We’re excited to announce a new Library Freedom Project initiative, the Library Digital Privacy Pledge. Together with Eric Hellman (of Gluejar/Free Ebook Foundation/GITenberg/general notoriety in the library world), we’re asking libraries and vendors to help protect reader privacy by moving their services to HTTPS. I’ve written about why this matters, and EFF’s Jacob Hoffman-Andrews has done an even better job making the case. For even more info on the what, why, and how of this pledge, check out our FAQ. We’ve already got some amazing charter libraries and vendors signed on, and we’re hoping that many more will follow suit. Join us in protecting patron privacy by emailing pledge(at)libraryfreedomproject(dot)org!
It’s been an exciting couple of days at Library Freedom Project. ProPublica broke the story of the Department of Homeland Security and the local police in New Hampshire intervening to try to shut down our Tor relay pilot at Kilton Library. We responded to this law enforcement harassment with a public letter of support for the library, signed by a broad coalition of organizations and individuals, and linked to it in an even bigger petition on EFF’s website. That petition has received over 1700 signatures in 24 hours, and media attention continues to increase (we’ve gotten coverage on EFF’s blog, Motherboard, and the Concord Monitor, just to name a few). Kilton Library has received dozens of supportive emails and calls, and the conversation on social media has been popping off — this incident has engendered a robust discussion around libraries and free expression, how we can publicly commit to those ideals, and how hard we should fight back when challenged. It’s also catalyzed a number of libraries to get in touch with us about participating in the exit relay project — talk about the Streisand Effect!
We’re amazed at how this has resonated with our broader community, and how much support we’ve received — librarians, privacy advocates, technologists, and more — and things are only just getting started. Nima and Alison, along with Devon Chaffee of the ACLU of New Hampshire, will attend Lebanon Libraries board meeting on Tuesday, September 15th, at 7 pm at Lebanon Library (the other branch of Lebanon Libraries). We hope to see members of the local community come out to that meeting and show their support for Tor, free speech, and free libraries. Supporters should also sign our petition to show the library that they have global support. For updates, keep an eye to Twitter: Alison is @flexlibris, Nima is @mrphs, and we are all at @libraryfreedom. After Tuesday’s meeting, we’ll update our community with the results of the board’s vote. Thank you all for your support, and for helping us fight the good fight. Resistance is possible when we all join together.
We’re really excited to share another post in our ongoing series of privacy success stories from librarians across the country. Today’s post is from Chuck McAndrew, IT Librarian at the Lebanon Libraries in Lebanon, New Hampshire. You might remember Chuck as the librarian with whom we worked to set up our Tor exit relay pilot just a few weeks ago. During our visit to Lebanon, we checked out Chuck’s fantastic GNU/Linux PC environment, and begged him to write up a why-and-how-to guide for this blog. We’re thrilled that he was gracious enough to oblige.
One quick editor’s note: at LFP, we try to make use of Free/Libre and Open Source Software (FLOSS) whenever possible. The GNU/Linux distribution that Chuck uses is not totally “free”, hence his use of “open source” and not “FLOSS”, and some proprietary drivers and things like that were necessary to preserve the user experience. But we’re in agreement with what Chuck writes below: stepping away from completely proprietary software is a huge step for a library — especially considering how many libraries are dependent on restrictive Windows environments — and ideological purity around perfectly “free” software ignores the usability issues that sometimes come with free software. Chuck’s helping his patrons use software that’s more free than anything most libraries are using, and we think that’s pretty impressive.
We hope Chuck’s success and his helpful how-to guide will inspire other librarians to introduce GNU/Linux into their libraries. Got your own success story to share? We’d love to hear it.
Open Source Patron Computing
How I set up GNU/Linux computers for patrons in my library
Why open source?
Providing internet access to the public has come to be an important service that libraries provide, but it can be quite a challenge to do so in a secure, cost-effective way. Maintaining patron privacy on a shared, public computer is one of the problems that librarians face every day.
When I came to my current job, we had Windows computers with expensive, proprietary software to roll back any changes that patrons made. This software had many problems from my point of view. Not only was the cost a problem, but it actually allowed monitoring of what our patrons were doing online at any time. This is a huge privacy problem.
