). Identify the hook, the who/what/when/where/why, who the book will appeal to, and of course…no spoilers! Get e-galleys through NetGalley and/or Edelweiss and submit reviews to LibraryReads.

Screenshot of tweets, including Writing book reviews: What do you want to say? Who is your audience? #masslib15 -and- Find a style that works for you, decide your limits, have a review policy, don't plagiarize! -@booksNyarn Nanci suggested getting involved with your local Readers’ Advisory Round Table (every region of Massachusetts has one), and mentioned a few less obvious candidates for would-be reviewers and writers: NoveList, Public Libraries magazine, Bookmarks magazine, ALA Editions, the Massachusetts Center for the Book, and your local newspaper. Creating readers’ advisory materials for your own library is good practice too: shelf talkers (“If you like ___, try ___”), author and title readalikes, appeal readalikes, “five to try” (genre suggestions), etc.

As usual, presenters mentioned so many good resources and opportunities that follow-up will take me the next several weeks. And this was just day one – stay tuned for day two.

Information Doesn’t Want to Be Free by Cory Doctorow

Jenny1 Comment

cover image of Information Doesn't Want to Be FreeCory Doctorow is one of the most articulate and outspoken advocates for online privacy and sensible copyright laws; he is staunchly opposed to Digital Rights Management (DRM). As “Doctorow’s First Law” states, Any time someone puts a lock on something that belongs to you and won’t give you the key, that lock isn’t there for your benefit. His newest book, Information Doesn’t Want to Be Free: Laws for the Internet Age, is organized into three sections, one for each of his laws.

Doctorow’s First Law has been illustrated neatly by two excellent webcomics: “Steal This Comic” (xkcd, a.k.a. Randall Munroe) and “I tried to watch Game of Thrones and this is what happened” (The Oatmeal, a.k.a. Matthew Inman). Both comics make the point that buying digital content through official online platforms (a) can be difficult-to-impossible, and (b) means you can’t take it with you, whereas illegally downloaded content can be used on any device or platform.

Plenty of consumers want to pay creators for their work, but also want control over that content once they’ve bought it. (As Amanda Palmer writes in her foreword to the book, “People actually like supporting the artists whose work they like. It makes them feel happy. You don’t have to force them. And if you force them, they don’t feel as good.”) Digital locks – DRM – tie up our digital purchases in ways that make them complicated to use and sometimes make them outright obsolete. This is frustrating for law-abiding people who just want to be able to bring an audiobook from computer to car to digital media player of choice, or who want to read an e-book on any device they happen to have, no matter what operating system it’s running. There’s no reason an e-book file from Amazon should be incompatible with a Kobo device, except of course that Amazon – not the author, not the publishers (anymore) – wants it that way.

Doctorow’s Second Law applies more to creators than consumers: Fame won’t make you rich, but you can’t get paid without it. He’s not talking Lady Gaga levels of fame; simply, if you’re an artist, no one can buy your work if they don’t know it exists. The Internet can work to connect content creators with a potential audience. However, Cory writes, “The fewer channels there are, the worse the deal for creators will be. Any choke point between the creator and the audience will turn into a tollbooth, where someone will charge whatever the market will bear for the privilege of facilitating the buying and selling of creative work.” The publisher Hachette realized this belatedly with Amazon last year; by requiring DRM on all the e-books they sold, publishers handed over control to the retailers, who aren’t about to give it up. Authors – the creators – were caught in the middle.

I marked more pages in the third section of the book than in the previous two combined. Doctorow’s Third Law states, Information doesn’t want to be free, people do. As a creator himself, Cory isn’t against copyright, but he points out the difference between industrial regulation and regulation on an individual level: “Copyright is alive and well – as an industrial regulation. Copyright as a means of regulating cultural activities among private individuals isn’t dead, because it’s never been alive.

