Awesome Somerville Public Library

Harvard Library and the Somerville Public Library:

Innovation and Collaboration

bar

Best of Publib received the following press release from the Somerville Public Library in Somerville, Massachusetts:

Matt Phillips and Annie Cain

Matt Phillips and Annie Cain – Creators of the Awesome Box

The Somerville Public Library, in a partnership with the Harvard Library Innovation Lab, launched the “Awesome Box” project at all three SPL branches in early February. This endeavor will allow patrons to give fellow users suggestions on what book/CD/DVD they found to be “awesome.”

“Somerville is the first public library to get on board with the ‘Awesome Box’ project,” says Maria Carpenter, Somerville’s library director. “We are always looking for dynamic, innovative and creative approaches to library service, and this was certainly one of those.”

Awesome Box

Awesome Box

Here’s how it will work: When a patron particularly enjoys an item, he or she will return the book into the “Awesome Box,” which will be clearly labeled with appropriate signage. Then, a library staff member will scan the book twice – once, checking the book in as usual, then another time to list that item on the “awesome” page, which can be found here: http://somerville.awesomebox.io/.

Patrons can then visit the page and see what others have found notably enlightening, mind-blowing or helpful recently. There is also a “most awesome” section, which shows the items that were most thought to be awesome. Users can also search for items that are listed as awesome. When patrons click on the media’s icon, it takes them to the item’s listing on the Minuteman Library Network catalog, so that they can read more about the item and its availability or place it on hold.

For more information about this project, call Maria Carpenter at 617.623.5000 or email her at  mcarpenter@somervillema.gov.

Awesome Somerville

Awesome Somerville

Somerville’s commitment to innovation and collaboration can be emulated by any other public library.  The Harvard Innovation Lab provides excellent documentation along with step-by-step instruction.   The Awesome Box project is just one direction they are exploring.

The great thing about this sort of project is that it capitalizes on patron momentum.  Whenever a patron returns a book or media, they either put it in the regular book drop or express their approval by putting it in the Awesome Box. Either way, the same energy is expended with an added value to the library as a book or media review.

There is an added value to the patron with their likes and preferences registered and noted. There is also an added value to all of the other patrons who might not otherwise know what gems the library contains. The only extra step is checking it in – scanning a second time  to register in the Awesome database.

Awesome Box - a simple, elegant idea.

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the former Webjunction listserve and the current OCLC service are available here: Archives

bar

Favorite Books of 2012

Favorite Books for 2012 – Library Inspired Selections

bar

On November 15, 2012 David Faulkner david.faulkner@austintexas.gov via listserv.oclc.org announced on Publib :

What is the best book you read this year? The book could have been published any year as what matters is that you read it in 2012.

Let me know either through Publib or via my email david.faulkner@austintexas.gov and I’ll compile the results and make them available early in the new year – you are free to nominate as many books as you want..

All genres and forms of books are open so nominate your favorite:

  • graphic novel
  • children’s book
  • romance novel
  • audiobook, etc.

This will be the 10th year I’ve compiled this list so if you’d like to see previous lists you can find them all on Best of Publib ~

David
Austin (TX) Public Library

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives  (Wait – they really aren’t anymore).

Archives compiled after Dec. 7, 2011 are available here: Archives

bar

Publib Favorite Books 2011

bar

By David Faulkner -

As a member of PubLib, an electronic discussion list for public libraries, I asked fellow members to name the book they most enjoyed reading that year. Here is the list for 2011 :

 

