I'm going to actually pass it on over and have Lisa introduce our session today, we're so excited to be partnering with lj and the movers and shakers from 2016, Lisa, welcome.
>> Thank you.
Thank you Jennifer and welcome Erin and everybody who is here.
I have been really happy to be a part of these great WebJunction webinars.
We've had so far court any Saldana from Ontario city library, California, and Liz Fitzgerald from Philadelphia talking about what they do at the library.
They're both movers and shakers, and just to let you know, "Library Journal" is going to be rolling out its 2017 batch of movers and shakers on march 15th.
Starting march 15th.
We roll them out gradually to keep everybody in suspense.
It's a great batch of people this year, and I hope everybody is going to follow along to welcome our new ones.
This webinar we have Erin Berman, she's the innovations manager from the San Jose public library, and she's a 2016 mover and shaker.
She's done a lot of great work at San Jose, including launching libraries first maker fair, and she directed the development of the virtual privacy lab there, which is a tool to help library patrons learn about privacy and come up with their own tool kit.
She was awarded $35,000 in prototype funding as part of the 2014 Knight Foundation news challenge on libraries, and today she's here to talk about the project and the work she and her colleagues have been doing on it since then.
And so Erin, I'd like to welcome you.
You can reach Erin at any of these shown social media addresses, and I hope you guys all enjoy this presentation from Erin.
>> Thank you so much, Lisa, and thank you everybody for having me here today.
As Lisa mentioned, I'm the innovations manager, and that might not mean a lot to you yet, but my responsibility is to seek out new avenues of service for our patrons, to investigate ways to ensure technology accesses for all of our citizens.
I also asked as a project manager for a large innovative projects that we bring on board, usually at a system level.
I started as a librarian almost four years ago and took on the role of privacy manager for the virtual privacy lab as one of my first duties.
At that time it really wasn't anything more than an idea.
It was just this fledgling grant that we had out to the eek OSU Fiore.
Before we get into the meat and potatoes of what the -- what is the virtual privacy lab, at its most basic, it's a free online platform which empowers people to make informed decisions about their online behaviors.
We believe that privacy literacy is an essential skill for our community members to confidently navigate online, and to be able to make informed decisions in the online environment.
So with the virtual privacy lab, you'll probably hear to me refer to it as the VPL, we wanted to provide an online learning opportunity that objectively offers information about various privacy related topics.
Many of the tools we saw offered audiences a biased look on privacy.
They were telling users there was a right or wrong way to behave online, and we understand our online lives mirror our offline identities, and they're richly diverse.
People may have different needs from day to day, or year to year, and our lab informs and gives the users the tools to make their own decisions online.
Users are guided through seven different privacy modules, and they're asked questions about their individual preferences online.
Based on those answers, they're given a personalized tool kit with links and tips, resources  which will assist them in being confident online.
This includes information for small businesses and nonprofits on how they can be responsible stewards for their customers' information.
We not only wanted the VPL to be personalized through questions but language, and we ensure it was translated in Spanish and Vietnamese in addition to English.
I'll go into more detail about those areas in just -- throughout this presentation.
As we know, focusing on big issues related to privacy is not anything new to libraries.
The American library association intellectual freedom man Wahl stats a Democratic society operates best when information flows freely and is free ail available, and it's the library's unique responsibility to provide open, unfettered and confidential access to that information.
Libraries have always been one of the few places where anyone could gain access to information on any subject and from a variety of perspectives.
Reading is one of our greatest freedoms in the library, and the library is the place to exercise that freedom.
It's open, and free marketplace for people to exchange knowledge and information without fear of reprisal.
Privacy is a essential -- essential to exercise of free thought, free thought, free association.
In a library the subject of a user's interest should not be examined or scrutinized.
Libraries are striving to ensure transparent privacy policies and practices, and we're minimizing the amount of data that we collect about users, even though we have lots of options to do so.
In our case we had to carefully consider what providing open unfettered and confidential access to information really meant within the context of empowering people to make informed decisions about privacy.
There were so many considerations.
For example, how do we make information about online privacy easily accessible to people, how do we ensure patron confidentiality in the process, and how do we avoid making assumptions about our users and their diverse relationships to online privacy?
With experience in teaching many different forms of literacy, it seemed like a natural fit for our library to find a way to help our patrons become more privacy literate.
Everyone in is room is quite acquire of how big a topic online privacy is right now.
I'm not sure if you've been keeping up on your news headlines today, but WikiLeaks just released a big CIA dump stating that the government actually has more power to unlock encrypted messaging apps and to listen in on to your smart T.V.s.
