JC Confidential

bq.I stuck my neck out and got it chopped off. You violate policy and there’s no more discussion. I was fired for trying to do the right thing … helping to return a wallet. I thought I was doing a good deed. – “Steve Roberts(Librarian fired for good deed that violated confidentiality)”:http://www.zwire.com/site/news.cfm?newsid=13926435&BRD=1459&PAG=461&dept_id=155725&rfi=6 via [“Lisnews.com(Librarian fired for good deed that violated confidentiality)”:http://www.lisnews.com/article.pl?sid=05/02/10/0959201] Rules are rules, and as much as we all sometimes think that they are made to be broken, some of them are not. I have been where he was, but I chose to follow the policy and not violate state law. And my supervisor confirmed that I did the right thing. It is unfortunate that he lost his job over it, but he seems to have been well aware of the consequences.

Selling Fingerprints

Want to sell your personal property in California? You may be “required(Spot On: The game-resale crackdown)”:http://www.gamespot.com/news/2004/04/30/news_6094652.html to include a fingerprint with it. Jon Asato “points out(Only Terrorists Resell Games)”:http://www.jonasato.com/archives/cat_privacy.html#000066 that includes books.

Richard Clarke and Libraries

bq.Q. Some civil libertarians might say that you’re not anonymous in the library. I routinely log into the public library, find and request books, and they’re delivered to my local branch. They have a record of my transactions and know what I’m reading. Law enforcement groups can access those records. Didn’t they pursue the Unabomber by seeing who was reading what?
bq.A. I think the larger point is that there ought to be places in cyberspace where you can be anonymous. If I want to go to a Web site and read about heart problems, I don’t want my insurance company knowing that. I believe that strongly. But there also ought to be places in cyberspace which you can enter only if you’re willing to have some kind of certification of your identity. from “CyberSecurity Czar – An Interview with Richard Clarke(CyberSecurity Czar – An Interview with Richard Clarke)”:http://www.onlinesecurity.com/Community_Forum/Community_Forum_detail147.php

Anonymity, Thy Name is…

In conjunction with Movable Type 3.0, they are introducing a new service, “TypeKey(TypeKey Authentication Services)”:http://www.typekey.com/. As is typical in the blogosphere, merely the “hint( More TypeKey Information)”:http://www.movabletype.org/news/2004_03.shtml#000926 of how it will work has elicited a number of strong opinions both “for(TypeKey? You Blow Me)”:http://diveintomark.org/archives/2004/03/22/you-blow-me and “against(TypeKey: The Patriot Act of Weblogging)”:http://weblog.burningbird.net/fires/technology/typekey_the_patriot_act_of_weblogging.htm it. And “questions(Questions for SixApart)”:http://blogs.law.harvard.edu/crimson1/2004/03/20#a1327 and “more questions(Questions for Dave Winer)”:http://www.plasticbag.org/archives/2004/03/questions_for_dave_winer.shtml and “even more questions(Six Apart’s FAQ on TypeKey)”:http://blogs.law.harvard.edu/crimson1/2004/03/23#a1396. However, at this point, since it has received the “endorsement(Movable Type 3.0 and MT-Blacklist)”:http://www.jayallen.org/comment_spam/2004/03/movable_type_30_and_mtblacklist of Jay Allen, whose extraordinary tool has become an “essential part(Comments on Comment Spam)”:http://www.libraryplanet.com/2004/01/spam of the operations around here, I can pretty much assure you that I will be an avid TypeKey user. But I was really struck by the whole issue of anonymity. This is my personal belief. There is no such thing. You can take steps to limit your exposure by signing up for an “anonymous e-mail account(Will anonymous e-mail become a casualty of war?)”:http://www.cnn.com/2002/TECH/internet/02/13/anonymous.email.idg/. But if you pay for it with a credit card, it means they have a record, which can be obtained via a court order. If you use a re-mailer, you may be safe, but there is no “guarantee(A Brief History of anon.penet.fi – The Legendary Anonymous Remailer)”:http://www.december.com/cmc/mag/1997/sep/helmers.html. And, of course, everyone who comments on a weblog leaves an ip address behind. Which, is not necessarily that difficult to “track down(Output from ARIN WHOIS)”:http://ws.arin.net/cgi-bin/whois.pl. So here is my advice: decide what level of anonymity you are comfortable with, and conduct yourself accordingly. “That(whois record for: libraryplanet.com)”:http://www.easywhois.com/index.php?domain=libraryplanet.com&next.x=27&next.y=2 is what I do.