Title Author Votes
22 Britannia Road Hodgkinson, Amanda 1
Albion: The Origins of the English Imagination Ackroyd, Peter 1
Alchemist, The Coelho, Paulo 1
All Clear Willis, Connie 1
All the Way to America: The Story of a Big Italian Family and a Little Shovel Yaccarino, Dan 1
American on Purpose: The Improbable Adventures of an Unlikely Patriot Ferguson, Craig 1
Angel Town Saintcrow, Lilith 1
Art of Fielding, The Harbach, Chad 1
Art of Racing in the Rain, The Stein, Garth 2
Ashes Bick, Ilsa J. 1
Autobiography of Mrs. Tom Thumb, The Benjamin, Melanie 1
Barbarian Nurseries, The Tobar, Hector 1
Becoming Marie-Antoinette Grey, Juliet 1
Before I Go To Sleep Watson, S. J. 1
Black Lamb & Grey Falcon West, Rebecca 1
Blackout Willis, Connie 1
Book of Days (Book 5 of the JP Kinkaid Chronicles) Grabien, Deborah 1
Bossypants Fey, Tina 2
Boy in the Suitcase, The Kaaberbol, Lene and Agnete Friis 1
Buddha in the Attic, The Otsuka, Julie 1
Clara and Mr. Tiffany Vreeland, Susan 1
Commencement Sullivan, J. Courtney 1
Dark Tower, The series King, Stephen 1
Detective Kubu Mystery series Stanley, Michael 1
Devotion of Suspect X, The Higashino, Keigo 1
Discovery of Witches, A Harkness, Deborah 2
Distant Hours, The Morton, Kate 1
Elizabeth I George, Margaret 1
Elizabeth I trilogy Irwin, Margaret 1
Everybody Sees the Ants King, A.S. 1
Fabulous New Orleans Saxon, Lyle 1
Fahrenheit 451 Bradbury, Ray 1
Following Atticus: Forty-Eight High Peaks, One Little Dog, and an Extraordinary Friendship Ryan, Tom 1
Forgotten Garden, The Morton, Kate 1
Girl Who Fell From the Sky, The Durrow, Heidi W 1
Graveyard Book, The Gaiman, Neil 1
Her Fearful Symmetry Niffenegger, Audrey 1
Hold Me Closer, Necromancer McBride, Lish 1
How the Catholic Church Built Western Civilization Woods, Jr., Thomas E. 1
Hunger Games, The Collins, Suzanne 1
In Defense of Food: An Eater’s Manifesto Pollan, Michael 1
Information, The: A History, a Theory, a Flood Gleick, James 1
Island, The Hilderbrand, Elin 1
Joy for Beginners Bauermeister, Erica 1
Just Kids Smith, Patti 1
King’s Daughter, The Dickason, Christie 1
Krakatoa: The Day the World Exploded: August 27, 1883 Winchester, Simon 1
Language of Flowers, The Diffenbaugh, Vanessa 1
Left Neglected Genova, Lisa 1
Leftovers, The Perrotta, Tom 1
Makers Doctorow, Cory 1
Middlemarch Eliot, George 1
Miss Silver Mystery series Wentworth, Patricia 1
Monster Calls, A Ness, Patrick 1
Night Circus, The Morgenstern, Erin 4
Passionate Mistakes and Intricate Corruption of One Girl in America, The Tea, Michelle 1
Pirate King: A Novel of Suspense Featuring Mary Russell and Sherlock Holmes (Russell and Holmes, Book 11) King, Laurie R. 1
Please Look After Mom Shin, Kyung-Sook 1
Ready Player One Cline, Ernest 2
Reamde Stephenson, Neal 1
Redwall Jacques, Brian 1
Reveille in Washington: 1860-1865 Leech, Margaret 1
Richard the Lionheart Gillingham, John 1
Rin Tin Tin: The Life and the Legend Orlean, Susan 1
Rules of Civility Towles, Amor 1
Secret Kept, A Rosnay, Tatiana de 1
Song of Ice and Fire, A series Martin, George R.R. 1
Sound of a Wild Snail Eating, The Bailey, Elisabeth Tova 1
Steve Jobs Isaacson, Walter 1
Tess of the D’Urbervilles Hardy, Thomas 1
Tigerlily’s Orchids Rendell, Ruth 1
Unfamiliar Fishes Vowell, Sarah 1
Untold Story Ali, Monica 1
Weird Sisters, The Brown, Eleanor 1
What is Left the Daughter Norman, Howard 1
When She Woke Jordan, Hillary 1
Zero Day Baldacci, David 1
Zero History Gibson, William 1

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives

Archives compiled after Dec. 7, 2011 are available here: Archives

bar

halloPublib Topics – A Graphic Retrospective – October 2011

Beware Graphic Content Ahead!

