Slashdot Mirror
Library to Require Fingerprint to Use PCs
FearUncertaintyDoubt writes "Three libraries in Naperville, IL, soon will start requiring patrons who use the library's PCs to provide a fingerprint scan. The article says, ' Library officials say the added security is necessary to ensure people who are using the computers are who they say they are. Officials promise to protect the confidentiality of the fingerprint records.'"
"Right now we give you a library card with a bar code attached to it. This is just a bar code, but it's built in," said Mark West, the library's deputy director.
To be fair that does come after this paragraph:
Naperville library officials said the technology cannot be used to reconstruct a person's actual fingerprint. The scanners, made by Naperville-based U.S. Biometrics Corp., use an algorithm to convert 15 or more specific points into a unique numeric sequence.
But it's still shockingly cavalier to describe the technology as "just a bar code". I have difficulty understanding a) why this seems like a good idea to anyone, and b) why this gentleman seems incapable of understanding people's worries about a fucking library requiring fingerprints!
Carousel is a lie!
Officials promise to protect the confidentiality of the fingerprint records.
What does that mean exactly? Doesn't the "Patriot" Act allow for law enforcement officials to easily obtain library records during investigations? I know that the ALA has spoken against the "Patriot" Act in the past but will they actually stop the LEOs from taking this information?
The three-library system this week signed a $40,646 contract with a local company, U.S. Biometrics Corp., to install fingerprint scanners on 130 computers with Internet access or a time limit on usage.
Library officials say the added security is necessary to ensure people who are using the computers are who they say they are.
$313 a computer seems like an awful lot of money for this. I'm not sure what they are trying to accomplish other than wasting taxpayer dollars.
Once a patron's fingerprint has been recorded, accessing a computer will require only the touch of a finger.
"Right now we give you a library card with a bar code attached to it. This is just a bar code, but it's built in," West said.
So patrons used to scan their library card and they could use the computer? There is no difference now except a database of information tied to a fingerprint that can easily be looked into by employees, LEOs, and possible thieves.
West said the library is requiring a fingerprint to set up computer access, although patrons who object could ask a staff member to log them on to a computer.
Are they going to make this perfectly clear to all patrons with a large sign in blinking neon? I doubt it. Make sure to give the staff a hassle. We need to hassle businesses (public and private) more so that these privacy intrusions cease. We will continue heading down the slope due to "ease" if people continue to stand down.
Initially, I was against this development, but after reading TFA, I actually feel al lot better aboout it, for a few reasons:
From TFA:
The library taking a stand like this gives me slightly more confidence in trusting them with biometric data...at least they won't give it up without the proper authorization, but this doesn't address the issue of data theft. The following quote, however...
Also from TFA:
It's important to note that most biometric systems work in this fashion. If each organization who wished to use biometrics were required to use their own, distinctive algorithm, the danger of other organizations using that biometric data for its own purposes would be greatly reduced.
Actually, there's just one thing in TFA that troubles me:
Come now, Mark...which is it...confidentiality or privacy? They can't both be your middle name...
^_^
____
~ |rip/\/\aster /\/\onkey
This really begs the question: Why do they need to know who that the person in front of the computer is who they say they are? What purpose does this serve?
"We take people's fingerprints because we think they might be guilty of something, not because they want to use the library," said Ed Yohnka, spokesman for the American Civil Liberties Union of Illinois.
A very apt response from the ACLU. The problem is that we're now into the notion that "everyone is suspect" and due to that, we're going in this direction. It seems like
I could very well imagine this being linked into god-knows-what. Imagine, for instance, having $100 in parking tickets due, and the library terminal refusing you connection to their services before this due is paid.
Finally, anyone who is really interested in doing something criminal will just subvert the system. It's not like it's particularly difficult to spoof a fingerprint scanner. Remember the stories about doing it with Jello? Also, remember the fingerprint scanner that could be defeated by blowing on it?