The entertainment industry – particularly Hollywood movie studios and record companies – want to be able to regulate copies on the individual level, at the expense of personal privacy. However, their arguments that piracy is destroying the industry have been neatly shot down by none other than the GAO, who said that it would be “difficult, if not impossible, to quantify the net effect of counterfeiting and piracy on the economy as a whole.” YouTube is a particular thorn in the entertainment industry’s side, even though, mathematically, only a tiny fraction of content on YouTube is potentially copyright-infringing. (To calculate this, Cory multiplied every entry in IMDB by 90 minutes per program (low for movies, high for episodes of TV shows), which comes to only about 28 days’ worth of YouTube uploads.)

When movie studios and record companies attempt to place artificial restrictions on individuals by adding DRM and other kinds of digital locks on their media and media players, they are attempting (unsuccessfully) to protect their content, but “You can’t ‘protect’ devices from their owners unless you can update them without their owners’ knowledge or consent.” This is a dangerous area. As Cory writes, “when technology changes, it’s usually the case that copyright has to change, too.…[but] the purpose of copyright shouldn’t be to ensure that whoever got lucky with last year’s business model gets to stay on top forever.”

Cory argues that we need a new system of copyright, one that “that enables the largest diversity of creators making the largest diversity of works to please the largest diversity of audiences.” The Internet allows the kind of direct connection between creators and audience that hasn’t been possible before, and copyright must adapt so that it continues to protect content, not middlemen.

Information Doesn’t Want to Be Free is familiar ground for longtime Doctorow readers and those who follow the “copyfight” in general, but it’s also a good introduction for those who haven’t thought much about the issue.

See also: “4 Ways Copyright Law Actually Controls Your Whole Digital Life” by Kate Cox at Consumerist (January 22, 2015)

Privacy in a Networked World, III

Jenny2 Comments

This is the third and last post about Privacy in a Networked World. See the first post (Snowden and Schneier) here and the second post (John DeLong and John Wilbanks) here.

“The Mete and Measure of Privacy,” Cynthia Dwork, Microsoft Research

This was probably the presentation I was least able to follow well, so I’ll do my best to recap in English-major language; please feel free to suggest corrections in the comments. Dwork talked about the importance of being able to draw conclusions about a whole population from a representative data set while maintaining the confidentiality of the individuals in the data set. “Differential privacy” means the outcome of data analysis is equally likely independent of whether any individual does or doesn’t join the data set; this “equally likely” can be measured/represented by epsilon, with a smaller value being better (i.e. less privacy loss). An epsilon registry could then be created to help us better understand cumulative privacy loss.

Dwork also talked about targeted advertising. Companies who say “Your privacy is very important to us” have “no idea what they’re talking about” – they don’t know how to (and may have little interest in) keeping your data private. And when you hear “Don’t worry, we just want to advertise to you,” remember – your advertiser is not your friend. Advertisers want to create demand where none exists for their own benefit, not for yours. If an advertiser can pinpoint your mood, they may want to manipulate it (keeping you sad, or cheering you up when you are sad for a good reason). During this presentation, someone posted a link on Twitter to this article from The Atlantic, “The Internet’s Original Sin,” which is well worth a read.

Dwork quoted Latanya Sweeney, who asked, “Computer science got us into this mess. Can computer science get us out of it?” Dwork’s differential privacy is one attempt to simplify and solve the problem of privacy loss. Slides from a different but similar presentation are available through SlideServe.

“Protecting Privacy in an Uncertain World,” Betsy Masiello, Senior Manager, Global Public Policy, Google

Masiello’s talk focused on what Google is doing to protect users’ privacy. “It’s hard to imagine that Larry and Sergey had any idea what they were building,” she began. Today, “Everything is mobile…everything is signed in.” Services like Google Now send you a flow of relevant information, from calendar reminders to traffic to weather. In addition to Google, “the average user has 100 accounts online.” It’s impossible to remember that many passwords, especially if they’re good passwords; and even if they’re good passwords, your accounts still aren’t really safe (see Mat Honan’s  2012 article for Wired, “Kill the Password: Why a String of Characters Can’t Protect Us Anymore“).

