librarypunk - 001 - Pr1va-C
Episode Date: February 3, 2021Welcome to the premiere of the top rated library worker podcast! We talk about privacy, vendor agreements, and fascism. ...
Transcript
Discussion (0)
Welcome to Library Punk, a library worker podcast.
The first podcast hosted entirely in a lip guide.
This is a pilot, premier, demo tape, whatever you call it for podcasts.
I will be your moderator for this also-of-your-sponsored panel this evening.
My name is Justin.
My pronouns are he and him.
I'm Sadie, and my pronouns are she or they.
I'm Jay.
I go by he or they, and I'm a metadata librarian.
Oh, wait, I'm muted.
Sorry.
I was like, why isn't it recording?
Sorry.
Boy, I did a great job.
I'm Carrie.
My pronouns are she, her, and I'm an academic health sciences librarian.
I'm just looking at the kick button.
No, I'm keeping this all in.
This is great.
I slept until noon.
I'm in the podcaster's own.
I have a tasty beverage of some sort.
bud light
Seltser, which is, you know, just really cool.
I think it really is going to give me a lot of street cred.
Revolutionary.
Yeah.
Mass brews, macro brews exist for a reason.
People like it.
I am an avid fan of a macro brew.
Just to put that out there.
I've been drinking a lot of cider lately.
You have my boyfriend that doesn't like here.
So we just buy cider.
when he comes over and I've got this
yummy like black cherry
hard cider
which is pretty good
so. That sounds amazing.
Yeah, no. It's
some deep-and-giff apple orchards.
I have to be really careful
with cider because it makes me
really sassy.
That'd be terrible for podcasting.
I know. I just remembered I have some cider
out in my car
that I haven't brought into my home yet.
So missed opportunity for the podcast. Sorry.
First and last episode, like all live guides, it will be abandoned immediately.
Harsh.
Oh, God, I'm so bad at cross-talking.
I hear a pause at like two seconds, and I'm like, oh, okay, I talk now.
Other people don't register pauses as quickly as I do.
We'll fix it in post.
Okay.
We'll have to fix it in post.
Okay.
So I have prepared many drops.
So I want to go into our segment, which is, what's wrong at ALA now?
Breaking discourse.
I feel so on the edge of the discourse.
In the way of not being in it or just like about to plunge into it.
I mean, both and. It's a fine line.
So at ALA we had a discussion about fascism because this is the world we live in.
Because that's what you do these days.
Yeah, we haven't taken care of fascism yet, by the way.
One more live guide will have it done.
God, how many lib guides do you think are out there about libraries and fascism?
And how bad.
Probably not as many as you'd think.
At least one that's just a link dump where people think they did a good job, but then it's just linked up.
Yeah.
Yeah, I think there's probably...
Like, there might be one fascism, what, lib guide.
Yeah.
Because I don't, I don't, I think that would require, like, thinking, wanting to think about fascism as, like, a possibility.
Like, wanting to entertain that.
And I'm not, I'm just going to be really cynical here and say that.
There are a lot of people who don't want to think about it.
totally
yeah like our profession is totally like
I mean it's the whole vocational all thing
we think we're the only thing
that can like save the entire world
we're like the last bastions of democracy
and by providing people
with information that suddenly
fixes all the problems instead of just being
part of the tool to fix the problem
or to be part of the problem you know
I swear every time I hear
every time I hear something about libraries being the last bastion of democracy or something,
my eyes roll so hard, like metaphorically because I can't do it because it's always in front
of somebody I'm supposed to be impressing.
But it hurts after a while.
I'm sure people have made lip guides about like BLM and anti-racism, but I doubt many will deal with fascism.
There was, I don't want to turn this into Twitter review, but
someone posted that, you know,
there was an objection to the term fascism in the resolution against white supremacy and fascism
because it was, like, someone else said it was weaponized.
Oh, my God.
Well, there are a lot of people who think that things like fascism are like a thing of the past
and that they don't still happen.
Like, you know, there's a sense of a historic, like,
a historicism at play to some extent, I think, that it's, you know, bullshit nostalgia to some
extent to think that like, yeah, we got rid of fascism. No, we haven't. And stop pretending, Karen.
Yeah, it's, I think that also some of the failures is, you know, liberal ideology, but also
academic librarians in particular being like members of the professional managerial,
class and just riding the line between like labor and and the ruling class and mediating that work,
which is another topic for another day.
But the great thing about having like a leftist library podcast is you will never run out of things to talk about.
Because it's just all horribly interconnected.
So I was looking at the resolution and it's pretty straightforward in terms of it,
It charges the working group for intellectual freedom and social justice to review neutrality rhetoric,
which, you know, I really like that they put in neutrality as a specific thing to, like, deal with.
You know, they're getting to the ideology at least directly.
It's still not particularly in materialist resolution, but I don't know if that's too much to expect.
I'm just going to go ahead and tell you it is too much to expect.
Okay.
But I'm here to be cynical.
Carrying you're not real.
Yeah.
And with AOA, it's like unless it's specifically for like library like directors or authors or
publishers, it's all symbolic anyway.
Like what's your benefit has LA has a librarian?
It looks like this act like the only thing it does is have a symbolic purpose if we really
want to get down to brass tax.
Like it's designed to.
make a certain subset of the LIS, well, you know, the library world feel good about itself, I think,
and not actually have to commit to doing anything.
Right.
I mean, because there's a huge benefit in like professional organizations, even if it is more
about let's get together and just like talk about things, even if it's not like,
functionally a union, which I think is what we want.
But it's not even like, it's so big that we don't even.
get that benefit a lot of the time.
Yeah.
It was, again, well, I guess I'll just skip into this because it flows better.
But this was what came up when we're talking about one of the other resolutions, which
was the resolution on replacing the Library of Congress subject heading for illegal aliens
with undocumented immigrants.
And I added this to the notes and thought, what, did they miss one?
because this wasn't this done four years ago?
And Jay told me, no, it was immediately shot down.