This is not the first time we've had information like that, we've had the Edward Snowden leaks, government hacks, email scandals, social media and privacy issues are constantly in the news, so online privacy isn't just a topic for those who have jobs in the internet eek OSU sphere, it affects everybody.
And as our online lives become more integrated with our offline identities, we have this need to become privacy literate.
We found our patrons were asking us about the topic but we realized we didn't have resources available to assist them, and I don't know how often you're getting those questions, but think about how often it's coming up at your libraries.
More people than ever are connected Via phone, or internet service at their home, or by using their library.
And yet while this digital divide might be closing, we kind of have reshaped it into a privacy divide.
Being able to access the internet doesn't automatically provide you with a set of skills needed to take a handle on your privacy.
Those in the upper echelons of the economic spectrum often have the ability to purchase iPhones that have built-in encryption or they've read articles which tell them which two-way authentication apps to use for messaging or they'll pay a fee to prevent their ISP from selling their information to advertisers.
If there's no one there to teach you how the internet works, how companies are collecting your information, or how to safely use your personal information online, you'll be stuck in this privacy-free online world and you're subject to the repercussions that come with that.
We wanted to find a way to provide a fun and educational resource to our patrons.
As a result, we asked ourselves this big question -- how might we empower people to make informed decisions about online privacy issues?
We set off on creating what today is the virtual privacy lab.
I want to provide you a little background about how we got to where we are today and what you'll see on the VPL.
In October 2014, the Knight Foundation ran the grant cycle asking the question, how might we leverage libraries as platforms to build more knowledgeable communities?
We submitted a response to that, we proposed that over the course of 24 months, we would develop a number of compelling, easy-to-use privacy literacy tools, so community members could better understand what happens to information.
Make informed decisions about their online activity and safeguards they may want to employ.
We were going to host public dialogues, and as part of that also build a DIY privacy literacy tool kit.
We had proposed a project budget of $700,000, and we're asking Knight to fund $400,000.
And the proposal did make its way through the first round, but it was not selected as one of the main winners.
And instead we were -- received a prototype grant.
So those of you who are looking to work with Knight or have worked with Knight before, a prototype grant is $35,000, and you get six months to rapidly create a working prototype.
As part of that, Knight actually sends everybody to the limit institute for a two-day training, and it gave a lot of skills on how to utilize design thinking practices, I still have -- I flew out to Pittsburgh to attend that, and came back with a bunch of skills for our project team.
Our original project scope was a bit larger than what we were able to do.
Now we only -- we didn't have 24 months, we had six months, we didn't have $700,000, we had $35,000.
So we really had to take a new look on what we were going to do.
And that original proposal we talked about that private si literacy tool kit, we thought that would be a great starting point.
So with our team attempt bed, we began the research phase of our project.
We're all libraries, and so you can imagine we love doing research and finding things.
We spent several weeks diving deep into the world of privacy and privacy education.
Woe looked for and evaluated current offerings on a set matrix to see what was offered.
And this is a whole new area of learning for most of us.
How many of you have read articles about online privacy or seen news reports would love to hear what some of your feelings and reactions have been to some of the things you've read online.
We've identified several problems with the current privacy education landscape.
So the first is that it's pretty scary.
A lot of doom or gloom, the more you start look nothing privacy the more you want to grab your tin foil hat and throw your phone into the river and never touch your computer again.
Yet we live in a digital world.
The majority of us want to have the convenience of online banking and we enjoy socializing through Facebook or Reddit, and sites are telling people that if they didn't follow these specific directions that all their information would be stolen, lives would be ruined, and there was only one option for them.
There are a lot of great amazing websites and groups with great content, but it's what the -- the exception and not the rule.
It's overwhelming.
If you take privacy into Google, you get about 5 billion results.
And if you type online privacy, you get about 2 billion.
So out of those billions of results, who do you trust?
This is an area where you want to trust the source telling you how to protect your information.
I think this is great where libraries come in, because people trust libraries.
So when most of us are presented with that information, I don't know about you, but I just see too much information, and you almost give up.
It's also kind of boring.
I mean P. let's be honest, privacy is not the sexiest of all topics.
And the sites were usually pretty lackluster, there was no interactivity, no personalization, just walls of text.
Also they were very one size fits all.
They assume everyone has the same needs.
And with that assumption of everyone having the same needs, we found no personalization and an assumption there's only one way to approach online privacy.
I think most of us here can say we think about privacy, and its impact on society.
It's part of being a librarian.
But are your patrons thinking about it?
Are they thinking about it in the same way that you're thinking about it?
Good questions to ask yourself and start thinking about.
Before we talked to our patrons directly, we looked to see if anyone Hells been asking those questions.