 
This graphic image  or word cloud was created using Wordle. It is derived from the subjects and authors of postings in PubLib for October 2011. The size of the graphics is directly related to the number of un-weighted unique occurrences each month of the individual words represented. Most automated graphic processes that generate these types of word clouds use additional weight for H1 – H6 tags through feeds. These graphics are not processed with H1 – H6 tags. The titles and authors were copied to Notepad and stripped of all HTML before being run through the Wordle Java platform. The process is case-sensitive so Library is not the same thing as library.
 
The most prominent word without employing filters would have been Publib.  Publib and Fwd were deleted from the plaintext files before processing. In addition, the Wordle program automatically disregards articles, conjunctions, and prepositions.
 
Some of the more viral discussions included: Public Library Halloween Celebrations,   Ethical Question  regarding employee time at conferences,  Self-Published Titles Study Room Polices , Maximum Fines ,  and Unwelcome Patrons in Children’s Area .
Publib Topics October 2011

Publib Topics October 2011

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives

Archives compiled after Dec. 7, 2011 are available here: Archives

bar

Publib Topics – A Graphic Retrospective – August 2011

Beware Graphic Content Ahead!

 
 This graphic image  or word cloud was created using Wordle. It is derived from the subjects and authors of postings in PubLib for August 2011. The size of the graphics is directly related to the number of un-weighted unique occurrences each month of the individual words represented. Most automated graphic processes that generate these types of word clouds use additional weight for H1 – H6 tags through feeds. These graphics are not processed with H1 – H6 tags. The titles and authors were copied to Notepad and stripped of all HTML before being run through the Wordle Java platform. The process is case-sensitive so Library is not the same thing as library.
 
The most prominent word without employing filters would have been Publib. Publib and Fwd were deleted from the plaintext files before processing. In addition, the Wordle program automatically disregards articles, conjunctions, and prepositions.
 
 
Publib Topics August 2011

Publib Topics August 2011

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives

Archives compiled after Dec. 7, 2011 are available here: Archives

bar

Publib Topics – A Graphic Retrospective – July 2011

Beware Graphic Content Ahead!

 
This graphic image or word cloud was created using Wordle. It is derived from the subjects and authors of postings in PubLib for July 2011. The size of the graphics is directly related to the number of un-weighted unique occurrences each month of the individual words represented. Most automated graphic processes that generate these types of word clouds use additional weight for H1 – H6 tags through feeds. These graphics are not processed with H1 – H6 tags. The titles and authors were copied to Notepad and stripped of all HTML before being run through the Wordle Java platform. The process is case-sensitive so Library is not the same thing as library.
 
The most prominent word without employing filters would have been PublibPublib and Fwd were deleted from the plaintext files before processing. In addition, the Wordle program automatically disregards articles, conjunctions, and prepositions.
 
 
Publib Topics - July 2011

Publib Topics - July 2011

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives

Archives compiled after Dec. 7, 2011 are available here: Archives

bar

Amazon in competition with libraries?

bar

Is Amazon in competition with Libraries or are Libraries in competition with Amazon?

In the Publib post Amazon in competition with libraries?Randall Yelverton of the Washington District Library directed our attention to this Publishers Weekly blog story:

    Funding remains steady in many systems for now, but we will be, and should already be, fighting against perceived irrelevance that will increase as digital subscription services allow people to curate massive personal media and information collections with great ease.
Library Books

Library Books

Book stores, large or small, aren’t analogous to libraries because you pay for every single purchase from a store. Subscription services are far more similar to a library because for a fee, just as you pay taxes to support the library, you can quickly access a media library, and there’s likely not waiting for the must-have title.