But there were so many pieces I read that were so hopeful about it
that I was under the impression that it had gone through.
Well, it kind of had.
It was like it made it through to the Library of Congress.
But then someone in Congress, I think it was someone in the house.
But it may have been the Senate.
I would have to refresh.
I don't want Violet Fox to be disappointed in me.
because I love her.
But it, like,
undocumented immigrants got turned into
undocumented immigration
and non-citizens.
So it got split into two headings.
And those got, like, approved the Library of Congress,
and then Congress itself shot it down with what happened.
Let's all meditate on that for a moment.
Yeah.
It was, yeah.
So essentially the resolution is to, I guess, go in line with something the Biden administration is pushing right now, which is to change, to legally change all of these terminologies so that, you know, the Library of Congress subject headings will actually be done.
But, of course, a lot of libraries are changing these subject headings on our own, you know, which is pretty good.
you know hopefully it'll be one of those
bottom up thing if enough libraries
change it that it becomes nonsensical
for the Library of Congress to keep
it as it is
yeah my only fear is that like
it becomes that even the let's change
the illegal headings
uh heading locally
and that even that will start to become
um I don't want to say like performative
but that like a library
library will do that and put in the labor for that as like a project and then doesn't do anything
else.
Yeah, because there's there's a lot of labor that goes into altering, like doing a thorough
rundown of your subject headings because illegal aliens isn't even the tip of the iceberg
when it comes to that stuff.
And if you're really dedicated to it, it has to be a thorough process that you devote time
and labor to.
Like it can't be a project.
It has to be.
part of your workflow. I don't know if you all saw, I think it was Aaron Leach, had a really good
thread about this, about how so many, like, EDI initiatives are like, they sound good and they're
so hopeful, but then people don't think about the labor and the cost of doing them, and don't
ever really think about integrating them into their workflow and said it's like this separate
thing that they're going to do, and then they've done it. So that's a criticism I've seen of that
lately that I agree with.
Yeah, that's kind of what I was referencing to was that she had said that, like,
it needs to be an ongoing committed thing instead of a, I think she called it,
thinking of it as low-hanging fruit.
Yeah.
Yeah, it was pretty interesting because you brought up something I hadn't thought of, Jay,
which was, you know, Library of Congress serves Congress.
It's not our national library, which is insane that I've been a librarian this long
and just never had anyone say that to me before.
and just go, oh, right, this is just, you know, something the Library of Congress has that serves it ultimately,
and then we use it as the central repository for a lot of our metadata control.
To get to something a little more material that did make a resolution at ALA midwinter is COVID-in library workers,
which there was something, I don't know this person very well, but they wrote a thread saying that,
was an information session asking what ALA is doing to advocate for frontline library workers
to be considered essential workers prior to prioritize for vaccination.
And the response was that gets determined locally, so you nearly need to advocate locally.
Which like, you know, as you said earlier, there's, ALA is not a union.
It's not, it basically said we're not going to do anything.
And so the resolution, I guess, was sort of a response that, you know, to please ask,
nicely that we'd be considered
that people particularly who are
working service points
be considered
essential workers which many
you know many of us already are
because when lockdown started back in
April March and April
you know I got a letter that says like oh you're
essential you can go to work
you know I guess in case anyone ever asked for my papers or something
and just like checking to make sure I was a lot to be out
side.
See, whereas I, because all my work can be done on my computer, and I'm, like, not, like,
I'm faculty and I'm unionized.
Like, I'm fine with being in the last vaccination group because I don't interact with the
public at all as a librarian.
So even though, like, librarians as essential workers, I think we need to be more precise
about who those librarians are so that the people who actually really need it are,
are prioritized in that and then like I'm not at the front of the line over a public librarian in a really busy city or something.
Yeah, for sure.
Like I work in the IT department, so I don't even remember the last time I did anything for a patron directly.
And, you know, if I can sit at home and do my work here, but, you know, the public service staff at my library, they can't.
the whole point of their job is to be there interacting with patrons.
So, like, they should be able to get the vaccine.
But, yeah, I don't need it, at least not yet.
So that's a good point.
Yeah, because I've seen, like, with a lot of the rollouts,
especially there's, like, this one map in, like, of, like, in Chicago or Detroit
where it sort of maps, like, the areas that are getting vaccines
versus the areas where the most people are dying.
and not only is it like opposite colors,
but it's pretty on racially split
and class split lines.
Of course.
Right, right.
Like if all of us to get the vaccine at the same time,
I'd be like, yeah, right now, do it.
But, you know, I'm in a position where, like,
I can wait until, like, May.
I would love it right now,
but if it's between, like, me and someone else
is actually interacting with people
and not just, like,
go to the grocery store once every two weeks,
then, you know, I'm fine with that.
We're in an era of saying the quiet part loud now.
So in Dallas, they came up with a local plan to actually prioritize zip codes that had the most incidents of COVID.
And those all happen to be black neighborhoods.
And the state said, we're going to stop giving you doses at all if you implement this plan.
And so, you know, it's, yeah, the quiet part out loud, which is, we're not.
not going to prioritize people on a like a rational basis. It's this weird faux egalitarianism,
but not really because, you know, all the politicians somehow get like a, like a, an extra dose
at the end of the day. Like, really like, one of our state representatives was photographed and
getting like the first day of vaccinations and it was like, they had extras. It was really his argument
was, you know, I tripped and fell onto it. And it was already in my arm, so.
can't say no.
Right.
Like, it reminds me of some, like, the sort of, I studied this in, like, a critical theory class I took one time.
In, like, in, like, like, oh, God, it was like, political economy, like, through Blackplot, where it was, like, W.E.B. DeB. DeB. De Bois, where he would say, like, you know, we can't focus on.
on the groups like black women or other things that just has to be black people, whereas a lot of black feminists were like, no, because if you don't specifically point out, like, if you try this sort of egalitarian, let's all do one big group and go together, it's like, yes, you all have to go together, but then you have to be like, you know, the people who are facing other challenges, who might need to be prioritized or focused on a little more, they're not going to be.