We found pew has done several studies about public view on online privacy, here you see results from a 2016 pew study, and this citywide shows most people don't understand how their information is being used online.
That they think it's important for them to have control, and that they would like to do more in order to remove their digital footprints.
People are waiting for tools and resource and we can help them.
We can be that resource.
It's our assumption, and I want to key in assumption is the key word, because we thought if people were given a fun platform to learn about privacy and tailored resources, specifically designed for them, from an institution which inspires trust, the library, then they would be more likely to take action and feel safe and confident online.
We began delving into what kind the platform we would create in order to help people become more privacy literate.
So we set out to kind of -- grabbed our tin foil hats and charged forward to set out to make that prototype.
With our team gathered, I set up a half a day design teamwork shop with everybody, and I'm not sure how many of you are familiar with the design thinking techniques, but a lot of you have probably done different exercises at conferences or training.
I highly recommend checking out the limit institute, they have a great tool book and guidebook which we use quite a bit in the library that has real practical tools, and I'm happy to talk -- happy to talk with anybody later if they want more information about that.
But we looked at all the research and began talking about who our stakeholders for the prototype would be.
This is a great first step for building any project you do in the library.
I want you to stop and can yourself, who is my audience?
Who is going to be affected by this project?
These people are your stakeholders.
Make sure you don't just look externally, look internally as well.
You have internally stakeholders.
Your staff is also going to be impacted by whatever project you create.
As we work for the day, we came up with that big picture question, which is, how might we empower people to make informed decisions about online privacy issues?
Before you begin a project, another thing to do is start with this big picture, how might we question, as it's called design thinking, make it broad in scope.
For example, if your problem is defined as how might I buy a new car,'s -- what's your solution?
It's going to be buying a new car.
Imraises other questions such as make and model, and financing, it closes any other creative solution such as a scooter or bicycle or ride sharing.
If you change your focus and you define it as how might I get from school to home to work, you get a whole other set of solutions, and you have more options.
Next we developed community interview questions.
We knew before we began building anything, we needed to talk with our stakeholders and make sure that our assumptions met their needs.
Remember earlier I mentioned that we had a said of assumptions we were working off, and those will only get you so far.
You have to actually go and speak with your community in order to find out what they want and need.
And you'll hear me repeat that throughout the presentation.
Talking with your community, and not just in a casual way, it's something that every single library can do.
Rural, city, big, small, anybody.
We happen to offer $5 gift cards to Starbucks or target to people who sat down and talked with us for about 20 minutes, incentives can help motivate people to speak to you, but sometimes that can mean buying cookies and having a focus group.
We then did an exercise where team members drew sketches of what they thought the solution to the big picture question looked like.
When everybody drew sketches we saw a common theme, and that was engaging.
They didn't want it to be boring and they wanted people to be excited about it.
We decided to build a game, that gave personalized tool kits and would assist people in making informed decisions about their online privacy, but we really had no idea how we were going to take this huge topic and make night something digestible.
But the first step was talking to our community.
So I want -- you're sitting at your computer right now, take a minute, close your eyes, and I want you to think about the word "privacy."
What does that word mean to you?
What images or thoughts pop into your head, just hearing that word "privacy"?
Take another minute and think about the phrase "online privacy."
Does anything different come into your mind?
Do you have a different set of standards for online versus regular -- real world or physical  privacy?
Have you experienced different privacy definitions from one cultural group to another?
After my masters I taught abroad and lived in a different country, and the privacy standards in the physical world were extraordinarily different than living in the United States.
And so you might also think about your community and that cultural differences might also make a difference in different negligence of how people view privacy.
Age is another one as well.
Your teens may view privacy differently than adults.
And differently than your senior community.
So we went out and talked to community members from teens to seniors, and everyone in between, and we asked them a series of questions starting with tell me a story about your daily online routine.
We asked what the word "privacy" meant to them and ."
>> Caller: Line privacy," we asked how often they thought about who has access to their information online and if they've ever been surprised by something they thought was private but later discovered wasn't.
We asked why they thought privacy online would be important and if they managed multiple identities online how they managed them.
And lastly, we asked what they wanted to learn online.
So we learned a great deal, we found really what our community was saying mostly -- we found privacy being a fluid definition.
It's not the same for everyone.
And everyone uses the internet differently.
You might use the internet differently.
Do you use the internet one way if you're under your work identity versus you're home with a personal identity?
Maybe some of you have made-up identities to post onto Reddit or imageR.
We also vary how we interact with our online identities.
We just knew above everything else, people were hungry to learn and wanted to learn.
So we found four main themes in what our community wanted to learn.
