SUBSCRIBE NOW!

Vol. 39 No. 6 — July/August 2019

FEATURE
A Guide to Patron Privacy
by Jessamyn West

I’ve created a Practical Privacy Toolkit that accompanies a pretty simple talk outline, intended to be shareable and repurposable to suit a library’s needs. The structure is pretty straightforward: five talking points and a lot of time at the end for questions. I’ve presented it at small libraries around Vermont, and I’ve created a meta-presentation for librarians that discusses how to use it. I’d like to share it with you. The full talk—with notes, handouts, and slides—is available at  librarian.net/talks/privacy.

Threat Models

I cover five main areas of internet privacy, but I begin by talking about threat models. It sounds a little cloak-and-dagger, but people need to think about their own situations. How private do they need to be? Since increased privacy also usually carries with it some increased hassle, people should include the “hassle factor” in their decision-making process. 

If you’re a doctor, a lawyer, a teacher, or a librarian, you may be governed by laws or professional guidelines that tell you how safe you need to keep the data you are entrusted with. If you are in an unstable situation at home, have an unstable immigration status, or just want to keep your private life private, you may have a different level of privacy that you want to maintain. Or perhaps you don’t really care about this sort of thing, but want to shop at Amazon without your partner knowing what you bought—or you want to keep your teenager out of your email. 

All of these scenarios involve making personal decisions about a technology environment—not just creating super-long passwords because it’s a best practice or not clicking links in email because the news says it’s a bad idea. Media and technology professionals’ depictions of internet privacy practices are often too aspirational or too scary, and they don’t actually assist people in making decisions that work for them. Having open-ended conversations with people, not just handing them a to-do list, can often help them make better choices for themselves.

Passwords 

The first area I cover is passwords and why they’re so complicated. I discuss how one man working in network security decided that passwords had to be long, complex, and frequently changed. That idea caught on. It wasn’t until years later, when we looked at how passwords were actually being used, that people discovered that this didn’t make systems safer. People would choose obvious passwords, increment them by one digit each time they had to change them, or write them down. The strategy that was intended to keep systems safer was making them less secure because people and their habits were the weakest link. That said, long passwords that are mostly just words strung together are actually pretty secure. Human eyeballs can see, “Oh, that’s four words,” but a computer just sees a long string of letters that can’t be cracked with a dictionary attack. 

For many people, writing passwords down is actually a decent option, but they should be somewhere safe, not on a Post-It on their monitor or at their desk. I talk about differentiating what types of passwords people might have: computer logins, email passwords, an Apple ID, a PIN for their banking app, etc. Writing a password down isn’t a best practice, but it’s a practical practice. If you’re not in a high-stakes job or living situation, this is OK for you. At my drop-in time, I never help someone sign up for a thing without making sure he or she writes down that thing’s password (and security questions and answers). Working with technology can be confusing enough without getting home and realizing you forgot the password you just created. Almost a third of the time I spend assisting people with technology is helping them choose, retrieve, or remember their passwords. A practical best practice is not reusing passwords across platforms. However, realistically, people need to sign in to dozens of sites in a given month, so I usually amend this to say that any website that keeps personal, banking, or health information probably needs its own password. I talk to people about my own password practices and how it’s normal to make choices that aren’t always the best practice.

Lastly, we discuss password managers if people are interested. There are a few good ones and many bad ones. Browsers will save passwords if you let them. LastPass will let you share a password bank with a family member, which can be very useful. I encourage people to use two-factor authentication when it’s available, but I warn that it’s a lot more complicated if they don’t have a cellphone or a way to get a code to log in. Many people who think they want the security of two-factor authentication don’t always have the memory, lifestyle, or infrastructure to support it. Passwords are very important to stay on top of, but they’re hard for people to manage. 

Internet Traffic 

The next level of privacy sophistication is thinking about your internet traffic. This means the traces you leave on your computer, as well as the traffic you’re generating online. Patrons in our libraries deserve to have their online interactions be as un-monitored and as quickly forgotten as possible, without being hamstrung by unwanted security measures. At a basic level, this means providing secure Wi-Fi, making sure browsers remove data between sessions, and offering secure options for our patrons who want them. This can be tricky, since we don’t always own our own systems. At my library, we offer the Tor browser as an option. However, we also have a Wi-Fi system (not set up by us), which will only bring up the Wi-Fi “click here to connect” page if you load a page that has an HTTP URL (as opposed to an HTTPS one). This made sense when the portal was set up; it seems antiquated now. 