Just like limitations on guns, just like airport security, just like locks on our doors and car alarms, and just like so many other things, this is used to punish the law abiding citizen, and does nothing to deter the hardened criminal or terrorist.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
I'm sure there are going to be many cries of privacy invasion in regard to this. The library's published reason for taking this measure is:
...library officials discovered that many patrons logged onto library computers using library cards and passwords of friends or relatives. That realization, coupled with a new library policy that allows parents to install automatic Internet filters on their children's accounts, prompted the search for better computer security...
So there's the problem. Please include your personal counter suggestion with any criticisms.
I'm a big tall mofo.
This is just ridiculous. Why do they even care who uses the computers at the library. Around here they don't ask you for anything. You just sit down and go.
They do politely ask you to limit yourself to ten minutes if there's a line.
There is absolutely no good reason for this and it's a clear step toward a totalitarian state.
Help I'm a rock.
Wait a minute... Guess I'm confusing names in an otherwise similar reality.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
My sports center requires a hand scan to enter the facility. It gives false or unreadable scans so often that most of the guards just wave you through if you look even vaguely trustworthy.
What about those with disabilities (severed limbs) or those with birth defects (extra fingers)? I bet the woman who started the whole "Finger found in Wendy's chili" scam won't be worried at all. She has an extra one she can use. (Okay, that's a bit too far. sorry)
So, if I go to this library with a fake ID and they take my fingerprints how are they going to make sure that I am who I claim I am, if they're not crossreferencing any other fingerprint databases?
The whole idea is just completely absurd.
In Soviet Russia, I ruled you
Oh... Wait.
Yeah, I don't care if it's "ethical," I think I'd just download the book I wanted to read after my community pulled something like that.
/dev/random
- You know
- You have
- You are
Theoretically fingerprints belong in #3So explain to me again how having a library access card with PIN numbers don't work. Hell, I'm still signing on a register to take books out - which works pretty well for the library.
Quidquid latine dictum sit, altum videtur
The Patriot Act requires libraries to turn over that sort of information to the feds when asked.
If someone says he and his monkey have nothing to hide, they almost certainly do.
The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.
So before we get too many people who didn't RTFA saying that the government will be able to get people's fingerprints easily.. well, they won't. Before this a library card was required (it has your name on it), so essentially this will replace your library card as a method of keeping track of who is using the computer.
The difference, however, is that any decent criminal could get a library card with a fake name, but with this system they would have to provide a finger print (though TFA does say that it isn't always necessary, as an employee could login for them). The feds could probably create a system that would interpret the library's data to get files that they could cross-reference with their database. That, really, is the only danger.
So as it stands right now, this is pretty harmless. It's not really any different than using your library card. But, of course, they don't really make a case for why the finger print system is being implemented other than that it might be a bit easier to use.
CC Licensed Serialized Story and Podcast: Ingenioustries
I am not usually a supporter of intrusive measures, but I can agree with this.
Library PCs are still accessible, but you need to identify yourself before you use it. It could track where you've been, but considering you using the computer in a public place, in a location that is supposed to be for doing research and learning, most people shouldn't be accessing anything questionable.
It is fairly common that library computers are used as tools for shady and illegal actions. Worried that the FBI might trace that kiddie porn back your IP address? Download it at the library. You need to launch the awesome new virus you wrote? Send it off from the Library. Need to research fertilizer bombs? You guessed it, library.
Before the internet, people read books. If you got the book at the library, they had a record of everything you ever read. Now, people get their information on the Internet. If you get that information from the library, now they have a record of it. It's just an extension of their old policy onto a new medium.
/. ++
engadget version of story
bbc version of story
Sure, you can't get their *fingerprint* from the points, but you have a unique identifier. I.e., if someone is investigating messages sent from that computer and they round you up as a suspect, they can take your "15 point" fingerprint and ID you.
I believe Bird-Person can arrange that.
When the PATRIOT act first came out, I remember seeing all these signs and posters around the local libraries, with quotes, explaining the abuses of that law. And, keep in mind, this is in Georgia!, on of the most Red states there is!!!
