Free speech, librarianship and the chilling effect of surveillance

chilling effect

Image c/o glassghost on Flickr.

Free speech has become the hot topic de jour amongst the chattering classes. Barely a day goes by without some new threat to free speech emerging. Indeed, it seems to have become somewhat of a middle class obsession, which is perhaps unsurprising given that many of the so-called threats to free speech are actually threats to middle class privilege and effectively seek to strike a balance between those with privilege and those without (hello safe spaces). So threatened have the privileged become, the adolescent middle class journal of choice (hello Spiked!), has even launched a “campaign for free speech in higher education” – a campaign that peculiarly obsesses with one particular aspect of free speech, but spending little time on the broader issue.

To a certain extent (not entirely, I’m not for one moment suggesting most don’t engage in discussions around this topic), librarians and the profession in general have tended to neglect the debate on intellectual freedoms, preferring instead to pontificate on areas that are traditionally private sector obsessions. It’s curious as to why this is the case. After all, our profession is steeped in the principles of intellectual freedom. We believe people should read and access what they want, we believe that censorship is a bad thing, we believe that access to information should be equal to all. Yet despite this, whilst we live in an environment where intellectual freedoms are apparently up for discussion, there is little space occupied by a profession that should be seeking to defend such freedoms. There is certainly plenty for us to get worked up about…

Recent developments have highlighted the extent to which our non-engagement (our “neutrality”?) is having a detrimental effect on public discourse.  According to the principles outlined by CILIP, we are minded to ensure “commitment to the defence, and the advancement, of access to information, ideas and works of the imagination” and “respect for confidentiality and privacy in dealing with information users”.  Yet are either of these possible when mass surveillance exists? Does mass surveillance not pose a threat to our ethical principles and, by extension, our existence? Without our ethical principles, surely we are no better than the volunteers we claim deliver an inferior library service?

The threat to our ethical principles particularly manifests itself via the “chilling effect” of surveillance strategies – that is, that knowledge of surveillance activity impedes our intellectual freedom, resulting in modifying our communications and information seeking for fear of being watched and, ultimately, punished (regardless of whether the punishment is based on an incorrect interpretation of activity). This effect has long been debated and argued, and to an extent the jury is still out on the extent to which it exists. However, it does pose a particular threat to us as professionals, one that undermines our ethical principles and, therefore, calls into question our existence. (Surely ethical principles are what divide us from volunteers providing library services?)

This notion of a “chilling effect” is not exactly a radical one. In 1967, the President’s Commission on Law Enforcement and Administration of Justice concluded that:

“In a democratic society privacy of communication is essential if citizens are to think and act creatively and constructively. Fear or suspicion that one’s speech is being monitored by a stranger, even without the reality of such activity, can have a seriously inhibiting effect upon the willingness to voice critical and constructive ideas.”

This was, of course, long before the kind of mass surveillance we are familiar with now had emerged. This impeding of the ability to voice critical and constructive ideas is one element of the impact of the “chilling effect”. But to be able to voice critical and constructive ideas you must be able to seek out ideas that challenge the status quo, that provoke critical reflection on the democratic process.

More recently, further research has suggested that there is a very real “chilling effect” following mainstream awareness of surveillance strategies conducted by the NSA and others. A recent study by Oxford’s John Penney [SSRN link, sorry!], for example, found a notable decrease in visits to contentious topics on Wikipedia following the Snowden disclosures. Penney found that there had been a

“20 percent decline in page views on Wikipedia articles related to terrorism, including those that mentioned ‘al Qaeda,’ ‘car bomb’ or ‘Taliban.’”

This follows a 2015 paper which found that [sorry, SSRN again]:

“…users were less likely to search using search terms that they believed might get them in trouble with the U.S. government”

Furthermore, the US Department of Commerce underlined the extent to which a “lack of trust” in internet privacy and security may deter online activity. Following a survey asked of 41,000 households with more than one internet user, it was clear that many felt that government surveillance had an impact on their expression of ideas online. According to their analysis:

“The apparent fallout from a lack of trust in the privacy and security of the Internet also extends beyond commerce. For example, 29 percent of households concerned about government data collection said they did not express controversial or political opinions online due to privacy or security concerns, compared with 16 percent of other online households.”

They conclude that:

“…it is clear that policymakers need to develop a better understanding of mistrust in the privacy and security of the Internet and the resulting chilling effects. In addition to being a problem of great concern to many Americans, privacy and security issues may reduce economic activity and hamper the free exchange of ideas online.”

These sentiments are echoed by Penney who argues that:

“If people are spooked or deterred from learning about important policy matters like terrorism and national security, this is a real threat to proper democratic debate.”

