{"id":849,"date":"2014-10-17T17:39:25","date_gmt":"2014-10-18T00:39:25","guid":{"rendered":"http:\/\/galencharlton.com\/blog\/?p=849"},"modified":"2014-10-17T17:39:25","modified_gmt":"2014-10-18T00:39:25","slug":"tips-and-tricks-for-leaking-patron-information","status":"publish","type":"post","link":"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/","title":{"rendered":"Tips and tricks for leaking patron information"},"content":{"rendered":"<p>Here is a partial list of various ways I can think of to expose information about library patrons and their search and reading history by use (and misuse) of software used or recommended by libraries.<\/p>\n<ul>\n<li>Send a patron&#8217;s ebook reading history to a commercial website&#8230;\n<ul>\n<li>&#8230; in the clear, for anybody to intercept.<\/li>\n<\/ul>\n<\/li>\n<li>Send patron information to a third party&#8230;\n<ul>\n<li>&#8230; that does not have an adequate privacy policy.<\/li>\n<li>&#8230; that has an adequate privacy policy but does not implement it well.<\/li>\n<li>&#8230; that is sufficiently remote that libraries lack any leverage to punish it for egregious mishandling of patron data.<\/li>\n<\/ul>\n<\/li>\n<li>Use an unencrypted protocol to enable a third-party service provider to authenticate patrons or look them up&#8230;\n<ul>\n<li>&#8230; such as SIP2.<\/li>\n<li>&#8230; such as SIP2, with the patron information response message configured to include full\u00a0contact information for the patron.<\/li>\n<li>&#8230; or many configurations of NCIP.<\/li>\n<li>&#8230; or web services accessible over HTTP (as opposed to HTTPS).<\/li>\n<\/ul>\n<\/li>\n<li>Store patron PINs and passwords without encryption&#8230;\n<ul>\n<li>&#8230; or using weak hashing.<\/li>\n<\/ul>\n<\/li>\n<li>Store the patron&#8217;s Social Security Number in the ILS patron record.<\/li>\n<li>Don&#8217;t require HTTPS\u00a0for a patron to access her account with the library&#8230;\n<ul>\n<li>&#8230; or if you do, don&#8217;t keep up to date with the various SSL and TLS flaws announced over the years.<\/li>\n<\/ul>\n<\/li>\n<li>Make session cookies used by your ILS or discovery layer easy to snoop.<\/li>\n<li>Use HTTP at all in your ILS or discovery layer \u2013 as oddly enough, many patrons will borrow the items that they search for.<\/li>\n<li>Send an unencrypted email&#8230;\n<ul>\n<li>&#8230; containing a patron&#8217;s checkouts today (i.e., an email checkout receipt).<\/li>\n<li>&#8230; reminding a patron of his overdue books \u2013 and listing them.<\/li>\n<li>&#8230; listing the titles of the patron&#8217;s available hold requests.<\/li>\n<\/ul>\n<\/li>\n<li>Don&#8217;t encrypt connections between an ILS client program and its application server.<\/li>\n<li>Don&#8217;t encrypt connections between an ILS application server and its database server.<\/li>\n<li>Don&#8217;t notice\u00a0that a rootkit has been running\u00a0on your ILS server for the past six months.<\/li>\n<li>Don&#8217;t notice that a keylogger has been running on one of your circulation PCs for the past three months.<\/li>\n<li>Fail to keep up with installing operating system security patches.<\/li>\n<li>Use the same password for the circulator account used by twenty circulation staff (and 50\u00a0<em>former<\/em> circulation staff) \u2013 and never\u00a0change it.<\/li>\n<li>Don&#8217;t encrypt your backups.<\/li>\n<li>Don&#8217;t use the feature in your ILS to enable severing the link between the record of a past loan and the specific patron who took the item out&#8230;\n<ul>\n<li>&#8230; sever the links, but retain database backups for months or years.<\/li>\n<\/ul>\n<\/li>\n<li>Don&#8217;t give your patrons the ability to opt out of keeping track of their past loans.<\/li>\n<li>Don&#8217;t give your patrons the ability to opt\u00a0<em>in<\/em> to keeping track of their past loans.<\/li>\n<li>Don&#8217;t give the patron any control or ability to completely sever the link between her record and her past circulation history whenever she chooses to.<\/li>\n<li>When a patron calls up asking &#8220;what books do I have checked out?&#8221; &#8230; answer the question without verifying that the patron is actually who she says she is.<\/li>\n<li>When a parent calls up asking &#8220;what books does my teenager have checked out?&#8221;&#8230; answer the question.<\/li>\n<li>Set up your ILS to print out hold slips&#8230; that include the full name of the patron. For bonus points, do this while maintaining an open holds shelf.<\/li>\n<li>Don&#8217;t shred any circulation receipts that patrons leave behind.<\/li>\n<li>Don&#8217;t train your non-MLS staff on the importance of keeping patron information confidential.<\/li>\n<li>Don&#8217;t give your MLS staff refreshers on professional ethics.<\/li>\n<li>Don&#8217;t shut down library staff gossiping about a patron&#8217;s reading preferences.