Patrons should understand what happens to their internet traffic when it leaves the library, as well as what information gets left on their computer. Add to this just how identifiable that information may be (see my column from last month on browser fingerprinting for more on this). While we have control over the devices we provide in the library, more and more patrons are bringing their own in. It’s also worth pointing out the difference between a desktop or laptop computing environment and a mobile environment in which traffic goes through cellular networks. Some patrons are more comfortable using a bank’s mobile app, for example, versus their bank’s website on an unknown Wi-Fi network. This is a rational decision. 

For people at the higher threat levels who need something more secure, I talk about VPNs and Tor—and how they roughly work. I also have an example of why someone might want to use a VPN—streaming British television shows that are only available to people with U.K. IP addresses, which is technically against the rules, but is realistically a thing people do—so they can understand the concept. 

When we tell people not to use social media on vacation, we are setting them up to fail or to be miserable. We should talk with them about their lives and help them find solutions that work for them. While it’s always worth understanding that an Instagram photo could reveal their location if they’re not aware of the settings, that’s a different conversation than telling people never to tweet from outside their home—which is a one-size-fits-no-one approach. 

Listening/Recording 

The Internet of Things is confusing because the hype and the reality are quite different. I have had to tell people more than once that a smart TV is not going to be spying on them if they don’t have internet at home. That said, I was surprised when I was watching TV alone at my mother’s, and a box popped up on the screen asking, “Are you still there?” It had a motion detector built into it, and I had no idea. 

As more people are buying internet-connected devices and we’re learning more details about them, it’s worth having a conversation covering topics such as: 

• Any internet assistant that listens for its name is, de facto, always listening to everything. 
• In Amazon’s case, and probably others’, this can mean that actual human beings are listening to what is happening. 
• You may not mind, but consider the privacy of not just yourself, but also your guests or the other people in your home. 

Some people feel better with surveillance devices such as doorbell cameras, smart thermostats, and internet-connected baby or pet monitors, but they still capture our personal information. This is also true about library cameras. I am a bit of an anti-surveillance crank, but when I asked my friends and colleagues about library cameras, many patrons of busier libraries said that cameras made them feel safe, that people wouldn’t “try stuff” if they knew they were being observed. It’s a topic that reasonable people can disagree on, but people deserve to know if they’re being watched and what or who is watching or listening to them. 

Tracking 

Tracking technologies are one of the things that library patrons know the most about because nearly everyone’s heard of cookies. People also got reminded of them again when the General Data Protection Regulation (GDPR) went into effect last year in the European Union. One example I use is how I was browsing online for luggage one night. I found a very cheap bag that had a football logo on it and thought, “I don’t care about the logo—that bag is cheap.” I put it in my eBags cart and forgot about it. A few days later, I was reading a newspaper online, and there was an ad for eBags featuring the bag. Of course, this is because of third-party trackers and ad agencies and the smallness of the commercial web. The good news is, since this is older tech, there are some good tools to combat being tracked and profiled. 

At this point, it’s demo time for this talk, because I’ve learned that as soon as I tell people they can fix a problem with a browser plug-in, they immediately assume it’s going to be too difficult for them. So I demonstrate how simple it is to click a few buttons and install Adblock Plus, Privacy Badger, or F.B. Purity. We talk about how to limit third-party cookies and look at the privacy settings of browsers. My handout for the class includes specific links on how to find the privacy settings for every browser. 

The one topic that isn’t covered too much in this talk is social media, because it is its own huge topic. I do mention that you can limit personalized ads on social media somewhat (which means they’re not keeping a dossier on you) and how you can look at what Facebook and Twitter think they know about you. We learn how to limit what information Google—and, by extension, YouTube and all its other online real estate—knows about you. Lastly, I show everyone how to install DuckDuckGo as their default browser on desktop and on mobile and explain why they might do that. 

My closer is always some goofy knowledge box from Google that is the result of it trying to pull out relevant information without using humans. Currently, my favorite is Googling, “How many legs does a horse have?” The given answer is “Six,” which will probably be fixed by the time you read this. A previous favorite was Googling “guinea pig” and getting a photo of a hamster. 

Educating Yourself 

And that’s the final lesson. No matter how much you try to maintain control over your online environment and your own privacy, things will change. Patrons and librarians have to use their eyes, brains, and hearts to figure out what works for them. There is no such thing as perfect privacy for people who spend any amount of time online. Everything is, at some level, an exercise in risk management. Not everyone likes this—sometimes, my talks are populated by people who are just mad at this situation. And I don’t entirely blame them. But I do find that when they get some time to talk to someone knowledgeable about the online environment, someone who can help them contextualize their experiences and figure out how and where to learn more, they feel more confident. With that confidence often comes some acceptance. This helps them use the internet and online spaces to solve problems for themselves—and not just consider the internet to be the problem.