[Dataloss] off-topic: Learning from Librarians
Al Mac Wheel
macwheel99 at wowway.com
Wed Apr 16 15:20:42 UTC 2008
What a librarian can teach you about privacy
http://cwflyris.computerworld.com/t/3124317/308968/108105/2/
[...]
In 2003, the chief librarian of the city of Santa Cruz, Calif., was able to
warn her patrons about whether the FBI had served a National Security
Letter (NSL) demanding information about who was reading what books. She
managed that task despite specific provisions in the USA Patriot Act at the
time that prohibited librarians or booksellers from revealing to anyone
that they'd been issued an NSL.
So, how did the librarian get the word out? By regularly reporting to the
library board that no NSL had been issued to any of the city's 10 branches,
which was perfectly legal. Everyone knew that if the chief librarian failed
to report that nothing had happened, then indeed an NSL had been served.
{...]
virtually every librarian will comply with a court order or subpoena, where
a specific suspect has been identified by law enforcement agencies
[ ..]
librarians will balk at what they consider "fishing expeditions," where the
government simply wants to know who has been reading this or that book.
Let's face it: When it comes to keeping data secure, there's plenty that IT
can learn from librarians. Just as ALA members ensure that their patrons'
reading habits remain strictly private by establishing privacy audits, so,
too, can CIOs audit their systems to ensure that customer and employee data
is protected, says Caldwell-Stone. Privacy audits keep customer and
employee content under wraps and can protect companies from embarrassing
revelations.
-
Al Mac
More information about the Dataloss
mailing list