Ya know, it's ironic that "Red" is now good in America now!
For you youngsters, "red" Used to mean "Communist Fuckers".
I believe you need to go to Wendys and order the chili!
Reason #32767 not to use VB6: Integers are 2 bytes... Think about it!
Naperville library officials said the technology cannot be used to reconstruct a person's actual fingerprint. The scanners, made by Naperville-based U.S. Biometrics Corp., use an algorithm to convert 15 or more specific points into a unique numeric sequence. But there's nothing to prevent anyone from taking an actual fingerprint and converting it into one of these codes. Either from a crime scene or an old database.
autopr0n is like, down and stuff.
But it's still shockingly cavalier to describe the technology as "just a bar code".
As he states - it is a one-way algorithm. If I have your barcode off your library card, I cannot reconstruct your name, SSN, birthdate, and all that without going into the library's database. With the number-sequence that this system creates, I cannot reconstruct your fingerprint at all. I cannot reconstruct any of the data previously mentioned without going into the database. So, instead of creating a random number with the unix timestamp as a seed, they are creating a random number with your fingerprint as a seed. What is so shocking about that?
I have difficulty understanding why this seems like a good idea to anyone
Hmmm... I guess someone needs to go to your library, tell them that they are you - they can even print a fake barcode on any old library card since barcode techology is open and freely available to anyone and everyone. Then, they can surf for child porn on your account. When the feds come to your door, you can explain to them that it is a terrible idea for the library to go to every measure to ensure that patrons are who they say they are.
I have difficulty understanding why this gentleman seems incapable of understanding people's worries about a fucking library requiring fingerprints!
There is a difference between requiring fingerprints on record (actually having your fingerprint in a database somewhere) and using your fingerprint to create a random sequence of numbers. If you cannot see that, then you are forcing yourself to be blind to it.
The previous comment is purposely vague and generalized, but all of the facts are completely true.
In Soviet Russia, the Library checks out YOU!!!
In China, only old people go to the library to use computers.
1. Make fingerprint scanner
2. Con librarians into buying it
3. ???
4. PROFIT!
They can get my fingerprint when they pull my finger out of Cowboy Neal's butt.
Let's see.....Soviet Russia, Chinese old people, profit, Cowboy Neal reference. Now only if this would have been the first post....
... is not the specific case, which is troubling but relatively trivial, but the fact that it represents another step in creeping fingerprintization. I suspect that five years from now fingerprints will be the defacto form of ID in the US, like drivers licenses and SSIDs are now.
Why is it a problem (especially for me, a Canadian resident and British citizen)? Well, simply because I do not trust your government. I currently have *no choice* but to be fingerprinted if I wish to enter the USA. I need to do that for my work, so I just assume the position.
However, it literally makes me think twice about expressing my opinion freely on the net. Anyone who's had to deal with US immigration as a non-US Citizen knows exactly what the attitude is. It would come as no surprise whatever for me to be taken aside at immigration and questioned about opinions I had expressed.
I and many people of my acquaintance have deliberately avoided going the the US since 9/11 simply because of the strange feeling of entering an authoritarian state. The 'new normal' is not normal.
I'm not wrong. You haven't thought about it hard enough.
...because some thug cut them off to gain access to the internet at the library, you insensitive clod!
If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
I grew up in Naperville and spent my childhood using the Naperville Public Libraries, and I visit often still because my parents live there. Now that I've moved, I have some perspective I didn't have when I lived there. Naperville is an interesting town. It's a land of burgeoning housing developments and SUVs piloted by soccer moms where people come to raise their kids and shield them from the outside world, because it's a very safe and insulated place. The police department really does have nothing better to do than issue traffic tickets and harass partying high schoolers for violating curfew.
Property values are high, and that keeps the riff-raff out. In the first Naperville neighborhood I lived in, the Chicago Housing Authority had a plan to build mixed-income housing. This was met with bitter resistance, under the guise of worry about gang activity and declining property values. This from a group of senior citizens for whom lower property values would save a lot of money in property taxes.