To which the Publib chorus responded ~

  • That said, pay-fer services, like that described here or Netflix or even big book stores, are no threat to libraries. They certainly haven’t caused reduced funding for libraries. ~ DARRELL COOK – Richardson (TX) Public Library
  • Publishers are going to be pushing back hard on this. Customers may find that their selection from the Amazon lending library will be pretty meager. Still, we shouldn’t be complacent. : http://www.pcworld.com/article/239859/amazon_kindle_ebook_lending_program_what_it_needs_to_succeed.html  ~ Sharon Foster
  • The fact remains that libraries must evolve. We must change the perception that, once people can easily check out books, audio books, and find information quickly and easily using their smart devices, that libraries will no longer be needed. What will or what are libraries morphing into? What will be our new/revised role in community when it is no longer “reading advisor”? How will City Councils and State Legislatures begin to view us as “essential” and not as a place to begin cutbacks? ~ Beth Carlberg -Lubbock Public Libraries
  • This very topic was the subject of the Infopeople webinar, “Libraries in a Post-Print World,” held yesterday, September 13.   I recognized several PubLibbers’ names among the attendees.  The webinar archive is here:   http://infopeople.org/training/libraries-post-print-world  ~ Nann Hilyard the library in Zion, Illinois

Amazon is a singular corporate entity. Libraries are at best an aggregate of like-minded interests loosely, yet passionately bound together by a system of professional ethics.  Like politics, all Libraries are local.  So, can we really say that Amazon is competing with any individual Library or are Libraries collectively poised to compete with Amazon?

The month of September 2011 marked some major changes in Amazon:

  • On September 21st -  Amazon Kindle kicked into Overdrive – making Kindle Books available at over 11,000 local libraries.
  • On September 26th – Amazon announced its digital licensing agreement with Twentieth Century Fox.
  • On September 28th – Amazon announced the availability of four new Kindle models including:
    • a pocket sized $79 version
    • a Kindle Touch version for $99
    • a Kindle Touch 3G for $149
    • and Kindle Fire for $199 that will play Video, MP3 and offer books

The financial markets responded well to these announcements:  http://www.google.com/finance?client=ob&q=NASDAQ:AMZN#

Each of these announced changes impact the aggregate of Libraries and individual libraries. 

- Amazon Kindle kicked into Overdrive – increases demand for Kindle titles and pressure on collection development budgets: 
  • I know that it takes a bit for new programs to work the glitches out but we have some pretty avid readers who have been waiting and watching for the Kindle app to appear.  I want to make sure I can help them when they appear on our doorstep. ~ Jan Cole – Duncan Public Library
  • Would anyone be willing to share the percentage of your annual materials budget that you allocate for e-books, or just the amount you budget for
    e-books? What is your population? – Diane Greenwald -Warwick Public Library (Ocean State Libraries)
His and Her Kindles

His and Her Kindles

As a proud owner of His and Her Kindles, I reviewed the Ocean State Libraries
 consortium offerings for Kindle.  The number of titles currently available for the 600,000+ card holders is: 4,046.  There is essentially no depth to the collection at this time nor any real value in searching it.  In contrast - using the no-contract free 3G access built into the Kindles, I can browse and sample over 1 million titles.

- The deal with Twentieth Century Fox means additional video titles are now available for Amazon to stream to all sorts of device – providing an on-demand library of over 100,000 titles. 

How many libraries can say they are able to provide the equivalent access?

-The new price point for Kindles – as low as $79 dollars with WiFi or $149 with free 3G means many, many more people will be able to afford Kindles. 

Amazon Prime is $79 a year. So, for a total investment of about $150, you have WiFi, and thousand of books and videos available – represent a big price drop from just a few months ago. And, the new Kindle Fire may potentially become the dominant streaming media device.

