On August 14-19, Michael Rodriguez attended the International Federation of Library Associations (IFLA)’s 2016 World Library and Information Congress in Columbus, Ohio. Michael’s attendance was supported by a $1,000 fellowship grant he was awarded by the American Library Association (ALA) and the Institute for Museum and Library Services (IMLS). Michael, meaning me, wishes to thank IMLS, ALA, and UConn for making his attendance possible.

Michael + EFF sticker + OCLC tour earbuds, posing in front of the WorldCat servers.

Highlights included a tour of OCLC Headquarters, where Michael got to take a picture with WorldCat; a three-hour program on information privacy and security; and opportunities to engage with and learn from more than four thousand librarians of all types who traveled from as far afield as Uganda, Costa Rica, Egypt, and Italy. Takeaways included the need for better data security and privacy, which should inform licensing and website practices, plus the reconfiguration of print collections. Most of the papers presented at IFLA are available open access under a CC BY license. Michael and many other attendees live-tweeted sessions using the very active Congress hashtag: #wlic2016.

Print collections reconfiguration

One IFLA panel tackled “collections reconfiguration” (thorny issue, elegant word choice). Concordia University Libraries worked to dedupe print monographs published after 1950 (a date chosen to avoid discarding rare editions) and achieved a 10% print reduction by deduping alone. Concordia also had a collection development statement – not a detailed policy, but a statement of principles – approved by the University Senate, which presenter Meredith Griffin noted gave the library leverage in working with faculty to reduce the print collections footprint.

Meanwhile, California State University at Fullerton struggled to achieve faculty buy-in for reducing print collections. As presenters J. Michael DeMars and Ann Roll explained, in a black comedy worthy of Samuel Beckett, the library’s interim dean mandated that faculty be allowed to review and opt for retention at the item level of each and every print monograph slated for deselection. Naturally, one single professor opted to retain 1716 out of 1744 monographs in the initial pilot. Next time around, the librarians required faculty to input their reasons for retention, prompting retention requests to fall to 1816 out of 30,844 monographs, though “keep this important book” was copied and pasted hundreds of times into the retention form anyway. Interestingly, 12 percent of retention requests were from librarians, making the library the third largest departmental source of retention requests.

Think Cal State had it tough? Coleen Hoelscher had to weed the Marian Library’s rampantly overgrown special collections pertaining to Mary, at a theological institution focused on the study of Mary, with colleagues who were members of religious orders. Resistance was considerable.

Information security and privacy

Next up were invited speakers who addressed information security and patron privacy in our digital age. Polly Thistlethwaite of CUNY Graduate Center talked purging ILL data from ILLiad in collaboration with OCLC – a project recently featured in the Guardian. Talks from David Greene of Electronic Frontier Foundation, Alison Macrina of Library Freedom Project, and Jamie LaRue of the ALA’s Office for Intellectual Freedom each emphasized the importance of using HTTPS encryption protocols on library websites and eresources, even on those webpages that do not involve the transmission of social security or credit card numbers. Why? Because anyone with simple monitoring tools can squat on an unsecured network and see every interaction users have with a website. What’s more, on HTTP sites none of the data is encrypted in transmission, so nefarious third parties can intercept, track, and even modify the data during transmission without users realizing it. Given librarians’ emphasis on patron privacy, unsecure web services are problematic.

Reflecting these concerns, the White House ordered all federal government websites to implement HTTPS by the end of 2016, stating that “all browser activity should be considered private and sensitive.” At IFLA, Google’s copyright senior counsel, Fred Von Lohmann, reminded us that Google penalizes unsecure HTTP websites by ranking them lower in search results. Starting in January 2017, Google Chrome will flag HTTP websites as “not secure.”

Later, I looked up Marshall Breeding’s Library Technology Reports on library systems and services. This year, Breeding established that 85% of ARL libraries encrypt neither their websites nor their discovery searches or catalogs (pp. 30-33), a situation that Breeding calls “nothing short of alarming” given how highly libraries value patron privacy and how encryption for all parts of all web services is fast becoming an industry standard.

To remedy this situation, presenter Alison Macrina gave a shoutout to the Digital Privacy Pledge, by which libraries and library-associated signatories vow to implement HTTPS on their own web properties and to cease using unencrypted vendor services. Twenty organizations, notably UC Davis and DPLA as well as providers like JSTOR, have onboarded thus far. Macrina also cited free tools such as Privacy Badger, HTTPS Everywhere, KeePassX, and PIA that people can use to understand risks and transmit data securely. Meanwhile, EFF explains what librarians need to know about HTTPS.

Michael is now a member and proud wearer of an EFF lapel pin.