We have had, for some time now, a section in our privacy policy explaining what 
services we use and giving links to opt out.

http://sonomalibrary.org/governance/library-policies/privacy-statement


Genny Engel
Sonoma County Library
gen...@sonoma.lib.ca.us
707 545-0831 x1581
www.sonomalibrary.org

-----Original Message-----
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Eric 
Hellman
Sent: Wednesday, August 13, 2014 3:37 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Canvas Fingerprinting by AddThis

I blogged this.

http://go-to-hellman.blogspot.com/2014/08/libraries-are-giving-away-user-privacy.html

Do libraries even realize they're doing this?

Eric

On Aug 13, 2014, at 4:28 PM, Jimmy Ghaphery <jghap...@vcu.edu> wrote:

> Interesting thread,
> 
> AddThis is certainly everywhere (5 percent of the top 100,000
> websites--ProPublica), often in contrast to an organization's stated
> privacy policies.
> 
> Here's three examples of use within OCLC and their products:
> http://oclc.org/research/people/follow.html
> ContentDM: http://www.contentdm.org/help6/custom/configure9.asp
> WorldCat.org:
> http://www.worldcat.org/title/jazz/oclc/25048293&referer=brief_results
> 
> For kicks I just did a Google Advanced search for AddThis limited to the
> .edu domain, wow.
> 
> What is the alternative for libraries looking to promote their services out
> into the polluted ocean of the internet where everyone else is swimming?
> 
> --Jimmy
> 
> 
> 
> 
> 
> On Wed, Aug 13, 2014 at 2:33 PM, Gary McGath <develo...@mcgath.com> wrote:
> 
>> On 8/13/14 1:22 PM, Eric Hellman wrote:
>>> It seems that Code4Lib hasn't discussed this., though the news is 2
>> weeks old. It seems that there are libraries using social share tools from
>> AddThis", a company that has been using a technology called "Canvas
>> Fingerprinting" to track users.
>>> 
>>> In other words, it looks like libraries are giving away the user-privacy
>> store.
>>> 
>>> For example, AddThis is used by my public library's Polaris catalog
>> (BCCLS).
>>> 
>>> I'd be interested to learn how widespread this is.
>> 
>> It's pretty widespread in general, but I don't know how many libraries
>> are using it, or why.
>> 
>> It's a concern regardless of absolute numbers, because it targets people
>> who are concerned about being tracked and have taken steps to make
>> cookies less effective. (For example, I discard cookies at the end of
>> each browser session, making long-term tracking ineffective.)
>> 
>> It isn't "virtually impossible to block"; mapping addthis.com on the
>> client computer to 127.0.0.1 (using /etc/hosts on Linux and Unix
>> machines) does a nice job of it. But anyone who uses it really is
>> betraying the user's trust.
>> 
>> 
>> --
>> Gary McGath, Professional Software Developer
>> http://www.garymcgath.com
>> 
> 
> 
> 
> -- 
> Jimmy Ghaphery
> Head, Digital Technologies
> VCU Libraries
> 804-827-3551

Reply via email to