Participatory Approaches for Designing and Sustaining Privacy-Oriented Library Services

Authors _ Scott W. H. Young (swyoung@montana.edu), Montana State University, Paige Walker (paige.walker@bc.edu), Boston College, Shea Swauger (shea.swauger@ucdenver.edu), University of Colorado Denver, Michelle J. Gibeault (mgibeault@tulane.edu), Tulane University, Sara Mannheimer (sara.mannheimer@montana.edu), Montana State University, and Jason A. Clark (jaclark@montana.edu), Montana State University

Privacy is a long-held value of information professionals, but new technologies of the contemporary digital age pose new risks to privacy. In an effort to build participatory, profession-wide action in support of designing privacy-oriented library services, two groups were formed with the goal of generating ideas and sustaining action: the National Forum on Web Privacy and Web Analytics, and Digital Library Federation Technologies of Surveillance Working Group. In this paper, members of these two groups present case study descriptions and analysis via reflective self-assessment. The authors discuss how these groups can serve as models of participatory action for integrating the value of privacy into the design of library services, technologies, policy, and outreach.

The respect and protection of privacy has been a central tenet of library values for the past century, but digital technologies challenge this ideal in many ways. Information professionals looking to adopt new technologies are often challenged to balance the advertised and real benefits with the more nebulous and concealed reach these technologies have into the personal data and lives of their users. This represents a significant problem for librarians today—how can leading technologies integrate into library services while at the same time protect the privacy of library users?

The goal of this paper is to offer an investigation of this question through a discussion of two participatory initiatives: the National Forum on Web Privacy and Web Analytics (henceforth: Privacy Forum), which represents a mechanism for generating design ideas through participation design approaches, and the Digital Library Federation (DLF) Technologies of Surveillance Working Group (henceforth: ToS Working Group), which represents a mechanism for sustaining those ideas through community engagement. In late 2017, the ToS Working Group formed to facilitate five subgroups, each of which is devoted to a different aspect of privacy: advocacy, instruction and outreach, library-built technologies, professional research ethics, and vendor-built technologies. In these groups, participation is open to all and meetings serve as peer-mentorship spaces for professionals to collaborate, voice concerns, and create deliverables. Within the same year, the Institute of Museum and Library Services (IMLS) funded the Privacy Forum. This event convened known experts in the field to discuss the impact of web analytics on library values.

There was some overlap in participants between the ToS Working Group and the Privacy Forum. This benefitted both communities, since these participants not only reported back from their engagements, but also introduced the teams and liaised between them. After a year of collaboration, members of both the Privacy Forum and the ToS Working Group have convened to write a reflective self-assessment upon their individual groups as well as their work together. In particular, this writing encompasses how their diverse strategies regarding community collaboration, shared leadership, and actionable agendas served to propel them to better integrate privacy awareness into the design of library technologies as well as the fabric of the library and information community.

Background and Context

Professional Commitments to Privacy

Data are generated through the use of library spaces, services, and collections. A closer inspection of this data reveals its sensitive nature, since much of it can be traced to the individual identities of library patrons. For over a century, the professional responsibilities of librarians have included stewardship of library data, and this stewardship is guided by professional values that uphold individual rights to privacy, intellectual freedom, and confidentiality (ALA 2019a, 2019b; IFLA 2015a). In our role as data stewards, members of the library and information science (LIS) professional community have become trusted advocates for privacy and the democratic principle of intellectual freedom that privacy protects (Ard 2016; Anderson 2018). This trust is drawn from a long professional history of offering safe spaces for intellectual freedom underpinned by a commitment to privacy in the pursuit of information (Million and Fisher 1986; Sutlieff and Chelin 2010).

The history of addressing privacy within the library community is expressed through such documents as the American Library Association (ALA) core values statement (ALA 2019a) and the International Federation of Library Associations and Institutions’ “IFLA Statement on Libraries and Intellectual Freedom” (IFLA 2015b). Professional commitments to privacy are also evident through community-oriented initiatives such as the Library Freedom Project (“Library Freedom” 2019) and the Library Information Technology Association (LITA) Patron Privacy Technologies Interest Group. Librarians feel that privacy work is important and resonates with the core values of the profession (Zimmer 2014). This goal of achieving privacy is complicated, however, in the move from discourse to practice, where library settings are multi-faceted, complex, and heterogenous. Librarians serve within many different kinds of libraries and institutional settings. School, public, and academic libraries have unique contexts and the particulars of their institutional settings fundamentally shape their infrastructures, including the adoption of privacy-invading technologies (Adams 2005). Although the broader problem is consistent, the dynamics of the details make coordinated action and planning for disparate contexts difficult. Nonetheless, the responsibilities of school and academic libraries to support education while also shaping expectations for libraries in everyday life is added pressure to take action (EFF 2017; IFLA 2017).

Contemporary Technologies and New Risks to Privacy

The contemporary digital age has introduced new technologies that pose new privacy risks. On the one hand, these technologies can produce data that provide insights that improve services or demonstrate value to external stakeholders. Despite the evident usefulness of this data, the privacy risks of these technologies can be in tension with our profession’s long-standing privacy norms and values. Contemporary conversation has focused on this tension—technologies that are presented as neutral or beneficial, yet present risks to privacy. Learning analytics, for example, represents a new technology that offers complicated tradeoffs of privacy and data (Hoel and Chen 2018; Hathcock 2018). For-profit companies that sell learning analytics products to institutions are also selling an overly simplistic idea that more data enables greater insights, that students today would rather trade their privacy for efficiency, and that by purchasing data-collecting systems, colleges and universities are embracing innovation and the future (Jones and Salo 2018). Likewise, school and academic libraries may be asked to integrate library use data with educational technologies that seek to better understand the dynamics of learning. Many of these learning analytics systems are inattentive to the researcher’s right to privacy (Jones 2017). For people who care about privacy, this is a difficult cultural narrative to combat, as Silicon Valley-style surveillance capitalism is becoming more enmeshed in education administrative values (EFF 2017; Cook 2019; Zuboff 2019).

Similarly, libraries have recognized the usefulness of web analytics and other tracking technologies (Yang and Perrin 2014; Conrad 2015; Farney 2016). The usage measurements generated through tracking software can help tell a story of impact for library stakeholders, including funding agencies, administrators, and community boards. Furthermore, analytics serve a role for improving services and user experiences (Fagan 2014; Vecchione, Brown, Allen, and Baschnagel 2016; Farney 2018). For example, Google Analytics—the powerful, comprehensive, and easy-to-install software package—has emerged as a leading choice for web analytics in libraries. From the perspective of monetary cost, Google Analytics is free to use, a factor that amplifies its widespread use. From the perspective of user privacy, however, Google Analytics is not free to use. As a third-party web tracker, Google Analytics participates in a vast network of third-party tracking on the web that exposes user data to additional trackers (Englehardt and Narayanan 2016). Data collection and data sharing on the web via Google’s trackers and many other trackers is widespread (Solomos, Ilia, Ioannidis, and Kourtellis 2019). In many cases, the user has not given fully informed consent for this data sharing, nor does the website owner fully understand the capabilities and consequences of web analytics and other third-party trackers. The widespread implementation of commercial analytics packages such as Google Analytics on library websites may conflict with the library profession’s long-held values of privacy and intellectual freedom (Coalition for Networked Information 2016; O’Brien, Young, Arlitsch, and Benedict 2018).

