In a comment Jeremy from Canada raises the question of security in the Library 2.0 world. He raises some good points, and the most important in my opinion is:
I think it’s great that people are waving the flag for Library 2.0, but they have to start documenting the security that goes along with it or us IT people are going to take the blame for the problems that will inevitably arise.
The real issue here, apart form security, is that unless Library 2.0 involves all the various people who work in and around libraries it will fail from lack of support from the really important people. If the ICT-staff feels excluded from the discussion, I doubt that the technology part of Library 2.0 will ever lift off from the ground. Any library attempting to implement Library 2.0 without involving the expertise of the ICT-staff, support personell or any group (including users) have not understood the core concepts of openness, radical trust and communication that are the heart of Library 2.0.
Now to the security issue. There is definetly one, but I think that it might be useful to reconsider the way we view security. In the library public PCs are the gateway to the library resources and they are usually tested to the limit both of resources and security. I have myself picked chewing-gum from the keyboard, removed files from a supposedly locked harddisk, run restore routines and generally been frustrated by the sheer magnitude of keeping a public PC in a public library alive and running. So Jeremy definetly has a case when he writes:
Right now I get requests from staff/patrons for DVD burners, unrestricted USB/floppy access on PCs, little or no restrictions on internet PCs, the ability to install their own software, unrestricted wireless access (aka. hello BitTorrent, goodbye bandwidth), open network shares for patrons with unrestricted quotas, MP3 filesharing terminals, and more. All this in the interests of supporting a 2.0 way of life with little or no concern for the security and/or legal interests of the users or perhaps even the staff
Both the security and legal aspects does need to be considered. Security can be based on “worst case scenario” as in “unrestricted wireless access (aka. hello BitTorrent, goodbye bandwidth)” but this needs to be supported by evidence and experience. I have not heard of extreme misuse of bandwidth in any of the academic or public libraries that offers free and open wireless access here in Norway. It might be time for a different and more trusting approach, where the library staff understands that the ICT-staff is NOT responsible for the problems that may occur if there is instances of misuse. IF the trust is misplaced and major misuse occurs, the the policy has to be reconsidered, but I do believe that it is better to trust first and sanction later. “If you trick me once, shame on you, if you trick me twice, shame on me.”
The issue is also divided into the security of public access computers in the library, and the access and services that the library offers in and outside of the library. The first part is a problem that will be with us for the forseeable future, and not one which I have the knowledge and background to suggest any solutions for, but I also see a trend that will take some of the pressure of the public access PCs and that is the move toward mobile computing.
The proliferation of small computers that use any kind of connectivity, wifi or 3G, to connect their Palm, PocketPC, mobile phone, OrigamiPC, iPod 6G, PSP or DS to use the library services will present two challenges to the library, first the library has to provide services that are compatible with smaller display technology and in platform independent formats, and secondly the importance of the public access PC will decrease, but may be even more important to the people who has no other means of access, which in turn challenges the library to provide PCs that gives the user most of the usability the private units have.
The legal aspect of opening up the library as a communications and information network node are interesting, but not one I´m able to go into now. Sufficient to say that we must first have instances of use that are legally troublesome before we raise the bar for all legal use.
Filed under: Library 2.0, Security, Users
Comments