Who was using their information, how did they get it, what will they do with it, and how they can protect it.
Think about what types of questions you might want to ask your patrons and staff, and if you think of it, feel free to add them to the chat box and share them with the rest of the attendees  here, it's a great way to gather some responses or how you may interact with your community.
So originally we actually thought we would be building an app, and the majority of our funds would go to hiring a developer.
However, based on our community and the look at long-term feasibility, we decided content was king.
And so we could always reuse content.
Independently of anything else we design.
So we brought in two partners.
The first was international computer sciences institute in Berkeley, and they have a teaching privacy team who has been developing privacy modules for educators.
We focus more research on partnership because we wanted to bring an expert to make sure we have quality content that can be reused later.
And in content, it was always developed keeping a neutral tone, never asserting there was a right or wrong way -- wrong way to be online, just an informed way.
We also wanted to -- we worked with San Jose state University's game club, and we give stipends to four students who would work with us to build the game prototype.
You can see the beginning of our paper prototyping process.
I'm not sure if you've done this, but it was really fun, but a lot of work.
I wanted to give you an idea what the beginning of our project looked like and how we it rated to come into what we have today.
We did a lot of user testing.
We set up cameras, invite people in, you see the stick that's coming out of the guy's head, I had a whole set, I was like a puppet master, I had a whole set of sticks and we had a printout of a keyboard, so when people pushed the button, I would grab the sticks and move their characters along the screens.
They would jump up, and we would have drop-downs with questions and everything like that.
So as you can see on the screen here, we were originally -- in order to change the game play.
As we thought about more -- we should be collecting, they change how we did that.
And we don't collect demographic data anymore.
From that first paper prototype, we developed our digital prose.
If you follow this YouTube link you'll find a demo of the first level of the game we created.
We just did one level for the prototype project, and the seven that we would fully do.
Ideally if you have more time and money to flesh out the game we'd ask questions at the beginning to see what their gaming experience was like, and that we would customize it to make it more challenging for those more comfortable, but overall we found it was a fun game, but extremely challenging.
Just like in our paper prototype, we did user testing with our digital game.
We made sure to bring it to teams and -- teens, adults, seniors, to make sure we Targeted all of the audience.
We wanted to get people from a range of different graphics.
We offered small gift incentives, and it was part of this prototyping process and user testing that gave us the indication that we needed to have it in multiple languages.
One of our testers was playing the game and said this would be awesome if it was in Spanish, because then I could give it to my mother and then she would be able to learn from these things, because we can never find any information in Spanish online.
So we looked at our demographic and changed some of the things we were doing from there.
So you'll see in the screen pretty much everybody learned something new.
They were interested in playing more, it was low on the who took action, but we think that was because we actually printed out a page of the result and they had to go home and type in those results.
And we thought if they had easy access to click on a link and advice it a result straight from  there.
So the game was fun, we looked at what it would take to actually build it, and it was going to be like over a year of work and at least $150,000.
But we had great quality content.
We wanted it to get into the hands of the public right away.
So we decided to make it available through our website.
Our website is actually using DRUPAL, so we decided to build upon that.
We did some digging, decided to use the quiz model, which allowed us to ask people about their privacy needs and generate their privacy path based on responses to those questions.
We got that level of interactivity for everybody.
It was integrated into the learn section of our website and it's on the home page.
On this slide you're looking at the main page for the privacy site.
The content we intended to be level are represented in the construction zone, and then we added a section we call level up, which includes an in-depth article that was written from the international computer science institute.
There's getting started links, and a section about policies and practices around patron privacy.
I think the link went up into the chat box there.
I highly recommend go, poke around, investigate, but I'm going to take you on a tour together so you understand all the different sections.
From SJPL.org, click on learn, then it will lead you directly to the virtual privacy lab.
This divided into two sections.
We have the construction zone, which are the seven privacy-related topics, each topic includes a short summary and an option to build a customized tool kit for optimizing a user's privacy, and then also we have the level up section, which includes additional privacy resources.
And I'll go into that in a little bit.
So if I were to click on one of those, from here if I were to go here and cluck on data sharing, data mining, you can see a look at one of the topics.
And like I said before, we have an overview of online privacy, we have information about security and how the internet works, the state of online privacy, social media, online sharing, your information footprint anonymity, and tracking.
This is all freely accessible for any library out there.
So we'll take a look at this first topic, data sharing and data mining, and each of the seven topics are ranged in this same format with table of contents, we tried to break it up to small  digestible sections that would be easy for people to read.
After you're done reading about a topic at the bottom of the screen, you'll see a big link to  building your tool kit.
