Difference between revisions of "LFI 2024/Month 2"
Jump to navigation
Jump to search
| Line 13: | Line 13: | ||
==== Readings ==== | ==== Readings ==== | ||
| + | NEED A READING ABOUT THREAT MODELING | ||
NEED LIBRARY SPECIFIC VENDOR READINGS | NEED LIBRARY SPECIFIC VENDOR READINGS | ||
| + | HOOPLA | ||
| + | LIBRARY MERGERS AND ACQUISITIONS RESOURCE | ||
| + | SOMETHING SARAH HAS WRITTEN | ||
* [https://drive.google.com/file/d/1wepKodHvYpiCWcfF5kV7RNN8h50i6ssW/view?usp=sharing Data Lifecycles privacy advocacy guide] | * [https://drive.google.com/file/d/1wepKodHvYpiCWcfF5kV7RNN8h50i6ssW/view?usp=sharing Data Lifecycles privacy advocacy guide] | ||
* [https://groups.niso.org/higherlogic/ws/public/download/16064/NISO%20Privacy%20Principles.pdf NISO Privacy Principles] | * [https://groups.niso.org/higherlogic/ws/public/download/16064/NISO%20Privacy%20Principles.pdf NISO Privacy Principles] | ||
| Line 27: | Line 31: | ||
==== Discussion ==== | ==== Discussion ==== | ||
| − | + | * Brief discussion of month one readings | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | * | ||
* How can you use threat modeling to create more robust/holistic privacy policies at your institution? | * How can you use threat modeling to create more robust/holistic privacy policies at your institution? | ||
| + | * How does your library's policy measure up to the best practices? (Note: you don't have to identify the library in the discussion) | ||
* What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all? | * What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all? | ||
| − | |||
* Where do you see opportunities for resisting or challenging the vendor practices we discussed today? | * Where do you see opportunities for resisting or challenging the vendor practices we discussed today? | ||
* What are small, harm reduction steps? | * What are small, harm reduction steps? | ||
| Line 42: | Line 41: | ||
==== Tasks ==== | ==== Tasks ==== | ||
| − | * Lecture, readings, and | + | * Lecture, readings, and participate in discussion questions in Discord |
Revision as of 16:37, 22 May 2024
Contents
Month 2: Privacy in the Library
- Real time lecture: Friday June 21 2-4PM Eastern / 11-1PM Pacific on Zoom: https://zoom.us/j/9129428892
Overview
This month we'll discuss threat modeling. We will also talk about library privacy policies, the data lifecycle, and library vendors.
Learning objectives
- Learn about threat modeling
- Learn about the data lifecycle in libraries
- Learn best practices for library privacy policies
- Learn about library vendors and their issues
- We will also be assigning small groups this month
Readings
NEED A READING ABOUT THREAT MODELING NEED LIBRARY SPECIFIC VENDOR READINGS HOOPLA LIBRARY MERGERS AND ACQUISITIONS RESOURCE SOMETHING SARAH HAS WRITTEN
- Data Lifecycles privacy advocacy guide
- NISO Privacy Principles
- Library Policy Template
- ALA Library Privacy Guidelines
- Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle
- ALA Library Privacy Checklists
- Protecting Patron Privacy: Librarians, Vendors, and Patrons Each Have a Role to Play
- EFF’s How to Assess Vendors’ Data Security
Guest lecturer
Sarah Lamdan
Discussion
- Brief discussion of month one readings
- How can you use threat modeling to create more robust/holistic privacy policies at your institution?
- How does your library's policy measure up to the best practices? (Note: you don't have to identify the library in the discussion)
- What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all?
- Where do you see opportunities for resisting or challenging the vendor practices we discussed today?
- What are small, harm reduction steps?
- What are starting points for bigger action?
- What are the challenges to standing up to these vendor practices?
Tasks
- Lecture, readings, and participate in discussion questions in Discord
