What is the Library Freedom Project?

We live in an era of unprecedented surveillance. The technical capabilities of law enforcement and intelligence agencies are rapidly expanding, and even the best attempts at law reform can’t keep up with these new powers. Over and over again, we’ve seen these capabilities used against protected free speech activities, especially against the speech of marginalized people. Compounding the problem of government surveillance is that of corporate surveillance; we rely on a small handful of data-driven private companies for all of our computing needs, and many of these services are “free” because we are the product. These corporate entities regularly collude with law enforcement to share our private communications, searches, contacts, and more — quite often without our knowledge. By fighting against surveillance, we can reject an internet controlled by a handful of powerful corporate entities and intelligence agencies, and take back our rights in the digital sphere.

Library Freedom Project is a partnership among librarians, technologists, attorneys, and privacy advocates which aims to address the problems of surveillance by making real the promise of intellectual freedom in libraries. By teaching librarians about surveillance threats, privacy rights and responsibilities, and digital tools to stop surveillance, we hope to create a privacy-centric paradigm shift in libraries and the communities they serve.

Links for NELA 2016

These are the links for LFP’s talk at NELA 2016: Top 20 Privacy Steps for Libraries

ALA Library Privacy Guidelines for E-book Lending and Digital Content Vendors: http://www.ala.org/advocacy/library-privacy-guidelines-e-book-lending-and-digital-content-vendors

ALA Library Privacy Guidelines for Public Access Computers and Networks:

ALA Library Privacy Guidelines for Library Websites, OPACs, and Discovery Services: http://www.ala.org/advocacy/library-privacy-guidelines-library-websites-opacs-and-discovery-services

ALA Library Privacy Guidelines for Library Management Systems:

ALA Library Privacy Guidelines for Data Exchange Between Networked Devices and Services: http://www.ala.org/advocacy/library-privacy-guidelines-data-exchange-between-networked-devices-and-services

ALA Library Privacy Guidelines for Students in K-12 Schools:

Deep Freeze: http://www.faronics.com/en-uk/products/deep-freeze/

BleachBit: https://www.bleachbit.org/

Creating strong passwords: https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/

EFF’s wordlist for creating random passphrases: https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases

DuckDuckGo: https://duckduckgo.com/

How to remove Flash in every browser: http://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/

How to remove Java: http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/

Google Chrome: https://www.google.com/chrome/browser/desktop/

EFF’s Let’s Encrypt: https://letsencrypt.org/

Certbot: https://certbot.eff.org/

What Every Librarian Needs to Know About HTTPS:https://www.eff.org/deeplinks/2015/05/what-every-librarian-needs-know-about-https

Tor browser: https://www.torproject.org/projects/torbrowser.html.en

Signal: https://whispersystems.org/

Privacy Rights and Responsibilities of Librarians in Massachusetts (ACLU): https://privacysos.org/libraries/

Surveillance self-defense from EFF: https://ssd.eff.org/

Cryptoparty: http://www.cryptoparty.in/

Privacy Badger: https://www.eff.org/privacybadger

Links for Cambridge Public Library event

Links for Cambridge Public Library event on October 15, 2016

SLIDES: Cambridge Library Slides

How to make backups: http://www.howtogeek.com/108679/the-best-articles-for-backing-up-and-syncing-your-data/

Apple OSX Firewall: https://support.apple.com/en-us/HT201642

Windows Firewall: https://support.microsoft.com/en-us/instantanswers/c9955ad9-1239-4cb2-988c-982f851617ed/turn-windows-firewall-on-or-off

EFF’s word list: https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt

1Password: https://agilebits.com/onepassword

LastPass: https://lastpass.com/

DuckDuckGo search: https://duckduckgo.com/

Removing Flash: http://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/

Removing Java: www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/

Chrome Browser: https://www.google.com/chrome/browser/desktop/index.html?utm_source=bing&utm_medium=sem&utm_campaign=1001342|ChromeWin10|US|en|Hybrid|Text|BKWS~TopKWDS-Exact&brand=CHBF

