Hi, On Sun, Jun 15, 2014 at 4:03 PM, Stuart Yeates <[log in to unmask]> wrote: > As I read it, 'Freedom to Read' means that we have to take active steps to > protect that rights of our readers to read what they want and in private. [snip] > * building HTTPS Everywhere-like functionality into LMSs (such functionality > may already exist, I'm not sure) Many ILSs can be configured to require SSL to access their public interfaces, and I think it would be worthwhile to encourage that as a default expectation for discovery interfaces. However, I think that's only part of the picture for ILSs. Other parts would include: * staff training on handling patron and circulation data * ensuring that the ILS has the ability to control (and let users control) how much circulation and search history data gets retained * ensuring that the ILS backup policy strikes the correct balance between having enough for disaster recovery while not keeping individually identifiable circ history forever * ensuring that contracts with ILS hosting providers and services that access patron data from the ILS have appropriate language concerning data retention and notification of subpoenas. Regards, Galen -- Galen Charlton Manager of Implementation Equinox Software, Inc. / The Open Source Experts email: [log in to unmask] direct: +1 770-709-5581 cell: +1 404-984-4366 skype: gmcharlt web: http://www.esilibrary.com/ Supporting Koha and Evergreen: http://koha-community.org & http://evergreen-ils.org