Contemporary technologies such as learning analytics, web analytics, and data warehousing represent opportunities for new insight related to library services, but they also present new threats to privacy that must be carefully considered and addressed (Yoose 2017). The scope and complexity of today’s technology and privacy landscape compel LIS professionals to think and act in concert to move toward protecting sensitive data.

Designing with Participation

Designing library services with participation means including the viewpoints and values of the stakeholders impacted by a service, especially the professionals who are responsible for the service and the users who interact with the service (Kensing and Greenbaum 2013). Participatory design as a methodology for inclusion originated in 1960s Scandinavia, where a number of different academic research teams collaborated with trade union workers to co-develop and apply a process of participation in the design of technology products and services (Bjerknes and Bratteteig 1987; Ehn 1993). Participatory design is defined by an adherence to a set of operational principles, including mutual learning, shared power, recognizing equal expertise among participants, and co-determination of the final product (Robert and Simonsen 2013).

The practical implementation of participatory design is realized through interactive tools and techniques, notably though interactive workshops where professionals and users work side-by-side to articulate and achieve shared goals, often by completing play-oriented exercises and games (Gray, Brown, and Macanufo 2010). Participatory methods have been applied in libraries to co-design services with multiple distinct stakeholder groups (Costantino et al. 2014; Gamboni 2017; Young and Brownotter 2018; Tewell 2019). Library services are known to be complex operations that require multi-stakeholder support. When library services affect patron privacy, relevant stakeholders may include librarians who hold privacy as an essential professional value (Nichols Hess, LaPorte-Fiori, and Engwall 2015; Asher 2017) and patrons themselves who wish to protect privacy and intellectual freedom at the library (Jones et al. 2019). We posit that participatory design, as a methodology for inclusive, multi-stakeholder creativity, is well-suited for building and sustaining privacy-oriented library services. The principles and practices of participatory design offer a framework for convening stakeholders, co-creating services, and sustaining implementation.

Privacy Advocacy and Action

The LIS community has a strong record of advocating for action that protects privacy. Notable recent examples include grant-funded projects such as the Library Freedom Project, an IMLS-backed initiative that trains library staff in fundamentals of digital privacy and security and provides them with resources to train their own patrons (“Library Freedom” 2019). In addition, Alameda County Library’s Privacy Advocacy Guidelines Project is another IMLS-funded endeavor that seeks “to further an extensive privacy knowledge plan by actualizing the findings in a practical application” (IMLS 2019). Beyond grant-funded project work, the LIS community has increasingly spoken out against data collection controlled by third-party vendors, evidenced by recent widespread debates for and against the Resource Access for the 21st Century initiative, otherwise known as RA21, which swayed Elsevier to be more transparent about its proposed data collection and storage (Carpenter 2018; Hinchliffe 2018).

The LIS profession has also witnessed increasingly widespread concern about digital surveillance as libraries in the United States grapple with the consequences of facing Immigration and Customs Enforcement (ICE) in the wake of the USA PATRIOT Act (Jaeger, McClure, Bertot, and Snead 2004; Matz 2008; Carpenter 2015; Lamdan 2019). Libraries have also worked to enhance the privacy of web protocols (Askey and Arlitsch 2015), web analytics (Chandler and Wallace 2016), and Cloud-based library services (Kritikos and Zimmer 2017). Profession-wide training and conversations about the implications of digital surveillance have strengthened the field’s stance against unnecessary data collection and have provided us with tools and partnerships necessary to understand complex technological issues, raise awareness for privacy, and advocate against surveillance.

The two project discussions below demonstrate participatory approaches for designing and sustaining privacy-oriented library services.

Project Overview and Thesis Statement

The authors of this paper are coordinators and members of two community efforts to support privacy in libraries—the DLF ToS Working Group and the Privacy Forum. This article examines how the two projects work together to model a way forward for addressing privacy in our socio-technical environments and systems. The model we suggest is grounded within existing, community-based entities to support privacy-oriented library services. We have recognized that designing library services with an eye toward privacy requires creative and critical space for facilitating idea generation as well as a plan for implementing and sustaining the ideas.

The goal here is twofold: to connect our current efforts and activities with our professional ethics, and to establish (or re-establish) spaces for the work of privacy advocacy and productive action for responsible implementations of our technology. In this case, the Privacy Forum and the ToS Working Group offer a community and a space for implementation. In our discussion, we describe the operations of the Privacy Forum and the ToS Working Group, with recommendations for practice and implementation using reflective assessment as a method of analysis. In our analysis, we discuss how the Privacy Forum and the ToS Working Group offer a model for participatory approaches to designing and sustaining privacy-oriented library services: the Privacy Forum represents an approach for generating ideas through community participation, and the ToS Working Group represents a sustainability engine for maintaining and advancing those ideas.

Project Descriptions

In the sections below, we provide descriptions of the Privacy Forum and ToS Working Group, structured into subsections for overview, origins, and operations, followed by an analysis of our experiences via reflective self-assessment.

A National Forum on Web Privacy and Web Analytics

Overview

The Privacy Forum was a conference event driven by the need to build a community understanding and practice of web analytics with a view toward librarianship’s unique commitment to privacy. The Privacy Forum was held in September 2018 in Bozeman, Montana, where 40 librarians, technologists, and privacy researchers collaborated in producing a practical roadmap for enhancing analytics practice in support of privacy. The event was directed by Scott W. H. Young, Sara Mannheimer, and Jason A. Clark, and it was supported by a grant from the Institute of Museum and Library Services (IMLS 2018).

Origins

This project began with the recognition that web analytics are useful for telling stories of library impact and for improving library services. At the same time, library professionals and patrons alike value privacy. When our analytics technologies collect too much data about our users or trade user data with third parties without fully informed consent, the privacy of our users is threatened. Given our professional commitments both to service and to privacy, how can we chart a path forward that allows us to achieve positive user experiences as well as privacy? The Privacy Forum was convened to help answer this question.

Operations

Over two and a half days at the Privacy Forum, a diverse group of participants completed a sequence of design exercises that culminated in the co-production of eight Pathways to Action for enhancing privacy and analytics in libraries (Young, Mannheimer, Clark, and Hinchliffe 2019). The Pathways represent distinct project or program ideas that advance LIS theory and practice related to privacy and analytics, such as a privacy-focused assessment toolkit, model license language for negotiating with third-party vendors, a privacy research institute, and a privacy module that can be embedded within leadership training programs. The process of producing the Pathways was based on participatory co-design described above, combining the values-based approach of Robertson and Simonsen (2013) with the game-based approach outlined by Gray, Brown, and Macanufo (2010). Within this structure, participants enact values of power sharing, mutual learning, and equal expertise with the goal of generating shared ideas for solving a shared problem (Kensing and Greenbaum 2013; Young and Brownotter 2018).

To shape the Privacy Forum’s activities, participants completed a pre-event survey that revealed a set of common areas of interest (Young, Mannheimer, and Clark 2019). These areas included partnerships and collaborations, ethics, privacy and justice, policies, education and professional development, and analytics alternatives. Participants were then organized into these groups based on thematic responses to the pre-forum survey. Small groups completed activities following a three-phase structure: (1) inquiry into the topic area of privacy and analytics; (2) idea generation focused on developing strategies for addressing the issues that emerged during the first phase; (3) evaluation and selection of the strategies that emerged during the second phase. As an illustration of a Phase 1 activity, participants completed Float Your Boat (figure 1).