So it's sort of like, you know, we can try like, oh, yes, librarians are essential workers.
I'm like, yeah, but then I'm going to get it.
And I, like, instead of someone else right now, because they're not going to think about that.
They're just going to give it out and think they're doing a good job when it's really they're still throwing people into the bus.
And if we were, you know, really prioritizing actually dealing with this in a sensible way,
we would just pay everyone to stay home for six weeks,
and the only people who would really have to go anywhere
would be, again, the early essential workers,
which was, you know, grocery stores and medical services.
But we can't just give the citizens money.
No.
It's about freedom, but also about the budget.
Like freedom and the budget.
Remember that.
Yeah.
Those are the same thing.
Definitely.
So, yeah, that was a little.
What's wrong at ALA?
Jobs go really long.
I did want to bring up as an extra bit before we get into privacy is, I want to even
to track acquisitions once in a while of, you know, library companies, publishers,
vendors that are, you know, constantly buying things and creating more, you know,
oligoplies.
And one thing that really got to me a few weeks ago was while these acquisitions, acquisitions,
of Hindawi, which, for those who don't know, Wiley is a major Western publisher.
Hindawi is an open access publisher that has a lot of journals in Asia.
And part of the argument for acquisition was not so much that they're just going to
like strip it for parts, which is usually what happens to these kind of deals.
They'll just take their submission platform and they'll take their journal titles and
and we'll just break it all up and kind of turn it into your own thing.
This is going to run separately as kind of its own imprint for basically the Chinese market.
And so it's all about we need to get like revenues from article processing charges based open access journals in the Chinese market,
which was, you know, one, you've got this big open access publisher being bought by a legacy publisher again,
which is nothing new that happens all the time.
But just the constant hand-wringing,
which we'll get into a little bit later,
of this nationalist fear of the Chinese market,
of like Chinese users,
of like piracy happening in India and China.
Right.
I remember when that happened,
there was a lot of like really bad racist takes going around on that.
They're like, yeah, like China's going to get all the information now.
goodbye Western scholarship.
Or like a predatory open access
and they all come out of China
and India. It's the Beale crew.
It's Beal's kids
coming out.
And it's really gross.
I'm like a thousand percent
not here for it. Thanks by canceled.
And it's not just the Beal crew.
I mean, something that probably happened, but
well, don't mention him anymore.
But it's just the cyber security crowd of, you know, I'm a very serious person who takes cybersecurity very seriously.
And of course, you know, you've got hijacked credentials to worry about.
And it's the fear of just state, constant like state monitoring in China, which is absolutely hypocritical because as we're going to talk about, you know,
we have the exact same threats from our national security apparatus in terms of spying on users and collaboration with corporations, even if they're not state-owned corporations.
Like, they're still.
Oh, they're in cahoots.
Yeah, there's some deep contracts going on there.
And they, you know, they have a trail their way all over the place.
Yeah.
I mean, we're going to talk about Lexus Nexus, which, you know, their biggest, you know, contracts are like cops.
So.
Yeah, I have a really good LexusNexis story.
Oh, it's not that good, but it's one time I was calling LexusNexis customer support.
This is, I'm totally going to derail things now.
I was talking, I called LexisNexis customer support to resolve an issue with our account.
And like in the background, I could hear them having a birthday party like in the call center.
you could hear people like singing and cheering and stuff it was really weird like while this person was
taking my call and like transferring me around like I could hear this birthday party happening in
the call center and it was a really special customer experience like customer service experience
also like the time I think I had Sean Anna as like their hold music which was really
awful um but also kind of like weird
So I got to give it to LexusNexus customer support
For being consistently fucking bizarre
I mean that's better than what you give with the OCLC
Which is just like we'll be back to you in like three or four months
If we get back to you
Yeah we'll think about it
Yeah like the OCLC could be dead in a ditch somewhere
It's just an op
Yeah
It's a deep library op to get your free
funds.
So we're at 25 minutes.
I think that's timed about perfectly.
I'm trying to go half and half.
So let's get into what we're here to talk about, which is privacy.
What is it?
Why do we care?
What do we learn about it in library school?
For those of us who went to library school, which if you didn't, you didn't miss much.
So I pulled some notes from ALA because basically that's just how these things were talked to you.
these things were taught to you. It's like read the ALA Billerites and, you know, write a blog post
about it and that'll, that's your education. Oh, we didn't even write things. We just did
group presentations. I actually had to do a lot of research and writing and this is why it's like
my library school experience was actually pretty good. But there wasn't, anyway, yeah.
it still wasn't a lot on privacy, but I think there was a class on it or something there is now, I think.
Yeah.
Yeah.
I'm the one who didn't go to library school, so everything I know I picked up through osmosis and or IT security, like, classes and stuff.
And I think it's pretty interesting how, like, the parallels sometimes that run, because in cybersecurity, there's the, of course, it's called the CIA principal.
which is kind of ironic, but it's, you know, confidentiality, integrity, and availability,
which is pretty much the same kinds of things that libraries are built on with, like, privacy and stuff.
So there's kind of a weird parallel there that I've always kind of just thought was really interesting,
kind of wondered what library school would kind of, how that would, like, that knowledge would translate.
So hearing you guys talk about it is interesting in that way for me.
It's a lot more first principles.
Yeah, see, like, growing up, my dad worked at, like, an internet company in IT.
And so a lot of privacy stuff I actually learned when I was younger because my dad taught me, like, how to, once I could, like, use the computer by myself, he would teach me a lot of stuff, too.
So it's also interesting to see how like what my dad's perspective as is like an IT dude
at an internet company sort of correlates to like the stuff I've learned in like a library contact.
Yeah, well, to give you an idea of like some of the language from ALA's website that I'm just going to read a quick.
