LFI 2024/Month 2

Month 2: Privacy in the Library

• Real time lecture: Friday June 21 2-4PM Eastern / 11-1PM Pacific on Zoom: https://zoom.us/j/9129428892

Overview

This month we'll discuss threat modeling. We will also talk about library privacy policies, the data lifecycle, and library vendors.

Learning objectives

• Learn about threat modeling
• Learn about the data lifecycle in libraries
• Learn best practices for library privacy policies
• Learn about library vendors and their issues
• We will also be assigning small groups this month

Readings

NEED A READING ABOUT THREAT MODELING NEED LIBRARY SPECIFIC VENDOR READINGS HOOPLA LIBRARY MERGERS AND ACQUISITIONS RESOURCE SOMETHING SARAH HAS WRITTEN

• Data Lifecycles privacy advocacy guide
• NISO Privacy Principles
• Library Policy Template
• ALA Library Privacy Guidelines
• Library Privacy and Vendor Management: A Privacy Oriented Overview of the Vendor Relationship Lifecycle
• ALA Library Privacy Checklists
• Protecting Patron Privacy: Librarians, Vendors, and Patrons Each Have a Role to Play
• EFF’s How to Assess Vendors’ Data Security

Guest lecturer

Sarah Lamdan

Discussion

• Brief discussion of month one readings
• How can you use threat modeling to create more robust/holistic privacy policies at your institution?
• How does your library's policy measure up to the best practices? (Note: you don't have to identify the library in the discussion)
• What challenges might you face trying to update your library's policy to meet best practices? Implementation? Enforcement? Making the policy a priority at all?
• Where do you see opportunities for resisting or challenging the vendor practices we discussed today?
• What are small, harm reduction steps?
• What are starting points for bigger action?
• What are the challenges to standing up to these vendor practices?

Tasks

• Lecture, readings, and participate in discussion questions in Discord