Publib contributors are not without ethical concerns over these changes  -

  • … that kind of seamless integration across your Amazon account has interesting (i.e. potentially alarming) implications about just how much Amazon is keeping track of its customers’ relationships with their public libraries. I’m not sure what I think about that yet. Does anyone have a read
    on that yet? ~ Will Porter – Dennis Memorial Library
  • … but I did note yesterday that your library books are listed in your Kindle account information, just like books you purchase, and can be sent to any device you own from there. Several of our patrons have already commented on the service on our FB page – one or two even praised how easy it is, so that’s a nice change… ;) ~ Robin Hastings – Missouri River Regional Library
  • So they’re definitely paying attention to what patrons are checking out and using that information for marketing. I wouldn’t be too surprised if they shared that information with others. Part of me wants to make a big point of letting patrons know that their Kindle checkouts aren’t anonymous, but I don’t really know that patrons care about that as much as I do. I know that while my librarian self finds it worrying my patron/customer self just doesn’t care.   ~ Andrew Fuerste-Henry Dubuque, IA

 But is Amazon competing with Libraries or are Libraries competing with Amazon?

 
bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives

Please note: HTML is stripped out of archives. Compose in plaintext or richtext.

bar

Sometimes a Catalog is Just a Catalog

Sometimes a Catalog is Just a Catalog :

 
bar
 
Question: What is the fundamental difference between e-commerce catalog websites such as - HomeDepot, Sears, Amazon, Target, and Walmart and online library catalogs using Horizon, SirsiDynix, Evergreen or III? 
 
Answer: Librarians don’t create HomeDepot, Sears, Amazon, Target, and Walmart catalogs (but they should).
 
Jobs

Working

One of my friends on Publib recently asked me if I thought there were employment opportunities for Librarians in e-commerce and what training would be needed to get a job. 

I think that is a good question to address here with all of the PubLib people.   I am a librarian and I have worked in e-commerce – web design, product development, training, data base management and SEO.  My former employment (after being a public library director) was as a corporate e-commerce manager. I redesigned a 6,000 product e-commerce website, created blogs and alternate websites for its products and within a year had moved it’s US rank in Alexa from about 60,000 up to around 7,000.  I took a year off to complete graduate studies in digital forensics (which I consider directly related to cybrarianship) and recently returned to e-commerce again to manage the databases and organic SEO for an international company with tens of thousands of products specializing in medical equipment and medical supplies.

 
Almost every college, University and technical school has some sort of a degree program now called something like New Media.  The New Media curriculum teaches things like web design, and SEO, and htm*, and programming languages, and social media construction – basically all of this stuff that makes up the web.   But, when all is said and done, what we create in e-commerce is a catalog – a catalog broken down into relevant, related categories with multiple access points and meaningful descriptions – so that the end-user can find what they want and we can get it to them efficiently.  There is a back-end tie to inventory, prices, features, descriptions, shipping, and various temporal factors.
 
traditional librarian

Traditional Librarian

How does that differ in concept from traditional library cataloging?  The argument could be made that traditional libraries do not charge their patrons and the cost / price feature of e-commerce products creates a completely different dynamic.  But, it really doesn’t.  Every professional librarian knows that nothing is free and although there is no direct charge to the patron finding a book in a catalog – the expenses are paid for up-front through Taxes and Tariffs and Fees (oh my!), Taxes and Tariffs and Fees (oh my!), Taxes and Tariffs and Fees (OH MY!).  Every library book has a tangible cost and there is a small markup that accounts for salaries paid to librarians.  The back-end is tied to inventory, prices, features, descriptions, shipping and various temporal factors.