Privacy is essential to free inquiry in the library because it enables library users to select access
and consider information and ideas without fear of embarrassment, judgment, judgment.
punishment or ostracism,
a lack of privacy
in what one reads and views in the library
can have a significant chilling effect
upon library user's willingness
to exercise their First Amendment.
First Amendment.
They're comparing free access to ideas.
Free's peach.
Yeah, freeze peach.
They stay longer.
True liberty.
Oh, hang on.
True liberty of choice in the library requires both a varied selection of materials
and the assurance that one's choices are not monitored.
And there's a little bit here about confidentiality.
Competigialia relates to the possession of personally identifiable information,
including such a library, created records as email notifications,
closed-deck call slips, computer sign-up sheets,
registration for equipment or facility, circulation records, websites,
its visited reserve notices or research notes.
So this is like the older one.
And what they did later after I was at a library school.
So there was an interpretations of the library of Bill of Rights,
which is basically to say like this was way too out of date.
And so in 2019, they came up with the interpretations of privacy,
which adds the right to privacy includes the right to open and improve
about having the subject of one's interest examined or scrutinized by other
in person or online,
which
we'll get to, you know,
just jump at any time when you see this
blatantly being disregarded in your workspace.
If you've got a good story,
it happens all the time.
I see librarians on Twitter
going against this, especially when it comes to
a let's all dunk on the
douchebag bro book.
I think people go like, well, serial killers
were found with these or someone shot,
people and then had this book on them,
should we really be teaching this to impressionable
teenagers? Right. I'm like,
okay. I love thinking
about the children. Yes.
You know, as a Lee Edelman,
the queer death
drive and everything we worship
the child, T.M.
So, on
Twitter, I have
the tweet linked in here, but
that first bit of the ALA
privacy interpretation where it says,
open inquiry without having a subject of your interest examined or scrutinized, that's a huge
loophole. Because if you were, as they say, if we just track, card swipe library entries,
we don't know the subject of interest, which is, you know, if you have enough de-identified
information, you can eventually identify that information. So if you know when someone came in
and when they left.
It's not that hard for people to piece together who it was and what they were looking at.
And there's a lot more of that as we talk about, you know, some of the things we will see with vendors that I have later on.
Yeah, I was thinking about, like, I mean, there's no such thing as anonymized data is, I think, one of the really big take-home points that I see being touted by the privacy people.
out there that we all love and know and trust. So that's kind of the thing that I always
take home from that. And, you know, especially in regard to things like this upset, like especially
in academic libraries, we see a lot of obsession with like this kind, like the concept of
learning analytics and, you know, a lot of discussion on, I think we can do this ethically. And I'm like,
no, no, you can't actually. So there's, there's a lot of interesting discourse on, you know,
know, the role that data collection plays in libraries and, you know, what we decide to keep
and why we decide to keep it and for how long we decide to keep it and for what reasons.
Yeah, I was totally like I'm our institutions like Primo person and as part of the Primo analytics,
I can see what popular searches are by like months.
And all the top ones are actually from the instruction librarians.
but like say there was like a researcher who has like a very niche topic and they look at it a lot
you know those those popular searches aren't tied to anyone but it's not that hard for me to go oh well
I know this professor or this PhD student researches this topic or whatever and oh look these sort of
search strings have popped up like I see mine show up in there all the time because my like go-to-test
search when I'm like,
growing around with
those ghosts.
And so ghost is always up there
because I,
you know,
that's one I type all the time.
So,
yeah,
it's totally not hard
to connect people
to,
quote,
anonymized data.
And the thing is,
like you have,
like you said,
you have months of this data,
and it's like,
it's worthless data to you,
but it would probably be very useful to,
like,
a cop.
Like,
because it's not going to actually
influence your acquisitions
or like your reference services.
Like,
oh,
a lot of people,
people are interested in anti-terrorism studies.
Like, okay, whatever.
But like, there might be, you know, if this is aggregated among all of the users of
Primo all across the world, then, you know, and you tie that to someone's IP address
with their browser information.
Like, yeah, that could be very useful for someone else.
Not the library yet.
We're the ones helping collective.
And I am always kind of of the philosophy that, like, if you don't have it, they can't
subpoena it. Exactly. So like whenever I'm doing, you know, making any changes or anything,
the sheer amount of data I can see just being like a system admin for IT is just nuts. I mean,
it's firewall policies, it's proxy searches, and it's all stuff we like need to see for some
reason or another, you know, like I need to be able to see firewall logs so I can make sure
they're working properly and you know all that stuff but at the same time you know there's always
that thing in the back of my head that's like do we really really need this like how much how much of
this could be subpoenaed if you know they walk in and hand hand over one and how much of this
does anybody else in the library actually realize we have because you know I'm probably the
most library aware person in our IT department having worked in library.
for like a decade or so as public service and various things. But I could tell you that like the IT people, they're not thinking about that in the slightest. So I mean, just on, you know, the searching level, there, that's one thing that's, you know, like Jay said, you know, you're the primo person. But the back end of that is probably that and more. And the professionals who, you know, sort of are have these principles aren't the ones who. And the ones who.
who are in control of the majority of that information, if that makes sense.
Yeah, I think there's a big disconnect between the library and IT, especially like, for an example,
on an academic campus, like, IT is IT for the whole campus, not just the library.
Yeah.
And so, you know, that's a whole different structure of people that have very specific jobs to do,
but it's completely disconnected from the actual functions of the library.
The library might not even be aware of what information is available.
Yeah.
And I know some public libraries have a very similar thing with, you know, like a city or a county IT,
and they don't actually control a good portion of their, like, own back-end stuff.
So that's a difficult factor, I think, when it comes to dealing with privacy.
So going back to loopholes in privacy, the big one is for security and delivery.
So in this interpretation's policy from ALA, there's a section that says the effective management
and delivery of library services may require the library user to opt into the provision
of personal data in order to access a library resource or receive library services.
users' personal data should only be used for purposes disclosed to them and to which they
consent, which means basically yulas. So we can just throw as many yulahs at someone as we want,
which of course is impossible to read them all. Yeah, Elsevier is a great, or not Eltavir,
but EBSCO is a great example of this. EBSCO, in order to set up an account with EBSCO,
as a user to have like a folder and store searches and stuff like that within the EBSCO platform,
you have to agree to submit your data to EBSCO.
