▼

Technology: Patron Privacy FAQ

Show All Answers

1. Do the public computers store my information?

No. Once you log out of your session, an application called Deep Freeze clears your browsing history, downloaded files, saved documents, and other information, reverting the computer to the exact state that it was in when it originally booted.

2. What happens if I forget to log out? When I’m logged off because there’s a queue or the library is closing, does the same process take place?

Computers log off users automatically after 10 minutes of inactivity, and when your session ends early because of a queue or library closing, the same “Deep Freeze” process takes place. Please note that if you forget to log off (or are logged off by the system), your privacy will be protected, but you will most likely not be able to log in again without asking a staff member to reset your status.

3. Does the fact that I have to log in with my library card number mean that you keep track of which computers I use, and when, and for how long?

We do keep track of which card numbers use the computers and when; however, the information that gets logged does not reveal any detail about your activity. It is purely for diagnosing and troubleshooting IT issues, and it is never shared.

4. Is my internet use on your public computers secure?

The web browsers on library computers are equipped with two tools to protect your privacy. The first is a plugin called HTTPS Everywhere that provides an encrypted connection whenever possible. The second is a plugin called uBlock Origin that prevents banners, pop-ups, and tracking. The library has also enabled Do Not Track settings in browsers where possible.

5. Does HTTPS Everywhere mean that I can enter personal information on any website?

It’s still a good idea to check for a secure connection (HTTPS rather than HTTP at the beginning of the web address and/or a green padlock icon in the address bar) before entering sensitive information.

6. Do all browsers have HTTPS Everywhere enabled?

No: unfortunately, HTTPS Everywhere is only available for Firefox and Chrome.

7. Does that mean I can’t get HTTPS sites in Internet Explorer?

Sites that have built certain pages to use HTTPS will provide encryption on those pages in Internet Explorer, but without the plugin, their HTTP pages will not provide that extra layer of security.

8. Can I turn HTTPS Everywhere off if it’s affecting how a website functions?

HTTPS Everywhere can be turned off by clicking the icon in the browser’s toolbar (a blue square with a white S in it), then “Disable HTTPS Everywhere.”

9. How did you pick uBlock Origin over other ad blockers? I heard they allow advertisers to pay to show certain ads.

uBlock Origin has a reputation for independence. It also performs well in speed tests, pulling less memory and processing power away from the browser's other tasks (like loading the content you want).

10. Can I turn uBlock Origin off? Is it ethical to block ads when content creators like newspapers depend on them for revenue?

The question of whether or not blocking ads is ethical is up to each user, as there are valid arguments from both sides of the debate. If you would like to disable uBlock Origin during your computer session, either for ethical reasons or because it interferes with how a site functions, click on the shield-shaped logo in the browser’s toolbar, then follow the instructions printed beneath the large power icon.

11. I heard that Do Not Track was optional for websites, that they can ignore it with no penalty. Is there a way of knowing which sites comply?

There are some lists of compliant sites, e.g. http://donottrack.us/implementations, but since the policy continues to evolve, the library believes it’s best to combine Do Not Track with other privacy defenses, such as uBlock Origin.

12. What, exactly, are the privacy benefits of using the library’s secure wifi network? How secure is it if you give out the password to anyone who asks? Do you ever change the password?

The secure network encrypts communications and is much safer than the free network. It isn’t the password that protects users so much as the encryption key (the value applied to data to encrypt or decrypt it). Since a different key is used each time, there is no need to ration the password. However, we do change to a new password once every six months or so. Library staff members can provide you with the current password.

13. Are there privacy screens on the library’s computers? Why or why not? Can I ask for a privacy screen to be added?

We do not keep privacy screens in the library because of their tendency to interfere with screen visibility. You can check out a laptop on the first floor and use it in a location where no one can see your screen.

14. What kind of antivirus and antimalware software is on the library’s computers? Does it scan for keyloggers?

We use Faronics Antivirus, which proactively scans for all kinds of potentially unsafe applications: adware, Trojans, spyware, keyloggers, and other forms of malicious software. ESET Endpoint Antivirus gets consistently positive ratings from IT professionals, who particularly appreciate its speed and accuracy.

15. Do all library computers have the same IP address? Have you considered installing TOR browsers or becoming a TOR exit relay?

All library computers have the same IP address and use random ports for each request. Computer users may download the TOR browser on library PCs and use it during their sessions. It will be removed during the Deep Freeze reset between sessions.

16. Why doesn’t the library’s own website/catalog use HTTPS?

The library is evaluating the possibility of enabling HTTPS on the watertownlib.org website. Our catalog is administered via the Minuteman Library Network (MLN), so we cannot control its use of HTTPS. On that site, HTTPS only takes effect once you have logged in with your library card number and PIN. However, MLN has strong privacy practices, as detailed on this web page: http://www.mln.lib.ma.us/about/privacy.htm. Here is an excerpt from its policy: “MLN keeps no permanent record of sites visited by library users, the electronic databases accessed, or the searches performed by individual users. While we may disclose information about use of our website in aggregate (such as server use statistics), we will not disclose to third parties any information that could be used to identify individuals or their use of MLN resources, except as required by law or appropriate law enforcement procedures.”

17. Do the website or catalog use cookies or trackers? Do they connect my website usage with my library account?

The library website and catalog both use cookies—small pieces of data stored on your computer—to improve your browsing experience. Your use of the library website is not connected with your library account, and your catalog searches—even if you search while logged in to your account—are not saved.

18. How do I know what privacy standards are in place with the services and databases you provide access to (OverDrive, hoopla, etc.)? Do those services keep track of my usage?

We encourage you to check the privacy policies of individual services. For example, OverDrive’s policy shows that they use cookies for things like keeping track of cart items, detecting your web browser language, and determining your library card authentication status. These policies are generally available online (e.g. https://company.cdn.overdrive.com/policies/privacy-policy.htm), but feel free to ask a librarian for a printed copy.