 
The marketing dynamics of library catalogs and e-commerce catalogs may differ since there is no apparent immediacy to having a library catalog pay for itself.  E-commerce is result driven - the only reason to have a catalog is to facilitate sales and educate the consumer.  But, I believe the every librarian now sees how truly dynamic e-commerce web sites that sell books such as Amazon – by the very fact that they do need to see immediate results – have drastically outpaced the big Library catalogs.  So, although the marketing approach may differ, it really, really should not.
 
Soap Box

Soap Box

So, are there employment opportunities for librarians in e-commerce?  Obviously, there is for at least one.  The problem is Corporate America does not know what librarians can do for them. It has been left to me to explain to the company presidents I have  worked with that Libraries are, in fact,  sophisticated and dynamic inventory control systems – that work just like their supply chains.

Library Schools do not even know that they are training people to create catalogs for e-commerce.   But, they should and given the employment growth outlook for traditional librarianship, Library Schools should be touting the ability of their cataloguers to catalog, organize and describe everything.

 
bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives Please note: HTML is stripped out of archives. Compose in plaintext or richtext.

bar

Palin’s Guides

And now  for something completely different:

bar
 
During this brief Labor Day break, I finished watching the series:  New Europe and Sahara featuring the iconic Monty Python actor - Michael Palin.  I am looking forward to watching his adventures Himalaya and Pole to Pole next.
 
The Pythonesque humor interweaved with a wonderful global perspective and a genuine empathy for the human condition offers an excellent counterbalance to the nationalistic drumbeat provided by mainstream news media coverage.  Palin humanizes the human condition. You feel that you have gotten the know the people he visits. Globe trekking to exotic locations has been curtailed by war, media coverage, and economic instability.  Yet, perhaps now more than ever we need to have a first-hand knowledge of those cultures.  Palin’s treks may represent the perfect virtual cultural bridge.
 
New Europe

New Europe

The New Europe series offers a trek through: Slovenia, Croatia, Bosnia & Herzegovina, Albania, Macedonia, Bulgaria, Turkey, Moldova, Romania, Serbia, Hungary, Ukraine, Estonia, Latvia, Lithuania, Russia, Poland, Slovakia, Czech Republic and Eastern Germany. 

For many, many Americans the only understanding we have of New Europe is limited to our participation in wars in Bosnia.  The New Europe series provides important cultural insights about how everyday people go about their lives.

Sahara

Sahara Desert

The Sahara series begins and ends in Gibraltar, Spain with the journey taking place in: Morocco, Smara Refugee Camp (Algeria), Western Sahara, Mauritania, Senegal, Mali,  Niger, Algeria, Libya,  Tunisia. 

In the final episode of the Sahara series, Palin visits the site of his crucifixion in the Life of Brian the city of El Haddej in Tunisia.  

 
 
Every public library should offer the Michael Palin series and Always Look on the Bright Side of Life
 

bar

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives Please note: HTML is stripped out of archives. Compose in plaintext or richtext.

bar

Library Security and Insecurity : Sacramento Public Library , Ocean State Libraries and The Library Connection

Library Security and Insecurity  – A Brief Risk Assessment

~ Robert L. Balliot, MLIS

Anne Frontino of the Haddonfield Public Library in New Jersey queried the PubLib Listserve about  privacy and possible misuse of library barcodes on smartphones remarking:

Our library is considering allowing patrons to use barcodes scanned onto their smart phones to check out books.  …    We have only had a few instances of patrons trying this method of checking out items, but we feel that there may be some privacy or other misuse issues lurking.

barcode

Responses varied from Manya Shorr of the Sacramento Public Library advocating for use of barcodes without requiring authentication  to Dale McNeill of the Queens Library advocating familiar authentication such as PINs.  

It was obvious that there is no universally accepted standard for securing library user information, yet privacy is a cornerstone of libraries, library ethics, and the library profession.  In fact, a privacy guarantee may be the one thing in the information age that sets libraries apart from other massive information resources.  It may be the singular added value that provides validation of libraries as a public service.

