Slashdot Mirror

← Back to Stories (view on slashdot.org)

Building Anonymous-Friendly Computer Libraries?

Posted by Cliff on from the protecting-your-privacy dept.

H310iSe writes "Listening to NPR today and caught a story on All Things Considered about how the FBI has demanded information on borrowing and browsing habits, including computer seizures, from 85 libraries since Sept. 11 (utilizing their new-found powers from the PATRIOT act). Similar stories (which don't require RealAudio) are here and here. The American Librarian Association is providing information for librarians to help deal with this, and it seems heavily tilted towards supporting individuals' rights to privacy. It seems like the Slashdot crowd could come up with a great library computer setup that would protect anonymity (I'm thinking about things like creating a RAM disk and loading the OS onto it). How about ways to enable people to borrow books anonymously without opening the door to large-scale theft? I bet if we offered a packaged, free, easy to install Safe Browsing computer or Anonymous Checkout program, libraries across the U.S. would enthusiastically embrace it." According to the articles, these checks can be made for any reason, not just for suspected terrorism. It seems that if the American people are going to protect their rights, they are going to have to do so actively. Is the idea presented above, feasible? How would you improve upon it?

14 of 293 comments (clear)

  1. Just purge records by BenCaxton · · Score: 5, Insightful

    It's my understanding that a lot of libraries don't keep any records of who has checked out a book in the past. The only records kept are who currently has the book and any info pertaining to fines. The same could essentially be done with computer usage. The records of who was using a computer need not be kept past the end of a day, and the hard drive could then be synced to some disk image (I know some places already do this too, just to keep the machines working properly). I'm not sure any fancy technical solution is really necessary. If libraries are really interested in protecting privacy they can do it.

    --
    Ben
  2. if you build it.. by mjolnir_ · · Score: 4, Insightful

    ..the Feds will complain and Congress will simply mandate that any US library that receives any federal aid (ie, all of them) use a browse/borrow system that can supply exactly this kind of information.

    Patriot Act, indeed. If you want to be a patriot these days, go vote in November and boot these current idiots out of power.

  3. Are you sure it's a computer problem? by Sheetrock · · Score: 4, Insightful
    First things first, one would have to assume that the librarian and network techs can be fully trusted. If not, any library-provided computer has to be considered untrustworthy unless you bring your own laptop, in which case what's the point, right?

    Respect for the anonymity of the library patron (at a minimum) needs to be codified in law. Otherwise, at any point the government can stop funding libraries that don't track patrons (like McCain's initiative that flew through Congress mandating web surfing filters) or worse.

    If all these conditions are met, then if the libraries refused to use proxy logs or anything of the sort, and set up network PCs that ghosted themselves from a server (preferably with Linux) every time a patron logs out to fight trojan loaders and such, then things would go pretty well. But I don't think that it's the technology that's at issue.

    Our librarian is pretty cool about these things, by the way, and probably would go for setting up something along these lines if she thought it'd be worth the investment. It wouldn't be, however, because there's still a lot of other variables that prevent such a setup from presenting anything other than a false sense of security.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




  4. anonymous borrowing by pensano · · Score: 4, Insightful

    A borrower could get an anonymous ID number (anytime) and leave a deposit, refundable upon return, for the replacement cost of each book checked out.

    The only problem I see with this is that some people might not be able to come up with the deposit -- they could use the old, non-anonymous system.

  5. well by AllMightyPaul · · Score: 5, Interesting

    If you ask most any librarian, he or she will tell you that they do NOT give out information regarding borrowing histories without a warrant from an official and will not give out to anyone else for ANY reason. Most libraries in colleges and universities purge all those records as soon as possible if they know what is good for them. Public libraries aren't so good at that, but still don't like keeping that information longer than they have to.

    My mother has been a librarin for over thirty years at various places of business, including private corporations, public libraries and at colleges and universities and from listening to her, I believe it is the general sentiment of the ALA to protect their reader's privacy. If you all take a moment to recall, it was the librarians who fought the most against COPPA because of they inherent censorship created by the requirements.

    What does happen, however, is libraries will outsource their searching services because they don't have enough money or manpower to handle the computer equipment themselves. When that happens, the business they outsource to may not have the same ideas in their head concerning privacy and censorship and will start storing this. Unless libraries get more funding, it's likely that outsourcing will continue and records will be saved.