When a user clicks on that, they're taken into the beginning of a quiz, and those of you who have done like buzzfeed style quizzes, it's structured very similar to that.
We wanted people to feel familiar and comfortable with the for mat of those -- format of those vir stwal privacy labs.
So here you can see the questions.
None of them, I don't think any of the questions -- sections has more than four questions.
They're usually between two and four.
And we always want -- one of the questions is always asking if they're a small business or  nonprofit.
And we always make sure to ask that so we can give specialized resources for that area.
If they want them.
After you answer those questions, you're actually going to be given a list of customized results.
There's an option to print, to display all the links, and then you can -- or you can choose to email yourself the results.
The link for this as well, I do believe the link, if you bookmark it you'll always go back to your personalized results.
Like I said, it also provides results for businesses and nonprofits.
We find we're the only source out there that really has all of that information for businesses in one place.
So not just about how to be private as a business, but how to safeguard your customers' data as  well.
It's all really important useful information.
Like I said earlier, we also have the lab fully available in Spanish, and also in Vietnamese.
These are the second and third largest languages spoken in San Jose, and there's a lack of information about privacy, there's a little bit out there in Spanish, but certainly we couldn't find a lot in Vietnamese, so it's a great resource to provide to our community in a language that they speak.
In order to do this, we have the content from ISI professionally translated, and we took those professional translations and brought them to our in-house staff and our staff reviewed them to make sure they matched with our local dialects as well.
In the section here, the level up section, we'll go to the getting started today.
Those are for people who don't want to go through all the modules or want to get started with quick tools.
These quick tools here are all selected as free tools that people can use right away, without having to go through the privacy topics necessarily.
We found many of these tools when we attended the library freedom project.
During the sessions of this conference, we decided many new tools.
And then we consulted with professionals in the tech industry and with the library free project about what we'd selected for the site.
Then we tested out each tool and resource ourselves.
You can see some of these have asterisks because we tested them ourselves and noticed they did have some interference on how we regularly use the -- our internet.
And so we wanted to let people know if they installed them, it might cause some errors in the websites they visited.
Woe continue to monitor these tools and resources Via news outlets, and link checker module, and these are mess -- use our messaging tools as an example.
We had to decide what to do with a Khryapa -- tools like telegram are blowing up, thanks to celebrities like john Oliver mentioning them, signal the mess jg platform with the whisper system, you may have been hearing about that lately.
And things to more popular messaging apps switching enprescription protocol, we've been adding  those.
We consider all sorts of these things when we decide to add or remove a tool.
The other section is the privacy at your loi bring.
As a library it's important for us to be transparent with our customers.
We want our patrons to know what we're doing with their data, and be aware we partner with certain vendors that have their own privacy policies.
A page like this is a simple things that pretty much every library can do.
But it's not a formal privacy policy.
Which everyone should strive for, but it's an acknowledgment and ascertation of the ways in which libraries protect privacy and interact with information.
We also include a section about what ALA and the greater library community think about privacy, and what libraries are doing to take a stand for patrons' privacy rights.
We have that in-depth article as well, this is for people who really want to take a deeper dive into the world of online privacy, it includes even more resources, and has a lot of content available for people who are really interested in taking it to another level.
We've had a lot of positive feedback about the virtual -- libraries such as Denver and Austin public have featured the VPL on their websites, it's a resource their patrons can access at any time.
Providing the link to the VPL on your your site is a low-barrier way to enter the -- enter and highlight the privacy.
So -- at your location.
It's freely available, we -- please take the link, share it to your patrons, post it to your  website, all we want is for this to be a widely used resource for everybody.
The site's been visited a lot in the past year that it's been up.
We've had 8500 visits.
Users have created about 1600 tool kits, and they've visited 1100 outside resources.
That means they clicked on 1100 links and advice Ted Kaczynski the resources that we gave them.
We've been the resip -- recipient of several awards, and we've also had great response from outside the library world, so we've foe Ken -- we spoke at the domestic violence tech summit, we were there to talk about ways they might use the virtual privacy lab to assist their clients.
It can benefit a huge amount from learning how to keep their information secure online.
The LAN was also featured recently at UNESCO's literacy week in Brazil, and we spoke at a privacy lab where we had a direct line to industry professionals.
Can you think of any partners in your community, it would be great to share those in the chat box of anywhere you think might benefit a community or an organization or type of organization that might benefit from more privacy education.
The connection we've had from -- with -- has been a fantastic partnership, and more currently working with their staff and volunteers to do a content audit of the site W an ever changing privacy landscape like the news that has come out today, one of our biggest challenges is ensuring the information we're providing for our patrons is current and up to date.
We plan on continuing to perform audits at least once a year.
