First, I have to get it out of the way: One of the biggest things to remember, the most secure system is the one that is not on and connected...
Second (read the entire statement): This tracking data serves as a barter system for services, but I think the big issue is that there is no "price tag" on the website, it is like walking into a grocery store and seeing "SALE!" but with no price tag, then getting to the register paying and THEN looking at your receipt and realizing that book cost your soul.
Charlotte United Christian Academy
office: +1 (704) 537-0331 x101
mobile: +1 (704) 497-2086
Checkout our new Online Library Catalog: catalog.cucawarriors.com
From: Code for Libraries <[log in to unmask]> on behalf of Jon Goodell <[log in to unmask]>
Sent: Friday, August 15, 2014 3:25 PM
To: [log in to unmask]
Subject: Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)
I don't believe the horse has left the barn forever. As Bruce Schneier
says, security is a process, not a product. And as we learn more about this
space we can advocate in our own institutions for greater awareness and
perhaps adjustments to the technologies we use to evaluate online activity.
AddThis and ShareThis probably have limited value for the data they
compromise. Google Analytics is probably a much better trade. EZproxy too...
On Fri, Aug 15, 2014 at 2:07 PM, Eric Hellman <[log in to unmask]> wrote:
> On Aug 14, 2014, at 4:32 PM, William Denton <[log in to unmask]> wrote:
> > At the university where I work Google Analytics is the standard, and we
> use it on the library's web site. There's probably no way around
> that---but we can tell people how to block the tracking, which will help
> them locally (ironically) and everwhere else. (I use Piwik at home, and
> like it, but moving to that here would be a long-term project, only partly
> for technical reasons.)
> I think a reasonable place to draw a line in the sand is "use for
> advertising". If you look at the Google Analytics site, it doesn't appear
> that they can use Analytics tracking for advertising, because they don't
> make the carve-outs for children that I believe would be required if they
> did. So if you trust google, and assume they know everything anyway, you
> can let them track users.
> AddThis and ShareThis, on the other hand have TOS that let them use
> tracking for advertising, and that's what their business is. So,
> hypothetically, a teen could look at library catalog records for books
> about childbirth, and as a result, later be shown ads for pregnancy tests,
> and that would be something the library has permitted.
> A criminal prosecutor could subpoena either Google or AddThis/ShareThis to
> obtain tracking data for anyone in your library who had read books about
> Nazism or the Black Panthers or witchcraft, completely without involving
> the library. Do you think Google would easily comply with that sort of
> request? would AddThis? Would EBSCO?
> At Unglue.it, we use Google Analytics, but we have avoided Things like
> Facebook Like, and the third party shares because we didn't like the
> But maybe the horse has left the barn forever.