In this activity, participants were asked to draw a boat that represented public education and engagement related to privacy issues. Participants then attached anchors and sails to the boat, with the anchors representing obstacles and challenges, and the sails representing strengths and aptitudes. The goal of this activity is an investigation of the topic area of privacy in libraries, and the outcome is a metaphorical boat that demonstrates the strengths and challenges of achieving privacy in libraries. As a participatory activity, the figure of the boat and its attendant parts such as sails, anchors, waves, and landscape present a creative mechanism for participants to communicate individual ideas, mutually learn from one another, connect around shared concerns, and dialogue together as a group in an environment where participants’ diverse expertise is each recognized as equally valuable to the process.

The outcomes of participatory design focus on two main categories: practical and political (Robertson and Wagner 2013; Bratteteig and Wagner 2016). Practically, participatory design seeks to create a new tool or service that can be implemented in the real world. Politically, participatory design seeks to empower and elevate diverse voices equally through the process of co-creation. Combining the practical with the political, participation in design seeks to create a practical tool or service that results in improved material and social conditions for the participants and other stakeholders. For our part, the Privacy Forum produced the Pathways, which represent a set of eight implementable ideas for designing privacy-oriented library services. Additionally, the Privacy Forum produced an Action Handbook that includes technical and social recommendations for enhancing analytics practice with a view toward privacy (Young, Clark, Mannheimer, and Hinchliffe 2019). As a model of co-creation, the Privacy Forum can serve as a useful point of reference in activating community participation for idea generation. And as an example of participatory design, the Privacy Forum applied participatory practices for co-developing new ideas for library tools and services that integrate privacy values and action at the initial stages of ideation.

Digital Library Federation—Technologies of Surveillance Working Group

Overview

The ToS Working Group interrogates the methods and ethical implications of surveillance technologies and seeks to establish guidelines for how to operationalize the critical interrogation of technology wherever we encounter it in our profession. The group is further interested in developing approaches for more effectively embedding privacy into library services, policies, and pedagogy. Group participation totals approximately 120 professionals as of this writing and is drawn primarily from member institutions of the DLF.

Origins

The working group was formed at the 2017 Digital Library Federation Forum annual conference in the session “Surveyance or Surveillance? Data Ethics in Library Technologies” (Shorish, Swauger, and Riordan 2017). Led by Yasmeen Shorish, data services librarian at James Madison University, and Shea Swauger, researcher support services department head at Auraria Library, the session was designed for participants to be able to (1) identify systems and structures that may be used for surveillance, and (2) evaluate existing systems at their home institution.

Operations

Operational aspects of the ToS Working Group are documented via the group’s Wiki (“Technologies of Surveillance—DLF Wiki” 2017) and Open Science Framework (OSF) space (“DLF Technologies of Surveillance Working Group [ToS]” 2018). We used DLF’s Code of Conduct and facilitation best practices documents to guide how our group functioned (Digital Library Federation 2019). The initial community response was enthusiastic; around 65 people joined the first meeting and we began defining what the group wanted to work toward. Participants self-sorted into five thematic subgroups:

• Library-Built Systems, to investigate the systems that libraries create, such as open source repositories
• Vendor-Built Systems, to investigate the systems that libraries purchase or lease, such as an ILS (integrated library system) or database
• Instruction and Outreach, to investigate outreach and instruction strategies for our communities on topics related to data collection and privacy
• Professional Research Ethics, to investigate surveillance ethics in library-based research
• Advocacy, to investigate how to resist administrative pressure to surrender library data to campus authorities and/or engage in privacy-damaging assessment practices

Members were initially charged with reviewing the code of conduct, evaluating communication mechanisms, and determining the direction of the subgroups. The work became largely driven by the subgroups, which set their own priorities, deadlines, and deliverables. Large group meetings provided a way for members to communicate updates and hear from other subgroups, ask questions, or seek help.

In the two years since the group has been formed, we have found that applying critical methods and theories to technology and data takes time, an interdisciplinary approach, and a willingness to feel uncomfortable, all of which are difficult to do on one’s own. Moreover, inviting others to join in this process—which if taken seriously, puts into question institutional practices, strategic initiatives, and enormous amounts of money—can be daunting. As librarians, we want to work according to our professional values and in balance with technologies that improve services. Recognizing that analytics and other data collection technologies have valuable uses, we aim to identify metrics and methods for measuring use of our systems and providing our users with the personalized services they expect—without devolving into outright surveillance.

Bringing Together the Privacy Forum and the ToS Working Group

When the leadership teams of the Privacy Forum and the ToS Working Group became aware of each other’s initiatives, there was a dual recognition that combining efforts would be complementary and beneficial for achieving shared privacy-focused goals. The Privacy Forum focused on creating ideas for new privacy-oriented services, while the ToS Working Group focused on implementing and sustaining such services. Indeed, generating ideas is one thing; transforming those ideas into sustainable action is another. Following the creative idea generation that took place at the Privacy Forum, the project directors realized that the Privacy Forum itself was not equipped to sustain the ideas into the future. Yasmeen Shorish, as a Privacy Forum participant and a co-convener of the ToS Working Group, first suggested that the two groups search for ways to connect their efforts. As a next-step action for the Privacy Forum work, the project director of the Forum, Scott W. H. Young, joined the ToS Working Group as a co-convener. In this capacity, the ideas from the Privacy Forum can find a degree of sustainability and community through the active membership of the ToS Working Group. Through shared personnel and vision, the work of the two initiatives can be directly linked. In one year of active collaboration with Privacy Forum personnel, the ToS Working Group has built and sustained an email listserv, hosted an instructional cryptoparty, and facilitated an action-oriented workshop at the 2019 DLF Forum. The ToS Working Group is further developing the Pathways to Action that were generated at the Privacy Forum.

To further help our two groups come together, our author group—comprising members of both the Privacy Forum and the ToS Working Group—conducted the reflective self-assessment described below. Our reflective process provided a space and structure for us to talk together around shared concerns and goals. We explicate further below.

Method: Reflective Self-Assessment

Overview

Reflective self-assessment is an established method of evaluation (Moon 2004). Within the context of LIS practice, reflective self-assessment has been applied toward information literacy instruction (Sen and McKinney 2014; Macaluso 2014; Tewell 2018), critical library assessment (Magnus, Belanger, and Faber 2018), teaching assessment (McCartin and Dineen 2018), reference services (Graf and Harris 2016), graduate student training (Deitering, Rempel, and Jensen 2018), and LIS education (Booth 2011). For Corrall (2017, 23), “Being a reflective practitioner means using reflection to enhance our practice within and across the separate and related domains of professional activity.” In our context, we applied reflection to generate dialogue, enhance our practice, and drive professional growth among the members of the Privacy Forum and the ToS Working Group. Reflection is a straightforward concept that can yield complex and valuable insights. The approach has been described as “the ability to think about the past, in the present for the future” (Carroll 2009, 43).

Procedure

In conducting our self-assessment, we focused our reflective activities on our individual and shared experiences in leading, coordinating, and participating in either the Privacy Forum and/or the ToS Working Group. Our reflective outcomes were co-developed through a series of dialogues and discussions among our author group. We specifically follow the method outlined by Reale (2017, 81-93), who offers a series of prompts for engaging in reflective dialogue among a group of colleagues. We structured our reflective dialogue around prompts offered by Reale:

• What are you noticing? What surprises you?
• What’s hardest for you? What if it were easy?
• What has worked for you? What approach would be its opposite?
• What limits would you like to break through?
• What data are you seeing, and what story are you telling yourself? What other data are present? What other story might you tell yourself?