If you do not agree to that, you cannot make an account.
So I think EBSCO is really one of the chief offenders on data collection here
and requiring data collection for users.
Have you all seen the Library Freedom Project folks?
They have...
Yes, God, love them.
They have like a vendor privacy scorecard that you can go through.
has all these different privacy realm. It's a great document. Yeah. And like when I show that to like
my collection development person, she was horrified. And I'm like, yeah, there was like this
great article I read in grad school and like I put this paper on about how that's something
reference librarian should be aware of so that when they are walking patrons, especially like
college students through using these services, especially like an instruction session or one-on-one,
And that's something that you should tell the students, too.
Like, oh, by the way, you know, if you use this and want to do this with it, like, you should know this is what they collect.
I always tell students that, like, by the way, if you have, like, privacy plug-ins or something on your browser, it might break the database.
So just letting you know, you might, like, need to turn your privacy badger off when you're in an EBSCO database, stuff like that.
So it's not just, like, the IT people and whatnot on the back-ins who buy these things and run them that need to know about that.
For sure.
Yeah, for real.
I think there needs to be a little more knowledge shared amongst librarians on the matter of things like that.
Because I think the information out there is kind of, I suppose, scarce.
I don't think it's talked about as much as it could be talked about because we just so kind of willingly accept these databases and, you know, all the wonderful things they provide for us and our users.
but it doesn't really think about what our collective power is to affect change in the way databases are operated,
or at least the companies that we pay lots of money to databases from that they shell out to us for increasing amounts of cash.
45% increase a year.
Jesus.
Yeah, and it's like there's an argument of like, oh, well, we don't have the money to create these things ourselves.
And I'm like, well, how much money are we paying to the vendors?
But then we don't have the actual labor force to create these things for ourselves.
And like unless you're someplace huge, like the University of Illinois or the University of Utah where I used to work.
And they built their entire own digital library system, for instance.
University of Illinois has their own custom in-house, like chat service, bento box, discovery service,
of that. Yeah, it's one of those things where, like, you know, that is the overwhelming
minority of schools that have packages like that at their disposal. And even, like, on a system
level, as someone who works in a large state university system, you know, there's not even
very much coordination on those state levels to even, you know, take advantage of, well, what
decreasing amount of funding we have to, you know, do what needs to be done, which is
reinvent the wheel, essentially, with the way that, and I think this kind of dovetails back
into open access discussion, which is that, like, the models on which purchasing works has
traditionally worked on a book level, you know, readership model. You pay for readership.
Whereas, you know, with open access, you pay to provide.
readership, which I think gets into this kind of like odd circle with funding and where resources
go and why we allocate resources the way we do. Yeah, and there's a lot of labor that goes into
that. So if we ever do an open access episode, I think labor will be a big part of the discussion
because it has to be. But really, I was going to say, like, libraries are like just extremely
cocked when it comes to
when it comes to working
their vendors.
Well, here's the thing. I'm trying to
speak to, you know,
the Twitter folks. I want them to like us.
Are you trying to be an edge lord?
Yeah. Are we like
podcast douche bros?
Yeah. Yeah, this is
Chappo Reading Room.
Oh, I didn't realize
I needed to be more of a dirt bag
than I currently am because I
can go there.
Let me put my hat on backwards.
Yeah. Yeah. Yeah. Yeah, exactly.
Let me like unbuckle one of the straps from my overalls.
Oh, my gosh.
You all have the strangest ideas of what is intimidating.
Oh, that's like falsely intimidating.
It's like, it's like intimidating the way that like a 1990s like Bugs Bunny baseball
shirt is. Oh, my God.
Like bad boy, bad boy Bugs Bunny.
Yeah.
Yeah, that's like what I'm going for.
But with library vendors, you know, we really do like the customer service for products that we pay for.
And it's the same thing with this privacy.
Like we're having to do the privacy for the products we pay for.
And it's, it might be something nice with some of these, you know, getting to open access and having these transfers.
formative agreements, it's a chance to really say, by the way, while you're at the
negotiating table, stop collecting this data on our users. But you know, you can't do that if you
don't build a policy. And again, like, well, the same thing goes for database accessibility too.
I mean, that can be another bargaining chip that you build into that toolbox is that,
you know, a lot of databases still lack basic accessibility, you know,
for various types of users.
And if you negotiate with them on the price that say
these are our minimum requirements for a database for accessibility purposes,
that gives you a little power too or so I've heard.
Yeah, it's really hard to do without having a policy that says
this is what we're going to ask for every time when we're talking to a vendor
is we want this from them, we want this from them,
and any of these can be deal breaker.
And again, like, that's really hard for small institutions to do because, like, they have me to think about this at my institution.
But, like, you know, if, like, at my last institution, we had, like, three librarians.
And one of them was the director.
So, you know, it was really hard to think about these things all the time when you're constantly staffing the front desk and, like, doing metadata while there's no one presently asking you a question.
Yeah, I mean, like that was that was my old job too, was I was the library director of two librarians and one and a half staff.
So I know that world very well where essentially in that position you are responsible for whatever you don't delegate out to the other people, essentially as a library director is kind of how I looked at that, which may be.
isn't the best view. You can edit that one out.
Yeah, please fix that in post.
So, I mean, like, I think there's...
Just change the whole opinion in post.
Yeah, just change the word.
Play it backwards to make it sound like I'm worshipping Satan.
Oh, yeah.
Fix it in post.
Yeah, I mean, it just...
knowing that situation is I think what I'm trying to express here is that I've also been there
and know what it's like to feel like you have very little power against what you need to provide
essentially.
Yeah.
I think a lot of that has to be done at consortia levels because it's just where the negotiating
happens.
