Library security same after threat

From The Newton, Mass weekly Newton TAB:

A month after someone allegedly e-mailed a terrorist threat from the Newton Public Library, the library has not made it more difficult for potential criminals to use the Internet.
"Anyone could walk in off the street... the [alleged terrorist] could walk in tomorrow and do it again?" Alderman Brian Yates asked librarian Kathy Glick-Weil at a meeting last Wednesday.
"That's right," Glick-Weil said.

See prior LISNews coverage from Jan 25 [2], Jan 27, Feb 6, and Feb 19


So, when the next guy does it are they going to obstruct the investigation again?

It will be interesting to see what the courts do. I heard sometime in 2005 someone put forth legislation to include email in the same laws as wiretapping. Do you know what ever came of it?

I agree that getting a warrant is the wise course of action. You are correct that evidence obtained pursuant to a warrant has much less chance of exclusion than that obtained without a warrant.

The rules for email peeking are so complex involving so many variables I can't make heads or tails of them and they are evolving based on current cases even as I write this.

Yes, I do from time to time digress, but people really shouldn't expect privacy in the communications unless you send a first class letter or call someone on a plain old telephone line. Those are the most secure methods of communication.

I enjoy the discussions on LisNews.

But, we are not talking about someone reading a computer screen over my shoulder that is in "plain sight". We are talking about government officials going on a fishing expedition after the people have long left the computer.

I thinky you are talking about something different. I do not think you can use the arguement of holes in various technologies as proof that people do not expect privacy or that government respect our privacy. Phone calls have been known to be crossed up so that someone else picks up the conversation, that problem in the technology does not waive the expectation of privacy. There is a great difference between technology insuring privacy, and citizens expecting privacy from government intrusion. I know that that the current technologies do guarantee privacy on the internet, but the average person does not understand the technology and expects privacy from government intrusion.

Maslow? And if you are suggesting that patrons can conduct research in a library without using computer resources, I am guessing that is the case in only the poorest regions where technology is not able to be purchased or for the simplest searches. Card catalogs are long gone in many libraries. Indexes to periodicals are purchase only in electronic form.

I think this is relevant to our discussion and offers even more questions: Trial, Nov 2005 v41 i12 p83(2), E-mail intercept violates wiretap law, First Circuit holds, Karen Ertel.

The First Circuit decision "reaffirms that e-mail is subject to protection against government intrusion and against misuse by Internet service providers," he said.

Of course, they said stuff like Hotmail would not cover under this ruling, but anything from a private server would be. So, if I have a server running at home, and access it from a public computer it would be protected. So, it appears more questions than answers still exist. I would think enforcement officials would still want to play it safe and have a warrant, since there are times were courts have said a warrant was needed. Since there is no black and white rule, why risk evidence getting tossed?

Communications in public are not private. I can stand behind you and read the screen as you type. It would be rude, but not illegal.

There is also a great difference between a public payphone attached to a private (telephone company owned end to end) circuit switched network, and a packet switched network that may flow over publicly owned network taking a circuitous path from the library to China to the next town over to delver your message.

If you expect privacy in email and chat then I am afraid you are quite the optimist. There is no privacy on the Internet nor should you expect any. While information obtained in this way would certainly not be admitted in evidence by any judge - in the same way I can't break into your house and steal your marijuana to give to the cops, none the less there is no expectation of privacy in any packet switched network. That is why PGP and encryption were developed.

No one needs to access library resources or personnel by computer mediated communication, it is frequently convenient to do so, but it is never a need, ask Maslow.

Patron registration and circulation records are protected in most states, perhaps all I have not checked - I can add those specific laws as a section to my page. Chat messages from one person to another who is not a library staff member are neither registration or circulation records. We can even go so far as to consider access of fee based databases a circulation record, but your hotmail is not a library record and never can be no matter how you look at it.

An expectation of privacy is never a guarantee of privacy. I remember using a rest stop on the interstate and having some freak next to me peering through some little hole while I recycled my big gulp. Sure privacy would be nice, and there is often that expectation but the Internet is not where to find it.

You want consistency: There is no privacy; while efforts are made to safeguard your communications a guarantee of privacy cannot be made.

Who says "communications" are not considered private? That argument does not seem to work, because as far as I know "public" pay phones would need a warrant to be monitored or get records from. It is the same thing.

Second, there is an expectation of privacy with email. I answer reference questions by email and patrons expect privacy. I participate in virtual chat and patrons expect privacy. They may need to access these resources by a public computer.

Finally many public and academic libraries require a barcode or other identifying information to login to a public computer. Patrons are expecting privacy and that we are not tracking their usage with this identifying information.

What is confusing patrons is the lack on consistency from library to library.

Email and instant messages are by definition not private as they are communications. Communications are naturally between one person and another or others, therefore their can be no expectation of privacy in communications transmitted over public terminals. The use of indexes, or e-resources is not a communication as it is a one way transaction not shared with others. It seems to be to be very clear, a LexisNexis search is remarkably different from a chat or email exchange.

One's library record encompasses patron registration information and circulation information, but nothing more. There is no case law supporting public computer messages as patron records. (At least none that I have found and I do try to keep current on this sort of thing. If you have any I'm delighted to review it.)

Courts have indeed ruled that computer files may be treated like a closed breifcase, however there is (and has so far been) no public equivalent of the closed briefcase. There is no right to privacy in public and as of yet there has been no litigation to determine exactly where privacy of cached information in a public library computer begins, or if indeed there is any privacy at all.

Whereas particular laws and case law have reinforced the idea of privacy of patron circulation records, patron questions (do you ask for ID before a reference interview) and transactions exclusive to the public library, using the Internet is not restricted to the library thus is not an intrinsically library function generating a library record.

Patrons have lost confidence in libraries, and librarians acting like the sky is falling because the police want to investigate a terrorist threat does not help re-establish that confidence.

Patrons may care if anyone can see their checking account after they shut down the browser, patrons may care if anyone can see if they checked out the AA Big book or the Joy of Sex, but most patrons don't care if the FBI wants to know if they chatted with with Aunt Sally. Blowing library privacy out of proportion, as the did in the case instant, does not help librarians credability, it simply makes us look like left-wing nutjobs.

Maybe their email account, their library record, their IM messages, etc. The computer is only the access point. Strictly speaking, the police would not what to search the computer but the contents of the files and/or histories. Courts have ruled that to look inside files is not the same as just finding something laying around in the open, since an application is required to explore the files.

Libraries cannot protect and enforce the patron's right to privacy (materials checked out, questions asked, etc.) if we do not do it across the board within our buildings. If we start protecting this but leaving something else unprotected, we lose the confidence of our patrons in us as an organization and profession. In addition, too many library resources are available through computers for us to say to our patrons use all the indexes and e-resources on this computer but do not expect any privacy in what you are doing.

What part of a public computer do you consider "their persons, houses, papers, and effects". It is not theirs it is a public computer.

Those fellas who wrote the Constitution did not do it over a few beers in some pool hall, it was a deliberate and deliberative process and each word must be considered. They didn't say public papers, or public spaces, they said "their".

If you don't have a copy of the Constitution I'll gladly loan you mine.

So, when the next guy does it are they going to obstruct the investigation again?

If the police fail to provide a warrent, yes. Remember:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized .
No warrent, no search.

LOL -> "If we find out who it is, I expect they would lose library privileges," Glick said.