Our author group met over several sessions to dialogue through these prompts and to synthesize our responses into thematic summary narratives that represent our shared experiences and viewpoints. To accomplish this, our author group completed the following steps:

• We talked through the self-reflective prompts listed above. During our conversation, we created a set of notes that represented our dialogue. The notes from our dialogue represent the evidence of our reflective self-assessment and comprises the dataset for this paper. (This dataset is available as an appendix below.)
• With a record of our conversation available for analysis, we reviewed the dialogue notes and identified a number of themes present in the reflective self-assessment.
• We reviewed and refined the themes, focusing down to three main thematic insights from the self-assessment.
• Findings and discussion were then organized according to the three main themes, with a focus on translating the themes into actionable recommendations for practice.

In the following sections, we offer an analysis of the Privacy Forum and the ToS Working Group via self-reflective assessment. We present our analysis in the form of recommendations for practice that focus on leveraging community participation toward idea generation and sustainability, with the Privacy Forum serving as a vehicle for idea generation and the ToS Working Group serving as a vehicle for sustainability and implementation. The three main themes of discussion include Multi-Stakeholder Participation, Shared Leadership, and Action Orientation.

As a note to the reader, our discussion below includes a flexible usage of the first-person “we” pronoun. In subsections that are marked specifically for the ToS Working Group or the Privacy Forum, the “we” refers to the respective participants of each project. In the sections for theme overview, challenges, and conclusions, the “we” refers to the full author group. Further, the process of reflective self-assessment can be nonlinear and emergent, and doesn’t always provide the clearest through-line of analysis. Our reflective dialogues were wide-ranging, and our discussion below captures highlights from our conversations as they relate to our central thesis of participatory approaches for designing and sustaining privacy-oriented library services.

Reflective Self-Assessment: Themes

Multi-Stakeholder Participation

Theme Overview

In response to the large-scale issue of privacy and technologies of surveillance, both groups have turned to collective action to move forward. Our two initiatives support participation, solidarity, organizing, communication, coalition-building, and decentralization among multiple stakeholder groups as strategies for responding to technologies of surveillance and designing library services with a view toward privacy. This collaborative strategy also takes advantage of the diverse relevant expertise already extant in the field. However, we have experienced some challenges when coordinating large groups. Empowering leadership and action can also be difficult when privacy advocacy work falls outside of our daily assignments.

ToS Working Group

The inaugural DLF Technologies of Surveillance meeting was widely attended by librarians and information professionals of diverse backgrounds. While the diverse attendees shared in common an ethics-based resistance to invasions of privacy, it quickly became evident that we felt differently about how we wanted to take action. We proposed that the main group split into five subgroups as a way to create different paths forward: Advocacy, Instruction and Outreach, Library-Built Technologies, Professional Research Ethics, and Vendor-Built Technologies. Because each of these groups had a specialized focus, they could be nimbler and more concrete in their action strategies. Additionally, because members self-selected into these groups, they could better align the mission of the group with their own personal ideals and professional interests. Through this structure, we could better recruit and retain members with diverse expertise since it enabled more direct impact on the goals of each subgroup. This incentivized members to dedicate time from their professional lives and in turn reduced the logistical challenges of convening a large group. Although subgroups generated most of the concrete deliverables, it was still necessary to retain the larger umbrella group as a guiding and unifying body.

Privacy Forum

National Forum grants from IMLS are meant to “provide the opportunity to convene qualified groups of experts and key stakeholders . . . to consider issues or challenges that are important to libraries or archives across the nation” (IMLS 2017). The Privacy Forum aimed to bring the right people into a room together, with a goal of developing solutions to the issue of privacy and web analytics. Even with many voices in the room, our participatory design approach allowed us to develop ideas that incorporated a variety of experiences and expertise. As described above, we also created eight Pathways to Action that act as a community-wide research agenda—ideas for privacy-enhancing projects that anyone can take forward (Young, Mannheimer, Clark, and Hinchliffe 2019).

Shared leadership structures

Theme Overview

Achieving meaningful participation relies on shared power and co-determination. This means developing a structure of participation where all participants have a voice in determining the direction of the project, and all participants see their viewpoints represented in the work of the group. For both the ToS Working Group and the Privacy Forum, project leaders served primarily as conveners or facilitators, working collaboratively to co-develop ideas and products with participants and members. All of this work pointed to the necessity of assigning leadership and building a community where people could own the ideas and manage projects collaboratively. Participation, however, requires a degree of time and energy that participants may not have. Shared leadership provides a possible model, but a lack of time and space to do the work is systemic in the LIS community. Some paths forward that need to be considered include diversifying not only membership and leadership, but also the work itself (e.g., output formats); finding funding that allows for co-leadership and prioritizes time and space for the work; putting participatory practices into place that allow contributions to happen asynchronously; and finally, setting up a model for expertise that enables mutual learning and a rotation of leadership as other work and life pressures appear.

ToS Working Group

The subgroup structure of the ToS Working Group helps share leadership vision and responsibility. In terms of output, this structure also reduces the pressure on group leadership to develop their own necessarily limited solutions, instead facilitating diverse perspectives and team-built products. Each group leverages the expertise of its own members to develop diverse outputs. These smaller groups are responsible for managing their own leadership structures, timelines, and outputs, which in turn helps ensure the sustainability of the ToS Working Group as a whole. Average attendance of these smaller meetings usually ranges from five to ten members who provide more personal support and accountability in their participation. It is also easier to accommodate scheduling needs, leadership turnover, and different opinions in these smaller groups as members developed more familiarity and comfort with each other.

Privacy Forum

The Privacy Forum applied participatory design approaches to realize values of shared power and co-determination among all forum participants, including project directors. Participants included library staff, library faculty, library administrators, archivists, undergraduate students, and industry technologists. Data from the pre-forum survey informed group work and participatory activities with the goal of building bridges across disciplinary areas so as to enable new connections and new ideas. The project directors set the sequence of activities, and from there the participants co-determined the direction of idea development and ultimately the selection of the final eight Pathways to Action. By sharing power and allowing participants to co-determine the outcomes via participatory design, the Privacy Forum project directors attempted to model a decentralized, inclusive approach to designing privacy-oriented library services.

Action Orientation

Theme Overview

All of our outputs and conversations pointed to the necessity of practical, applied action. People were interested in applying their learning and seeing results from the work. It was also essential to connect these actions to existing groups and networks, since it gave us a working platform for discussing and implementing our ideas. Beyond the existing networks, both groups registered a need to connect ideas to action. The Privacy Forum’s Action Handbook, where suggested pathways and evaluative metrics were delimited, is just one example (Young, Clark, Mannheimer, and Hinchliffe 2019). All of these calls to action were open by default to encourage and incentivize active participation.

ToS Working Group

By dividing the larger ToS Working Group into five smaller subgroups, subgroup leaders were able to distill their group’s charge into concrete steps, which allowed them to create actionable agendas. These agendas centered around producing useful deliverables for the wider professional community. By focusing on well-defined topics, meeting agendas are well structured and subgroups are able to stay on track as evidenced by the Advocacy group’s Advocacy Action Plan (Bettinger, Burnett, Gibeault, Shorish, and Walker 2019), the Instruction and Outreach group’s instruction curriculum (Bettinger et al. 2019), and the Professional Research Ethics group’s glossary and explainer (Asher et al. 2018). These actionable agendas limited scope creep and helped groups work efficiently and effectively toward practical outputs.

