Tag Archives: Intellectual Freedom

eReader Privacy Concern Roundup

Unaltered image by SLOWKING used under the CC BY-NC

Unaltered image by SLOWKING used under CC BY-NC license.

There has been a lot of news this past week regarding the manner in which Adobe Digital Editions was found to be openly transmitting reading records in plain text (re: sans encryption).

Many legitimate concerns exist regarding the privacy and intellectual freedom of the patrons for any library that is or has operated an ebook service reliant upon Adobe’s technology (and, in all fairness to Adobe, upon any DRM technology).

Here’s a roundup of this week’s news, rounded out with some related resources.

Updated 10/10/14 at 12:59 to include a link to the Hellman article.

Advertisements

Choose Privacy Week Update and Tool Kit

ALA_ChoosePrivacy_186x292-A

The American Library Association’s new Privacy Tool Kit  made its debut on their website yesterday. This tool kit is a robust and tightly organized collection of statutory information, guidelines,  policy and procedure considerations, and statements of principle. Its the culmination of two arduous years of collaborative effort and is making its debut right as the 2014 Choose Privacy Week celebration is kicking off. Be sure to check it out and take advantage of the resources it contains. You can read more about the kit and its creation here.

If you’d like to tap into more great resources related to privacy in the library, be sure to check out the Choose Privacy Week website (great information, every week of the year!)

Finally, if anyone’s interested, here’s the slide deck for my upcoming CPW presentation, Defense Against the Digital Dark Arts: ChoosePrivacyWeek-DefenceAgainstTheDigitalDarkArts (ppt). When the webinar archive is available, I will update this post to include the link.

Revisiting 404 Day

Image of a generic HTTP 404 file not found message

One week ago today, the internet was graced by an amazing live presentation as part of a day of action against censorship in libraries. The truly amazing presentation was put on by intellectual freedom advocates and technologists (including Deborah Caldwell-Stone, director of ALA’s Office of Intellectual Freedom!), and was sponsored by the Electronic Frontier Foundation (EFF).

If you aren’t familiar with 404 Day, it is a call to action against censorship of all kinds, and a means of raising awareness of the extensive and unnecessary censorship that’s arisen since the Children Internet Protection Act’s passage (CIPA). Last week’s session went to great lengths to clarify the very limited scope of the law, explore the dangers of online censorship in all forms, illustrate the risks inherent in internet filtering, and eradicate misconceptions about CIPA. Continue reading

Patron Privacy Online – A Call for Reform

The address bar is the first place to look for secure browsing.Safeguarding patron privacy has always been a cornerstone of public library service in America. It’s enshrined in the code of ethics of the American Library Association, where it states: “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.”

Further, patron confidentiality is a fundamental requirement for intellectual freedom. “Privacy is essential to the exercise of free speech, free thought, and free association. The courts have established a First Amendment right to receive information in a publicly funded library” (From an interpretation of the Library Bill of Rights).

Patron privacy is so important, libraries have policies enshrining it and make public affirmations of the Freedom to Read Statement and the Library Bill of Rights and its interpretations. Most states have laws in place protecting patrons’ privacy, such as NDCC 40-38-12.

Despite our admirable dedication to protecting patrons’ confidentiality, we’ve evinced systemic oversight regarding their privacy when they’re using library resources online. Continue reading

Promising Practices for Public Access Computers, Part 3

This is the third in a series of posts on how libraries with limited resources can provide a reliable and safe public computing environment consistent with the tenets of Intellectual Freedom. If you missed the previous post on browser privacy or the post on setting up a guest account, you may want to check those out first.

rebootRestoreRxLogo

In this installment, we’ll learn how to install and configure Reboot Restore Rx, a freeware program that allows you to create an ideal state your computer will return to every time it’s rebooted. This helps ensure stability against anything your library patrons might do to it, and also helps protect their privacy by deleting any documents they may have inadvertently saved on one of your public access computers. This is a much more aggressive and thorough approach than the one we took using CCleaner, but it’s also a more involved setup process and makes future software updates slightly more cumbersome. As with previous posts, this is not an enterprise solution, and is best suited for smaller libraries with few public access terminals.

Once you’ve downloaded the program’s installer, the obvious next step is to run it. The installation process is pretty familiar until you get to this screen:

installPartitionSelectScreen

Note that your screen will look different, depending on how many hard drives you have and how they are partitioned.

You can select any or all of your partitions at this point, but in most cases you’ll simply want to select C: (checked by default) and any other lettered drives before clicking Next.

At the end of the install process, you’ll need to reboot.

Pretty painless, right? Well, there is a bit more to it than that. First, you’ll want to take steps to prevent your more savvy and mischievous patrons from disabling it. To ensure that the following changes will stick, we want to disable Reboot Restore Rx from the Shield Tray. Right click the following icon from your icon tray:

shieldTrayIcon

Then uncheck Restore on Reboot. Excellent! Now we need to prevent Shield Tray from loading at startup. An easy way to do this is using autoruns (previously discussed here). You’ll want to run Autoruns as administrator (right click it then select Run as administrator). Next, click on the binoculars and search for shield tray (or scroll through the list until you find it). Uncheck the box next to Shield Tray and then close out of Autoruns.

uncheckShieldTray

Now there won’t be a tantalizing switch for miscreant or curious patrons to toggle.