  6. Re:I'm sorry.. by ed__ · · Score: 5, Interesting

    the government has no such right. the people determine the rights of the government. all rights not expressly given to the government are the people's and the institutions to which those people wish to grant rights.

    government has no property it is not given by the people.

    (this is true even in non democratic/republican forms of government. see Gandhi's writing on non-violent resistance for an interesting object lesson in this fact).

  7. Re:Privacy So Important? by Fat+Casper · · Score: 5, Insightful
    Does anyone really think that the privacy to look up whatever info you want is important enough to justify the fact that that privacy WILL be used by someone somewhere to take lives?

    Yes. I'm sorry; yes, Mr. Anonymous Coward. I cherish my freedom, as you apparently cherish your anonymity. The price of having freedom is allowing other people to have it, too. You apparently believe that freedom is really just the freedom for all of us to be exactly like you. If we don't want to do anything that you don't like, we'll do fine. Because so many people are fucking morons, that means letting them have the freedom to saturate the airwaves with the Backstreet Boys, or the freedom to learn about explosives. We have to accept these dangers as simply the cost of doing business.

    Just as my right to privacy is important enough to justify the fact that that privacy WILL be used by someone somewhere to take lives, my right to due process and a fair trial is important enough to justify the fact that due process and fair trials will end up allowing dome "detainees" to go free.

    --
    I spent a year in Iraq looking for WMD and all I found was this lousy sig.
  8. Cash up front by Comrade+Pikachu · · Score: 4, Interesting
    1. Library patron checks out a book. Barcode inside the cover is scanned in by librarian to register it as "checked out".
    2. Patron hands librarian the cash equivalent of the book, then walks off anonymously.
    3. When patron returns the book, he gets his money back minus late fees, if applicable. The intrest which accrues on the patron's money while it is being held by the library is used for salaries, maintenence, or additional aquisitions.
    4. Anyone can return a checked-out book for cash completely anonymously. All books are checked against a database of books in the library's collection to prevent fraud.

    It's not an ideal solution, since libraries should be in the practice of lending books for free, but it would work.
    1. Re:Cash up front by R2.0 · · Score: 4, Insightful

      Problem is it this plan throws up an economic barrier to getting knowledge, which is the exact OPPOSITE of what a free library is supposed to be.

      Scenario: Poor kid doing a term paper. A smart, ambitious kid, and he needs some relatively obscure books. Cash value may be $100/per for academic stuff. So now this kid must come up with $300 cash to write his paper. It doesn't matter if he's going to get it back - he just doesn't have it to give.

      And the system can't be "opt-in". That means the well-off get to be anonymous, while the poor get tracked.

      Lord knows I think the ACLU is a bunch of busibodies, but they'd have a fit over this one, and rightfully so.

      --
      "As God is my witness, I thought turkeys could fly." A. Carlson
  9. Re:I'm sorry.. by ClarkEvans · · Score: 5, Insightful

    Public Libraries are _public_ places, owned by the _government_. The government has a right to collect information from the library. It is not a private citizen's business or residence

    Public Libraries are _public_ places, owned by the _people_. The people have a right to peacebly educate themselves, assemble, and petition government for greviences. They have a right to perform these activities anonymously, else they could be subject to harrassment by those individuals who currently control the government.

    Remember in the turn of the century when black people had the right to vote, but had to do so publicly so that their owners knew how they voted and what they were up to at all times? This is called opression and we are quicly headed back to this stage... only this time it won't just be along ratial boundaries.

  10. Libraries in America by idonotexist · · Score: 5, Interesting

    I am reminded of a public service ad which demonstrated how lucky Americans are that reading activities at libraries are kept private. Ads, such as this, were produced after 9/11 to show an appreciation of individual rights.

    Ironically, the new government policies for our libraries seem to have, now, deteriorated our privacy. And the ad is, now, an excellent demonstration of how the current administration has run amok.

    PSA's ad, "Library" is in realmedia format. And, no. America is no longer America.

    --
    "There ought to be limits to freedom"
  11. Re:Bottom Line by jarrell · · Score: 5, Insightful

    Because you're not thinking straight. Knowing that, at any moment, the gov't could walk into the library and demand a list of everything everyone has been reading, or searching on the internet, is incredibly chilling to people's willingness to read, or search, materials that aren't "popular."