Privacy Forum

Participants at the Privacy Forum ultimately co-produced a set of Pathways to Action. Translating this agenda into action has been a challenge for the Privacy Forum. We have attempted to assign leaders or champions to each Pathway so as to signal ownership, but creating workable time for the Pathway leaders to advance the ideas has proven difficult given conflicting commitments and priorities. Consequently, we have pursued awards of external grant funding as a means of prioritizing effort and marking time, with results still to be determined. More concretely, our Action Handbook represents an immediately implementable set of actions that practitioners can follow for enhancing analytics. Given the scale of the privacy issues, focusing on individual action that connects with broader community efforts provides a capacity and a sense of progress.

Challenges and Opportunities for Participatory Approaches

We note a number of limitations and challenges that constrain community-based privacy action in the LIS profession, particularly internal professional disagreements and logistical challenges. While privacy is an established aspect of the LIS professional identity, the appropriate level of response is not universally agreed upon; some LIS professionals do not address privacy as an area of critical concern (Fisher 2018). Without widescale acceptance of privacy as under threat, and without critical voices supporting multi-stakeholder participation, implementing and sustaining privacy practices will continue to be difficult to achieve. In a more quotidian but still crucial point, we have found that the day-to-day difficulties of scheduling and coordinating among cross-institutional participants can be challenging.

Coordinated, community-driven action in support of privacy can be difficult to achieve. Ideas related to funding sources and the scale of data collection that large technology entities are able to acquire illustrate this problem. In this context, privacy and analytics could be viewed as the lens to critique and raise awareness around the reach and impact of technology in our everyday experience. Both the ToS Working Group and the Privacy Forum looked to understand how certain seemingly benign technologies could be used to create patterns of harm. To return to web analytics as an example, these tools are created ostensibly to help us measure impact and use, but the same information can be tied to IP addresses and contribute to digital redlining. There are opportunities here for LIS professionals. If we recognize the scale of the problem, we can start to advocate for positions filled by experts in how libraries do research and implement practices that safeguard our data and offer a means to use technologies responsibly. A key goal of both the ToS Working Group and the Privacy Forum has been to sustainably and productively channel professional commitments to privacy.

Professional Resources and Future Directions

Our two projects can serve as points of reference to aid others in achieving privacy through participation. To that end, our groups have made available a number of resources for the wider professional community:

• “A National Forum on Web Privacy and Web Analytics: Action Handbook”: https://doi.org/10.15788/20190416.15446
• “A Roadmap for Achieving Privacy in the Age of Analytics: A White Paper from a National Forum on Web Privacy and Web Analytics”: https://doi.org/10.15788/20190416.15445
• “Ethics in Research Use of Library Patron Data: Glossary and Explainer”: https://osf.io/bygj3/
• “Advocacy Action Plan”: https://osf.io/2smrf/
• Instruction and Outreach group’s privacy curriculum: https://doi.org/10.17605/OSF.IO/SEBHF

Moving forward, the eight Pathways to Action produced at the Privacy Forum represent ideas for projects that can embed privacy values into library services, especially web analytics and other tracking software. The Pathways to Action are presented to the wider library community to apply toward action; everyone is invited to creatively reuse the project materials, which are available through the project website: https://www.lib.montana.edu/privacy-forum/.

Efforts toward implementation and sustainability are further represented through the ToS Working Group. Members of the ToS Working Group will continue to interrogate the ethics and implications of library technologies, with a goal of producing practical resources that can help protect the privacy of library users. The future direction of the group will be collaboratively defined with the participant members. To any reader who is motivated to contribute to this work, we encourage you to join our listserv or contact the co-conveners of the ToS Working Group via the group’s website: https://wiki.diglib.org/Technologies_of_Surveillance.

Summary and Conclusion

The National Forum on Web Privacy and Web Analytics and the DLF Technologies of Surveillance Working Group represent two participatory approaches for designing and sustaining privacy-oriented library services. The Privacy Forum represents a mechanism for generating service ideas through participatory design, and the ToS Working Group represents a mechanism for sustaining those ideas through professional participation. In reflecting on the work of our two projects, we have identified three main points that we wish to emphasize: multi-stakeholder participation in library service design, balance between data collection and data privacy, and collective action.

Multi-Stakeholder Participation in Library Service Design

When we see participation in the design of library services come to life through the Privacy Forum and the ToS Working Group, we see a practice of mutual learning and equal expertise that allows diverse voices from multiple stakeholder groups to come together with intention to co-create ideas and practices for achieving privacy. Design is a part of our process in that it establishes intentionality around critical awareness and community engagement, where we draw together diverse stakeholders with a sense of shared purpose to critically evaluate LIS professional commitments and contemporary technologies in order to more effectively integrate privacy into library and information services.

Balance Between Data Collection and Data Privacy

In our experience, we seek a balance between data collection and data privacy. We acknowledge that data collection can produce insights that improves services and can tell a story of value for external stakeholders. At the same time, data collection carries risk of real harm to real users, and we must not only be aware of these risks, but also advocate for those users who would be harmed by intentionally designing services with a view toward privacy.

Collective Action

Finally, we wish to emphasize the essential role of collective action within our profession. Achieving privacy is a profession-wide goal that requires profession-wide effort. Through efforts such as the Privacy Forum and the ToS Working Group, the LIS profession can continue to advance and strengthen our long-standing commitments to privacy advocacy and action. Large-scale efforts toward solidarity, organizing, and coalition-building are warranted in response to new and evolving threats to privacy. Given the professional commitment to privacy and the energy toward action, we see an opportunity and a need for community-oriented leadership regarding privacy and the development of expertise and action that can help achieve privacy for libraries and our wider publics.

Ultimately, the Privacy Forum and the ToS Working Group can serve as models of intentional efforts that support sustainable privacy action, built on a foundation of diverse professional participation.

Acknowledgements

The Privacy Forum was funded by Institute of Museum and Library Services, through grant LG-73-18-0100-18. The authors would like to thank the Digital Library Federation (in particular, Aliya Reich) for hosting and facilitating the Technologies of Surveillance Working Group. We would also like to acknowledge the contributions of Yasmeen Shorish and Lisa Hinchliffe in addition to the members of the Technologies of Surveillance Working Group and participants at the Privacy Forum.

References

Adams, Helen R. 2005. Privacy in the 21st Century: Issues for Public, School, and Academic Libraries. Westport, CT: Libraries Unlimited.

American Library Association. 2019a. “Core Values of Librarianship.” American Library Association. https://web.archive.org/web/20190824190825/http://www.ala.org/advocacy/intfreedom/corevalues.

———. 2019b. “Privacy: An Interpretation of the Library Bill of Rights.” American Library Association. https://web.archive.org/web/20190731212158/http://www.ala.org/advocacy/intfreedom/librarybill/interpretations/privacy.

Anderson, Judy. 2018. “Intellectual Freedom Equals Individual Freedom.” Journal of Information Ethics 27, no. 2: 7–12.

Ard, BJ. 2016. “Librarians as Privacy Advocates.” I/S: A Journal of Law and Policy for the Information Society 13, no. 1: 161–74.

Asher, Andrew. 2017. “Risk, Benefits, and User Privacy: Evaluating the Ethics of Library Data.” In Protecting Patron Privacy: A LITA Guide, ed. Bobbi Newman and Bonni Tijerina (Lanham, MD: Rowman & Littlefield), 43–56.

Asher, Andrew, Kristin Briney, Gabriel J. Gardner, Lisa Janicke Hinchliffe, Bethany Nowviskie, Dorothea Salo, and Yasmeen Shorish. 2018. “Ethics in Research Use of Library Patron Data: Glossary and Explainer.” Digital Library Federation. https://doi.org/10.17605/OSF.IO/XFKZ6.

