The Library Built Systems subgroup of the Digital Library Federation's
Privacy and Ethics in Technology Working Group is pleased to announce
the publication of "A Practical Guide to Performing a Library User
Data Risk Assessment in Library-Built Systems", now available online at
http://doi.org/10.17605/OSF.IO/V2C3M
The main part of the guide is a 28-page report on best practices for
minimizing risks to library users' privacy from systems that libraries
build and manage that collect and operate on data about their users.
The guide also includes a blank spreadsheet that libraries can use
to identify systems that collect data about users, understanding how
they manage that data, identify risks associated with that data,
and then select an appropriate risk mitigation strategy. The guide
and its rationale were also discussed as part of a recent DLF webinar
"Privacy in Practice: Applying the Tools & Resources of the Privacy
& Ethics in Technology Working Group", viewable online at
https://www.youtube.com/watch?v=UyFETAgPSx0
The guide was written by Kristin Briney, Becky Yoose, John Mark
Ockerbloom, and Shea Swauger, with additional early input from subgroup
members Charlie Harper, Jacob Levernier, and Yasmeen Shorish, and
with the valuable feedback and suggestions from other librarians
and Digital Library Federation members who made comments on a
preliminary draft posted in 2019. It is published under a Creative
Commons CC-BY license that lets people adapt it as they see fit
for their own uses and communities, as long as they give appropriate
attribution to the original (and note if they've made changes).
I'm very glad this is out in the world, and hope it will be useful
both in its original and in adapted and updated forms in helping
libraries protect their users' privacy. I want to thank my co-authors
and everyone who gave us comments and ideas for all of their work and
care, and I'll be very happy to hear about how libraries use it.
John Mark Ockerbloom
for the Library-Built Systems working subgroup
########################################################################
To unsubscribe from the DLF-SURVEILLANCE-TECH list, click the following link:
http://lists.clir.org/cgi-bin/wa?SUBED1=DLF-SURVEILLANCE-TECH
|