Full Text

This month's column is amplifying the signal on a movement that has been brewing in the library world: getting libraries to make patron's digital activities as secure as their own lending records. There are a few ways to do this, but I'm going to focus on using HTTPS.

You're probably familiar with the http:// prefix in web addresses. You may not know that it stands for Hypertext Transfer Protocol, but you don't really need to. HTTP is a method of exchanging information- mainly webpages-online. The information goes over the internet in plain text, unencrypted. This is fine if you are just trying to look at a website about caves or bats, but less fine if you are sending passwords, banking information, or other things that you'd prefer to be more secure.

How

Privacy-conscious individuals can use browser plug-ins for Firefox, Chrome, or Opera such as HTTPS Everywhere on their own computers, which lets them use an encrypted channel for sending information when possible. However, if libraries are in the privacy business, shouldn't we be offering HTTPS to our users as much as possible?

Eric Heilman, who runs the popular library blog Go to Heilman, has been working with the Library Freedom Project to get libraries to commit to digital privacy by signing the Library Digital Privacy Pledge. Simply put, it asks libraries to commit to using HTTPS to "deliver library services and the information resources offered by libraries" in 2016.

Historically, this has been an endeavor that came...