Askey, Dale, and Kenning Arlitsch. 2015. “Heeding the Signals: Applying Web Best Practices When Google Recommends.” Journal of Library Administration 55, no. 1: 49–59. https://doi.org/10.1080/01930826.2014.978685.

Bettinger, Eliza, Andy Boyles-Petersen, Jen Ferguson, Brandon Patterson, Chelcie Juliet Rowell, Paige Walker, and Karly Wildenhaus. 2019. “Digital Privacy Instruction Curriculum.” OSF. https://doi.org/10.17605/OSF.IO/SEBHF.

Bettinger, Eliza, Mahrya Burnett, Michelle Jude Gibeault, Yasmeen Shorish, and Paige Walker. 2019. “Advocacy Action Plan.” Digital Library Federation. https://doi.org/10.17605/OSF.IO/J5K8S.

Bjerknes, Gro, and Tone Bratteteig. 1987. “Florence in Wonderland: System Development with Nurses.” In Computers and Democracy: A Scandinavian Challenge, ed. Gro Bjerknes, Ehn Pelle, and Morten Kyng (Avebury, UK: Gower), 279-95.

Booth, Char. 2011. Reflective Teaching, Effective Learning: Instructional Literacy for Library Educators. Chicago: ALA Editions.

Bratteteig, Tone, and Ina Wagner. 2016. “What Is a Participatory Design Result?” In Proceedings of the 14th Participatory Design Conference: Full Papers—Volume 1, 141–150. PDC ’16. New York: ACM. https://doi.org/10.1145/2940299.2940316.

Carpenter, Todd A. 2018. “Myth Busting: 5 Commonly Held Misconceptions about RA21.” The Scholarly Kitchen. https://scholarlykitchen.sspnet.org/2018/02/07/myth-busting-five-commonly-held-misconceptions-ra21/.

Carpenter, Zoë. 2015. “Librarians Versus the NSA.” The Nation. https://www.thenation.com/article/librarians-versus-nsa/.

Carroll, Michael. 2009. “From Mindless to Mindful Practice: On Learning Reflection in Supervision.” Psychotherapy in Australia 15, no. 4: 40–51.

Chandler, Adam, and Melissa Wallace. 2016. “Using Piwik Instead of Google Analytics at the Cornell University Library.” The Serials Librarian 71, no. 3–4: 173–79. https://doi.org/10.1080/0361526X.2016.1245645.

Coalition for Networked Information. 2016. “Privacy in the Age of Analytics.” Executive Roundtable Report. Coalition for Networked Information.https://www.cni.org/news/privacy-in-the-age-of-analytics-executive-roundtable-report-available.

Conrad, Suzanna. 2015. “Using Google Tag Manager and Google Analytics to Track DSpace Metadata Fields as Custom Dimensions.” Code4Lib Journal, no. 27 (January). .

Cook, Katy. 2019. The Psychology of Silicon Valley: Ethical Threats and Emotional Unintelligence in the Tech Industry. London: Palgrave Macmillan.

Corrall, Sheila. 2017. “Crossing the Threshold: Reflective Practice in Information Literacy Development.” Journal of Information Literacy 11, no. 1: 23–53. .

Costantino, Terry, Steven LeMay, Linnea Vizard, Heather Moore, Dara Renton, Sandra Gornall, and Ian Strang. 2014. “Participatory Design of Public Library E-Services.” In Proceedings of the 13th Participatory Design Conference: Short Papers, Industry Cases, Workshop Descriptions, Doctoral Consortium Papers, and Keynote Abstracts - Volume 2, 133–136. PDC ’14. New York, NY, USA: ACM. https://doi.org/10.1145/2662155.2662232.

Deitering, Anne-Marie, Hannah Gascho Rempel, and Tim Jensen. 2018. “Reflective Information Literacy: Empowering Graduate Student Teachers.” In Transforming Libraries to Serve Graduate Students, ed. Crystal Renfro and Cheryl Stiles (Chicago: American Library Association), 103–111.

Digital Library Federation. 2017. “Technologies of Surveillance—DLF Wiki.” https://wiki.diglib.org/Technologies_of_Surveillance.

———. 2018. “DLF Technologies of Surveillance Working Group (ToS).” https://osf.io/bdyvq/.

———. 2019. “Code of Conduct.” https://www.diglib.org/about/code-of-conduct/.

Ehn, Pelle. 1993. “Scandinavian Design: On Participation and Skill.” In Participatory Design: Principles and Practice, ed. Douglas Schuler and Aki Namioka (New York: CRC/Lawrence Erlbaum Associates), 41–77.

Electronic Frontier Foundation. 2017. “Spying on Students: School-Issued Devices and Student Privacy.” Electronic Frontier Foundation. https://web.archive.org/web/20190831032719/https://www.eff.org/files/2017/04/13/student-privacy-report.pdf.

Englehardt, Steven, and Arvind Narayanan. 2016. “Online Tracking: A 1-Million-Site Measurement and Analysis.” In Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security. CCS ’16. Vienna, Austria: ACM.

Fagan, Jody Condit. 2014. “The Suitability of Web Analytics Key Performance Indicators in the Academic Library Environment.” The Journal of Academic Librarianship 40, no. 1: 25–34. https://doi.org/10.1016/j.acalib.2013.06.005.

Farney, Tabatha. 2016. “Google Analytics and Google Tag Manager.” Library Technology Reports 52, no. 7: 1–42.https://doi.org/10.5860/ltr.52n7.

———. 2018. Using Digital Analytics for Smart Assessment. Chicago: ALA Editions.

Fisher, Zoe. 2018. “Who Succeeds in Higher Education? Questioning the Connection Between Academic Libraries & Student Success.” Zoe Fisher (blog). April 15, 2018. http://web.archive.org/web/20190320001756/https://quickaskzoe.com/2018/04/15/who-succeeds-in-higher-education/.

Gamboni, Valentina. 2017. “Developing Academic Librarians’ Skills in e-Book Services through Participatory Action Research.” Information and Learning Sciences 118, no. 9/10: 535–46. .

Graf, Anne Jumonville, and Benjamin R. Harris. 2016. “Reflective Assessment: Opportunities and Challenges.” Reference Services Review 44, no. 1: 38–47.https://doi.org/10.1108/RSR-06-2015-0027.

Gray, Dave, Sunni Brown, and James Macanufo. 2010. Gamestorming: A Playbook for Innovators, Rulebreakers, and Changemakers. Cambridge: O’Reilly Media.

Hathcock, April. 2018. “Learning Agency, Not Analytics.” At The Intersection (blog). January 24, 2018. http://web.archive.org/web/20180203034400/https://aprilhathcock.wordpress.com/2018/01/24/learning-agency-not-analytics/.

Hinchcliffe, Lisa Janicke. 2018. “What Will You Do When They Come for Your Proxy Server?” The Scholarly Kitchen. https://scholarlykitchen.sspnet.org/2018/01/16/what-will-you-do-when-they-come-for-your-proxy-server-ra21/.

Hoel, Tore, and Weiqin Chen. 2018. “Privacy and Data Protection in Learning Analytics Should Be Motivated by an Educational Maxim—towards a Proposal.” Research and Practice in Technology Enhanced Learning 13, no. 1: Article 20.https://doi.org/10.1186/s41039-018-0086-8.