Subversiveness @ Your Library

bq.I am a librarian in a medium-sized public library in Washington state. I have always loved the subversive nature of public libraries. Without paying a dime, king and hobo mingle and obtain information on anything and everything. I saw public libraries as havens, places where we protected the rights of all citizens to have free access to information without interference from the government. I’m not saying libraries are safe places. They aren’t now, and they never have been. They are filled with all kinds of revolutionary � and wrong � information. Everyone can find something in a public library to offend and outrage them. At the same time, it was a unique public space where people could get information and view it at their leisure without anyone keeping track of what they were viewing, researching, or reading. That was before the Patriot Act, of course. – “Kim Antieau(A Hysterical Librarian)”:http://www.alternet.org/story.html?StoryID=17845

Cyber Cafes Under Attack

In India, Cyber Cafes are under “attack(India Cracks Down On Cyber Cafes)”:http://www.cbsnews.com/stories/2004/01/19/world/main594240.shtml via onerous “regulations(Mumbai Cafe Owners Up In Arms At Plans To Control Cyber Shops)”:http://www.indolink.com/displayArticleS.php?id=012804122415. Since this is the only access to the Internet most of these people have, it is especially “troubling(Cyber cafes reduced to chat zones)”:http://timesofindia.indiatimes.com/cms.dll/html/uncomp/articleshow/454063.cms. But, of course, nothing like “that(mandated telescreen upheld)”:http://www.lessig.org/blog/archives/001709.shtml would ever happen here in the “United States(Violence Breaks out in Los Angeles Cyber Cafes)”:http://siliconvalley.internet.com/news/article.php/1564001.

Howard Dean and the Smart Card

bq.And isn’t it ironic that in the last week Dean truly has become the Internet’s candidate. I’ve watched him in interviews with CNN reporters explain how their business really works. Dean blinked between his ascendence and Iowa, he thought he had to join up with the established system in order to win. Of course they kicked his ass, and that was the biggest favor they could do for us. Now we truly have a candidate, and even if we lose this election, the process is inexorable, the US political system is ours. – “Dave Winer(Is Dean the Internet’s Candidate?)”:http://davenet.scripting.com/2004/01/27/davenetIsForEpiphanies
bq.We must move to smarter license cards that carry secure digital information that can be universally read at vital checkpoints. Issuing such a card would have little effect on the privacy of Americans. On the Internet, this card will confirm all the information required to gain access to a state (government) network–while also barring anyone who isn’t legal age from entering an adult chat room, making the Internet safer for our children, or prevent adults from entering a children’s chat room and preying on our kids…Many new computer systems are being created with card reader technology. Older computers can add this feature for very little money. – “Howard Dean(Dean should come clean on privacy)”:http://news.com.com/2010-1028-5146863.html I am not sure that “ironic” is the word that I would use.

Reading Your Record

The first thing that came to mind when I read about this proposed law on “Library Records for Children(Libraries may have to tell parents what kids borrow)”:http://www.jsonline.com/news/state/nov03/182605.asp is that if the parents want to know what their children are checking out, they should ask them. And if there is such a lack of communication that they can’t get the answer, there are probably larger issues in the family than what items the child has been checking out. Letting parents know what items are overdue is a practical matter. Florida managed to “relax(Relaxing Confidentiality)”:http://www.libraryplanet.com/2003/05/confidentiality the one restriction without relaxing the other. Letting the parents know what items are checked out is probably a dead issue for most of those who truly care. With online access to accounts (and armed with the proper identification), the parent can do their own looking. Which brings me to another point: Polaris 3.0 has implemented the Reading Record functionality which is intended “mainly(Bookstore and Subpoenas)”:http://www.libraryplanet.com/2001/04/subpoenas for the aid of people who can’t remember what books they have and haven’t read. As I said once before, if you are concerned about this, take the time to “ask(The FBI, Libraries, and You)”:http://www.libraryplanet.com/2002/06/fbi.

Unique Verifiable ID

bq.Here’s the scary bit: one of the industry guys said that their big legislative priority is to try to create a regime where you have to register with a unique, verifiable ID to access the Internet. No doubt the next step would be to take away that ID as punishment for “misconduct” on the Internet. Shades of Vernor Vinge’s True Names. – “Glenn Reynolds(At Lunchtime Today)”:http://www.instapundit.com/archives/011909.php

Google is my Passport. Verify me.

bq.I was on the phone trying to consolidate two mileage accounts on the same airline. The operator needed the address, phone number and other details of the card I had registered in 1996. I had no idea. I started googling. Bits and pieces were all over the Net. I was able to “authenticate” my identity based on this info including my phone number in a mailing list post that I found. Where would I be without Google. On the other hand, I wonder if we have to think about better authentication for the post-Google era. Don’t blog about your mother’s maiden name or the name of your pet. – “Joi Ito(“authenticated” my ID with Google)”:http://joi.ito.com/archives/2003/08/26/authenticated_my_id_with_google.html