Privacy Gaps in Mediated Library Services

Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019

(The blog had been on hiatus during 2019 as CREOS launched. This post is part of a series of catch-up blog post summarizing talks presented over the last 10 months.)

Libraries enable patrons to access a wide range of information, but much of the access to this information is now directly managedy publishers. This has lead to a significant gap across library values, patrons perception of privacy, and effective privacy protection for access to digital resources.

In the work included below, and presented at NERCOMP 2019, we review privacy principles based on ALA, IFLA, and NISO policies. We then organizing and comparing high level privacy protections required by ALA checklist, NISO, and GDPR. This framework of principles and controls is then used to score the privacy policies and practices of major vendors of research library content. We evaluate each element of the vendors privacy policy, and use instrumented browsers to identify the types of tracking mechanisms used by different vendors. We use this set of privacy scores to support analyses of change over time, and of potential gaps between patron expectations and privacy policies and practices.

Our analysis reveals a number of patterns:

  • Invasize data collection, broad use, detailed tracking are common
    — this is inconsistent with library privacy values
  • Large commercial publishers have the weakest privacy protections — while discovery portals do better.
  • Open access is not associated with better privacy protection directly —
    Publishers track access to open access materials to the same degree as copyrighted works

We argue that libraries can do better through standardizing licenses, providing patrons with up-front and comprehensible information on privacy, and by incorporating privacy values into the design of new tools for access and discovery.

The data analysis supporting the presentation are available on the program’s github site. We will be posting the full preprint online soon. For those interested in these questions and related areas of interest, writing on modern approaches to privacy principles and protectins are linked from my web site.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s