Institute of Museum and Library Services. 2017. “National Leadership Grants for Libraries—FY18 Notice of Funding Opportunity.” https://www.imls.gov/sites/default/files/fy2018-nlgl-2-nofo.pdf.

———. 2018. “LG-73-18-0100-18.” https://www.imls.gov/grants/awarded/lg-73-18-0100-18.

———. 2019. “LG-36-19-0073-19.” https://www.imls.gov/grants/awarded/lg-36-19-0073-19.

International Federation of Library Associations and Institutions. 2015a. “IFLA Statement on Libraries and Intellectual Freedom.” International Federation of Library Associations and Institutions. https://web.archive.org/web/20190831032654/https://www.ifla.org/publications/ifla-statement-on-libraries-and-intellectual-freedom.

———. 2015b. “IFLA Statement on Privacy in the Library Environment.” International Federation of Library Associations and Institutions. https://web.archive.org/web/20190831032636/https://www.ifla.org/files/assets/hq/news/documents/ifla-statement-on-privacy-in-the-library-environment.pdf.

———. 2017. “Educational Technologies and Student Data: A Briefing for Libraries.” International Federation of Library Associations and Institutions. https://web.archive.org/web/20190831032614/https://www.ifla.org/files/assets/faife/publications/misc/educational_technology_and_student_data_briefing.pdf.

Jaeger, Paul T., Charles R. McClure, John Carlo Bertot, and John T. Snead. 2004. “The USA PATRIOT Act, the Foreign Intelligence Surveillance Act, and Information Policy Research in Libraries: Issues, Impacts, and Questions for Libraries and Researchers.” The Library Quarterly 74, no. 2: 99–121.

Jones, Kyle M. L., 2017. “Learning Analytics, the Academic Library, and Positive Intellectual Freedom.” Journal of Intellectual Freedom and Privacy 2, no. 2: 7–10. .

Jones, Kyle M. L., and Dorothea Salo. 2018. “Learning Analytics and the Academic Library: Professional Ethics Commitments at a Crossroads.” College & Research Libraries 79, no. 3. https://doi.org/10.5860/crl.79.3.304.

Jones, Kyle M. L., Michael R. Perry, Abigail Goben, Andrew Asher, Kristin A. Briney, M. Brooke Robertshaw, and Dorothea Salo. 2019. “In Their Own Words: Student Perspectives on Privacy and Library Participation in Learning Analytics Initiatives.” In Recasting the Narrative: The Proceedings of the ACRL 2019 Conference, 262–274. Cleveland, OH: ACRL.

Kensing, Finn, and Joan Greenbaum. 2013. “Heritage: Having a Say.” In Routledge International Handbook of Participatory Design, ed. Jesper Simonsen and Toni Robertson (New York: Routledge), 21–36.

Kritikos, Katie Chamberlain, and Michael Zimmer. 2017. “Privacy Policies and Practices with Cloud-Based Services in Public Libraries: An Exploratory Case of BiblioCommons.” Journal of Intellectual Freedom and Privacy 2, no. 1: 23–37.

Lamdan, Sarah. 2019. “Librarianship at the Crossroads of ICE Surveillance.” In the Library with the Lead Pipe. http://www.inthelibrarywiththeleadpipe.org/2019/ice-surveillance/.

“Library Freedom.” Accessed January 10, 2020. .

Library Information Technology Association. 2014. “Patron Privacy Technologies Interest Group.” Library Information Technology Association (LITA). http://www.ala.org/lita/about/igs/public/lit-Pp.

Macaluso, Stephan J. 2014. “Incorporating Self-Assessment and Peer Assessment into Library Instructional Practice.” In Curriculum-Based Library Instruction: From Cultivating Faculty Relationships to Assessment, ed. Amy Blevins and Megan Inman (Lanham, MD: Rowman & Littlefield), 97-105.

Magnus, Ebony, Jackie Belanger, and Maggie Faber. 2018. “Towards a Critical Assessment Practice.” In the Library With the Lead Pipe. http://www.inthelibrarywiththeleadpipe.org/2018/towards-critical-assessment-practice/.

Matz, Chris. 2008. “Libraries and the USA PATRIOT Act: Values in conflict.” Journal of Library Administration 47, no. 3-4: 69–87.

McCartin, Lyda Fontes, and Rachel Dineen. n.d. Toward a Critical-Inclusive Assessment Practice for Library Instruction. Accessed March 16, 2019. https://litwinbooks.com/books/toward-a-critical-inclusive-assessment-practice-for-library-instruction/.

Million, Angela C., and Kim N. Fisher. 1986. “Library Records: A Review of Confidentiality Laws and Policies.” Journal of Academic Librarianship 11, no. 6: 346–49.

Moon, Jennifer A. 2004. A Handbook of Reflective and Experiential Learning. London New York: Routledge.

Nichols Hess, Amanda, Rachelle LaPorte-Fiori, and Keith Engwall. 2015. “Preserving Patron Privacy in the 21st Century Academic Library.” The Journal of Academic Librarianship 41, no. 1: 105–14. https://doi.org/10.1016/j.acalib.2014.10.010.

O’Brien, Patrick, Scott W. H. Young, Kenning Arlitsch, and Karl Benedict. 2018. “Protecting Privacy on the Web: A Study of HTTPS and Google Analytics Implementation in Academic Library Websites.” Online Information Review 42, no. 6: 734–51. https://doi.org/10.1108/OIR-02-2018-0056.

Reale, Michelle. 2017. Becoming a Reflective Librarian and Teacher: Strategies for Mindful Academic Practice. Chicago: American Library Association.

Robertson, Toni, and Jesper Simonsen. 2013. “Participatory Design: An Introduction.” In Routledge International Handbook of Participatory Design, ed. Jesper Simonson and Toni Robertson (New York: Routledge), 64–85.

Robertson, Toni, and Ina Wagner. 2013. “Ethics: Engagement, Representation and Politics-in-Action.” In Routledge International Handbook of Participatory Design, 64–85. New York: Routledge.

Sen, Barbara Anne, and Pamela McKinney. 2014. “The SEA-Change Model in Information Literacy: Assessing Information Literacy Development with Reflective Writing.” Nordic Journal of Information Literacy in Higher Education 6, no. 1: 23–38. https://doi.org/10.15845/noril.v6i1.172.

Shorish, Yasmeen, Shea Swauger, and David Riordan. 2017. “Surveyance or Surveillance? Data Ethics in Library Technologies.” presented at the Digital Library Federation Forum, Pittsburgh, PA, October 23. .

Solomos, Konstantinos, Panagiotis Ilia, Sotiris Ioannidis, and Nicolas Kourtellis. 2019. “Clash of the Trackers: Measuring the Evolution of the Online Tracking Ecosystem.” ArXiv:1907.12860 [Cs], July. http://arxiv.org/abs/1907.12860.

Sutlieff, Lisa, and Jackie Chelin. 2010. “‘An Absolute Prerequisite’: The Importance of User Privacy and Trust in Maintaining Academic Freedom at the Library.” Journal of Librarianship and Information Science 42, no. 3: 163–77. https://doi.org/10.1177/0961000610368916.

Tewell, Eamon C. 2018. “The Practice and Promise of Critical Information Literacy: Academic Librarians’ Involvement in Critical Library Instruction.” College & Research Libraries 79, no. 1: 10–34. https://doi.org/10.5860/crl.79.1.10.

Tewell, Eamon. 2019. “Reframing Reference for Marginalized Students: A Participatory Visual Study.” Reference & User Services Quarterly 58, no. 3: 162–76. https://doi.org/10.5860/rusq.58.3.7044.

