Of particular importance to the field of librarians and information professionals is protecting the privacy of their users. As pointed out quite clearly in Privacy: An Interpretation of the Library Bill of Rights, all people have a right to privacy, privacy is essential to the concept of free speech, and the practice of protecting user privacy has long been a central component of a library’s mission. As society has moved into the digital age, new forms of communication and unprecedented access to limitless amounts of information has had a profound effect on an individual’s privacy.
Data exhaust can be described as data that is a by-product of individuals engaging in routine, day-to-day activities. We produce data in every single thing we do each and every day. Everything from the time we wake up, to the type of toothbrush we use, to the routes we choose to go to work, or even the music we listen too, are all forms of data. These activities are certainly nothing new, but the concept of thinking about these activities as forms of data that could be useful is relatively new. In the past, mundane activities were not thought of as data largely because there was no efficient way to collect the data. Fast forward to today, technology has made data collection quick, efficient, and useful. Computers and the Internet have made it possible for things such as our search queries, the items that we look at, or even the questions that we type into the Google search bar to be useful to someone. As Pomerantz (2015) points out on page 125, the aggregation of what was previously thought to be useless data can now give companies like Amazon information about our shopping preferences, interests, and even our health patterns.
The problem with the collection of data exhaust is that it creates privacy issues. Doctorow’s (2010) allegory of collected data being nuclear waste is both fascinating and accurate. We know that the data, no matter how miniscule, when collected in large quantities, can eventually lead back to the individual who produced the data in the first place. This is a fundamental threat to personal privacy. As Doctorow puts it, there are just some things that we don’t want other people to know about us. That being said, we have a tendency to reveal our deepest, darkest secrets to Google. Obviously, of concern here is how companies and other entities that are collecting data will choose to use it. Will they sell the data to another entity? Will the put adequate protections in place to keep your information confidential? Will it get you into trouble if data about you falls into the wrong hands? All of these are valid questions and it is a ticking time bomb (perhaps a nuclear one), that we are going to have to face and deal with.
When it comes to libraries, the American Library Association is quite clear about the role of the library and information professional in protecting a user’s privacy. While it doesn’t seem entirely obvious that the privacy concerns in a library are the same as those on the outside, it is certainly something that must be taken seriously within the library field. The reality is that in today’s world, libraries subscribe to a number of services, databases, and electronic resources that are not hosted or controlled by the library itself. Once upon a time when libraries pretty much held on books and documents, the data produced by a patron strumming through a card catalog was in no danger of being reavealed. That kind of data stayed within the library itself. This is simply no longer the case. Whenever you use a search bar to locate a resource or scroll through lists of articles and/or documents in an electronic environment, you can pretty well bet that the provider of the search feature that you’re using is collecting data about your searches. Additionally, if you have to have a login to use the electronic resources within a library, then your identity (and potentially your privacy), have been compromised. It is important for librarians to carefully evaluate electronic resources and to read the terms and conditions of every contract that the library engages in. Librarians and library administrators need to know how companies like EBSCO or Gale use data exhaust once it is collected.
I hope you enjoyed today's post! I hope you all stay nerdy! May the force be with you and all the odds be ever in your favor...live long and prosper!
Corrado, E. M. (2020). Libraries and protecting patron privacy. Technical Services Quarterly, 37(1), 44-54.
Doctorow, C. (2020). Cory Doctorow: why personal data is like nuclear waste. Retrieved Jan. 28, 2020 from http://www.theguardian.com/technology/2008/jan/15/data.security.
Pomerantz, J. (2015). Metadata. MIT Press.
"Privacy: An Interpretation of the Library Bill of Rights", American Library Association, July 7, 2006. http://www.ala.org/advocacy/intfreedom/librarybill/interpretations/privacy (Accessed January 28, 2020). Document ID: 5c653c23-920b-b254-d94c-6dcf4ccd86c6.
Yoose, B. (2017). Balancing privacy and strategic planning needs: A case study in de-identification of patron data. Journal of Intellectual Freedom & Privacy, 2(1), 15-22.