Yeah.
It's always about numbers.
And I think that was one thing that I realized when I was in that position was that like
with my consortio,
we could barter better deals.
And, you know, we use that to essentially break up a major contract that had kind of held our state very tightly for a number of years.
Yeah.
I'm going to skip a little bit since we're already at the minimum time I wanted to hit.
Skip ahead to kind of like cookie tracking and leakage, which is a term that.
the minds at Scholarly Kitchen have used because it's disturbing.
But leakage basically means use of articles and subscription resources happening outside of the library
or outside of the platform.
So if you have something in an institutional repository, for instance, like a preprint
or a post print, the publisher gets kind of annoyed because they don't see the numbers and
then they can't report those numbers to their customers or the libraries.
And then it looks like that's not being used and the libraries might, you know, cancel their
subscriptions.
And I say to that, what's the problem?
Like if people are getting the use elsewhere.
But there's a lot of syndication things happening now.
And one is between Springer Nature and Researchgate, which is kind of an academic social network
where you put your research.
Most of the time, people put the wrong version.
because they don't realize that you don't have the copyright anymore.
And so they'll put the final version of the article on there.
So, you know, Springer kind of had a point of, well, are we going to just sue them like everyone else, like SciHub,
or are we going to get a partnership with them and start counting all those views?
That's kind of what they're doing.
And they make sure that they are the ones getting that usage back to libraries and saying,
hey, you're getting these views through us, basically,
because your authenticated users were on ResearchGate.
Now, how do you do that?
You do that with cookie tracking.
You do it the same way that ads are served to you.
So essentially, either you're logged in.
So if you're using, for instance, Open Athens or anything that's other than a basic proxy server,
it's going to track your usage everywhere.
And then if you end up on a website that you have access to,
says, oh, you've got access, and that's really nice.
But it also means it's, you know, tracking you everywhere.
And this is another area where the IT perspective and the library of privacy perspective clashed.
And so there was an S&SI presentation that did the rounds last month,
who by a presenter who was a chief information security officer at the University of Utah.
And so he was talking about some of the threat.
That's, again, getting back to like fishing, social engineering, credential reuse, hacktivism.
So he's talking about sidehub.
He's talking about Iranian scientists and just general, again, the same nationalist fears.
You know, Iranian scientists are trying to get access to a paper about, you know, chemistry.
And it's like, that's terrible.
Which reminds me, I'm going to do real myself.
My favorite retraction I've ever seen
Our Retraction Watch was
This article has been retracted because we found that one of the co-authors
Was the Prime Minister of Iran
Oh my God
And that was like the reason for attracting
Which was funny but it was about like
It was about like neighborhood design
It was like civil engineering
It was like how to make sure that
You know people can have a walkable environment
Anyway that's a good retraction notice
and I think it's one of my favorites I've ever seen.
That's really funny.
Retraction Watch is just a fun website.
You can find very strange stuff.
But so the solution that SNSI proposed,
or this presentation at SNSI proposed,
was basically making proxies more like a typical web app,
which immediately I made fun of,
which is more authentication on the library side.
So timestamps, extensive browser info,
username, account info, customer, IP, two-factor authentication, which that will never fly.
To put like three more clicks between the user and a article, are you kidding me?
Geolocation, biometric data, no idea what that means.
And the only data that is supposed to go to the publisher would be timestamps, proxy, IP, and the URLs.
I would like fingerprint scans and stuff like that, I think, right?
it. Yeah, and I think part of it too is like, like when they do CAPTCHAs, you can kind of tell like how somebody clicks in mouse whether or not it's like a bot or like an actual human because of the like precision of it. So I think that's probably counted under that biometrics too.
Yeah. So the only data that's supposed to go to the publisher is timestamps, the proxy IPs and not the user, the customer IP, although the customer is the library. But.
splitting hairs, and the URL is requested.
So you'll know when someone's using it from what proxy and what time,
which again is enough to deodomized data.
But here's the problem, which is that the publishers,
and particularly Elsevier, are going to be the ones developing these proxy add-ons
that turn proxies into web apps.
So LexisNexis, which is owned by Relix, which also owns Elsevier,
has a service called Threat Matrix,
which is
it's owned and operated by Lexus Nexus.
I thought that was like one of those sequels
to a Wachowski movie.
Yeah, I mean,
it would probably be a lot better and more interesting.
You'd probably have some very interesting metaphors.
Yeah, I read it in The Threat Matrix.
You'd have to swallow a red pill to get into the theater to see it.
Yeah.
I just think about the Wichowski's on Twitter.
It's just like getting mad at people talking about the red pill.
We're like Ivanka, like, fuck both of you or whatever it was.
Yeah, yeah, yeah, yeah.
That's immediately where my brain went, too.
So the idea for threat metrics is it picks up any fishy behavior.
So through browser fingerprinting, IP address, detects,
cross-site behavior.
It can re-identify people.
And the thing is,
it's not only capable of doing so,
of de-anonymizing this data.
It sells data to law enforcement agencies saying,
we can de-identify data.
And so even though threat metrics is owned by LexisNexis,
and Elsevier is just using it,
even though they're, because they're separate companies,
now this on the publisher side is actively de-identifying,
this data. So even if you say, we're only going to collect this. Now you just have all this data on the
library side, some of which you're sending through your proxy, some of which is being picked up
by the publisher themselves, just tracked anyway while you're authenticated, and then being
packaged and resold to law enforcement. So threat metrics claims to identify 4.5 billion devices,
1.5 million mobile devices, 1.5 billion mobile devices,
and are able to match that information with physical addresses,
consumer records, IP addresses, consumer identities,
and a variety of other public and private data.
So most people in the world, basically.
And it works, again, similar to how ad tracking works.
It's tracking your behavior across multiple websites.
So they're not just tracking it like ads.
They're selling this tracking specifically for,
tracking and apprehending suspects.
So not only do you have to worry about being subpoenaed,
because you're keeping all this extra information now,
even though you're always sending a little bit to the publisher.