In addition to our regular monitoring.
And so if you do decide to link to the virtual privacy lab, that's something our library is  committed to doing and making sure that information is up to date.
One of our big challenges is knowing how the lab is being used.
So we purposely keep our data collection to a minimum.
Using Google analytic only to see how often the page is visited and where they found the link and if they visited an outside link.
One thing we're planning on doing is usability testing directly with our community and continuing to speak to them about their needs.
We'll be looking into the site design and content to find out if there's any ways of improving what we're offering.
We're in the process of doing that right now.
Another challenge has been in offering in-person classes.
When we first launched the lab we hosted several in-person, but -- something that we'll be Revis thing again this summer  and see if there are more engaging ways to work with partners, but I'd love to hear fromN one who has been running in-person privacy workshops, what they've done to make it work at their location, that would be valuable for everybody to hear.
It's also a challenge getting staff involved in understanding privacy.
We're looking into doing privacy and library ethics training for our staff so they can know the fundamentals and point patrons in the right direction.
I would love for you to think about -- I don't know how many of us in the room are librarians, but we got education in ethics and privacy and all those things, but the majority of library staff didn't necessarily.
And so making sure that we -- that people know about those things is important.
What can your library do?
The first thing that anybody can do, big or small, is to be transparent with your patrons.
Take a look at your library section in our lab, and if your library has a website which it probably does, you can add a small section in there which talks about what your privacy policies are, again, this is not a full privacy policy, but it's a first step to transparency.
If you don't have anything, then now is the perfect time to start the conversation.
This shouldn't be just about digital privacy.
For instance, we also send information about cameras that our security officers wear, at our main library.
Again, I can't say this enough about any project or program you're going to do.
Talk with your community.
Assumptions won't get you very far, and always design with the community first.
With humans front and center.
Don't just talk to people in your library either.
If possible, go set up at a coffee shop or community center.
Talk to people about their needs and concerns, don't tell people what the library is planning to do for them, ask what their concerns are regarding privacy and security.
Find out how they're using the internet.
Talk to parents about how they think their kids are using the internet and go to the kids and find out what they're really doing.
Staying neutral, my feeling at least is that a public -- at the public library, it's our responsibility to inform.
We're here to provide information, not push an agenda.
I may feel one way in my personal life but we represent an entire community.
And lots of people have different needs, lead different lives than I do.
The best I can do as a librarian is to provide all the top quality information that I can, I can answer questions openly and honestly, and then let people make their own choices.
Customize your programs for your community.
This ties in with talking to people, but what works for one of your libraries may not work for another.
We tried this big and broad thing, and we knew if we were going to do it we needed it to be translated.
Going into another community, the Vietnamese or Spanish options may not be of much use, but for us they were important in thinking about what your community's needs and wants are.
You can also get informed.
Which you've all taken the first step in doing by being here today.
Go out and read about what's happening in the world of privacy.
What products are out there, how are people being educated, go through your Facebook privacy  settings, read policies from other libraries, read your own, read Facebook's and everybody's, and just try to understand, because the more you understand, the more you'll be able to talk to your patrons about it when they come in and ask questions.
We should also start looking into our privacy policies and the inner workings of our libraries and how our own internal procedures and policies align with our patron privacy.
The importance of ensuring users' privacy is extended beyond just books in the digital age.
Intellectual freedom committee released new guidelines  that outline strategies and best practices for protecting patrons' privacy in the digital environment.
These include guidelines for public access, computers, and network, library websites, and for data exchange network device and services.
I highly recommend that you all take a look at the new digital privacy guidelines, and then start planning to do an internal privacy audit if possible.
If you're not in the capability to do that, talk to your management about it, ask questions, we are actually going to be starting not this -- we're going to be using the library privacy  checklist.
These checklists provide any library with the guidance they need to take action and make sure they're in line with the ALA guidelines.
So each checklist is organized into three priority groups, the priority one are actions  that we're hoping every library can do to improve privacy practices.
And then privacy two and three actions may be more difficult for smaller libraries to implement or depending on how much access they have their own networks, or technical expertise, but it's something that I'll libraries can hopefully try to achieve and strive for.
During this audit, we'll also allow you to create and -- or revisit your library's privacy policy.
Do you have a uniform policy now?
Is it easy for patrons to find?
If you don't know about it, your patrons don't know about it either.
When was the last time it was updated?
So you may find that you have confidentiality policies, or all sorts of different disparate policies about privacy on computers, programs, but they really should -- we should try to piece them together into one statement and then something that could be easily found by your staff and by your patrons.
And ALA has a ton of resources online for this.
