« A few fun links | Main | Google Wallet and Library E-Commerce »

Public Computers and Patron Privacy

privacyphoto © 2009 Alan Cleaver | more info (via: Wylio)

Public access computers are essential tools. For library patrons with limited income, these stations may be their only access to online information. But are these shared computers safe? The answer depends on how the stations are configured as well as how they are used.

Configuration issues are many; too many to discuss in detail in a blog post. For SCLS Network computers, we take care to redress problem areas that are built in to the system and popular programs, then we layer on additional security software, Windows domain policy controls, and some clean-up scripting. These measures do help protect a user's privacy, but really they are more about protecting the computer.

The protection that any patron has for their personal information is most strongly related to their own behaviors and habits when using a shared computer. For example, some patrons have noticed with our new Koha catalog that the web browser's Back button can reveal some information about them after they have "logged off" from the catalog. Patrons are right to be concerned about this exposure. However, they are mistaken if they think Koha (or the library) is to blame. Many websites have comparable issues to varying degrees, and the truth is that logging off from a website is simply not enough if you are concerned about privacy protection.

For better protection, users should log off the website (whether it's the library catalog or their online bank) and then close all open web browser windows. For even better protection, they should log off from Windows itself (or log off from LibraryOnline, which then logs off of Windows for you). When Windows or LibraryOnline is logged off, additional clean-up scripting comes into play.

For the ultimate protection, the entire computer should be restarted. Restarting the system invokes our hard disk locking system. Disk locking software automatically returns the PC to the same state that it had when official SCLS maintenance was last completed, leaving no trace at all of what patrons were doing before the reboot.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.