You are now also just signing people up to use...
A cop database.
Yeah.
Well, to use a database that is using this authentication,
this anti-threat tool.
And it's, again, where the nationalist kind of fears come in of,
well, we have really valuable data
because academic articles are really valuable,
and we don't want other people getting access to them.
Yeah, they're so valuable that they don't pay the people who create them.
And yeah, I think that's very strange.
When you're tracking on so many different fronts,
there's really no point at which the library can say,
hey, stop doing that.
Because you're not really, even if you had a contract with,
says, you know, don't build this, you know, the next thing is not only going to be your proxy,
but if you have this proxy add-on, and the idea is these threat areas will be shared out
between the different companies. And so even though it's your institution and your authentication,
they're all using threat metrics or whatever the alternative would be for proxies to say,
oh, here's another threat that we're sharing with each other. And of course, if,
If they would think that your stuff is compromised, they'll shut down your access, which I'm sure has happened to some of your institutions before.
It's currently having been named to mine.
There was another part of the SNSI security that I really thought was fun.
There was another presentation that people didn't want to talk about because it was a lot dumber.
But they brought up Silent Librarian, which is a very funny Iranian scam because all it is it just tricks people into signing into libraries.
and then it gets access to journal databases,
but then they sell it to Iranian scientists.
So it's clearly like not a state operation.
It's clearly like just a scam that is, you know, pretty low tech.
It just sends you an email and says,
hey, your library needs you to log in.
And then you go to this fishing website,
and then you sign in, they get access to journals,
and they sell them.
And then there was a slide I really loved,
which was that
Syhub
and it was just like
Russian backed question mark
on the slide that said
political motivations
and I was like
Alexander Obakian has done
several talks where she says
I'm a communist
I want to redistribute knowledge
like she tells you
what her political motivation is constantly
and it's just
yeah
so I got a notification
about this Iranian thing
by this person I work with
who sent me a scholarly kitchen
article about it.
Oh, boy.
So that was my first interaction with it.
I didn't read it because I was like, I'm not reading that cop website.
Yeah.
It's a very strange mix of people over there.
But it did lead to me getting a really cool appell pen from a friend.
Oh, you have one of those?
Yeah, I have it in my work photo.
I'm wearing it on my jacket.
It's really hard to see.
but yeah, it's one of my favorite things.
It's the only lapel pen I have.
That's a good one.
Yeah.
For those who don't know, it just says Scarley Kitchener Cops.
Oh.
Yeah, I really don't know.
Someone made some that was SKDR, which...
I think it was the same one, yeah.
Yeah.
This is kind of hilarious because this is the very first I've heard of this at all.
Yeah.
It's like a very niche, like, academically.
librarian thing.
Yeah, I don't know
what else to say about it other than
They're very sympathetic to publishers.
Yeah, it's all about...
They're radical centrists.
Okay.
Yeah, I think that's a really good way.
That's a really good way of describing them.
I think that is exactly what they are.
Radical centrist, yes.
Yeah, they're very smart.
Rabbit?
Like, yeah, just.
just like very committed to maintaining the status quo.
Yeah, they're like, you know, they must view yourself as progressive,
but in a way that also allows you to feel smarter than everyone else.
So like whenever it's like, oh, you know, we can't have minimum wage be $15 because then the line would be sad.
So like that kind of people.
Yeah.
Yeah.
Yeah, this, it's really hard to dive into this more because especially when you're talking about like,
security threats and all the nationalist bullshit that goes along with it,
these are whole conversations that are taking place at the publisher level
and are just going to be imposed on libraries.
It's like, well, you know, we have all these threats and you have all these valuable library login
so we can't let people, you know, get access to them.
And to do that, we need to have access to all your users' data as much as possible,
which is like you are the threat now.
Like you are the person getting all the information
that can then be subpoenaed at multiple levels,
not just at the company level,
but now at the library level
because we're keeping data that we have no need to keep.
So it's very frustrating.
I wanted...
There was one more bit,
but Sadie, did you have anything else you wanted to add
on the IT side of security culture?
Yes, but do we want to be here for another hour?
So with security people, the thing that I have always kind of noticed is, you know, it's the I have a hammer so everything looks like a nail.
But yeah, and like looking at that one of the articles you had about the Lexus Nexus stuff, like they're talking about fraud, which is.
different than security really because when at least when I think of like cybersecurity I'm thinking about like
ransomware or you know things that could actually physically like threaten how a library operates
but fraud really isn't one of those things so I I've never really understood why it gets lumped under
cybersecurity when it's really it's a really commercial interest kind of kind of thing like
I think one of the tweets from, oh, let's see if I can find it.
Red Librarian, I think, was the handle.
It was basically like, oh, so we're trading, like, we're trading for, you know, protecting, protecting databases and, you know, Elisver and all of these people's, their interests instead of actual privacy kind of thing.
I can't find the tweet now.
So it's lost in my in my C of tabs, but it's there.
Yeah, no, I think that's pretty straightforward.
It's not about security.
It's about maintaining publisher intellectual property concerns.
And then that's then tied into Red Scare stuff.
Absolutely.
Which I think is the thing that makes me the most annoyed because like the moment
there's a moment that there's a chance to make a profit off of Indian or Chinese scholars.
Like that concern goes away.
And quite honestly would for Iranian scholars too if, you know, the U.S. ever changed its stance.
I mean, there are, and this is my own just like little like, you know, tin foil hat moment.
I'm convinced that like sometimes certain degree paths at universities are,
set up basically to target international students for the tuition money.
I'm not going to say where or which one it was,
but in the first cohort of that program,
the only people in it were international students primarily from India.