It's about the last place I'd expect a public outcry against anything claimed to be "for the children," privacy be damned. But maybe things have changed since I left. I hope so, but I'm not optimistic. So should there be such an outcry, I'd gain back a lot of lost faith in Naperville.
On the plus side for the Naperville Public Libraries, they were very receptive to my suggestion of installing Firefox on the same machines that will have the fingerprint scanners. Though that may have been because I said the popup blocking would suppress inappropriate popups, you know, for the children.
The reason that many libraries have you log in at all is so that they can limit the amount of time that you use a computer. When you have a medium-sized library or larger, it's the only way to ensure that everyone has access to the computers. Sign-up sheets won't cut it, and lots of people would just sit there all day playing games if given the opportunity.
The problem with library cards is that many families have a different library card for each family member. At the library I used to work at, there were lots of times that people would just come in with a fistful of library cards from their kids and attempt to log 8 straight hours while people were waiting.
In that light, the fingerprinting makes sense.
It's got a whole lot of libertarians (sic) now, for whom 'liberty' really only has anything to do with taxes
You misspelled "neo-cons".
I can use my middle finger for the print.
No Nyarlathotep, No Chaos
Know Nyarlathotep, Know Chaos
It's not so much a random number seeded by the fingerprint, as it is a hash of the fingerprint. Security of hashed personal data is an issue, the same way that security of a hashed password file is an issue. Yes, you can't reconstruct the original passwords from the hashed values, but if an attacker has the hashed values there are ways to compromise the system's security. In particular, someone with access to a true fingerprint database (i.e. police/FBI) should be able to apply the same 15-point process to it and generate numbers that can be matched against the library 'bar codes'. The fact that the 'bar codes' do not encode the entire fingerprint does not really do much to increase privacy protection.
Bet she uses your face for identification.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
That's nothing compared to what's right around the corner now. The gubmint has been fingerprinting foreign nationals entering the U.S. for some time now. In a short while they will also be fingerprinting them on the way out as well. In Iraq, the military routinely rounds up people in the streets and not only fingerprints them at the start of their detention, but does retinal scans on them too and takes pictures of them for entry into a database. This is happening on a large scale. The fact that none of these people actually has any connection to Al Qaida doesn't seem to matter.
All it takes is for Congress to give the word and the fingerprint-the-foreigners policy could be used on American citizens as well at the nations airports. That will happen within a few years, I have no doubt about it. Congress has already mandated a national ID card for everyone. U.S. passports will contain biometric information starting later this year. The military is gaining a lot of experience and knowledge in how to round people up and get them into The System en masse.
The price of freedom is eternal vigilance. Too bad Americans have been asleep at the switch for so long. We are already past the point of no return with respect to the loss of so many liberties we took for granted.
A national disgrace, I'm sure.
So, instead of creating a random number with the unix timestamp as a seed, they are creating a random number with your fingerprint as a seed. What is so shocking about that?....There is a difference between requiring fingerprints on record (actually having your fingerprint in a database somewhere) and using your fingerprint to create a random sequence of numbers.
This sure sounds innocent and I'm sure its meant to be, but there is certainly possible abuses which could occur. They store those 15 or more fingerprint points (after converting to a number presumably with some crpyto algorithum). When you want to log into a computer a finger print reader takes your fingerprint again and the same process (converting to numbers) happens. These are then matched up to verify who you are.
The problem is if each "encryption" of the "data" equals the same result then it CAN be used for otherthings. They don't need to actually store your fingerprint anywhere. Patriot-Act could let law enforcement use this database of numerical "fingerprints". All they have to do is feed thier database of fingerprints (or those from a crime scene etc) through the same software as was used to originally "encrypt" the library fingerprints, compare the numbers, and if the numbers match they got their guy. This doesn't require a REAL fingerprint. As long as everytime a fingerprint is put through the algorithim it gives the same result, having the ACTUAL fingerprint on file isn't much of an issue.