I'd love to hear what things you're doing right now internally or externally around privacy at your library.
So I also on here I put up Julie's -- Julie's email, she's our web librarian and she's the principle designer behind the virtual privacy lab.
If you have technical questions about how it was created, she would be the person to ask.
Thank you to everybody for coming today.
I appreciate it, and I'm happy to answer any questions that you might have.
>> Excellent.
Thank you so much, Erin.
This is so exciting to see people definitely chiming in that this is going to be really helpful for them, both in sharing with their community, and their staff, and someone actually teaches an  MLIS class to -- on materials in services, and she had a great question, how would you talk to new librarians about privacy literacy?
And I did share in chat the resources from the data privacy project, which I know has a curriculum that's more targeted towards library staff.
But you talked about it being tricky getting staff on board, so what are some of the successful ways that you have talked about privacy with new librarians?
>> It's actually something that we're just now starting to explore.
It hasn't been part of the -- we're actually in the process of Revis thing what our trainings look like for when we on board new staff.
It was one of the areas I put on there as a thing that was lacking right now.
So it's something we're actually in the process of building and looking at.
We have that recently -- where we sent out notifications for our staff recently about -- we have a lot of patrons who especially in a diverse highly immigrant city, who are very concerned about the ICE raids, so we actually thought about the -- does all of our staff know what to do when a federal agent comes in and asks for patron information, do they understand what that privacy policy really is.
So we did make sure to inform all of our staff and have that conversation with our staff about what do they do, because that's a scary situation.
But it happens a lot, at a lot of different libraries.
And somebody walks in with a badge, especially if you've never been to library school and been taught that, you might think you have to hand over the information.
And so I think again, it gets back to looking at what your own library's privacy policies are, and why that privacy audit is important, and it's something we're undertaking this summer, to  really see where we're at, what our current standing is, what areas we need to improve on, and how we can make sure that we are doing everything in our power to inform all of our not just our patrons, but also our staff.
So having that open and honest conversation, acknowledging the areas where you might be lacking is okay, but making sure your staff understand how to interact with the patrons, what your own policies are, if a patron asks them to come in and fill out their Facebook or their tax forms or something like that, how -- making sure staff know how to interact with those confidential personally identifiable -- I apologize, personally identifiable information when a customer is interacting with them.
Things like making sure people know to not have paper sign-up logs they leave out, especially in teen areas.
And if they do use paper sign-up logs, shred them, and there's a policy in place that takes care of all those things.
>> Absolutely.
Well, and it came up earlier, the challenge that this is constantly changing, that you can't really put your finger on privacy, because there's always something new, and as your example with current events, that's almost in addition to reviewing your library's privacy policy and  updating that regularly, updating the learning that needs to happen or having those conversations regularly.
So I think you've got a great point building that in there.
There was also a question related in terms of how difficult is it for you all to keep the information on the VPL current.
Have you had to review that, or do you have a review process in place for the content?
>> Yes.
That's what we're doing right now.
We are doing a content audit in conjunction with mod sila.
They have offered their staff and volunteers who work on their privacy issues.
And they're actually reviewing our content with us right now.
It's such a challenge.
It is changing all the time.
I think there's some basic -- there are a lot of basics that stay the same, but there are new apps, there's new websites, so what we've committed to doing is we always check our links all the time, we have a link module that it's always checking links to see if they're broken or down, and when those come up we see if there's different content we want to provide in its place or if we want to take it down.
That's happened several times throughout the course of having the VPL up and live.
As for the actual content, we've committed to doing a yearly audit on that, and to make sure that we are trying to provide the most up-to-date information that we possibly can.
And again, we do check things like news sources, so the information coming out today about the fact that some of these encrepted messaging apps may not be as secure as we thought they were.
It's something we'll probably be following here, and if needed, adding some notations to our virtual privacy lab, letting people know the -- what the limitations are.
>> Okay.
That's great.
And I -- that bottom section obviously you're updating that more regularly too, so that's really helpful.
>> There's a lot of information out there.
>> Yes.
I know.
Well, I think that's, you know, even us in the field, you know, being information scientists, for it to be as overwhelming as it is, we can only imagine how overwhelming it is to the patrons and the community.
>> And that's why I think it's -- for me it's providing that baseline.
If you're -- this is I think important when we talk about that privacy divide.
It's a real thing.
If you look at the way that people from different income levels or experiences that they've -- the amount of time they've had online, they use the internet very differently.
So if somebody has not been taught the basics on how to create safe path, or knowing email phishing schemes, or not to download -- some of us may have already experienced this with clients or our parents, of how you just at a very basic level be online without risking your personal information getting in the hands of somebody who shouldn't have it.
