Difference between revisions of "LFI 2024/Month 2"
Jump to navigation
Jump to search
Line 3: | Line 3: | ||
==== Overview ==== | ==== Overview ==== | ||
− | This month we'll discuss library privacy policies, the data lifecycle, and | + | This month we'll discuss threat modeling. We will also talk about library privacy policies, the data lifecycle, and library vendors. |
==== Learning objectives ==== | ==== Learning objectives ==== | ||
− | * | + | * Learn about threat modeling |
* Learn about the data lifecycle in libraries | * Learn about the data lifecycle in libraries | ||
− | * | + | * Learn best practices for library privacy policies |
− | * Learn about vendors and | + | * Learn about library vendors and their issues |
− | * | + | * We will also be assigning small groups this month |
==== Readings ==== | ==== Readings ==== |
Revision as of 16:35, 22 May 2024
Contents
Month 2: Privacy in the Library
- Real time lecture: Friday June 21 2-4PM Eastern / 11-1PM Pacific on Zoom: https://zoom.us/j/9129428892
Overview
This month we'll discuss threat modeling. We will also talk about library privacy policies, the data lifecycle, and library vendors.
Learning objectives
- Learn about threat modeling
- Learn about the data lifecycle in libraries
- Learn best practices for library privacy policies
- Learn about library vendors and their issues
- We will also be assigning small groups this month
Readings
NEED LIBRARY SPECIFIC VENDOR READINGS
- Data Lifecycles privacy advocacy guide
- NISO Privacy Principles
- Library Policy Template
- ALA Library Privacy Guidelines
- Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle
- ALA Library Privacy Checklists
- Protecting Patron Privacy: Librarians, Vendors, and Patrons Each Have a Role to Play
- EFF’s How to Assess Vendors’ Data Security
Guest lecturer
Sarah Lamdan
Discussion
NEED TO REVISE QUESTIONS TO INCLUDE THREAT MODELING ETC DISCUSSION OF MONTH ONE READINGS DISCUSSION OF THREAT MODELING
Policy Questions:
- How does your library's policy (or the policy you chose) measure up to the best practices? (Note: you don't have to identify the library in the discussion)
- How can you use threat modeling to create more robust/holistic privacy policies at your institution?
- What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all?
Vendor Questions:
- Where do you see opportunities for resisting or challenging the vendor practices we discussed today?
- What are small, harm reduction steps?
- What are starting points for bigger action?
- What are the challenges to standing up to these vendor practices?
Tasks
- Lecture, readings, and answer discussion questions in Discord