"reality has a well-known liberal bias" - Steven Colbert
What is so shocking about this is that I don't trust them. How can I be sure that they are telling me the truth and my entire fingerprint isn't stored in the system ?
How can I be sure that the system haven't been cracked and someone hasn't intercepted the picture of my fingerprint before the 15 points were extracted and the rest discarded ?
How can I be sure that they still only take 15 points or that another organization that jumped in the bandwaggon is also only using 15 points ? Read the fucking licensing agreemend before each time I put my thumb there ?
Slashdot anagrams to "Sad Sloth"
I think the article just explained this rather bizarre move.
Naperville library officials [...]
The scanners, made by Naperville-based U.S. Biometrics [...]
Both in Naperville. How coincidental. I wouldn't be terribly surprised if U.S. Biometrics wandered into the library offices and said "y'know, if you buy our fingerprint scanners we might be willing to donate a fat wad of cash to the library. We'll even discount 'em for you."
Why else would a library -- likely strapped for cash, as most are -- suddenly feel the need for (expensive) biometrics hardware out of the blue?
I'm missing your point completely. Your scenario is that I can decide to be a hacker. I hack into the FBI and get a list of everyone's fingerprint. I then hack into the library and get all the fingerprint hashes. I compare fingerprints to fingerprint hashes and I figure out who you are. And then...?
Wouldn't it have been a hell of a lot easier to just grab your name and address off the library's server when I was hacking that? Why mess with all the fingerprint junk?
As for concerns about 'hash security', isn't that what john-the-ripper is used for? Just because you can brute-force a password algorithm doesn't make it insecure. From the data provided, this is the equivalent of a 15-character password hash. The best password crackers can take months to crack 10-character password hashes. Then, even if they do figure out that a certain sequence of fingerprint identities matches up a specific hash - what? They somehow clone a finger and alter the dna to create your fingerprint so they can use the computer at the library?
What is the whole point!? I simply don't get it. This is *NOT* a case of the library storing fingerprints. This is a case of the library using fingerprints for a second or so to create a unique ID that cannot be converted back into a fingerprint.
The previous comment is purposely vague and generalized, but all of the facts are completely true.
Patriot-Act could let law enforcement use this database of numerical "fingerprints".
Read the USA PATRIOT Act before stating what it can and cannot do. The USA PATRIOT Act's provisions for public/small business records access comes from the USA Act, which comes from FISA (passed in 1978). In order to access those records, an investigator has to go to FISC and convince a panel of judges that you are suspected of espionage, terrorism, or drug smuggling AND you have not committed a crime that would allow for a search warrant AND letting you know that they want to search those records would allow you to delete data that they want to see. Finally, when they look at it, they have a time limit, set by the FISC, for letting you know what they looked for and what they found.
That doesn't sound much to me like the USA PATRIOT Act lets law enforcement just wander into a library and dump all the data they have.
The previous comment is purposely vague and generalized, but all of the facts are completely true.
While Neuqua Valley is not the most expensive high school built on a per student basis (about $20K per student, 3100 students at full capacity), I challenge you to find a American public high school with a contstruction greater than Neuqua's $62 million.
PS - According to the Wikipedia article you linked to, "In addition, it is considered poor form to invoke the law explicitly."
You also failed to take into account "Quirk's Exception" to Godwin's Law, which is "Intentional invocation of this so-called 'Nazi Clause' is ineffectual." =)
With the first link, the chain is forged.
You speak pretty authoritatively for someone who left 10 years ago. Care to provide chapter and verse on any of this, particularly the high school hell you describe?
FWIW, Keyes registered address was in the south 'burbs (South Holland, if I recall correctly), as those of us who actually had to live through the fiasco know. In truth, Alan seemed to spend most of his time in Illinois giving news conferences downtown or at O'Hare, so whatever his address was, it was probably irrelevant. Given that he got whalloped more than 2:1 in the Naperville townships, I'd say he probably wouldn't have considered it his base.