Library records and library use are afforded privacy protection by statute and / or published opinions in the fifty States and the District of Columbia. Many states have enacted Security Breach notification laws and Data Disposal laws that safeguard privacy. Library user privacy is also championed by the American Library Association  Code of Ethics specifically through Article III:  

We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.

These statutes, ethics and opinions can create formidable barriers to unlawful, unwarranted electronic discovery.  However, dramatic changes to the traditional library information environment have led to a general failure of libraries to provide security of library records and transactions and fulfill professional and statutory guarantees of privacy.  As a result of those dramatic changes, library usage represents a massive opportunity for legitimate and illegitimate electronic discovery.

In 2009 the HITECH Act was passed to specifically address privacy of health records in the United States in conjunction with HIPAA.  The process promulgated for securing privacy of health records could be effectively applied to safeguard library records – the technology is the same and the security issues are similar. Libraries and health care providers are both required to safeguard the privacy of user records.  Health care records and library user records are both defined as protected information resources.  But, unlike libraries as a result of HIPAA and HITECH the custodians of health care records must now undergo a risk assessment to identify how breaches of privacy may occur.

Enigma

Enigma Encryption Device

If risk assessments are not being conducted by libraries, how well are Libraries securing user information? Thousands and thousands of library records have been compromised and hacked. Nothing mandates risk assessment of library privacy and information security. Yet, the laws and opinions in all 50 states and DC define library user information as private and protected. 

What is the ongoing risk of exposing library user information? Huge. Three Library systems are reviewed here for the most basic levels of information security for users  - Encryption, Authorization and Authentication and Agency of ownership applied to Library Catalogs and Websites.

library Sacramento Public Library – Sacramento, California

The Sacramento Public Library serves  over 600,000  users with 28 libraries.  According to Manya Shorr, the SACPL also allows use of un-authenticated barcode images on smartphones as an alternative to a library card.

California Statutes :  Security Breach, Data Disposal and Library Records Privacy

Catalogencore © Innovative Interfaces, Inc.

Encryption - The SACPL catalog employs https SSL for user login.  The catalog does not employ https SSL  for non-login searches.

Authorization and Authentication -  User login requires Barcode or User Name AND PIN

Agency - The SACPL  catalog employs third-party Google Analytics to track and store user information - script from SACPL catalog:  

var _gaq = _gaq || [];    _gaq.push(['_setAccount', 'UA-8159966-1']);    _gaq.push(['_trackPageview']);    (function() {      var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true;      ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘.google-analytics.com/ga.js’;     var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s);    })(); 

Website – The SACPL Employs Google custom search - an outside agency not under control of SACPL which tracks and stores user information

Sacramento Public Library Risk Assessment -  Fail

Non-login catalog searches appear to be transmitted in the clear. Login catalog use and non-login catalog use is tracked by Google – a third-party not controlled by the SACPL.  Searches of the SACPL website employing Google custom search is third-party data collection not controlled by SACPL.  In addition, risk of in-person identity theft is compounded by reliance on staff to authenticate based on suspicion.  How is reasonable suspicion quantified and qualified with 28 libraries and 600K users?

library Ocean State Libraries – (library consortium)  - Rhode Island

The Ocean State Libraries (OSL) consortium (formerly CLAN) includes 49 public libraries of Rhode Island and over 500,000 user records.  In 2003 a long-term employee of the Warwick Public Library – the home of the Ocean State Libraries offices – was charged with stealing library user identity to obtain credit cards.  Each employee with access to the circulation modules of the consortium is able to access library records and personal information for other users of the integrated library system.  So, at the time when charges were filed all of the patron records for all of the libraries were potentially breached.  Subsequent meetings of the OSL voting membership  – library directors – discussed some of the security concerns of  retaining drivers license numbers and social security numbers within the database.  Some consideration of standardizing security of data was profferred.   Arguments were made that the easiest thing to do was not to require PINs or other authentication and leave data collection and retention as a decision at the local level.