>> M-hmm.
Well, and that makes me think of the other question that came up when we were talking about what information newer librarian needs, but someone said being a newer librarian, how can I talk to veteran librarians about privacy, and somebody else mentioned the services to seniors being able to explain it to folks that are not digital natives.
Have you found that there are ways to -- I keep thinking of analogies that can be used to help them understand, but I'm not a young librarian, and I definitely feel naive in many of my online experiences.
>> I think this gets back to again talking to your patrons and finding out how they're already using the internet, so one of the first questions we asked people when we surveyed them was, tell us what your daily routine is online.
It gave us an insight about how somebody -- how different demographics or age groups will utilize the internet.
When we talk to a group of teenagers, the very first thing teenagers and a lot of people in their 20s and 30s did, the very first thing before they ever got out of bed was to pick up their cell phone.
And they were interacting online through their cell phone.
Whereas when we talked to seniors, they -- sometimes they didn't even get online every day.
And so they had different needs, so being able to find out if I'm going to work with a group of seniors and teach them about privacy online, I might only address three topics that are really important.
But if I am going to talk to a group of college students, I might pick a whole different group of topics to discuss, or I might make it into a beginner's class and an intermediate class and expert level class.
And being able to do it that way.
And that's kind of why with the virtual privacy lab we wanted people to be able to have a personalized tool kit, so if you answer on those questions like, I'm really interested, and I really want to do a whole lot of things to be present online, I'm okay with technical things, it's going to give you things like downloading a tour browser, whereas if you say you just like want to do the minimum, it's not going to tell you to install your own virtual privacy -- VPN or anything like that.
That was exactly kind of why we did this with a customization in mind, because different user groups have different needs.
>> M-hmm.
So much, so much for sure.
I do want to thank everyone for being here, and I want to remind folks that the learner guide is a really great tool for you to extend the conversation.
It actually will lead you through looking at some of the learning that you yourself do as you work through your own tool kit.
So be sure and take a look at that, and as I mentioned, feel free to customize it, if there's specific things that you want to tackle, there's an excellent section on auditing your  library's privacy policies, leveraging some of those great tools from ALA, so know that this is something that could be of great value, perhaps reviewing it at least every six months or at least every year.
So thank you so much, Erin, for bringing all this great work.
Thank your team, thank everyone that was involved in creating this, and your community for testing it out for all of our communities as well.
It's so exciting that it's available to everyone, and I'm sure you'll have a few -- a little bit more traffic coming through, hopefully.
And just a reminder that you can connect with Erin through all these different ways if you think of other questions or you want to let her know how you all are using the resources, be sure to follow up with her as well.
And I'll mention -- go ahead.
>> I was just going to tell people, thank you so much again for being here, and please don't hesitate to email me if you have a question.
I'll do my best to answer you.
>> Absolutely.
And I saw a question, what would you say is the minimum to do for privacy?
I guess that could depend on whether it's for personal privacy or if you're looking at the minimum for what your library should be doing, and I encourage you to look at those -- the ALA guidelines -- the checklist, there's that priority one actions for each area, each checklist, and that was a really helpful thing to look through in terms of first steps.
Any other thoughts on that, Erin?
>> I think for personal is probably password management is probably the number one thing.
And I even was doing the password switch recently, and even being a tech expert sometimes I mess up and I locked myself out of my Google account for a week.
And it happens, it made me very aware of, you know, making sure that you utilize the tools in the appropriate way, and I misused the way my new password manager and locked myself out.
So understanding how to create good passion words -- passwords, because it can make a huge difference, especially when information gets leaked.
And making sure that you understand that when it does get leaked, that you need to change your passwords.
The most recent leak of personal information, being able to understand passwords and that they need to be regularly changed and how to create good passwords, as far as for a library, having at least something online that is easily accessible by your patrons that tells them what your policies are.
Even if it's not a formal policy, privacy policy, having something that just tells people, here's how we use your information, I think that's a really important step in ensuring that people know that if they go to one of your -- overdrive or a vendor they're going to have a different privacy policy than you do, so they need to know when they interact with other services  that we offer.
>> Excellent point.
Definitely.
Fantastic.
I will be sure and email you all once the recording is available, and as I said, I'll send you all a certificate within the week.
And I'll be sending you to a short survey once you leave this room, and please take a moment to complete that.
We provide that feedback to our presenter, and it helps us guide our ongoing programming and again, thank you to library journal for partnering with us on this series, we're so excited to showcase the great work of the library journal movers and shakers, and thank you again to Erin for all your fantastic work, and we'll wrap up now, everyone have a fantastic day.
Thank you.