Incidentally, same election shows Dubya carrying the township by ~3.5K votes out of 39K cast. They've certainly got their conservatives there, but it's a bit more balanced than you apparently think.
The moral here? Find some more constructive way to vent your high-school angst. For others actually thinking this guy's picture is accurate, just...no, it isn't.
(For the record, yes, the library idea is pretty foolish.)
(Also...yes, I am probably getting way too steamed over this. But to see this modded "Informative" is ridiculous. At least some of the other ranting here on 'Da Dot is semi-entertaining at times...)
Years ago I borrowed a book from my local library and found a very personal letter tucked in it -- after scanning the first few lines it was clearly something the person who had used it as a bookmark would not want to lose or fall into other people's hands. A love letter. A guarded peak revealed no identifying data like an address or last name.
So I put the letter in an envelope, sealed it, and hiked down to the library.
I told the librarian what I had found, and asked her to contact the person who had borrowed the book and tell them they'd left something in it. She replied "Oh, no, I can't do that. We destroy the borrowing records as soon as the book is returned, so nobody can check up on what you are reading. Doing otherwise would be a breach of professional ethics."
I was impressed. What a great country, I thought, where our public institutions protect our right of privacy.
Maybe this is part of the "Everything" that our political leaders tell us has changed since 9/11.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
[Seems OT, but it honestly isn't]The last Star Wars prequel is one of the most inspiring things I've seen out of Hollywood in a long, long time. It gave me hope. The dialog is mostly sub-par (as usual), but the plot and morals are dead-on relevant to modern America. I don't think that we're past the point of no return yet; not when a mainstream movie like this can get away with such blatant satire of democracy and patriotism.
"We shall change into the first Galactic Empire for a safe and secure society."
"So this is how freedom dies - to thunderous applause."
""You're either with me or against me."
"Only a Sith deals in such absolutes."
(Anyone with functioning brain should realize that Lucas is saying that Bush is no better than a Sith.)
It's not that these sentiments are new or radical; it's that they're present in one of the best-hyped mass market franchises of all time. Joe Sixpack will watch this movie! With his kids! Hell, I almost wish that this movie was rated PG, so that more kids will see it. Sitheven puts it in the context of Judeo-Christian style morality, which should make it even easier for the unwashed masses to digest.
I don't think it's too late for us. We who actually recognize and remember the true spirit of America (distrust of and freedom from our government) would do well to recomend this movie to our more trusting, sheep-like friends. It's like 1984, but with enough explosions to keep the audience interested.
I still wish we could've seen Jar-Jar's bloody head was splattered against the camera, and I really wish Lucas would get someone else to do his dialog (Vader: "NOOOOOOOOOOOOOOOOOOOO!" *sounds of audience retching*), but if you can look past these flaws, it really is an awesome, insightful, RELEVANT movie.
Some links here and here.
i would be much more concerned with what the gov and its agencies do "legitimately" with the information. information sharing and scope creep is the name of the game in the usa these days. just think "total information awareness" and so on...
sum.zero
And this is important to know because...
Okay, they make the case that it identified the perp of a criminal act that included using the computer. A weak point, but I'll have to give them that one.
The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.
Not unless the other police agencies start using the same system, in which case each should come up with the same unique identifying number, wouldn't you bet?
Officials promise to protect the confidentiality of the fingerprint records.
Don't know about you, but I'd feel a lot better if they stated just how long they planed to maintain these records, and how they would be destroyed afterwards. That is truly a missing piece of information in the original article.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
As for concerns about 'hash security', isn't that what john-the-ripper is used for? Just because you can brute-force a password algorithm doesn't make it insecure. From the data provided, this is the equivalent of a 15-character password hash. The best password crackers can take months to crack 10-character password hashes. Then, even if they do figure out that a certain sequence of fingerprint identities matches up a specific hash - what? They somehow clone a finger and alter the dna to create your fingerprint so they can use the computer at the library?
