Thursday, January 26, 2017

Policy-based Privacy is Over

Yesterday, President Donald Trump issued an executive order to enhance "Public Safety in the Interior of the United States".

Of interest here is section 14:
Sec. 14.  Privacy Act.  Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.  
What this means is that the executive branch, including websites, libraries and information systems may not use privacy policies to protect users other than US citizens and green card holders. Since websites, libraries and information systems typically don't keep track of user citizen status, this makes it very difficult to have any privacy policy at all.

Note that this executive order does not apply to the Library of Congress, an organ of the legislative branch of the US government. Nevertheless, it demonstrates the vulnerability of policy-based privacy. Who's to say that Congress won't enact the same restrictions for the legislative branch? Who's to say that Congress won't enact the same restrictions on any website. library or information system that operates in multiple states?

Lawyering privacy won't work any more. Librarianing privacy won't work any more. We need to rely on engineers to build privacy into our websites, libraries and information systems. This is possible. Engineers have tools such as strong cryptography that allow privacy to be built into systems without compromising functionality. It's not that engineers are immune from privacy-breaking mandates, but it's orders of magnitude more difficult to outlaw privacy engineering than it is to invalidate privacy policies. A system that doesn't record what a user does can't produce user activity records. Some facts are not alternativable. Math trumps Trump.


  1. I've asked this recently, but I'd like to hear if there are public libraries with experience running Tor as a browser on their public computers. Tor can send confusing messages, so I'm curious if anyone has tried this and can comment on how much of a hassle it might be in terms of helping patrons use it.

    1. (posted for Alison Macrina - Blogger doesn't like Tor)

      Hi Karen,

      We've helped a number of libraries install Tor Browser and have advised many others who did it on their own. We suggest a few best practices:
      - renaming the Tor Browser shortcut to something that gives users a heads-up that this browser is something different, eg "Tor Browser: private web browsing".
      - Also, make signs and hang them up in the computer area that explain briefly what Tor Browser is and how it behaves a bit differently than what the user is expecting. We also have a poster that we can send you which explains Tor in an engaging way.

      You can also contact us directly for help: info (at)
      libraryfreedomproject (dot) org.

      Alison (director of LFP)


Note: Only a member of this blog may post a comment.