Tor Browser: https://www.torproject.org/download/download-easy.html.en

Privacy Badger: https://www.eff.org/privacybadger

Signal encrypted texting and calling: https://whispersystems.org/blog/signal/

ESET antivirus: https://www.eset.com/us/

ClamAV antivirus: http://www.clamav.net/

MalwareBytes antimalware: https://www.malwarebytes.com/

Private Internet Access VPN: https://www.privateinternetaccess.com/

Filevault (OS X): https://support.apple.com/en-us/HT204837

Bitlocker (Windows): http://windows.microsoft.com/en-US/windows-vista/BitLocker-Drive-Encryption-Overview

BleachBit https://www.bleachbit.org

Surveillance self-defense from EFF: https://ssd.eff.org/

20 Organizations Endorse the Library Digital Privacy Pledge

20 Organizations- libraries, publishers, library vendors, and library organizations have endorsed the Library Freedom Project’s “Library Digital Privacy Pledge”. These organizations are improving privacy for library users by implementing secure protocols on their web services and asking partners to do likewise.

Websites that do not use secure protocols, such as HTTPS, expose their users to surveillance and intrusion in the network. A wifi or cellphone user who connects to an insecure library or publisher website makes every click visible to the wifi or cellphone provider, others connected to the same network. Content can be inspected and altered by every node participating in the user’s connection. The resulting lack of privacy and security can is incompatible with the ethics and values of libraries. In the past few years, while Google, Facebook, Amazon, and the United States federal government have worked to implement HTTPS on all their web sites; the Let’s Encrypt certificate authority has made secure infrastructure available to even the smallest web site.

“It isn’t always easy to assure privacy and security in a website. The efforts made by these 20 organizations are worthy of recognition, and I hope that more organizations will step up to the challenge.” said Eric Hellman, a Library Freedom Project volunteer and organizer of the Pledge.

“Libraries have been committed to intellectual freedom and privacy for decades.” said Alison Macrina, Founder and Director of the Library Freedom Project. “Libraries serve a diverse audience; some of these patrons are part of vulnerable groups, like domestic violence survivors, racial and ethnic minorities, and LGBTQ communities. They deserve the privacy and security afforded by HTTPS library connections”.

Endorsers of the Library Digital Privacy Pledge to date are:
Council on Library and Information Resources
Digital Library Federation
Digital Public Library of America
Metropolitan New York Library Council
New York Library Association
Lebanon Public Libraries
Millis Public Library
Ottawa Public Library | Bibliothèque publique d’Ottawa
San Rafael Public Library
Bielefeld University Library
University of California at Davis
Auto-Graphics, Inc
Directory of Open Access Journals
Equinox Software, Inc.
Internet Archive
Odilo, LLC
Open Library of Humanities
Total Boox

To add your organization to the list (published at https://libraryfreedomproject.org/ourwork/digitalprivacypledge/library-privacy-pledge-endorsements/ ) or get more information, email the Library Freedom Project at pledge(at)libraryfreedomproject(dot)org.

About the Library Freedom Project:

Library Freedom Project is a partnership among librarians, technologists, attorneys, and privacy advocates which aims to address the problems of surveillance by making real the promise of intellectual freedom in libraries. By teaching librarians about surveillance threats, privacy rights and responsibilities, and digital tools to stop surveillance, we hope to create a privacy-centric paradigm shift in libraries and the communities they serve.

The Library Freedom Project is made possible by generous grants from the Knight Foundation’s News Challenge on Libraries, the Rose Foundation Consumer Privacy Rights Fund, the Shuttleworth Foundation, the support of individual donors, and a sliding scale of fees for our lectures and trainings.