To increase security, Google offers two-factor authentication. (You can find out what other sites offer 2FA by checking out twofactorauth.org. Dropbox, Skype, many – but not all – banks, Facebook, LinkedIn, Tumblr, and Twitter all support 2FA.) Masiello said that after news of hacks, they see more people sign up for 2FA. “It’s an awareness problem,” she said. In addition to 2FA, Google is encrypting its services, including Gmail (note that the URLs start with https). “E-mail is still the most common way people send private information,” she said, and as such deserves protection.

“Encryption is the 21st century way of protecting our personal information,” said Masiello. Governments have protested companies who have started using encryption, but “governments have all the tools they need to obtain information legally.” As Cory Doctorow has pointed out many times before, it’s impossible to build a back door that only the “good guys” can walk through. Masiello said, “Governments getting information to protect us doesn’t require mass surveillance or undermining security designed to keep us safe.” The PRISM revelations “sparked a very important debate about privacy and security online.” Masiello believes that we can protect civil liberties and national security, without back doors or mass surveillance.

“Getting security right takes expertise and commitment,” Masiello said. She mentioned the paper “Breaking the Web” by Anupam Chander and Uyen P. Le, and said that we already have a good set of guidelines: the OECD Privacy Principles, which include collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability. As for Google, Masiello said, “We don’t sell user data; we don’t share with third parties.” All of the advertising revenue is based on user searches, and it’s possible to opt out of interest-based ads. (Those creepy right-sidebar ads that used to show up in Gmail, having mined your e-mail to produce relevant ads, appear to be gone. And good riddance.)

Finally, Masiello talking about developing/setting industry standards for privacy and security that would facilitate innovation and competition. But privacy isn’t even the main concern in the future: it’s identity – what it means, and how we construct it.

“Sur-veillance, Sous-veillance and Co-veillance,” Lee Rainie, Director of Internet, Science and Technology Research, Pew Research Center

Lee Rainie definitely walked away with the “Most Neutral, Fact-Based Presentation” Award. Rainie has spoken at library conferences in New England before, but I – perhaps unwisely – chose to go to other sessions, so this was the first time I saw him speak, and he was great. Furthermore, all of his slides are available on SlideShare. He started off with a few findings:

1. Privacy is not binary / context matters

2. Personal control / agency matters

3. Trade-offs are part of the bargain

4. The young are more focused on network privacy than their elders (this is only surprising if you haven’t read danah boyd’s excellent It’s Complicated: The Social Lives of Networked Teens, and in fact Rainie quoted boyd a few slides later: “The new reality is that people are ‘public by default and private by effort.'”)

5. Many know that they don’t know what’s going on

6. People are growing hopeless and their trust is failing

The Pew Research Center has found that consumers have lost control over companies’ use and control of their data; they have adopted a transactional frame of mind (e.g. giving up control of personal data in exchange for the use of a platform or service). In general, trust in most institutions has gone down, with the exceptions of the military, firefighters, and librarians(!). But there is a pervasive sense of vulnerability, and users want anonymity – mostly from advertisers, hackers, and social connections, rather than the government (see slide below).

Lee Rainie, slide 30, "Who users try to avoid: % of adult users who say they have used the internet in ways to avoid being observed or seen by..."
Lee Rainie, slide 30, “Who users try to avoid: % of adult users who say they have used the internet in ways to avoid being observed or seen by…”

This slide supports the argument for privacy, especially against the “nothing to hide” argument: people desire – and deserve – privacy for many reasons, the least of which is to avoid the government or law enforcement. (Mostly, someone on Twitter pointed out, we want to avoid “that guy.”)

As for the future of privacy, people are feeling “hopeless.” Rainie remembered saying, in the early 2000s, “There’s going to be an Exxon-Valdez of data spills…” and there have been many since then, but little has been done to protect consumer privacy. “How do we convince people to have hope?” he asked.

