Difference between revisions of "LFI 2024/Month 2"
Jump to navigation
Jump to search
(→Readings (don't worry about getting through all of them! read what you can!)) |
|||
| (9 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
==== Overview ==== | ==== Overview ==== | ||
| − | This month we'll discuss library privacy policies, the data lifecycle, and how privacy | + | This month we'll discuss threat modeling. We will also talk about library privacy policies and how our practices can often be at odds with them, the data lifecycle in libraries, and library vendors and their various discontents. We'll talk about expectations of convenience from library patrons, and how that conflicts with privacy goals. We'll also be assigning small groups this month. |
==== Learning objectives ==== | ==== Learning objectives ==== | ||
| − | * | + | * Learn about threat modeling |
| + | * Begin learning about privacy best practices | ||
* Learn about the data lifecycle in libraries | * Learn about the data lifecycle in libraries | ||
| − | * | + | * Learn best practices for library privacy policies |
| − | * Learn about vendors and | + | * Learn about library vendors and their issues |
| − | |||
| − | ==== Readings ==== | + | ==== Readings (don't worry about getting through all of them! read what you can!) ==== |
| − | + | ||
| + | * [https://www.oif.ala.org/lyndas-privacy-problem/ Lynda's Privacy Problem by Sam Lee] | ||
| + | * [https://librarytechnology.org/mergers/ History of Mergers and Acquisitions in the Library Technology Industry] | ||
| + | * [https://www.wgbh.org/news/2022-04-20/public-libraries-unwittingly-offered-hate-books-through-a-private-service "Public libraries unwittingly offered 'hate' books through a private service" from WGBH] | ||
| + | * [https://media.dlib.indiana.edu/media_objects/76537m18z Video: Your Journals Are Spying on You by Sarah Lamdan] | ||
| + | * [https://libraryfreedom.org/wp-content/uploads/2024/05/LFP-Law-Enforcement-One-Pager.pdf LFP Resource: Responding to Law Enforcement in the Library] | ||
* [https://drive.google.com/file/d/1wepKodHvYpiCWcfF5kV7RNN8h50i6ssW/view?usp=sharing Data Lifecycles privacy advocacy guide] | * [https://drive.google.com/file/d/1wepKodHvYpiCWcfF5kV7RNN8h50i6ssW/view?usp=sharing Data Lifecycles privacy advocacy guide] | ||
* [https://groups.niso.org/higherlogic/ws/public/download/16064/NISO%20Privacy%20Principles.pdf NISO Privacy Principles] | * [https://groups.niso.org/higherlogic/ws/public/download/16064/NISO%20Privacy%20Principles.pdf NISO Privacy Principles] | ||
| − | * [https://docs.google.com/document/d/1a9n2SAYLua0ELQzAcJtbfpxWg2MRkucL7sM92aniNMo/edit#heading=h.9v96ldaenxunLFP Library Policy Template] | + | * [https://docs.google.com/document/d/1a9n2SAYLua0ELQzAcJtbfpxWg2MRkucL7sM92aniNMo/edit#heading=h.9v96ldaenxunLFP LFP Library Privacy Policy Template] |
* [https://www.ala.org/advocacy/privacy/guidelines ALA Library Privacy Guidelines] | * [https://www.ala.org/advocacy/privacy/guidelines ALA Library Privacy Guidelines] | ||
* [https://www.plpinfo.org/wp-content/uploads/2021/09/Library-Privacy-and-Vendor-Management-I-Handout.pdf Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle] | * [https://www.plpinfo.org/wp-content/uploads/2021/09/Library-Privacy-and-Vendor-Management-I-Handout.pdf Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle] | ||
| Line 27: | Line 32: | ||
==== Discussion ==== | ==== Discussion ==== | ||
| − | + | * Brief discussion of month one readings | |
| − | + | * How can you use threat modeling to create more robust/holistic privacy policies at your institution? What are the specific details that should get addressed in a comprehensive privacy policy? | |
| − | + | * How does your library's policy measure up to the best practices? (Note: you don't have to identify the library in the discussion) | |
| − | |||
| − | |||
| − | * How does your library's policy | ||
| − | |||
* What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all? | * What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all? | ||
| − | + | * How do we communicate to patrons about how we collect and use their data? How are we transparent when these practices are not great? How are we communicating abut vendor practices? | |
| − | * Where do you see opportunities for resisting or challenging the vendor practices we discussed today? | + | * What should you look for in a vendor agreement, privacy policy, or terms of service? |
| − | + | * Where do you see opportunities for resisting or challenging the vendor practices we discussed today? What are small, harm reduction steps? What are starting points for bigger action? | |
| − | + | * What power do we have to advocate against bad vendor practices and products? | |
| − | * What | ||
==== Tasks ==== | ==== Tasks ==== | ||
| − | * Lecture, readings, and | + | * Lecture, readings, and participate in discussion questions in Discord |
Latest revision as of 20:04, 22 May 2024
Contents
Month 2: Privacy in the Library[edit]
- Real time lecture: Friday June 21 2-4PM Eastern / 11-1PM Pacific on Zoom: https://zoom.us/j/9129428892
Overview[edit]
This month we'll discuss threat modeling. We will also talk about library privacy policies and how our practices can often be at odds with them, the data lifecycle in libraries, and library vendors and their various discontents. We'll talk about expectations of convenience from library patrons, and how that conflicts with privacy goals. We'll also be assigning small groups this month.
Learning objectives[edit]
- Learn about threat modeling
- Begin learning about privacy best practices
- Learn about the data lifecycle in libraries
- Learn best practices for library privacy policies
- Learn about library vendors and their issues
Readings (don't worry about getting through all of them! read what you can!)[edit]
- Lynda's Privacy Problem by Sam Lee
- History of Mergers and Acquisitions in the Library Technology Industry
- "Public libraries unwittingly offered 'hate' books through a private service" from WGBH
- Video: Your Journals Are Spying on You by Sarah Lamdan
- LFP Resource: Responding to Law Enforcement in the Library
- Data Lifecycles privacy advocacy guide
- NISO Privacy Principles
- LFP Library Privacy Policy Template
- ALA Library Privacy Guidelines
- Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle
- ALA Library Privacy Checklists
- Protecting Patron Privacy: Librarians, Vendors, and Patrons Each Have a Role to Play
- EFF’s How to Assess Vendors’ Data Security
Guest lecturer[edit]
Sarah Lamdan
Discussion[edit]
- Brief discussion of month one readings
- How can you use threat modeling to create more robust/holistic privacy policies at your institution? What are the specific details that should get addressed in a comprehensive privacy policy?
- How does your library's policy measure up to the best practices? (Note: you don't have to identify the library in the discussion)
- What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all?
- How do we communicate to patrons about how we collect and use their data? How are we transparent when these practices are not great? How are we communicating abut vendor practices?
- What should you look for in a vendor agreement, privacy policy, or terms of service?
- Where do you see opportunities for resisting or challenging the vendor practices we discussed today? What are small, harm reduction steps? What are starting points for bigger action?
- What power do we have to advocate against bad vendor practices and products?
Tasks[edit]
- Lecture, readings, and participate in discussion questions in Discord
