Editor’s note: Over here at Library Freedom Project HQ, we often get emails from rad librarians across the country who’ve attended one of our privacy trainings and have been successful applying those principles and tools in their libraries. Recently, we heard from one such librarian: Justin Wasterlain of the Santa Clara City Library, who’d just taught his first privacy class for the public. We were jazzed to hear about Justin’s experience and asked him to write this blog post so we could amplify his success and encourage other librarians to do the same. Below is the first in what we hope to be an ongoing series of LFP success stories. Thanks for writing it up for us, Justin! -Alison
While down some internet research rabbit hole, I stumbled across Alison’s Digital Privacy Toolkit webinar (ed note: that webinar is out of date now. Contact me for a copy of my updated presentation). In just over an hour, she had covered a huge number of tools and concepts in a manageable and teachable way. As a librarian looking to create privacy workshops, it was exactly the resource I needed. I recognize that sounds very “paid testimonial,” but it was the first place I had seen so much content laid out so accessibly in a library context. I was pretty stoked.
About a month ago, I got a chance to see Alison present a truncated version of the Digital Privacy Toolkit at ALA. The presentation this time focused on just three things: passwords, https, and the Tor browser. While that may seem like a limited number of topics, unpacking those three issues lays a solid foundation for people to understand digital privacy in a pretty robust way. And they are simple enough concepts for “non-tech” people to understand and hopefully utilize.
So that’s the model I used when building my own workshop. Limited topics, deep explanations. Using my notes from Alison’s ALA session and the resources on the Library Freedom Project site, I crafted a privacy session for my patrons focused on passwords, HTTPS (especially HTTPS Everywhere), browser add-ons (Privacy Badger, Adblock Plus, Disconnect, etc.), and good, old-fashioned common sense.
Shocking no one, all of my patrons hate how many passwords they have to create. And they have lots to say about this hatred. LOTS. TO. SAY. It was really helpful to give them time to talk this out because we were able to discuss better strategies for the future. Additionally, I introduced them to the Diceware method for creating passphrases. They all looked at me like I was a bit cracked when explaining the process. But I put some dice in front of them and let them make some fake passphrases. The physicality of using the dice made it game-like and people really got into it. It’s worth stressing to the patrons that the passphrases they come up with during the session should not be used. You’d hope everyone understands that a publicly created passphrase is worthless, but it can’t hurt to underline that.
HTTPS was also a big topic that my patrons wanted to engage with. Many of them had never really paid attention to being bounced back and forth from encrypted to unencrypted web pages. And of those who did, they weren’t really sure what benefit HTTPS provided since “why would a website be unsecure if it could just be made secure in the first place?” After getting into the major points and reason you’d want the security it provides, I did a hard push to get them to use HTTPS Everywhere. After all, who wouldn’t want to automatically use an encrypted connection if the option is there? It just seems like a no-brainer.
Since my patrons really desired information related to mobile device privacy, that’s the next step for me. Alison kindly pointed me in a good direction to get started with that, so hopefully I’ll have something for them soon.
While we have our institutional responsibility to maintain our patrons’ privacy, I’m really excited to see how others are finding ways to empower patrons to understand and safeguard their own privacy as well. I had a chance to interview Sarah Houghton when I was in grad school and she had a line that stuck with me: libraries should be centers for privacy in their communities. Alison and Library Freedom Project are definitely helping us get the tools and information to realize that concept. Thanks!