Imagine you’re working in a library, and someone with a suit and a buzz cut comes up to you, gestures towards a patron who’s leaving the building, and says “That guy you were just helping out; can you tell me what books he was looking at?”
Many librarians would react to this request with alarm. The code of ethics adopted by the American Library Association states “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” Librarians will typically refuse to give such information without a carefully-verified search warrant, and many are also campaigning against the particularly intrusive search demands authorized by the PATRIOT Act.
Patron privacy is particularly at risk when the third party also knows the identity of users visiting sensitive pages (like pages disclosing books they’re interested in). The social networking sites that many library patrons use, for instance, can often track where their users go on the Web, even after they’ve left the social sites themselves.
For instance, if you go to the website of the Farmington Public Library (a library I used a lot when growing up in Connecticut), and search through their catalog, you may see Facebook “Like” buttons on the results. On this page, for example, you may see that four people (possibly more by the time you read this) have told Facebook they Liked the book Indistinguishable from Magic. Now, you can probably easily guess that if you click the Like button, and have a Facebook account, then Facebook will know that you liked the book too. No big surprise there.
But what you can’t easily tell is that Facebook is informed you’ve looked at this book page, even if you don’t click on anything. If you’re a Facebook user and haven’t logged out– and for a while recently, even if you have logged out– Facebook knows your identity. And if Facebook knows who you are and what you’re looking at, it has the power to pass along this information. It might do it through a “frictionless sharing” app you decided to try. Or it might quietly provide it to organizations that it can sell your data to as permitted in its frequently changing data use policies. (Which for a while even included tracking non-members.)
For some users, it might not be a big deal if it’s generally known what books they’re looking at online. But for others it definitely is a big deal, at least some of the time. The problem with third-party inclusions like the Facebook “Like” button in catalogs is that library patrons may be denied the opportunity to give informed consent to sharing their browsing with others. Libraries committed to protecting their patron’s privacy as part of their freedom to read need to carefully consider what third party services they invite to “tag along” when patrons browse their sites.
This isn’t just a Facebook issue. Similar issues come up with other third-party services that also track individuals, as for instance Google does. Libraries also have good reasons to partner with third party sites for various purposes. For some of these purposes, like ebook provision, privacy concerns are fairly well understood and carefully considered by most libraries. But librarians might not keep as close track of the development of their own web sites, where privacy leaks can spring up unnoticed.
So if any of your web sites (especially your online catalogs or other discovery and delivery services) use third party web services, consider carefully where and how they’re being invoked. For each third party, you should ask what information they can get from users browsing your web site, what other information they have from other sources (like the “real names” and exact birthdates that sites like Facebook and Google+ demand), and what real guarantees, if any, they make about the privacy of the information. If you can’t easily get satisfactory answers to these questions, then reconsider your use of these services.