<\/li>\n<li>Don&#8217;t immediately sack a library staff member caught misusing confidential patron information.<\/li>\n<li>Have your ILS or discovery interface hosted by a service provider that makes one or more of the mistakes listed above.<\/li>\n<li>Join a committee writing a technical standard for library software&#8230; and don&#8217;t insist that it take patron privacy into account.<\/li>\n<\/ul>\n<p>Do you have any additions to the list? Please let me know!<\/p>\n<p>Of course, I am not actually advocating disclosing confidential information. Stay tuned for a follow-up post.<\/p>\n<div class=\"sharedaddy sd-sharing-enabled\"><div class=\"robots-nocontent sd-block sd-social sd-social-icon-text sd-sharing\"><h3 class=\"sd-title\">Share this:<\/h3><div class=\"sd-content\"><ul><li class=\"share-twitter\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-twitter-849\" class=\"share-twitter sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=twitter\" target=\"_blank\" title=\"Click to share on Twitter\"><span>Twitter<\/span><\/a><\/li><li><a href=\"#\" class=\"sharing-anchor sd-button share-more\"><span>More<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><div class=\"sharing-hidden\"><div class=\"inner\" style=\"display: none;\"><ul><li class=\"share-tumblr\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-tumblr sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=tumblr\" target=\"_blank\" title=\"Click to share on Tumblr\"><span>Tumblr<\/span><\/a><\/li><li class=\"share-reddit\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-reddit sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=reddit\" target=\"_blank\" title=\"Click to share on Reddit\"><span>Reddit<\/span><\/a><\/li><li class=\"share-end\"><\/li><li class=\"share-print\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-print sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/\" target=\"_blank\" title=\"Click to print\"><span>Print<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><\/div><\/div><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Here is a partial list of various ways I can think of to expose information about library patrons and their search and reading history by&#8230;<\/p>\n<div class=\"sharedaddy sd-sharing-enabled\"><div class=\"robots-nocontent sd-block sd-social sd-social-icon-text sd-sharing\"><h3 class=\"sd-title\">Share this:<\/h3><div class=\"sd-content\"><ul><li class=\"share-twitter\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-twitter-849\" class=\"share-twitter sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=twitter\" target=\"_blank\" title=\"Click to share on Twitter\"><span>Twitter<\/span><\/a><\/li><li><a href=\"#\" class=\"sharing-anchor sd-button share-more\"><span>More<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><div class=\"sharing-hidden\"><div class=\"inner\" style=\"display: none;\"><ul><li class=\"share-tumblr\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-tumblr sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=tumblr\" target=\"_blank\" title=\"Click to share on Tumblr\"><span>Tumblr<\/span><\/a><\/li><li class=\"share-reddit\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-reddit sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/?share=reddit\" target=\"_blank\" title=\"Click to share on Reddit\"><span>Reddit<\/span><\/a><\/li><li class=\"share-end\"><\/li><li class=\"share-print\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-print sd-button share-icon\" href=\"https:\/\/galencharlton.com\/blog\/2014\/10\/tips-and-tricks-for-leaking-patron-information\/\" target=\"_blank\" title=\"Click to print\"><span>Print<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><\/div><\/div><\/div><\/div><\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"Tips and tricks for leaking patron information http:\/\/wp.me\/p3gJ9y-dH #libraries #privacy #code4lib","jetpack_is_tweetstorm":false},"categories":[4,6],"tags":[54],"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p3gJ9y-dH","_links":{"self":[{"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/posts\/849"}],"collection":[{"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/comments?post=849"}],"version-history":[{"count":6,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/posts\/849\/revisions"}],"predecessor-version":[{"id":856,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/posts\/849\/revisions\/856"}],"wp:attachment":[{"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/media?parent=849"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/categories?post=849"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/galencharlton.com\/blog\/wp-json\/wp\/v2\/tags?post=849"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}