    It's our responsibility as citizens to remain informed, that's the point of the whole "Informed Democracy" thing. Nowadays, we have the govt regularly telling us "You don't need to know these things, we'll know them for you."

    Lets take the current anti-terrorism campaigns. If you oppose the way the detainments and trials (or lack thereof) are going on, then it behooves you to do research to be sure you know all the facts. But wait, our own presidents press secretary has been more than hinting that asking those kinds of questions is unamerican "in this time of war". So the feds raid your library and add you to the list. Next thing you know a friendly FBI team comes by your house, or place of employement because "they have concerns about your reading habits."

    As another example, there are plenty of reasons to read up on bomb making, other then planning on actually making one. I'll ignore completely the concept that you might actually be hoping to get into a job involving pyrotechnics, or might be taking a class in it. But I've heard some extraordinary things come out of the mouths of officials about what a particular device built by someone could have done or not done. If I had no idea what the facts were, I'd have to take their word for it, and allow my opinion to be shaped by my own lack of knowledge.

    Also, who says the Feds will protect that information right? What if a loved one is HIV positive, and you're researching it for them. Now the FBI has that you've been reading on that topic, and eventually that slips out, and eventually your insurance company gets hold of a 4th hand database, that implies you're hiding that you're hiv positive, and finds an excuse to cancel *your* insurance... Then just the concept that you might be dieing gets to the credit agencies, and all your creditors cancel your credit. Just because you read a book in the library.

    Read John Varley's "Press Enter" for a view of a world taking to the logical end of this nibbling away by the "well, if you don't have anything to hide, why do you care?" folks...

  12. I'm even sorrier by astroboy · · Score: 4, Insightful
    This may very well be taken as Flamebait or Offtopic, but I can't resist sticking my nose in here. Public Libraries are _public_ places, owned by the _government_.

    1. While this is often true, so what? The rest areas in national parks are also owned by the government, but that doesn't mean they have the right to put webcams in the latrines.
    2. Further, it isn't always true. Lots of private universities have libraries; there are a number of privately-owned museums with libraries attatched.
    3. Finally, while it is true your bog-standard municipal library is owned by `the government', it isn't owned by the federal government; it's generally a service of the municipal government, paid for by municpal ratepayers. Why exactly, again, does the FBI have the right to get any information at all from the library just because both the FBI and the municipal library are owned by `the' government?
    The Cato Institute, a libertarian think-tank and about as right-wing an organization as you can imagine, a group I seldom have occasion to agree with, published a report on these sorts of issues entitled ``Preserving our Liberties While Fighting Terrorism'', which, in discussing exactly the sort of new powers like being able to search library records with no probable cause, says:
    That ought to give pause to people of goodwill from all across the political spectrum-since those are the telltale signs of societies that are unfree.
  13. The crypto for anon checkout is already done... by Jim+McCoy · · Score: 4, Informative

    David Chaum, the inventor of the "blind" signature mechanism that is the core of most digital cash protocols, created an extended variant of this system [Chaum90] that explained how you can accomplish some rather tricky things with unlinkable identity systems. One of the examples he has used in the past a computer controlled library, the "librarian" would let you check out books with an anonymous identity and maintain policies such as "only three books out at any one time", etc. with strong security for the system and complete unlinkability among user transactions as long as they follow the rules.

    This system handles the daily mechanics of such a digital library, but it needs an external hook to get a user into the system called an "isa-person" certificate (a cert that you could only get one of, probably biometric, that is a hard link to your meatspace identity) which is used as the stick to prevent people from walking away with your books. If someone checks out books and does not return them they get a negative mark on their isa-person cert that will follow them to around until it is cleared. A deposit of cash, as others have suggested, would probably serve an equivalent purpose.

    If you really want a secure, anonymous digital system it is probably going to end up working something like NetFlix. You apply for an anonymous id and put down a cash deposit, the anon id lets you borrow titles with certain restrictions, when you are finished with the account you cancel your subscription and get your deposit back.

    Jim

    [Chaum90] David Chaum: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms; Auscrypt '90, LNCS 453, Springer-Verlag, Berlin 1990, 246-264.