The American Library Association (ALA) provides a variety of interpretations of the Library Bill of Rights, one of which is through the lens of privacy. Since 1939, the ALA has placed a high importance on the individual’s right to privacy (“Privacy”, 2006). An alternative framing of the Library Bill of Rights examines minors and their use of the internet. This interpretation acknowledges that the internet can enrich both the academic and social lives of young people, but also raises concerns over the balance between their free speech and privacy (“Minors and Internet Activity”, 2009). This, along with other risks facing young library users, is why librarians should make it a point to teach teens more about online privacy tools. This paper will outline various resources that librarians can provide to their patrons.
In “The Future of Library Services for and with Teens: A Call to Action” (Braun, Hartman, Hughes-Hassell, & Kumasi, 2014), the Young Adult Library Services Association (YALSA) places the intellectual freedom of teens as one of their core values, with an emphasis on teens’ First Amendment rights “to interact with information in all formats” (p. 21). The report highlights that over 81% of teens use at least one social media network (Braun et. al, 2014, p. 3). This use of social media can be beneficial for teens as it allows for self-expression (Mitrano, 2006, p. 20). Teens often take measures to protect their account privacy to avoid snooping parents (Vickery, 2015, p. 281).
In spite of their actions, teens still face other risks online and on social media. A YALSA position paper by Mary Chelton states that FBI Guidelines suggest “increased surveillance of adolescents deemed ‘at risk’” (2017). Social media and internet use leave teens highly susceptible to surveillance (Chelton, 2017). The FBI isn’t the only group watching teens—privacy is also an alarming issue in schools. Schools that issue computers and tablets to students can also invade users’ privacy (Alim, Cardozo, Gebhart, Gullo, & Kalia, 2017). This white paper points out a number of issues, including lack of transparency, missing privacy policies and failure to encrypt and de-identify student data (Alim et al. 2017, p. 6). The authors suggest that librarians conduct privacy audits of the school district’s educational technology system, advocate for student privacy and teach students about privacy and digital literacy (Alim et al., p. 35).
Despite the precautions that young people take online, there is plenty left for them to learn. The ALA established Choose Privacy Week in 2010 to bring attention to library patron privacy “in a digital age” (Maycock, 2010). Choose Privacy Week is sponsored by the ALA Office for Intellectual Freedom, and provides program and activity ideas for school, academic, and school librarians.
The proposed activities for school libraries, regardless of grade level, place a strong focus relating constitutional rights—particularly the First Amendment—to teaching standards across subjects (American Library Association [ALA], 2010). The suggested activities for middle schoolers do not touch on online privacy. The instruction for high school students, however, can touch on a variety of concerns. By reviewing current articles on privacy issues, discussion topics can include Facebook, cell phones and GPS, cookies, and school surveillance (ALA, 2010, p. 40).
Choose Privacy Week activities for academic and public libraries can also be taught to young adults. Screenings of films like Minority Report or The Net can be followed by discussions about privacy, technology, surveillance and identity theft (ALA, 2010, p. 29-30). Discussion groups can take place after reading books related to privacy; one recommended title is Cory Doctrow’s Little Brother (ALA, 2010, p. 21), which is available for free download on Doctrow’s website.
Most of the programs and activities offered up by the ALA for Choose Privacy Week seem great for raising awareness around online privacy issues, but do little to teach young patrons how to protect themselves online. The most direct way to teach online privacy is through workshops. Fortunately, there are a variety of open resources for librarians to use.
One of these is the Library Freedom Project (LFP). Funded by the Institute of Museum and Library Services (IMLS), LFP is a “syndicate of librarians, technologists, attorneys, and privacy advocates dedicated to eliminating mass surveillance from our libraries and communities” (Library Freedom Project [LFP], n.d.). Another open source is the Security Education Companion (SEC), a project of the Electronic Frontier Foundation (EFF). The SEC provides multiple privacy lesson plans for educators.
After reviewing LFP’s Teen Privacy Guide and the SEC lesson plans, I found concepts and tools that should be considered essential in online privacy, along with open source tools that librarians can introduce patrons to.
The EFF explains “the minimum viable teaching” (Security Education Companion [SEC], n.d.) on the SEC site. The most important concept is encryption, which translates information to be unintelligible without decryption (SEC, n.d.). The Teen Privacy Guide from LFP points users to disk encryption programs for Mac, Windows, and Linux operating systems (LFP, 2015). Both groups promote the use of Signal. Signal is a free, open source messaging application provides encrypted communication (text or calls) between two users on mobile or desktop devices (Signal, 2018). SEC and LFP both recommend using secure websites through HTTPS (SEC, n.d., LFP, 2015). The EFF offers a browser extension, HTTPS Everywhere, which redirects users to the HTTPS version of a website if it’s available (EFF, n.d.).
Both the EFF and the LFP recommend using passphrases and password managers (SEC, n.d.; LFP, 2015). A passphrase is a string of random words—the EFF recommends six (Electronic Frontier Foundation, n.d.). Passphrases are more difficult to crack than the 8-15 character alphanumeric passwords you might be used to setting (see Appendix A for a visual) (Bonneau, 2016). Password managers like KeePass, LastPass and 1Password are useful tools that encrypt passwords with an encryption key of the user’s choosing (SEC, 2018).
Beyond these essentials are more complex tools, like Tor Browser. This web browser sends a user through a network of “nodes” before landing at the desired website, thus concealing the user’s original IP address (Macrina, 2015). It is important to note that Tor Browser does not encrypt webpages, so HTTPS must be used separately (Galperin, 2012). The Kilton Public Library in New Hampshire is the first library in the country to host a Tor node on its servers (Peralta, 2015).
In addition to hosting a Tor node, the Lebanon Public Library system offers resources in an Online Self Defense section of their website (Lebanon Public Libraries, n.d.). The San José Public Library in San José, California, offers a Virtual Privacy Lab on their website in English, Spanish, and Vietnamese (San José Public Library, n.d.). These resources are both formatted in a way that is not visually overwhelming, and make it easy for connected users to learn at their own pace.
There are challenges that librarians might face in regards to teens and online privacy. One deals specifically with social media platforms; as previously mentioned by Mitrano, social media can be beneficial for teens’ self-expression (2006, p. 20). Brownstein says that using social media is a transaction, where pieces of personal information pay for the use of the service (as cited by Lamdan, 2015, p. 268). The big issue with this system is that users cannot negotiate the terms of use (Fischer, 2013). Lamdan calls for librarians to “infuse online social media with the privacy boundaries established in librarian ethics” (p. 271). This echoes the report from Alim et al. that calls for librarians to work as advocates for student privacy (p. 35).