The path to the switch will still be open to them, though, so you’ll have to take extra precautions against the particularly tenacious (or those who’ve read this article). What we want to do next is lock off the Guest account’s access to the RestoreRebootRx folder. Here’s how to proceed (note: you should be signed in as an administrator). Here’s how to proceed:

  1. Open up your file tree (click the folder icon; if you don’t have one, click the Start orb, then documents)
  2. Navigate to Computer -> Local Disk (C:)
  3. Right click the RebootRestoreRx folder (you may have to scroll down to find it) then click Properties
  4. Click on the Security tabsecurityTab
  5. Click Edit
  6. Click Add
  7. In the Enter the object names to select text box, type in guest and then click Check NamescheckNames
  8. You should now see the proper path for the guest user account in the text box (something like COMPUTER-NAME\Guest); click OK
  9. Now, select the Guest account on the Permissions for RebootRestoreRx screen
  10. Check Read & execute in the Deny column (this will automatically deny List folder contents and Read, as well) guestPermissions
  11. Double check that it says Permissions for Guest above the selection box before proceeding, then click Apply
  12. Click Yes
  13. Click OK

Voila! The guest account can no longer deactivate Reboot Restore Rx without an administrative password. Good stuff. Finally, we want to reactivate Reboot Restore Rx. This is a bit trickier, since we likely no longer have Shield Tray in our icon tray (it will still be there if you haven’t rebooted since changing the autoruns. To get it back (for the current session), click on the Start orb, then type shieldtray into the search box. Execute the shieldtray program this discovers and it will be back in the tray. Now simply right click its icon from the tray, and click Restore on Reboot. This will give you the following notification:

updatedBaseline

Click OK (as though you had a choice). That’s it! I do wish you had the option to reject changes at this point, but presently you’ll have to rely on a system restore point for that.

Now you also know how to make any future changes (re: software updates) stick, so that you won’t waste time restoring to an outdated state: load the Shield Tray, deactivate the service, make the changes, reactivate the service, reboot).

Reboot Restore Rx is not a bulletproof means of preventing computer tampering, but it will alleviate a huge percentage of your routine computer lab problems. Reboot Restore Rx is easy to install and manage, allows easy updates to other software and the restore baseline, and it’s freeware. Of the free solutions I’ve tested, this is by far the most user-friendly and the least prone to crashing (I never managed to break it). Hat tip to the How To Geek for his excellent article on this program.

Promising Practices for Public Access Computers

I’ve been wrestling for a while now with how best to tackle the manifold privacy and security concerns inherent in shared computer environments. It’s a complex issue pertinent not only to the sacred tenets of Intellectual Freedom and the legislated requirements for patron confidentiality (NDCC 40-38-12), but also for network security and the provision of a reliable and safe computing environment. To make it more challenging, so many libraries are constrained in terms of the resources, time, and technological proficiency they have at their disposal to address these challenges. There are many facets to this, and I intend to tackle them one by one–so begins an epic series of posts…

Before delving into today’s topic, it’s probably prudent to remind you that if you have publicly accessible computers, you should have an Internet Access Policy (word document template). In fact, if you’re filtering to comply with CIPA, you’re obligated to have one.

Okay, if you’re still with me that means your library has an Internet Access Policy and you’re interested in securing your lab and protecting your patrons’ privacy without spending another dime. Bully for you! Today’s lesson: configuring the privacy settings on your public computers’ internet browsers. Below you’ll find instructions for Firefox, Chrome, and Internet Explorer; you may not have all of these installed on your lab computers, but I recommend making  the following adjustments to whichever ones you do.

Firefox-logo.svg

1. Mozilla Firefox

It’s easy to configure Firefox to respect user privacy. First, you’ll need to open up the menu (orange logo-sporting area in the upper left corner of any open browser window). Select Options to pop open a new window with the settings options. Now click on Privacy so that you can make the necessary adjustments. Make sure the “Tell websites I do not want to be tracked” checkbox is ticked. Now select “Never remember history” from the “Firefox will:” dropdown menu under History, like so:

FFprivacy

Finally, click the OK button to instantiate your changes!

Google_Chrome_icon_(2011).svg2. Google Chrome

To change Chrome’s default behavior, you will have to make one minor edit to it’s shortcut. To do this, right click Chrome’s shortcut on your desktop, Start menu, or taskbar. Then click Properties to summon forth the Google Chrome Properties window. In the Shortcut tab, simply append ” -incognito” to the very end of the text in the “Target:” field (note: don’t key in the quotation marks!) Click OK and you will have successfully modified your shortcut! It is important to note that if you have more than one shortcut, you will need to modify all of them.

chromeIncog

Internet_Explorer_9_icon.svg

3. Internet Explorer

The process for tweaking Internet Explorer is very much like that for Chrome. Right click the IE shortcut on your desktop, Start Menu, or taskbar. Then click on Properties. Append ” -private” to the very end of the text in the “Target:” field (note: don’t key in the quotation marks!) Finally, click OK to finish it up. If you have more than one shortcut to IE, you will have to alter each of them in this fashion.

IEpriv

A final note: if you’re not currently using a program like Fortres Grand’s Clean Slate, Faronics’ Deep Freeze, or Complete Lock’s Install Guard, patrons will still be able to adjust these settings and undermine the protections you’ve put in place for them. More on locking changes like this down in a later post!