An important reminder that this stuff really does matter, really seriously. Do you know precisely what personally identifiable information your library’s systems keep on on patron information consumption? I don’t. This story (while the information was not, so far as I know, from library systems) reminds me again that this really does matter, and patron privacy should be non-negotiable, not even for enhanced reccommendation features etc. Every library should have regular privacy audits of their system to be aware of exactly what personally identifiable logs are kept being kept by what system, and that they are being kept intentionally by choice, not accidentally, only what is neccesary to condut business. Figuring this out for our chaotic ecology of often proprietary closed-source software is not trivial, but it matters. It should go without saying that every library should have patron confidentiality policies that, to the extent allowable by law, prohibit library staff from reporting on patron activities to law enforcement.
“UK set to deport Master’s student whose Master’s degree research led him to look up Al Qaeda info – ratted out by Nottingham University
Posted by Cory Doctorow, May 26, 2008 7:19 PM | permalink
Academics at the UK’s Nottingham University were arrested as terrorists for downloading Al Qaeda documents from a US government server in the course of research into a Master’s degree convering terrorist tactics. The two UK-born profs were released, but the student faces deportation to Algeria under the Terrorism Act, where he believes he will be tortured. The university — which encouraged its staffers to rat out people they thought were involved in researching terrorism — refuses to acknowledge that anything is wrong with any of this.”
The original article: