Slashdot Mirror
Building Anonymous-Friendly Computer Libraries?
H310iSe writes "Listening to NPR today and caught a story on All Things Considered about how the FBI has demanded information on borrowing and browsing habits, including computer seizures, from 85 libraries since Sept. 11 (utilizing their new-found powers from the PATRIOT act). Similar stories (which don't require RealAudio) are here and here. The American Librarian Association is providing information for librarians to help deal with this, and it seems heavily tilted towards supporting individuals' rights to privacy. It seems like the Slashdot crowd could come up with a great library computer setup that would protect anonymity (I'm thinking about things like creating a RAM disk and loading the OS onto it). How about ways to enable people to borrow books anonymously without opening the door to large-scale theft? I bet if we offered a packaged, free, easy to install Safe Browsing computer or Anonymous Checkout program, libraries across the U.S. would enthusiastically embrace it." According to the articles, these checks can be made for any reason, not just for suspected terrorism. It seems that if the American people are going to protect their rights, they are going to have to do so actively. Is the idea presented above, feasible? How would you improve upon it?
hmm i agree that the users rights should be protected. but maybe the RAM disk is a little bit of over kill. i think potentially it could be solved at a software level rather than having to reload the OS into a new location. theoretically, browsing habits can be covered easily at the software level with many programs available on the internet. i sure wish the CoDC would come up with something for this. :)
[ check out my ruby book @ http://ww
WHY on EARTH would you want to hide from Big Br... er, Our Benevolant Government? You must be guilty of something! Stuff him and cuff him, boys!
Maybe I'm not sure what exactly the submitter means by Anonymous Checkout, but if they don't know who checked out a book, why would anyone ever return it? I guess I'm just confused about that issue of this idea, they have to maintain some records so that they can fine people that don't return books, right?
It's my understanding that a lot of libraries don't keep any records of who has checked out a book in the past. The only records kept are who currently has the book and any info pertaining to fines. The same could essentially be done with computer usage. The records of who was using a computer need not be kept past the end of a day, and the hard drive could then be synced to some disk image (I know some places already do this too, just to keep the machines working properly). I'm not sure any fancy technical solution is really necessary. If libraries are really interested in protecting privacy they can do it.
Ben
..the Feds will complain and Congress will simply mandate that any US library that receives any federal aid (ie, all of them) use a browse/borrow system that can supply exactly this kind of information.
Patriot Act, indeed. If you want to be a patriot these days, go vote in November and boot these current idiots out of power.
Respect for the anonymity of the library patron (at a minimum) needs to be codified in law. Otherwise, at any point the government can stop funding libraries that don't track patrons (like McCain's initiative that flew through Congress mandating web surfing filters) or worse.
If all these conditions are met, then if the libraries refused to use proxy logs or anything of the sort, and set up network PCs that ghosted themselves from a server (preferably with Linux) every time a patron logs out to fight trojan loaders and such, then things would go pretty well. But I don't think that it's the technology that's at issue.
Our librarian is pretty cool about these things, by the way, and probably would go for setting up something along these lines if she thought it'd be worth the investment. It wouldn't be, however, because there's still a lot of other variables that prevent such a setup from presenting anything other than a false sense of security.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
A borrower could get an anonymous ID number (anytime) and leave a deposit, refundable upon return, for the replacement cost of each book checked out.
The only problem I see with this is that some people might not be able to come up with the deposit -- they could use the old, non-anonymous system.
If you ask most any librarian, he or she will tell you that they do NOT give out information regarding borrowing histories without a warrant from an official and will not give out to anyone else for ANY reason. Most libraries in colleges and universities purge all those records as soon as possible if they know what is good for them. Public libraries aren't so good at that, but still don't like keeping that information longer than they have to.
My mother has been a librarin for over thirty years at various places of business, including private corporations, public libraries and at colleges and universities and from listening to her, I believe it is the general sentiment of the ALA to protect their reader's privacy. If you all take a moment to recall, it was the librarians who fought the most against COPPA because of they inherent censorship created by the requirements.
What does happen, however, is libraries will outsource their searching services because they don't have enough money or manpower to handle the computer equipment themselves. When that happens, the business they outsource to may not have the same ideas in their head concerning privacy and censorship and will start storing this. Unless libraries get more funding, it's likely that outsourcing will continue and records will be saved.
... Privacy is extremely important to us. We allow not only Web browsing but also offer full the full MS Office package on several hundred computers so that people can work on their projects as they conduct their research.
While not completely secure, we clear the web browser cache and history each time the browser loads (and it closes itself after 10 minutes of inactivity o further help this along).
We also remove the contents of "My Documents" and then the Recycling Bin each morning before the library opens. This is all done via scripts of course.
Granted this isn't the best solution, as the info could still be retrieved, but between not requiring login's (there-fore not knowning where anyone that comes into the library was sitting) and deleting as much as we can, as often as we can it should help.
the government has no such right. the people determine the rights of the government. all rights not expressly given to the government are the people's and the institutions to which those people wish to grant rights.
government has no property it is not given by the people.
(this is true even in non democratic/republican forms of government. see Gandhi's writing on non-violent resistance for an interesting object lesson in this fact).
Says the article poster:
Of course you have to be active about protecting your rights. If you let someone else "protect" your rights for you, you let that third party decide which right you have (i.e. which rights that someone will defend for you).
Methinks that instead of looking for technological solutions that will take a while to implement, we would be better off making a big deal of this issue. The more the general public knows about how FBI snoops into library records (about other things), the more stringent the public outcry.
I am not saying drop the search for a technical solution, I am saying a lot of policies can be balanced through social means rather than actively fought through some kind of enforcement tool (e.g., technology).
You need to install an RTFM interface.
Yes. I'm sorry; yes, Mr. Anonymous Coward. I cherish my freedom, as you apparently cherish your anonymity. The price of having freedom is allowing other people to have it, too. You apparently believe that freedom is really just the freedom for all of us to be exactly like you. If we don't want to do anything that you don't like, we'll do fine. Because so many people are fucking morons, that means letting them have the freedom to saturate the airwaves with the Backstreet Boys, or the freedom to learn about explosives. We have to accept these dangers as simply the cost of doing business.
Just as my right to privacy is important enough to justify the fact that that privacy WILL be used by someone somewhere to take lives, my right to due process and a fair trial is important enough to justify the fact that due process and fair trials will end up allowing dome "detainees" to go free.
I spent a year in Iraq looking for WMD and all I found was this lousy sig.
It's not an ideal solution, since libraries should be in the practice of lending books for free, but it would work.
Public Libraries are _public_ places, owned by the _government_. The government has a right to collect information from the library. It is not a private citizen's business or residence
Public Libraries are _public_ places, owned by the _people_. The people have a right to peacebly educate themselves, assemble, and petition government for greviences. They have a right to perform these activities anonymously, else they could be subject to harrassment by those individuals who currently control the government.
Remember in the turn of the century when black people had the right to vote, but had to do so publicly so that their owners knew how they voted and what they were up to at all times? This is called opression and we are quicly headed back to this stage... only this time it won't just be along ratial boundaries.
I am reminded of a public service ad which demonstrated how lucky Americans are that reading activities at libraries are kept private. Ads, such as this, were produced after 9/11 to show an appreciation of individual rights.
Ironically, the new government policies for our libraries seem to have, now, deteriorated our privacy. And the ad is, now, an excellent demonstration of how the current administration has run amok.
PSA's ad, "Library" is in realmedia format. And, no. America is no longer America.
"There ought to be limits to freedom"
Security measures such as firewalls and anonymous browsing would still be needed, but I'm sure that much more educated individuals could point you toward good solutions for that. I just wanted to bring up the idea of an OS on a CD-ROM. It leaves no records and viruses and worms cannot be installed on it, because it cannot be written to. It's a security solution for both Big Brother and the stupid, worm-downloading idiots that he watches over.
Because you're not thinking straight. Knowing that, at any moment, the gov't could walk into the library and demand a list of everything everyone has been reading, or searching on the internet, is incredibly chilling to people's willingness to read, or search, materials that aren't "popular."
It's our responsibility as citizens to remain informed, that's the point of the whole "Informed Democracy" thing. Nowadays, we have the govt regularly telling us "You don't need to know these things, we'll know them for you."
Lets take the current anti-terrorism campaigns. If you oppose the way the detainments and trials (or lack thereof) are going on, then it behooves you to do research to be sure you know all the facts. But wait, our own presidents press secretary has been more than hinting that asking those kinds of questions is unamerican "in this time of war". So the feds raid your library and add you to the list. Next thing you know a friendly FBI team comes by your house, or place of employement because "they have concerns about your reading habits."
As another example, there are plenty of reasons to read up on bomb making, other then planning on actually making one. I'll ignore completely the concept that you might actually be hoping to get into a job involving pyrotechnics, or might be taking a class in it. But I've heard some extraordinary things come out of the mouths of officials about what a particular device built by someone could have done or not done. If I had no idea what the facts were, I'd have to take their word for it, and allow my opinion to be shaped by my own lack of knowledge.