Heh, insightful my ass. Sure, brute-forcing the hash of a 10 character password might take a while, but what if someone chose a poor hashing algorithm (check out the FMS attacks on WEP? What if I have a dictionary of precalculated hashes for known passwords (FBI fingerprint database anyone)? Using a modern computer, I can do a hash-to-hash comparison of hundreds of thousands of entries a second. Check out my other posts as to how this could be used.
I think you're missing the point somewhat. Why is it so god damned necessary that the police be able to personally identify you based on library usage in the first place? I'd rather have that plausible deniability there - "It might not have been me, someone could easily have stolen my card." In fact, I'd much RATHER just have library access be completely and totally anonymous.
Oh, and on another note - is it just me or is the invocation of Child Porn becoming a new Godwin's Law? Is there an epidemic of people stealing library cards to surf for child porn in public or something? ;)
Now I know, the ACLU is a bunch of commie liberals, but let us not forget the very public rebuke Ashcroft et al. received because not only were their search warrant requests being rubber stamped by the judicial panel, but they were also full of errors (one agent was even barred from appearing before the court because he regularly included errors): "In virtually every instance, the government's misstatements and omissions in FISA applications and violations of the Court's orders involved information sharing and unauthorized disseminations to criminal investigators and prosecutors."
Now for some corrections (from Section 215 text):
In other words, they don't need the director's approval, and an "Assistant Special Agent in Charge" is a run-of-the-mill agent assigned to a case. So basically, the cleaning contractors and secretaries cannot request the warrants, but most everyone else can. These warrant requests go to:
This very close congressional oversight you suggest is really a semi-annual report by the attorney general to those committees to tell them the requests that were made, the number requested, and the number accepted, modified, and denied (this from the new 'Sec. 502 Congressional Oversight').
So we've established that you are technically correct that not just anyone can make the requests (as I mentioned, the cleaning crews and secretaries are excluded), and there is oversight (that rubber-stamps the requests, no matter how factually in error they are).
The PATRIOT Act is interesting reading. I suggest you read the text some time instead of getting the boiled down versions off of Fox News.
It's GOT to be a trial balloon. IIRC, the patriot act has a number of points or provisions which are to expire soon unless congress (the opposite of PROGress) extends or rewrites them.
Maybe this is a trial, subterfuge vendetta against the librarians who stiffly resisted the initial patriot and other acts that were after library patron information. See, if Illinois approves of it, other states--particularly some of the bible-belt states-- might cause this to be mass-deployed around the US. I do realize that some foreign countries, maybe Taiwan and Singapore, have some rather (western-perspective) invasive mechanisms for tax collection (tho Taiwan just allowed Linux and Mac/Apple users to pay taxes via a recently-deployed piece of software access) and other lawful expeditions/law enforcement, but maybe now the US is seeking out ways of keeping abreast of individual behavior, movements, intents, and such...
"You are under arrest for crimes you WILL commit..." With that, who needs a temporal stability police agency?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
what expectation of privacy do you have when accessing public equipment that is the subject of a legal investigation?
You need a library card, and ID, to check out a book at a library. You need this because the library does not have unlimited resources so they need to get their books back. But you've never needed to show an ID simply to read at the library. Ever. Until now.
Ya see, they got these things called logs. They track wherever you go on the web (really. I swear.). Since they have your exact ID time coded with the logs they can tell everyplace you've visited and thus every place you've read and thus eveything you've shown interest in.
Surfed for info on: Gay marriage? It's in there. Communist ideology? It's in there. Republican blogging? It's in there. Anti-semitism? It's in there. Yes, every web site you show interest in is now linked with your name, regardless of the legal status of that page.
They get this data, and retain it, regardless of whether or not a criminal investigation is in the works. They get to keep this data regardless of whether anyone ever commits a crime again... ever.
Sure, the cops can get a warrant to listen in on private converstations if there's probable cause (check out the fourth ammendment) but here the library is tracking your interests without a warrant.
Why exactly should law enforcement "rightly" have access to this info?