Digital Privacy Pledge

On July 19, 2016 the New Jersey Library Association (NJLA) Executive Board voted to sign the Library Digital Privacy Pledge and encourages all New Jersey libraries to sign the pledge as a symbol of their commitment to protecting digital privacy.  This pledge is a simple one.  For NJLA it says:

  1. The NJLA will make every effort to ensure that all web services that our organization directly controls will use HTTPS within six months. [dated 07/19/2016 ]
  2. NJLA encourages our members to support and sign the appropriate version of the pledge which can be found at https://libraryfreedomproject.org/ourwork/digitalprivacypledge/

The Pledge was created by the Library Freedom Project, a partnership among librarians, technologists, attorneys, and privacy advocates, which aims to address the problems of surveillance by making real the promise of intellectual freedom in libraries.   An article about this initiative in Library Journal by Matt Enis (October 27, 2015) discusses the importance of adopting an HTTPS standard in library and library vendor websites (http://lj.libraryjournal.com/2015/10/technology/with-privacy-pledge-library-freedom-project-advocates-for-https/#_).  This standard has already been adopted by the federal government which has acknowledged HTTPS as the de facto privacy standard.

What is HTTPS and why does it matter? 

HTTP is the standard protocol used by websites across the Internet.  Data flows across the Internet using this protocol in a completely open way.  Using HTTPS secures this data by encrypting it.  According to the Library Freedom Project:

“Websites that do not use secure protocols, such as HTTPS, expose their users to surveillance and intrusion in the network. A wifi or cellphone user who connects to an insecure library or publisher website makes every click visible to the wifi or cellphone provider, and others connected to the same network. Content can be inspected and altered by every node participating in the user’s connection. The resulting lack of privacy and security is incompatible with the ethics and values of libraries.”

They use an analogy that is helpful to understand the difference between HTTP and HTTPS – think of HTTP as sending a postcard through the US Mail.  It can be read by anyone at any point in its journey from the writer to the recipient.  HTTPS provides a secure, sealed, envelope around that postcard to ensure it is not read until the recipient receives it.  HTTPS is not a foolproof method of security and privacy. However, it does provide significantly more security than HTTP and as such is a solution that should be adopted by libraries.

Endorsers of the Library Digital Privacy Pledge to date are:

  • Council on Library and Information Resources
  • Digital Library Federation
  • Digital Public Library of America
  • Metropolitan New York Library Council
  • New York Library Association
  • Lebanon Public Libraries
  • Millis Public Library
  • Ottawa Public Library | Bibliothèque publique d’Ottawa
  • San Rafael Public Library
  • Bielefeld University Library
  • University of California at Davis
  • Auto-Graphics, Inc
  • Directory of Open Access Journals
  • Equinox Software, Inc.
  • Internet Archive
  • JSTOR
  • Odilo, LLC
  • Open Library of Humanities
  • Total Boox
  • Unglue.it

 

The NJLA Executive Board believes that NJLA can and should play a leadership role in advancing the awareness of, and commitment to, digital privacy and security in New Jersey libraries. By taking this pledge NJLA demonstrates this commitment and acknowledges the importance of the issue. We have already begun implementing this standard on our websites and we are committed to assisting the library community in implementing this standard locally.  The Public Policy Committee recommended adoption of this pledge while the Intellectual Freedom Committee and the Emerging Technologies Section have already indicated they plan to focus on this issue in upcoming continuing education opportunities.  NJLA will work to educate our members on this critical issue and to help them and the vendor community to understand the value of secure and private access to library resources and services.

Submitted to the NJLA Executive Board by:

  • Eileen M. Palmer, Chair, NJLA Public Policy Committee
  • Amy Babcock-Landry, Chair, NJLA Intellectual Freedom Committee
  • T.J. Lamanna, Chair, Emerging Technologies Section