Additionally, the software was set up in such a way that it undid any updates except for Windows updates. This created major security risks as it forced our patrons to use old and vulnerable versions of Flash, Java, Chrome, Firefox, and more. My solution to all of these problems was to switch to an open source platform for our patron computing.
I have been an open source enthusiast for many years now in my personal life, but this was the first time that I had the opportunity to bring it into my professional life. It was exciting to be able to prove many of the arguments that I had been using to advocate for switching to open source software.
Greetings! It’s been an exceptionally busy few months over here at the Library Freedom Project. We’ve been conducting privacy trainings at libraries across the United States and some internationally, and in June we held our first Digital Rights in Libraries conference. We’re also starting an HTTPS campaign for libraries with friend o’ the Library Freedom Project Eric Hellman and the good folks working on Let’s Encrypt (more on that to come in about a week or so). LFP: can’t stop, won’t stop.
Today, we’re announcing the start of a new initiative, a collaboration between the Library Freedom Project and our friends at the Tor Project: Tor exit relays in libraries. Nima Fatemi, the Tor Project member who’s already helped Library Freedom Project in a number of ways, is our main partner on this project. This is an idea whose time has come; libraries are our most democratic public spaces, protecting our intellectual freedom, privacy, and unfettered access to information, and Tor Project creates software that allows all people to have these rights on the internet. What’s more, Tor Project is Free and Open Source Software (FOSS), which is the best defense against government and corporate surveillance. We’re excited to combine our efforts to help libraries protect internet freedom, strengthen the Tor network, and educate the public about how Tor can help protect their right to digital free expression.
Continue Reading…
Editor’s note: Over here at Library Freedom Project HQ, we often get emails from rad librarians across the country who’ve attended one of our privacy trainings and have been successful applying those principles and tools in their libraries. Recently, we heard from one such librarian: Justin Wasterlain of the Santa Clara City Library, who’d just taught his first privacy class for the public. We were jazzed to hear about Justin’s experience and asked him to write this blog post so we could amplify his success and encourage other librarians to do the same. Below is the first in what we hope to be an ongoing series of LFP success stories. Thanks for writing it up for us, Justin! -Alison
While down some internet research rabbit hole, I stumbled across Alison’s Digital Privacy Toolkit webinar (ed note: that webinar is out of date now. Contact me for a copy of my updated presentation). In just over an hour, she had covered a huge number of tools and concepts in a manageable and teachable way. As a librarian looking to create privacy workshops, it was exactly the resource I needed. I recognize that sounds very “paid testimonial,” but it was the first place I had seen so much content laid out so accessibly in a library context. I was pretty stoked.
While I was in San Francisco prepping for ALA and Digital Rights in Libraries, I sat down with Meredith from Restore the Fourth SF to talk about the Library Freedom Project. Check it out here!
Digital Rights in Libraries was a giant success!!!! As one participant said, it was a “unique and special blast”. Thank you to all those who presented, participated, tweeted, and partied with us after the event. We’re getting together a listserv for anyone who wants to keep the conversation and action going; please get in touch with Alison if you’d like to be added to that list. You can read the highlights of the event at this Storify.
We’ll be posting presenter slides and other resources at this link as we receive them. Check back there for updates in the next few weeks!
This week’s episode of On the Media includes a great segment on librarians’ history of activism against overbroad government surveillance, with an update on what some of us are up to today, including the Library Freedom Project! Listen to the segment here.
This afternoon, I went on WBUR Boston’s Radio Boston program to talk about how Edward Snowden inspired me to start the Library Freedom Project, and why I think libraries are the perfect place to educate the public about privacy. Listen to me say “um” about a thousand times here:
Crossposted from Choose Privacy Week
I’m sorry to be the one to tell you this, but your password sucks. I know you use the same one for everything, and it probably contains some personally identifiable information – your dad’s birthday, your pet’s name, the year of your anniversary. Even if you think you’ve got a good password strategy, if it contains any kind of pattern – a famous quote, a song lyric – it can very easily be cracked. Consider how much access that password — the one you’re using for everything – gives to your private life. Whether you’re worried about exploits from criminal hackers or rogue government intelligence agencies, weak passwords put your private data at risk.