Surveillance, digital security and privacy in libraries
-
Upload
cilipscotland -
Category
Presentations & Public Speaking
-
view
97 -
download
0
Transcript of Surveillance, digital security and privacy in libraries
![Page 1: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/1.jpg)
INVESTIGATORY POWERS BILL
NICHOLAS WILLIAMSSCOTTISH PEN
@ S C O TT I S H P EN @ N IKW I L L I A MS 2 S C O TT IS H P E N. O R G
Surveillance, Privacy & Digital Security in Libraries
![Page 2: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/2.jpg)
Digital Security & Privacy Project
Project to build capacity of library staff and users to protect digital security & privacy
![Page 3: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/3.jpg)
Ambition & Opportunity: A Strategy for Public Libraries in Scotland 2015 -2020
Librarians have the understanding and expertise to: Champion & promote openness & the public’s right
to info; Oppose censorship and efforts to inhibit access to
info; Select and make available information; Guide and support the public to seek, obtain and
navigate available information;Support the public to utilise and share this
information; Facilitate intellectual and cultural creativity;Safeguard the privacy of the public through
ensuring data collation and surveillance are necessary, proportionate and lawful.
![Page 4: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/4.jpg)
INVESTIGATORY POWERS BILL (IP Bill)
Attempt to modernise and consolidate surveillance legislation
Currently in the House of Lords (3rd reading, next week)
New powers include:Retention of Internet Connection RecordsEquipment Interference (hacking)Bulk PowersNational Security & Technical Capability NoticesInterception
![Page 5: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/5.jpg)
INVESTIGATORY POWERS BILL (IP Bill)
What has this got to do with libraries?
The IP Bill’s definition of telecommunications providers brings obligations to those who offer public Wi-Fi & public access computers
This may include cafes and librariesNo lower threshold Will libraries have the capacity & funds to
comply?
![Page 6: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/6.jpg)
Privacy & Libraries
Public use of libraries reveals a great deal of private details
Communication (email & social media)Online banking & shoppingResearch & browsingApplying for jobs & benefits
How will government access change the behaviour of library users?
![Page 7: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/7.jpg)
PROJECT OUTLINE: Workshops
Hosted in libraries across ScotlandTraining library staff & volunteers on issues
around protecting privacy, evading unlawful surveillance & strengthening security
Enables staff & volunteers to develop training for library users
Using Library Freedom Project syllabusPiloted in Glasgow Women’s Library in July
2016Expanding to libraries in other locations in
Scotland
![Page 8: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/8.jpg)
WORKSHOP FEEDBACK
Informative – 82% very positive; 18% somewhat positive
Enjoyable – 82% very positive: 14% somewhat positive96% felt they had a better understanding of privacy
and steps they can take to protect against unwarranted surveillance
100% would be interested in attending another event organised by Scottish PEN
70% were more likely to rely on Scottish PEN to find out further information about privacy, surveillance and freedom of speech issues in the UK and Scotland
![Page 9: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/9.jpg)
WORKSHOP
Here is a whistle-stop tour of the workshop we held at Glasgow Women’s Library
![Page 10: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/10.jpg)
THREAT MODELLING
Digital security isn’t about which tools you use; rather, it’s about understanding the threats you face and how you can counter those threats. To become more secure, you must determine what you need to protect, and whom you need to protect it from.
What do you want to protect?Who do you want to protect it from?How likely is it that you will need to protect it?How bad are the consequences if you fail?How much trouble are you willing to go through in
order to try to prevent those?
![Page 11: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/11.jpg)
PASSWORDS
Weak passwords = Giving over the keys to the kingdom
A password may be only as secure as the least secure service where it's been used.
Focus on passphrase as opposed to a password.
Master password: diceware wordlistPassword managers
LastPass 1Password
2factor authentication
![Page 12: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/12.jpg)
DICEWARE
![Page 13: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/13.jpg)
CORPORATE SURVEILLANCE & ADBLOCKERS
Personal data is used to direct advertising that is tailored to our behaviour & online activity
Behaviour such as using flash players or watching films full-screen tell others about us
How to avoid trackers:DuckDuckGo SearchPrivacy Badger (Chrome or Firefox)uBlock Origin (Chrome or Firefox)Use Chrome if not Tor Browser
![Page 14: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/14.jpg)
![Page 15: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/15.jpg)
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
The Digital Public Library of America has migrated its system to HTTPS
Can we encourage libraries in Scotland to do the same?
![Page 16: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/16.jpg)
SECURE COMMUNICATIONS
Emails are postcards – contents are visible to anyone who wants to look at it
Email is neither secure nor private PGP email encryption is the only way to have
private email – but require high levels of tech literacy
Secure comms:Email – PGP, Riseup, ProtonmailVoice Calls – Signal, Ostel & Silent PhoneText messaging – Signal & Wire
![Page 17: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/17.jpg)
ANONYMOUS BROWSING
![Page 18: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/18.jpg)
Tor & ANONYMOUS BROWSING
• Obscures your real IP Address• Prevents cross-site correlationBlocks cookies &
scripts • Writes nothing to disk • Some usability barriers
![Page 19: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/19.jpg)
(Incidentally if you know of a library who will be interested, please grab me after the
session or email [email protected])
SHAMELESS PLUG No. 1
![Page 20: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/20.jpg)
TOOLKIT
• To extend the reach of these workshops we are developing a toolkit that will be shared to libraries across Scotland.
• With a focus on:• Librarians• Library staff & volunteers• Archivists• Information Services• IT Departments
• This will be used to train library professionals & support the development of training or digital literacy classes for library users.
![Page 21: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/21.jpg)
TOOLKIT STRUCTURE
IntroductionInvestigatory Powers BillThreat ModellingPasswordsCorporate Surveillance & Ad TrackersSecure CommunicationsTor & Anonymous Web BrowsingGlossary of TermsGlossary of Tools - Linklist
![Page 22: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/22.jpg)
PROJECT OUTLINE: Toolkit
Developed with SLIC, CILIPS, Library Freedom Project & Scottish PEN
Built with input from librarians, staff members, volunteers, users and…..
…you!
![Page 23: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/23.jpg)
SHAMELESS PLUG No.2
• We are looking for individuals to be part of a focus group to help us develop the toolkit
• If you would be interested in taking part, please let me know or contact [email protected]
• To be held in early 2017 in Glasgow
![Page 24: Surveillance, digital security and privacy in libraries](https://reader033.fdocuments.in/reader033/viewer/2022042706/589aa4f01a28abfc1a8b6055/html5/thumbnails/24.jpg)
THANK YOU FOR YOUR TIME
But remember…