We have had, for some time now, a section in our privacy policy explaining what services we use and giving links to opt out.
http://sonomalibrary.org/governance/library-policies/privacy-statement Genny Engel Sonoma County Library gen...@sonoma.lib.ca.us 707 545-0831 x1581 www.sonomalibrary.org -----Original Message----- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Eric Hellman Sent: Wednesday, August 13, 2014 3:37 PM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Canvas Fingerprinting by AddThis I blogged this. http://go-to-hellman.blogspot.com/2014/08/libraries-are-giving-away-user-privacy.html Do libraries even realize they're doing this? Eric On Aug 13, 2014, at 4:28 PM, Jimmy Ghaphery <jghap...@vcu.edu> wrote: > Interesting thread, > > AddThis is certainly everywhere (5 percent of the top 100,000 > websites--ProPublica), often in contrast to an organization's stated > privacy policies. > > Here's three examples of use within OCLC and their products: > http://oclc.org/research/people/follow.html > ContentDM: http://www.contentdm.org/help6/custom/configure9.asp > WorldCat.org: > http://www.worldcat.org/title/jazz/oclc/25048293&referer=brief_results > > For kicks I just did a Google Advanced search for AddThis limited to the > .edu domain, wow. > > What is the alternative for libraries looking to promote their services out > into the polluted ocean of the internet where everyone else is swimming? > > --Jimmy > > > > > > On Wed, Aug 13, 2014 at 2:33 PM, Gary McGath <develo...@mcgath.com> wrote: > >> On 8/13/14 1:22 PM, Eric Hellman wrote: >>> It seems that Code4Lib hasn't discussed this., though the news is 2 >> weeks old. It seems that there are libraries using social share tools from >> AddThis", a company that has been using a technology called "Canvas >> Fingerprinting" to track users. >>> >>> In other words, it looks like libraries are giving away the user-privacy >> store. >>> >>> For example, AddThis is used by my public library's Polaris catalog >> (BCCLS). >>> >>> I'd be interested to learn how widespread this is. >> >> It's pretty widespread in general, but I don't know how many libraries >> are using it, or why. >> >> It's a concern regardless of absolute numbers, because it targets people >> who are concerned about being tracked and have taken steps to make >> cookies less effective. (For example, I discard cookies at the end of >> each browser session, making long-term tracking ineffective.) >> >> It isn't "virtually impossible to block"; mapping addthis.com on the >> client computer to 127.0.0.1 (using /etc/hosts on Linux and Unix >> machines) does a nice job of it. But anyone who uses it really is >> betraying the user's trust. >> >> >> -- >> Gary McGath, Professional Software Developer >> http://www.garymcgath.com >> > > > > -- > Jimmy Ghaphery > Head, Digital Technologies > VCU Libraries > 804-827-3551