Panel: “What Privacy Does Society Demand Now and How Much is New?” Danny Weitzner (moderator), Kobbi Nissim, Nick Sinai, Latanya Sweeney

Fortunately, the moderator and panelists have different initials. The questions and responses below are paraphrased from the notes I took during the panel session.

DW: What sort of privacy does society demand now? Is privacy different now?

NS: Access to your own data has always been a art of privacy; also the right to correct, erase, and transfer. Your data should be useable and portable.

KN: The ability to collect a lot of data all the time is new. There is a different balance of power (companies have too much).

LS: Privacy and security are just the beginning. Every American value is being changed by technology. Computer scientists aren’t trained to think of social science effects and the power of technology design.

DW: Cryptography and math are a foundation we can trust if implemented properly, as Snowden said this morning.

LS: I dislike choosing between two things. We need a cross-disciplinary approach, a blended approach.

NS: Any great company should constantly be trying to improve user experience. How does privacy/security get integrated into design?

KN: Aim for mathematical solutions/foundations. We need to re-architect economic incentives, regulations, how all the components work together.

DW: Where will the leadership and initiative come from? Government?

KN: Academia, research. We need to find ways to incentivize.

LS: Economic [incentives] or regulations are necessary for privacy by design. They’re all collapsing…every single one of them [Facebook, the IRS] is heading for a major disaster.

DW: People care about control of their data, yet the information environment is increasingly complicated.

LS: Society benefits from technology with certain protections.

KN: Regulations we have today were designed in a completely different era. We may be in compliance, and still we have damaged privacy severely.

LS mentioned HIPPA, NS mentioned the Consumer Bill of Rights, DW mentioned “Privacy on the Books and on the Ground.”

DW: Privacy practices and discussion are/is evolving in the U.S.

LS: A huge dose of transparency would go a long way. This is the new 1776. It’s a whole new world. Technology is redefining society. The Federal Trade Commission could become the Federal Technology Commission.

DW: Are you optimistic? Are we heading toward a positive sense of privacy?

NS: Yes, by nature I’m optimistic, but complexity and user experience (user accounts, passwords) frustrates me. Entrepreneurs do help change the world.

KN: The genie is out of the bottle. This forces us to rethink privacy. Nineteen-fifties privacy has changed and isn’t the privacy we have today, but that doesn’t mean that privacy is dead. Privacy is a sword and a shield.

DW: We’re at the beginning of a long cycle. It’s only been a year [and a half] since Snowden. What do we expect from our government and our companies? How powerful should government and private organizations be? Marketing/advertising issues are trivial compared to bigger issues.

LS: The cost of collecting data is almost zero, so organizations (public and private) collect it and then figure out how to use it later. They should be more selective about collection. If we can expose the harm, it will lead to change.

Question/comment from audience: A lot of people are not aware they’re giving away their privacy (when browsing the internet, etc.).

LS: We need transparency.

NS: We need regulation and consumer protection.

 

Privacy in a Networked World, II

Jenny3 Comments

This is the second post about Privacy in a Networked World. The first post, about the conversation between Bruce Schneier and Edward Snowden, is here.

“Privacy in a Networked World,” John DeLong, Director of the Commercial Solutions Center, NSA

Other than the length and volume of applause, it’s difficult to measure an audience’s attitude toward a speaker. I’ll venture, though, that the audience of Privacy in a Networked World was generally pro-Snowden; the attitude toward John DeLong can perhaps be characterized as guarded open-mindedness laced with a healthy dose of skepticism.

DeLong’s talk was both forceful and defensive; he wanted to set the record straight about certain things, but he also knew that public opinion (in that room, at least) probably wasn’t in his favor. (He said repeatedly that he did not want to have an “Oxford-style debate,” though his talk wasn’t set up as a debate in the first place.) “Let’s not confuse the recipe with the cooking,” he said, in a somewhat belabored analogy where the NSA’s work was the cooking and the law was the recipe. (I cook a lot at home, and I’ll just say, I can usually tell when I’m looking at a bad recipe, and opt to adapt it or not make it at all.)

DeLong quoted at length from Geoffrey R. Stone’s “What I Told the NSA.” (Stone was a member of the President’s Review Group in fall 2013, after the Snowden revelations.) Stone’s conclusions were not altogether positive; he found that while the NSA “did its job,” many of its programs were “highly problematic and much in need of reform.” But it’s the Executive Branch, Congress, and FISA who authorized those programs and are responsible for reforming them. Stone added, “Of course, ‘I was only following orders’ is not always an excuse….To be clear, I am not saying that citizens should trust the NSA. They should not. Distrust is essential to effective democratic governance.”

DeLong said, “The idea that the NSA’s activities were unauthorized is wrong, wrong in a magnificent way.” He emphasized that the NSA is not a law enforcement agency, it’s an intelligence agency. He spoke in favor of people with different backgrounds and expertise – lawyers, engineers, mathematicians, privacy experts, etc. – coming together to work out solutions to problems, with respect for each others’ abilities. “Technology,” he said, “always comes back to how we as humans use it.” At present, “We do not have technologies that identify privacy risks….Privacy engineering could be one of the most important engineering feats of our time.”

DeLong talked about rebuilding the nation’s confidence in the NSA. “Confidence is the residue of promises kept,” he said. “More information does not necessarily equal more confidence.” (Someone on Twitter pointed out that much depends on the content of the information.) The talk was a good reminder not to villainize the entire NSA; part of DeLong’s forcefulness was undoubtedly on behalf of his co-workers and staff whom he felt were unfairly maligned. And technology that could identify privacy risks, built by people who have different perspectives and backgrounds, would be excellent. But do we need technology that identifies privacy risks, or do we need stronger oversight and better common sense? Mass surveillance erodes trust in government and hasn’t been terribly effective; what more do we need to know to put a stop to it?

“Privacy and Irony in Digital Health Data,” John Wilbanks, Chief Commons Officer, Sage Bionetworks

John Wilbanks gave a fast-paced, interesting talk about health data. The “irony” in the title of his talk soon became clear when he gave the example of Facebook’s mood manipulation experiment compared to a study of Parkinson’s disease. The sample size for Facebook was many times larger, with a constant flow of information from “participants,” as opposed to a much smaller sample population who filled out a survey and answered questions by phone. “What does our society value?” Wilbanks asked. This question can be answered by another question: “What do we surveil?”

Wilbanks showed a graph representing cardiovascular disease and terrorism: there is 1 death every 33 seconds from cardiovascular disease – “That’s like 9/11 every day” – and yet there’s not nearly the same kind of “surveillance” for health that there is for terrorism. Participating in a research study, Wilbanks said, is like “volunteering for surveillance,” and usually the mechanisms for tracking aren’t as comprehensive as, say, Facebook’s. Of course, privacy laws affect health research, and informed consent protects people by siloing their data; once the study is concluded, other researchers can’t use that data, and there’s no “network effect.”

Informed consent, while a good idea in theory, often leads to incomprehensible documents (much like Terms of Service). These documents are written by doctors, reviewed by lawyers, and edited by committee. Furthermore, said Wilbanks, people in health care don’t usually understand issues of power and data. So, he asked, how do we run studies at internet scale and make them recombinant? How do we scale privacy alongside the ability to do research? Wilbanks demonstrated some ideas to improve on traditional informed consent, which could also allow research subjects to get a copy of their own data and see which researchers are using data from the research in which they participated.

Obviously there are risks to individuals who share their personal health data, but there can be advantages too: more scientists having access to more data and doing more research can lead to more breakthroughs and improvements in the field of medicine.

Last year, Wilbanks talked about privacy and health data on NPR; you can listen to the segment here.

