[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Privacy and IOCLC

To: liblicense-l@lists.yale.edu
Subject: Privacy and IOCLC
From: David Goodman <dgoodman@phoenix.Princeton.EDU>
Date: Thu, 31 Jul 2003 16:58:18 EDT
Reply-to: liblicense-l@lists.yale.edu
Sender: owner-liblicense-l@lists.yale.edu

In my view, the IOCLC statement offers minimal protection.

At the most basic level, as I read it, it does not even prevent requiring
personal information about a user to obtain access or services. Very few
providers do in fact still require this information for access, but most
do require personal information for such services as stored searches. This
is not technically necessary--they could ask the user to provide an
arbitrary id and password to retrieve the information, or send the emailed
information through a blind mailing facility at the users' institution
which conceals the individual name from the provider.

At a more subtle level, the user ip address are normally known to the
provider. It would easily be possible to route all such traffic through a
suitable proxy, such that the specific ip of the originating address was
not disclosed beyond the users' institution. This would still provide the
possibility of tracing in case of suspected license violation.

The user does, of course, have the potential protection of using a
computer in the library. Essentially all contracts provide for anonymous
use in such cases. I think it is our obligation to protect our users even
when, for convenience, they choose to use more identifiable facilities.
Some libraries violate the spirit of such anonymous access by requiring
log in from library computers, even when (as usual) the license does not
require it. Indeed some librarians have commented to me that they would
need to pay extra for such licenses, which is simply not generally true.

I accept as a basic principle of our profession that all academic and
public libraries have the obligation to protect their users against any
possibility of disclosing or identifying the contents of a search, just as
they have the obligation to protect them against disclosure of the use of
a particular book or periodical. No library records can ever be safe from
legally-ordered disclosure, and the permissible scope of such disclosure
is widening, at least in the United States. The only true protection is to
ensure that no such records are recorded in the first place. Doing
otherwise is the equivalent of locating a video camera to record every
computer user and transaction.

Merely including the phrase "except as required by law" is in this context
no longer sufficient for academic freedom.

Speaking personally, David Goodman

On Wed, 30 Jul 2003, Heather Morrison wrote:

> On the topic of privacy, please see the International Coalition of Library
> Consortia's Privacy Guidelines for Electronic Resources Vendors at
> http://www.library.yale.edu/consortia/2002privacyguidelines.html.  This
> statement has been endorsed by over 50 library consortia worldwide,
> including ELN.
...>

Prev by Date: Re: IngentaSelect usage stats
Next by Date: Project MUSE News: 2004 Collections and Price InformationAvailable
Previous by thread: Re: IngentaSelect usage stats
Next by thread: Project MUSE News: 2004 Collections and Price InformationAvailable
Index(es):
- Date
- Thread