But what has this got to do with librarianship? Returning to those CILIP ethical principles, it’s clear that we have an obligation to ensure equal access to “information, ideas and works of the imagination”. Furthermore, it is clear that in an environment of mass surveillance, where the populace are aware that their online activities are observed and processed, individuals cannot exercise this freedom to access information because the “chilling effects” impedes them. The consequence of this is not only a reluctance to seek out critical ideas, but also a reluctance to communicate them. You cannot, ultimately, have free speech when you exist in conditions of mass surveillance. The conditions brought about by this “chilling effect” do not allow for it, unless you have the privilege to possess knowledge and skills about the techniques you can use to protect your information seeking habits and communications of course.

For me, this is where we need to be much stronger…because our ethical principles demand that we are much stronger. We should not, as a profession, accept the Investigatory Powers Bill and the threat it poses to us as professionals, undermining a key ethical principle to which we supposedly adhere. Equally, we should do more to protect our communities. Here the United States is well ahead of us, thanks to organisations such as the Library Freedom Project, as well as some efforts by the ALA and the Electronic Frontier Federation (which is non-librarian, but has played a key role in advancing the cause of intellectual privacy). Whilst moves have been apparent in the UK (see the recently announced Crypto Party in Newcastle), we have been far too slow to defend these core ethical principles. Perhaps this is down to a historic indifference in the UK towards free speech (see our libel laws as an example for how little value we place upon it – another example of the extent to which liberal values are something that only the privileged can enjoy). The extent to which there is a “chilling effect” on intellectual activity is debatable but so long as it is, we need to be at the forefront of that debate – both in terms of discourse and action.

Why librarians need to act on mass surveillance

We need to speak out as a profession against mass surveillance. Image c/o floeschie on Flickr.

Today the Investigatory Powers Bill has its second reading in parliament. The introduction of the Bill is not only a threat to society in general, it poses a serious threat to our profession and, in particular, our commitment to defend the intellectual privacy of our users. We must speak up as a profession to defend the rights of our users and, wherever possible, seek to defend their intellectual privacy.

Ever since the disclosures by Edward Snowden in 2013, I’ve been concerned about the impact of mass surveillance both on our society, and on us as professionals. Disappointingly, there seemed to be little in the way of action by the profession (particularly in the UK – hampered by a professional body that cannot be overtly political), until the Library Freedom Project came along and started making waves in the United States. Inspired by Alison Macrina’s work, I started to consider more deeply the impact of mass surveillance on our communities and the various issues it raised. For me, alongside concerns about intellectual privacy, it highlighted a further aspect of the digital divide: autonomy of internet use. Given the limited amount of literature on the relationship between the digital divide and surveillance, I decided this was an important area to explore more extensively. So, I started reading around and pulling together an extended piece for the Journal of Radical Librarianship on the topic.

The main inspiration for the piece was the article Intellectual Privacy by Neil Richards (which is available OA here and is highly recommended). For me this really crystallised some of the key issues around surveillance and the protection of intellectual privacy (the ability to read, communicate and seek out information without being observed doing so). Aside from the very crucial focus on intellectual privacy and its importance, Richards also highlighted the role of librarians in supposedly developing some of the “norms” of the concept itself. This role seems particularly strong in the United States (where Richards drew most of his examples), with even the ALA taking a role in advocating for the intellectual privacy of individuals through a variety of initiatives.

As well as Richards’ works, David Lyon also played a key role in forming my views. Lyon is a leading figure in surveillance studies and has written a number of invaluable pieces on the topic that, as with Richards, helped to clarify my thinking (see, for example, his paper on understanding surveillance today). For example, Lyon’s definition of surveillance was particularly useful in understanding how surveillance operates upon individuals. For Lyon, surveillance is about the “focused, systematic and routine attention to personal details for purposes of influence, management, protection or direction”. It’s interesting (yet unsurprising in some respects) the extent to which surveillance within the UK is seen as primarily about protection, with little consideration with regards to how mass surveillance controls or “manages” individuals (or maybe we just don’t care that it controls us). What I also found particularly useful here is that Lyon’s definition doesn’t solely apply to the mass data collection by the state, it also relates to that growing phenomenon: corporate surveillance.

Surveillance and ethics

Clearly, there is a conflict between intellectual privacy and mass surveillance. If you exist in the conditions of the latter then you clearly cannot have the former. For society it presents a serious issue – for librarians it presents a critical issue that gets to the core of our professional ethics. If we cannot (or do not) protect the intellectual privacy of our users, then we are failing as professionals. Indeed, given we exist in a state of mass de-professionalisation, where volunteers are seen as adequate replacements for “expensive professionals”, we are rather making the case for our own extinction. If we do not have a set of ethics and professional values that we not only espouse but actively promote, what makes us any better than a volunteer?