Rhode Island Statutes :  Security Breach, Data Disposal and Library Records Privacy

Catalogencore © Innovative Interfaces, Inc.

Encryption - The OSL catalog uses https SSL to encrypt login to user accounts.  The OSL does not employ encryption for non-login catalog searches – all searches appear to be transmitted in the clear.

Authorization and Authentication - The OSL catalog does not require authentication of user accounts through a PIN – merely knowledge of a simple numeric 14 digit bar code. 

Agency – It is unclear how information is shared with external agents – however, patron data is shared throughout the consortium and is not compartmentalized.

Website – OSL website user information is shared with and tracked utilizing Statcounter.com – a service out of Ireland.

Agency - User information is shared with and tracked utilizing Statcounter.com – a third party service apparently managed out of Ireland.  Statcounter script is rendered as invisible, secreted tracking without informing visitors of its use within the website code – script from OSL website  :

 Start of StatCounter Code –>
<SCRIPT type=text/javascript>
sc_project=1420372;
sc_invisible=1;
sc_partition=11;
sc_security=”7885d9a5″;    . . .

Ocean State Libraries Risk Assessment -  Fail

No authentication of library catalog users – creating high risk of exposing user data. Non-login catalog searches appear to be transmitted in the clear without encryption.  Use of website employing Statcounter.com aggregation of user data is third-party data collection by an agency not controlled by OSL – with servers storing data about user sessions apparently located  in Ireland. Although security of patron records has been breached in the past, compartmentalization of records does not appear to have taken place.

library  The Library Connection – (library constorium) – Connecticut

Janus

Janus

The Library Connection serves  27 public and academic libraries  in the State of Connecticut.  The Library Connection librarians achieved some notoriety within the world of librarianship from their challenge to a National Security Letter and willingness to go to the mat along with the ACLU to defend the privacy of their users against law enforcement  in John Doe v Gonzales.   How does this library system employing librarians willing to secure and protect patron information from law enforcement review face user information security in general?

Connecticut Statutes :  Security Breach, Data Disposal and Library Records Privacy

Catalog - The Library Connection consortium employs the SirsiDynix integrated library system

Encryption - The login connection to the Library Connection catalog does not employ https  SSL.

Authorization and Authentication - A name and PIN or a barcode number and PIN are required for access to library user record.  However, since that information is apparently transmitted in the clear instead of encrypted using https SSL  – identity theft and harvesting of PINs with names and PINs with barcode numbers could be easily accomplished.

Agency - It is unclear how data is shared.  Library Connection privacy policy states

Information on non-Registered Library Users: No information is collected on library users who do not register as patrons. Some member libraries may collect the names of those who wish to use library computers to access the Internet. We encourage these libraries not to retain this information longer than three days.

Website - Immediately upon entering the Library Consortium website, user data is shared with and tracked by Google analytics

The Library Connection Risk Assessment -  Fail

No apparent encryption of library users logins. Non-login catalog searches appear to be transmitted in the clear.  Use of website employing Google analytics  is third-party data collection – an agency not controlled by the Library Connection – which appears contrary to the Library Connection policy on non-registered users.

Risk Assessment Summary -

The ongoing risk  to library user privacy is huge. This brief survey only touches on a few of the many current insecurities of library user information. Insecure user privacy practices represented in this brief risk assessment affect the privacy of over one million library users –  just at these three library systems. The privacy standards outlined by Article III of the ALA Code of Ethics may be comprised for convenience even by large library systems.   The ongoing erosion of user privacy in libraries to faciliate ‘ease of use’ by librarian and patron without regard to standard information security practices and ethics threatens the foundation of libraries as viable professional public services.

Please join us on BestofPublib Facebook

The Publib Archives

The Publib archives from the Webjunction listserve are available here: Archives Please note: HTML is stripped out of archives. Compose in plain text or richtext.

 

Follow

Get every new post delivered to your Inbox.

Join 177 other followers