Still to come: Microsoft, Google, Pew, and a panel on “What Privacy Does Society Demand Now and How Much is New?” 

Privacy in a Networked World

Jenny2 Comments

This is the first post about Privacy in a Networked World, the Fourth Annual Symposium on the Future of Computation in Science and Engineering, at Harvard on Friday, January 23.

A Conversation between Bruce Schneier and Edward Snowden (video chat)

Bruce Schneier is a fellow at the Berkman Center for Internet & Society, and the author of Data and Goliath. Edward Snowden was a sysadmin at the NSA who revealed the extent of the government’s mass surveillance. The conversation was recorded (no joke) and is available on YouTube.

I have to say it was an incredibly cool feeling when Snowden popped up on the giant screen and was there in the room with us. There was sustained applause when he first appeared and also at the end of the conversation, when he was waving goodbye. Schneier started by asking Snowden about cryptography: What can and can’t be done? Snowden replied, “Encryption…is one of the few things that we can rely on.” When implemented properly, “encryption does work.” Poor cryptography, either through bad implementation or a weak algorithm, means weak security. End points are also weak spots, even if the data in transit is protected; it’s easier for an attacker to get around crypto than to break it.

Snowden pointed out a shift in the NSA’s focus over the last ten years from defense to offense. He encouraged us to ask Why? Is this proper? Appropriate? Does it benefit or serve the public?

The explosion in “passive” mass surveillance (collecting everything in case it’s needed later) is partly because it’s easy, cheap, and simple. If more data is encrypted, it becomes harder to sweep up, and hackers (including the NSA) who use more “active” techniques run a higher risk of exposure. This “hunger for risk has greatly increased” during the War on Terror era. Their targets are “crazy, unjustified….If they were truly risk averse they wouldn’t be doing this…it’s unlawful.”

Snowden said that the NSA “is completely free from any meaningful judicial oversight…in this environment, a culture of impunity develops.” Schneier said there were two kinds of oversight: tactical oversight within the organization (“did we follow the rules?”) and oversight from outside of the organization (“are these the right rules?”). He asked, “What is moral in our society?”

Snowden asked if the potential intelligence that we gain was worth the potential cost. He stated that reducing trust in the American infrastructure is a costly move; the information sector is crucial to our economy. The decrease in trust, he said, has already cost us more than the NSA’s budget. “They are not representing our interests.”

Schneier, using his NSA voice, said, “Corporations are spying on the whole internet, let’s get ourselves a copy!” (This was much re-tweeted.) “Personal information,” he said, “is the currency by which we buy our internet.” (Remember, if you can’t tell what the product is, you’re the product.) It’s “always amusing,” he said, when Google complains about the government spying on their users, because “it’s our job to spy on our users!” However, Schneier thinks that the attitudes of tech companies and standards bodies are changing.

These silos of information were too rich and interesting for governments to ignore, said Snowden, and there was no cost to scooping up the data because until 2013, “people didn’t realize how badly they were being sold up the river.” Schneier said that research into privacy-preserving technologies might increase now that there is more interest. Can we build a more privacy-preserving network, with less metadata?

“We’ve seen that the arguments for mass surveillance” haven’t really held up; there is little evidence that it has stopped many terrorist attacks. Schneier cited an article from the January 26, 2015 edition of The New Yorker, “The Whole Haystack,” in which author Mattathias Schwartz lists several recent terrorist attacks, and concludes, “In each of these cases, the authorities were not wanting for data. What they failed to do was appreciate the significance of the data they already had.”

Unlike during the Cold War, now “we all use the same stuff”: we can’t attack their networks and defend our networks, because it’s all the same thing. Schneier said, “Every time we hoard a zero-day opportunity [knowing about a security flaw], we’re leaving ourselves vulnerable to attack.”

PrivacyNetworkedWorld

Snowden was a tough act to follow, especially for John DeLong, Director of the Commercial Solutions Center for the NSA, but that’s exactly who spoke next. Stay tuned.