And so it's like, we will take your money,
but then we're going to call your entire publishing
system
predatory
even though
ours is too
you know
like
cut their
podcast
oh absolutely
publishing
is predatory
like
yeah
I mean like
I think it was
someone said this
better than me
but it was like
the real
predatory publishers
are all the
for profit
ones
like you know
it's
not the open access ones. It's, it's, well, it's the for-profit model of publishing is really
predatory publishing. It gets predatory from top, top to bottom, so you can't really point
fingers within it. Right. Yeah, and it's locked in, too. So with these transformative agreements and,
you know, wily purchasing in Dawe, it's, you know, specifically because they said, we need
a, you know, the article processing charge money in China. So that's, you know, where, you know,
we're going to aim next.
Because otherwise, you know, we really can't extract enough rents in terms of
subscriptions in these areas because they don't really care about
SciHub and, you know, informal nets and just absolutely sharing copyrighted material.
So, okay, well, we've gone an hour.
I didn't want to go any longer than that.
So let's do the closing Kerry's idea, which was, you know, what is it?
Can't let it go.
What you can't stop thinking about in libraries?
What's giving you life in libraries?
What's making you think about libraries?
And I guess positive note would be nice to end on.
If not, you know.
Trying to think of what mine would be.
Yeah.
And this is actually, you know, just very quick tangent.
This is something that I see a lot of librarians.
on Twitter, rightly critiquing is that, like, yes, we should not complain, but, like, critique
and yes, complain about all of these problems in our profession.
Then, you know, sometimes we don't point out the good things or offer up, well, what would
the better solution be?
So, yeah, you know, I'm trying to think of, like, a nice thing of making me happy in my way.
It's tough right now because everything is pretty bad, and people are under a lot of stress.
one thing I think I'm happy to see is
I don't think it's necessarily enough to say
the tide is changing in any way
but people are getting a little more materialist
in their analysis and saying the only way we can
actually get anything done is through like an industrial union
or just unionizing in our own areas
because that's the only time anyone's ever going to listen to us anyway
and so at least understanding that
but I don't, again, like I think librarians,
I want to have a theme of this podcast
to make a distinction between librarians and library workers in general
because librarians really, I think, are part of that professional
managerial class.
And we do transverse that area where between management and labor.
There was Sam, who's read librarian.
He just published a piece about the aristotle.
of labor and how academics especially fall into that.
And yeah, it does put you in a very privileged position, even if the pay is not as good as you
would think.
But you are still positioned and propagandized.
Maybe it's not entirely the right word.
But, you know, like with all the First Amendment talk and the focus on libraries as bastions
of democracy.
Yeah, it's more of an indoctrination is I think, maybe the word.
Yeah, it's an ideological indoctrination.
So I'm glad that people are starting to say a little bit more about the only way you can really do this is to say,
this sucks and I'm going to join a union or I'm going to ask my union to deal with this.
And so that's, you know, that always makes me happy.
On kind of that same note, my previous job is finally union.
I have a friend who still works there and they there were there were several tries to get unionized when I worked there before I worked in IT. So I was very glad to hear that they are finally, finally at that point. I partially left that job for a union job. So I was very happy to hear that. I think my pick for what is sort of making.
me happy lately and they kind of have negative aspects to them but it's the good part about
them and there's two small ones that make it very quick one is that um in sort of like the metadata
and sort of like systems or coding librarian realm um there's such a big push for like um open
documentation and sort of this like sharing of knowledge of how do you do something and being more
open about, you know, I have an English background. I don't have a degree in computer science,
and yet I have to do this now. So there's this whole like almost like mutual aid network of,
you know, like the Digital Library Federation has like the metadata assessment group.
And they have all of these, I think is a metadata assessment group. And they have all of these
great resources like the metadata application profile clearinghouse or like the library workflows
those exchange, and especially for like early career people who, you know, a lot of stuff,
I wasn't taught in grad school and I didn't want to have been.
But also I have a humanities background, so I'm teaching myself this.
So I've been like very happy about the sort of like mindset of like sharing knowledge lately.
And then the other one is because it makes me like, yeah, stick it to the man, where the man is
like the cult of information literacy,
but not that information literacy isn't a good thing,
but especially now when people are like,
oh, the Q&N people,
well, if they only had information literacy,
then, you know, they would know better.
And I'm seeing some librarians, especially, you know,
like Terry here, like pushing back against,
but it was like a pushing back against, like,
oh, information literacy,
this will save us and go like but no it won't it needs to go further than that um and so i'm liking
this sort of like turning our critical eye towards ourselves and these things we uphold and how they
actually operate in the real world hell yeah yeah yeah that's pretty cool um i i'm always really
stoked about uh like mentorship opportunities and um like i get to work with grader
students at my job. So we have interns from the I school here that kind of like they come and
work with us. And just getting to, you know, talk to them about what their career goals are and
then try to work them into whatever work projects you have is just always something that
makes me feel good is, you know, helping people figure your shit out.
Oh yeah. Yeah, it's the dream. Unless you're, you know, just hate working with people,
I do know librarians like that.
This are the best.
They really are.
Yeah.
It's always great to just feel helpful once in a while.
I do miss it.
Working primarily.
Yeah, I like kind of thrive on that a little bit.
I also just like have like resting helpful face, which is a real thing.
Wait, I have, can I amend mine, like, real quick?
I was at one of our branch libraries the other day, and we're doing like grab bags so patrons can kind of like request a general area and the staff will go and you know like pull like five or six things of whatever they want.
And because we're curbside only service right now.
And I was working at one of the libraries, I was like hands covered in Ethernet cables when I overhear one of them go.
And then and then I saw that Brokeback a Mountain was in his staff.
and I was like, yes.
Apparently they have this patron who has multiple, dropped multiple homophobic comments
who then came and requested a Western DVDs grab bag.
And they just so happened to have Brokeback Mountain in that day.
And so it just kind of made me laugh really hard because like there is these, you know,
three people who are just like, we're going to change his mind.
just through library, like, subterfuge and what we put in his grab bags.
And I was like, please continue doing that.
Nice.
Okay.
I didn't think of a good way to close it out, except...
Spooey.
Thanks, everyone.
This has been a lot of fun.
Yeah, no, I'm excited.