Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday May 22 2024, @06:13AM   Printer-friendly
from the the-fine-print-on-page-forty-of-the-terms-of-service dept.

The Register is reporting on the issues raised by an anecdote about how library e-book reading habits get reflected in mobile ads, with the observation that tracking is occurring and with the underlying question being about how the tracking is occurring. The context is that many libraries use DRM'd mobile phone apps to allow limited, temporary access to e-books to the subset of patrons willing to install the app to the subset of patrons willing to agree to the app's terms of service to the subset of patrons with smart phones.

In December, 2023, University of Illinois Urbana-Champaign information sciences professor Masooda Bashir led a study titled "Patron Privacy Protections in Public Libraries" that was published in The Library Quarterly. The study found that while libraries generally have basic privacy protections, there are often gaps in staff training and in privacy disclosures made available to patrons.

It also found that some libraries rely exclusively on social media for their online presence. "That is very troubling," said Bashir in a statement. "Facebook collects a lot of data – everything that someone might be reading and looking at. That is not a good practice for public libraries."

Salo said that the amount of visitor-tracking scripts on many library websites is just beyond the pale.

"I have been watching actually the situation with healthcare organizations getting absolutely nailed to the wall for Google pixels and Facebook pixels and what have you, as potential HIPAA violations," she said.

"And you know, it's the same kind of thing [with libraries]. If we think this stuff is confidential, we should act like it and we're very frequently not. So yes, I am absolutely on a one-librarian war against Google and Facebook pixels. That just has got to stop."

The Register, An attorney says she saw her library reading habits reflected in mobile ads. That's not supposed to happen.

The assertion is that this level of tracking is not supposed to happen with library services, as per professional decisions by earlier generations of librarians. The terms of service and licensing which both the libraries and their patrons gave the nod to may even explicitly allow the surveillance and warn of it buried in scores of pages of legalese. Be that as it may, the apps creators (and the purchasers, the libraries) may even be unknowingly affected by trackers built into the Software Development Kits used to build the app. Thus the bigger question is why so many librarians and their patrons have become so unversed in mobile ICT as to buy and deploy such DRMed software-as-a-service, which contain two kinds of violations of basic rights: digital restrictions and tracking. Academic librarian, Dorothea Salo, is off to a good start in mitigating the problems but there is a lot to catch up on.

For what its worth, there are DRM-free, public domain options including LibriVox for audio books and Project Gutenberg for e-books in several formats. Some regions will have their own analog for public domain literature, such as Project Runeberg for Nordic literature in the public domain.


Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Touché) by VLM on Wednesday May 22 2024, @02:26PM

    by VLM (445) on Wednesday May 22 2024, @02:26PM (#1357812)

    visitor-tracking scripts

    Possible. Complicated. If you're an ISP, its simpler just log hits to your DNS server. Depending on your local level of authoritarianism, you may already be legally required to log access. Then sell the data or have it be stolen or have it be "stolen" for monetary gain by agreement or ...

    Maybe logging at the ISP level, or simpler at the local firewall level.

  • (Score: 3, Interesting) by VLM on Wednesday May 22 2024, @02:30PM

    by VLM (445) on Wednesday May 22 2024, @02:30PM (#1357813)

    rely exclusively on social media for their online presence. "That is very troubling," said Bashir

    There are also extreme silo or narrowcasting issues with social media. If you "serve the public" but individual social media sites are extremely narrowcasted...

    For example, I was reviewing my high school group on FB a couple years ago (I don't use FB often) and it was an extreme power law distribution of use where a couple people were 99% of the traffic and most of my graduating class doesn't use FB more often than every couple months.

    An organization does not serve "the public" when the only users of a site are an extremely small minority of power users.

  • (Score: 2) by JoeMerchant on Wednesday May 22 2024, @08:39PM

    by JoeMerchant (3937) on Wednesday May 22 2024, @08:39PM (#1357852)

    Our physical library actually tries to be somewhat discreet about what their patrons are reading / viewing. They have a holds section where you just walk in and get your stuff, but they place the spines down... and there are other aspects of their service which also protect that information at least as well as hospital admissions protects your health info from other people near the desk.

    This actually gets back to "old times" where just reading a certain book would put you on the wrong end of a suspects for interrogation / harassment list - yes, even in the "Greatest Generation" of the good 'ole U.S. of A. they would do such things.

    --
    🌻🌻 [google.com]
  • (Score: 3, Insightful) by Ox0000 on Wednesday May 22 2024, @09:08PM

    by Ox0000 (5111) on Wednesday May 22 2024, @09:08PM (#1357855)

    Be that as it may, the apps creators (and the purchasers, the libraries) may even be unknowingly affected by trackers built into the Software Development Kits used to build the app.

    Exactly this!

    It's almost most probably not the library themselves that ratted out on the reader. It's almost certainly whatever app the library patron uses to read the e-books or audio books. Those things are infested with trackers. The publisher of the digital content is the one who dictates which apps should be used (because they want to enforce DRM: the library has a license to loan out X copies at the same time, and the app enforces that). The publisher collects the information and then sells it because "fuck it, it's money"
    The library probably never knew this was a thing - and while they should have checked for this, in a way I don't blame them because it's them up against a small brigade of lawyers and gatekeepers to the content they wish to provide to their patrons.

    Why do libraries allow that? On the one hand, libraries have a mandate to make content available and (in the event that they are aware of this tracking) while they could take a principled stand and contractually require that no such tracking/spying/treason is present, that would lead to them not being to fulfill their duty of making content available because the party with all the power in this relationship is the publisher. So congratulations, your library took a principled stance, you have access to no books.

    On the other hand, why are they so unversed in this is the absolutely wrong stance to take.
    I squarely take side _with_ the libraries here. The problem is not that they "should have checked". The problem is that this tracking is present at all, that it is a default. The problem is that this is 'normal business conduct'.
    THAT is the problem! It's a "steal first, and if you're found out, apologize and do fuck all about it except for offering platitudes such as 'your privacy is important to us'".

(1)