OLA digital privacy education

Here’s a link list for Alison’s digital privacy education session at the Oregon Library Association Conference:


Passwords with Diceware: https://libraryfreedomproject.org/strongpassphrases/

LastPass: https://lastpass.com/

1Password: https://support.1password.com/

KeePassX: https://www.keepassx.org/

2 Factor Authentication: https://en.wikipedia.org/wiki/Two-factor_authentication

Signal: https://whispersystems.org/

Tor Browser: https://www.torproject.org/

Full Disk Encryption: https://en.wikipedia.org/wiki/Full_disk_encryption

The Guardian Project: https://guardianproject.info/

Privacy Badger: https://www.eff.org/privacybadger

uBlock Origin: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

Disconnect Search: https://search.disconnect.me/

HTTPS: https://www.eff.org/deeplinks/2015/05/what-every-librarian-needs-know-about-https

HTTPS Everywhere: https://www.eff.org/https-everywhere

Let’s Encrypt: https://letsencrypt.org/

Malwarebytes: https://www.malwarebytes.org/

VPNs: https://torrentfreak.com/which-vpn-services-take-your-anonymity-seriously-2014-edition-140315/

GPG/PGP: https://emailselfdefense.fsf.org/en/

Using Jabber with OTR: https://theintercept.com/2015/07/14/communicating-secret-watched/

Tails: https://tails.boum.org/

Sandstorm: https://sandstorm.io/

OnionShare: https://onionshare.org/

ACLU Mass Student Privacy Report: https://aclum.org/our-work/aclum-issues/privacy/protect-student-privacy/

EFF Student Privacy: https://www.eff.org/deeplinks/2015/12/report-student-privacy-frontlines-2015-review

LFP Resources: https://libraryfreedomproject.org/resources/

Cryptoparty: https://www.cryptoparty.in/

Surveillance Self-Defense from EFF: https://ssd.eff.org/

LFP mailing list: https://lists.riseup.net/www/subscribe/libraryfreedom

Links for Digital Commonwealth conference

Kade and Alison spoke at the Digital Commonwealth Conference on 5 April, 2016. Here are slides and links that accompanied their talk:


Safeguarding intellectual freedom: Rights and responsibilities of librarians in Massachusetts: https://privacysos.org/libraries/

Library Privacy Guidelines for E-book Lending and Digital Content Vendors: http://www.ala.org/advocacy/library-privacy-guidelines-e-book-lending-and-digital-content-vendors

What Every Librarian Needs to Know about HTTPS: https://www.eff.org/deeplinks/2015/05/what-every-librarian-needs-know-about-https

Let’s Encrypt: https://letsencrypt.org/

Tor Browser: https://www.torproject.org/download/download-easy.html.en

Tor Hidden Service protocol: https://www.torproject.org/docs/hidden-services.html.en

Configuring Hidden Services for Tor: https://www.torproject.org/docs/tor-hidden-service.html.en

Wanna convince your library to run a relay? Use our resources!

We’ve been slowly putting together a resource packet of ideological, technical, and legal resources to help libraries who are considering running exit relays.

Today we added a new resource to that packet, a template letter to send to library stakeholders, introducing them to Tor and urging them to join the project. Special thanks to our awesome volunteer Raven Cooke, who kindly wrote this template letter for our whole community to use.

Let us know if you find this resource packet useful, or if there’s anything missing from it that you’d like to see.

Fighting the Global Arena panel at Logan Symposium

LFP Director Alison Macrina joined last week’s Logan Symposium panel “Fighting the Global Arena” with David Mirza Ahmad of Subgraph and Julian Assange, moderated by Jérémie Zimmerman. Watch the recording here.

Guest post: Research methodology and findings from MLIS students’ privacy study

Editor’s note: below is a guest post from Paige Sundstrom, an awesome MLIS student who worked with a group of other students at the University of Washington investigated privacy practices and needs in libraries, at both the individual and institutional level. We were impressed with the work of these students and asked Paige to write up a summary of the project in order to amplify the work of these students and encourage other MLIS students to build on this research. Are you a library science student focusing on privacy? Want to hear more about the research project these UW students conducted? Please get in touch!

Hi! I’m Paige — a first year MLIS student at the University of Washington’s iSchool. Last quarter I worked with three fantastic ladies (Alexa, Alexandra, and Stephanie <3 <3 <3) on a research project on Internet privacy and am excited to share my/our experience with all of you!

Continue Reading…