I blogged this.
http://go-to-hellman.blogspot.com/2014/08/libraries-are-giving-away-user-privacy.html
Do libraries even realize they're doing this?
Eric
On Aug 13, 2014, at 4:28 PM, Jimmy Ghaphery <[log in to unmask]> wrote:
> Interesting thread,
>
> AddThis is certainly everywhere (5 percent of the top 100,000
> websites--ProPublica), often in contrast to an organization's stated
> privacy policies.
>
> Here's three examples of use within OCLC and their products:
> http://oclc.org/research/people/follow.html
> ContentDM: http://www.contentdm.org/help6/custom/configure9.asp
> WorldCat.org:
> http://www.worldcat.org/title/jazz/oclc/25048293&referer=brief_results
>
> For kicks I just did a Google Advanced search for AddThis limited to the
> .edu domain, wow.
>
> What is the alternative for libraries looking to promote their services out
> into the polluted ocean of the internet where everyone else is swimming?
>
> --Jimmy
>
>
>
>
>
> On Wed, Aug 13, 2014 at 2:33 PM, Gary McGath <[log in to unmask]> wrote:
>
>> On 8/13/14 1:22 PM, Eric Hellman wrote:
>>> It seems that Code4Lib hasn't discussed this., though the news is 2
>> weeks old. It seems that there are libraries using social share tools from
>> AddThis", a company that has been using a technology called "Canvas
>> Fingerprinting" to track users.
>>>
>>> In other words, it looks like libraries are giving away the user-privacy
>> store.
>>>
>>> For example, AddThis is used by my public library's Polaris catalog
>> (BCCLS).
>>>
>>> I'd be interested to learn how widespread this is.
>>
>> It's pretty widespread in general, but I don't know how many libraries
>> are using it, or why.
>>
>> It's a concern regardless of absolute numbers, because it targets people
>> who are concerned about being tracked and have taken steps to make
>> cookies less effective. (For example, I discard cookies at the end of
>> each browser session, making long-term tracking ineffective.)
>>
>> It isn't "virtually impossible to block"; mapping addthis.com on the
>> client computer to 127.0.0.1 (using /etc/hosts on Linux and Unix
>> machines) does a nice job of it. But anyone who uses it really is
>> betraying the user's trust.
>>
>>
>> --
>> Gary McGath, Professional Software Developer
>> http://www.garymcgath.com
>>
>
>
>
> --
> Jimmy Ghaphery
> Head, Digital Technologies
> VCU Libraries
> 804-827-3551
|