Welcome spring in the northern hemisphere! Thoughts turn to fresh new growth — a new tool to help with writing documents for procuring library systems, a fresh way to think about how libraries can transform and be transformed, and spring cleaning for your browsing habits with a do-it-yourself VPN.
Are you paranoid yet? Are you worried that the secret you shared anonymously might come right back to you? Or wondering why advertisements seem to follow you around from web page to web page? Or just creeped out by internet-enabled services tracking your every move? Or angry that mobile carriers made it very easy for anyone to track every page you visited from your smartphone? Or maybe you will simply give up any personal information for a delicious cookie? (Are you paranoid now?)
In the DLTJ Thursday Threads this week: an analysis of how external services included on library web pages can impact patron privacy, pointers to a series of helpful posts from OCLC on communication between software users and software developers, and lastly an update on the continuing discussion of the Kuali Foundation Board’s announcement forming a commercial entity.
Before we get started on this week’s threads, I want to point out a free online symposium that LYRASIS is performing next week on sustainable cultural heritage open source software. Details are on the FOSS4Lib site, you can register on the LYRASIS events site, and then join the open discussion on the discuss.foss4lib.org site before, during and after the symposium.
It is a security/privacy edition of DLTJ Thursday Threads this week. First a link to a 3-page PDF that talks about the use of password managers to keep all of your internet passwords unique and strong. Next a story about how the W3C standards body is looking at standardizing digital rights management for browser content. And finally, a story about a site that one personal data broker put up that gives you a glimpse of what they know about you.
Three groups of stories in this long-in-coming DLTJ Thursday Threads. First, we look at the pent-up risks of running Windows XP systems given that support for that operating system is scheduled to end in April 2014. Second, a pair of articles that look at the ups and downs of open source software governance as it relates to the Apache Foundation. And lastly, look out for that garbage can — it may be watching your every move.
One of the great things about the Shibboleth inter-institution single sign-on software package is the ability for the Identity Provider to limit how much a Service Provider knows about a user’s request for service. (Not familiar with those capitalized terms? Read on for definitions.) But with this capability comes great flexibility, and with the flexibility can come lots of management overhead. So I was intrigued to see the announcement for an online webinar from the InCommon Shibboleth Federation with the title “The Challenges of User Consent” covering the issues of managing who gets access to what information about users.
“How much effort do you want to spend securing your computer systems? Well, how much do you not want to be in front of a reporter’s microphone if a security breach happens?” I don’t remember the exact words, but that quote strongly resembles something I said to a boss at a previous job. Securing systems is unglamorous detail work. One slip-up plus one persistent (or lucky) attacker means years of dedicated efforts are all for naught as personal information is inadvertently released. See, for example, what happened recently with Sony Online Entertainment’s recent troubles.
Almost a decade ago while at the University of Connecticut I conducted a survey of ARL libraries on their patron privacy practices. The full text of that survey and ARL member responses are available from Google Books and from HathiTrust. Lee Anne George of ARL confirmed via e-mail that permission has been given for full view of SPEC Kits up through 2005 as well as other ARL publications. Lee Anne said that there are over 400 titles now in full view.
Within the span of a recent week we’ve had two views of the OCLC cooperative. In one we have a proposition that OCLC has gone astray from its core roots and in the other a celebration of what OCLC can do. One proposes a new mode of cooperation while the other extols the virtues of the existing cooperative. Both writers claim — independently — to “talk to librarians” and represent the prevailing mood of the profession. Can these two viewpoints be reconciled?
A few weeks ago, a reporter at the Chronicle of Higher Education interviewed Adam Smith, Google’s director of product management, about the Google Book Search settlement and posted the interview in audio form. The page isn’t dated, but guessing from metadata in the URL it was somewhere around the publication of paper issue dated June 26, 2009. I’m calling out this particular interview because Mr. Smith said things that I hadn’t heard in other forms yet — Google’s intentions about privacy in Google Book Search, an explicit statement about the Book Rights Registry releasing information about the status of orphan works, and a statement on what Google expects the size of the orphan works problem to be once the Registry has been in operation for a while.