Also, who says the Feds will protect that information right? What if a loved one is HIV positive, and you're researching it for them. Now the FBI has that you've been reading on that topic, and eventually that slips out, and eventually your insurance company gets hold of a 4th hand database, that implies you're hiding that you're hiv positive, and finds an excuse to cancel *your* insurance... Then just the concept that you might be dieing gets to the credit agencies, and all your creditors cancel your credit. Just because you read a book in the library.
Read John Varley's "Press Enter" for a view of a world taking to the logical end of this nibbling away by the "well, if you don't have anything to hide, why do you care?" folks...
Run for a seat on your local library board. I can almost guarantee you that you won't see much competition, and heck there might even be an open seat that you can run for uncontested.
Libraries are not run or operated by the Federal Government, at least in the United States. They are run by local government, paid for my the local library district's taxpayers.
Show up to the library board meetings, bring your friends with you. Ask them what they think about these issues, and what they are doing to keep a balance between needed record keeping and just letting Project TIPS or the Homeland Security department grep through records for "nuclear weapon" or "anthrax."
You can make a difference! Most people it seems lately take no interested in local / town / area governments, but that is where the normal citizen can make the MOST difference!
"We shall show mercy, but we shall not ask for it" -- Winston Churchill
- While this is often true, so what? The rest areas in national parks are also owned by the government, but that doesn't mean they have the right to put webcams in the latrines.
-
Further, it isn't always true. Lots of private universities have libraries; there are a number of privately-owned museums with libraries attatched.
-
Finally, while it is true your bog-standard municipal library is owned by `the government', it isn't owned by the federal government; it's generally a service of the municipal government, paid for by municpal ratepayers. Why exactly, again, does the FBI have the right to get any information at all from the library just because both the FBI and the municipal library are owned by `the' government?
The Cato Institute, a libertarian think-tank and about as right-wing an organization as you can imagine, a group I seldom have occasion to agree with, published a report on these sorts of issues entitled ``Preserving our Liberties While Fighting Terrorism'', which, in discussing exactly the sort of new powers like being able to search library records with no probable cause, says:Some years ago, the Hampshire County Library service in the UK had two different styles of library tickets. One type was the standard cardboard wallet into which went a ticket identifying the book. On this carboard wallet, about 1.5" square, was the borrowers name and address. When you returned the book, you got the cardboard wallet back, leaving no trace of who borrowed what, and when.
The other type of ticket was the 'Fiction Token'. This was a simple, mass-produced plastic card, identical to every other plastic card, which was simply exchanged for fiction titles. You take a book, you give 'em a token. You return the book, they give you a token back, but not the same one. There's no way to track who has what.
This was all removed in the name of efficiency some years back. The current system uses barcodes in books, and barcoded member cards, tying all books to borrowers present and past. Any librarian can browse through your borrowing history, or the history of a book, almost instantaneously.
So, take a backward step for privacy. Replace your lendng libraries computer system with cardboard wallets. When a book is loaned, you do have the borrowers details, but ONLY while the borrower has the item. This allows you to chase borrowers who have not returned items. Once the item is returned, you lose the association. Simple, private, and virtually idiot-proof too. The system doesn't even need electricity. For low value items, such as paperback books, issue 'fiction tokens'. Borrowers get, say, four tokens, and if they want more, they pay the average cost of a paperback for one. Keep a log of who has how many tokens, but nothing more than that. This will catch abuses, but not provide any tracking. Librarians: You're in the library business, not the espionage business! Do your community a favour, and take a step backwards.
David Chaum, the inventor of the "blind" signature mechanism that is the core of most digital cash protocols, created an extended variant of this system [Chaum90] that explained how you can accomplish some rather tricky things with unlinkable identity systems. One of the examples he has used in the past a computer controlled library, the "librarian" would let you check out books with an anonymous identity and maintain policies such as "only three books out at any one time", etc. with strong security for the system and complete unlinkability among user transactions as long as they follow the rules.
This system handles the daily mechanics of such a digital library, but it needs an external hook to get a user into the system called an "isa-person" certificate (a cert that you could only get one of, probably biometric, that is a hard link to your meatspace identity) which is used as the stick to prevent people from walking away with your books. If someone checks out books and does not return them they get a negative mark on their isa-person cert that will follow them to around until it is cleared. A deposit of cash, as others have suggested, would probably serve an equivalent purpose.
If you really want a secure, anonymous digital system it is probably going to end up working something like NetFlix. You apply for an anonymous id and put down a cash deposit, the anon id lets you borrow titles with certain restrictions, when you are finished with the account you cancel your subscription and get your deposit back.
Jim
[Chaum90] David Chaum: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms; Auscrypt '90, LNCS 453, Springer-Verlag, Berlin 1990, 246-264.