Vecchione, Amy, Deana Brown, Elizabeth Allen, and Amanda Baschnagel. 2016. “Tracking User Behavior with Google Analytics Events on an Academic Library Web Site.” Journal of Web Librarianship 10, no. 3: 161–75. https://doi.org/10.1080/19322909.2016.1175330.

Yang, Le, and Joy M. Perrin. 2014. “Tutorials on Google Analytics: How to Craft a Web Analytics Report for a Library Web Site.” Journal of Web Librarianship 8, no. 4: 404–17. https://doi.org/10.1080/19322909.2014.944296.

Yoose, Becky. 2017. “Balancing Privacy and Strategic Planning Needs: A Case Study in De-Identification of Patron Data.” Journal of Intellectual Freedom & Privacy 2, no. 1: 15–22. https://doi.org/10.5860/jifp.v2i1.6250.

Young, Scott, and Celina Brownotter. 2018. “Toward a More Just Library: Participatory Design with Native American Students.” Weave: Journal of Library User Experience 1, no. 9. https://doi.org/10.3998/weave.12535642.0001.901.

Young, Scott W. H., Jason A. Clark, Sara Mannheimer, and Lisa Janicke Hinchliffe. 2019. “A National Forum on Web Privacy and Web Analytics: Action Handbook,” May. https://doi.org/10.15788/20190416.15446.

Young, Scott W. H., Sara Mannheimer, and Jason A. Clark. 2019. “A National Forum on Web Privacy and Web Analytics — Participant Survey Instrument [Data Set].” Zenodo. https://zenodo.org/record/3240729.

Young, Scott W. H., Sara Mannheimer, Jason A. Clark, and Lisa Janicke Hinchliffe. 2019. “A Roadmap for Achieving Privacy in the Age of Analytics: A White Paper from a National Forum on Web Privacy and Web Analytics,” May. https://doi.org/10.15788/20190416.15445.

Zimmer, Michael. 2014. “Librarians’ Attitudes Regarding Information and Internet Privacy.” The Library Quarterly 84, no. 2: 123–51. https://doi.org/10.1086/675329.

———. 2017. “Introduction: The ‘Privacy’ Special Issue of the Journal of Intellectual Freedom & Privacy.” Journal of Intellectual Freedom & Privacy 2, no. 1: 3–4. https://doi.org/10.5860/jifp.v2i1.6306.

Zuboff, Shoshana. 2019. The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. New York: PublicAffairs.

Appendix

This appendix contains the dataset for this paper, comprising a record of the reflective self-assessment dialogue among the author group. The subsections below are organized according to reflective prompts suggested by Reale (2017), with conversational notes from the respective members of the ToS Working Group and the Privacy Forum.

What are you noticing? What surprises you?

ToS Working Group

• There was an encouraging amount of interest at the formation of the group, with about 70 people who joined our first call. Unsurprisingly, participation dropped over time as groups formed and tasks were formalized, but those who remained engaged were very strong group members.
• Most of the work was done by a core group of key participants.
• Extensive diverse expertise that we shared and could draw from.
• Leaders sometimes experience imposter syndrome.
• Despite our collective skepticism about tools of surveillance, we almost always use tools like Google Groups for email, Google Docs for writing, Zoom, Doodle, and others that actively do what we’re saying is bad
• Some of the biggest challenges were logistical: coordinating multiple schedules, time zones, platforms, etc.
• Video chatting has been the most effective way of encouraging active participation, which is ironic due to our subject matter.

Privacy Forum

• Passion, energy, and a strong agenda associated with privacy work.
• Surprise: Structured, participatory working sessions lead to productive ideas, even with a large group; design exercises within forum have to engage and lead.
• Opportunities for implementing privacy actions locally and profession-wide, but the issue is so large that people get excited about joining a community effort to address it.
• Need for leadership about privacy and the development of expertise/academic study of privacy.

What’s hardest for you? What if it were easy?

ToS Working Group

• Consistent attendance and participation as volunteer members addressed other priorities.
• Pedagogical differences can sometimes distract from larger conversations.
• Encouraging people of different backgrounds to speak up.

Privacy Forum

• Identifying and empowering community to take ownership for ideas and pathways.
• People finding time for privacy work—not part of our day-to-day librarianship practice.
  • If this were easy, privacy advocacy would be built into librarianship practice, and there would be money and time available to pursue privacy-focused projects.
  • Leaders (in libraries and government leaders) would support privacy work.
• Scale of the privacy problem/project—lots of money in analytics, perceived power of analytics: analytics are used to show value/get funding/build better services/build support. We can’t strike/move away from analytics entirely?
  • If this were easy, all internet users would have an understanding and shared values of the importance and need for data privacy, anonymization, the right to be forgotten . . .
  • If this were easy, stakeholders (administrators, tech companies, general users) would prioritize privacy over profit, customization, and convenience.
• What is the action? How to move from the “talk” to the “do.”

What has worked for you? What approach would be its opposite?

ToS Working Group

• Co-leadership is very good, as is rotating in new leaders annually.
• Naming privilege and identities of leaders.
• Having a code of conduct with people of different backgrounds/roles to notify if violations occur.
• Flexible due dates.
• Actively encouraging members of diverse backgrounds to participate in groups.

Privacy Forum

• Presentations, publications, awareness-building.
  • Opposite: not talking about the project.
• Participatory design workshops to support all voices being heard. We have success in discussing pathways and potential actions.
  • Opposite: lectures and large discussions.
• Assigning leaders/champions to each Pathway to Action has kind of worked. Trying to empower these leaders to take on the project.
• Pursuing more funding for Pathways—grant funding allows you to create time.
• Creating technical documentation (Action Handbook) that librarians can easily implement locally.

What limits would you like to break through?

ToS Working Group

• Break the assumption that more data equals better data, as well as the sense that data collection is justified by better service without consequence (assumed good intention/benefit with all data collection).
• All technology is good technology.
• Data collection is the future, innovative, smarter.
• Skepticism about data or technology is stereotyped as luddite or technophobia.
• Encourage people who have imposter syndrome regarding technology or don’t care about the implications of technology to reassess and investigate it.

Privacy Forum

• Lack of expertise in the library community—we need privacy champions, experts, trainers, advocates.
• Giant corporations that are well-funded, resourced, and working in the opposite direction—infringing on privacy in the interest of data analytics and personalization.
• We would need huge collective organizing or government regulations to counter that work.

What data are you seeing, and what story are you telling yourself? What other data is present? What other story might you tell yourself?

ToS Working Group

• As more and more colleges and universities purchase technologies of surveillance, the struggle against it can be overwhelming.
• From an instruction point, patrons are using different technologies that abuse their data. By addressing this, we can make a greater impact.

Privacy Forum

• Data from the forum—pre-survey, ideas that developed through participatory exercises.
• Data from presentations—documenting interest and ideas for local implementations of Pathways ideas.
• More popular ideas/ideas that have more momentum.
  • Which ideas resonate most with the library community?
    • Vendor regulations and certification around privacy requirements.
    • Privacy Leadership Institute.
    • Privacy-focused analytics dashboard.
• Professional set of values around privacy that is activated in these projects (e.g., within ALA Code of Ethics).
  • That tells us that privacy work is important, resonates with librarians, and strengthens our library values.
• Balance between privacy and data-collecting; we can’t be invisible and there is a supposition that without metrics/analytics we can’t tell our story of value.