In terms of the profession in general, there are clear guidelines from organisations representing our profession regarding the conflict between mass surveillance and our ethics. In 2005, for example, the Chartered Institute for Library and Information Professionals (CILIP) produced a “Statement on intellectual freedom, access to information and censorship” and endorsed the Council of Europe’s ‘Public access to and freedom of expression in networked information: Guidelines for a European cultural policy’. The Council of Europe’s guidelines clearly stated that individuals are to “decide for themselves what they should, or should not, access” and that those providing the service should “respect the privacy of users and treat knowledge of what they have accessed or wish to access as confidential”. Furthermore, the International Federation of Library Associations and Institutions (IFLA) advised in their ‘Statement on Privacy in the Library Environment’ that information professionals have a responsibility to “reject electronic surveillance”, provide training on “tools to use to protect their privacy” and “respect and advance privacy at the level of practices and as a principle”. The message is clear, we have an obligation to ensure the privacy of our users and to provide them with the tools necessary to enable them to ensure the can defend their intellectual privacy.

Tackling the digital divide

This task is made even more urgent given the nature of the digital divide. We know well enough that access isn’t merely enough, but that individuals also require the skills with which to exploit the internet to their own advantage. In a report published in 2014, the BBC found that 1 in 5 adults lacked the four basic skills (send and receive emails, use a search engine, browse the internet, and fill out an online application form). Given that the most disadvantaged are most likely to be affected by mass surveillance it’s clear there is a need to provide the necessary support to ensure that everyone is able to ensure their intellectual privacy, not merely those with the means by which to do so. What is clear, post-Snowden is that the digital divide is as much about the gap between those who can protect their intellectual privacy and those who cannot, as it is about having the skills to be able to use the internet to benefit individuals economically, educationally and in terms of healthcare.

We, as a profession, have a clear commitment to tackle the digital divide. We play a crucial role in levelling the playing field, ensuring both access to the internet and support as individuals seek to exploit it to their own advantage. This crucial role is, of course, being undermined by the delivery of such support by the private sector, in particular banks (see Barclays Digital Eagles). Of course, corporations have no interest in ensuring privacy of the individual online, because greater privacy results in the exposure of less personal data which large corporations can exploit to drive profit. We, as a profession, are not beholden to share-holders. We have no reason to expose our users’ personal data for exploitation. We have ethical obligations not to expose the reading habits of our users. It is this that distinguishes us from banks and from volunteer run libraries.

It is, therefore, incumbent on us as library and information professionals to develop our skills with regards to online intellectual privacy, to seek to defend the intellectual privacy of our users and, more broadly, to speak out against government legislation that attacks our professional values as well as posing a threat to society in general. We have an obligation as professionals to defend intellectual privacy and to ensure that it is not only a value afforded to those endowed with social, cultural and economic capital, but also to the most disadvantaged and vulnerable in our communities. If we are serious about tackling the digital divide in all its manifestations, then we need to be serious about ensuring autonomy of use for all. So long as our communities are vulnerable to mass surveillance we will not achieve true equality of access to the internet and the wealth of information it provides. That is why we must act.


Clark, I. (2016). The digital divide in the post-Snowden era. Journal of Radical Librarianship, 2, 1-32. Retrieved from

The Imbalance In Transparency


Image c/o Jonathan McIntosh on Flickr (CC BY-SA).

Yesterday was a big day in terms of transparency, democracy and information rights. After months of criticism for the way in which it has been loaded to discriminate in favour of curbing Freedom of Information legislation, the Independent Commission on Freedom of Information published their findings, followed by publication of the government’s response. On top of all this, the government published its revised Investigatory Powers Bill (or “Snooper’s Charter”). In terms of the information flow between state and the individual, these two developments couldn’t be more important. The question is, to what extent is the information flow weighted in favour of citizens rather than the state? A question to which the answer is, I think, obvious to anyone with even the vaguest grasp of the history of the British state.

Given the sheer size of the debate and discussion in these two areas, I thought I’d bang all this together in one post, but split it up into two many themes: Information From Them and Information FOR Them. Seems to me that both these areas say a lot about where we are as a country, and I think such a distinction further emphasises the current state of play.

Information From Them

The FoI commission may have found that there is no case for new legislation with respect to the Act (meaning no substantial changes to how it operates), but this does not mean that it won’t continue to have serious limitations. The Act itself is imperfect as it stands now (and the increased outsourcing of public services to the private sector further limits its scope), and it’s not clear to what extent the government will use the findings of the Commission to come up with new and innovative ways to further restrict its impact. As Maurice Frankel, director of the Campaign for FoI, notes, rather than changes to the legislation it “could be that they are now possibly talking about various forms of guidance”.

For the government, the FoI Act has a very narrow appeal. It’s less about creating a culture of full transparency across government, both nationally and regionally, and more about beating the drum for value and efficiency. The Freedom of Information Act is more than just providing citizens with access to information on how taxpayers’ money is spent, it’s about holding politicians to account, ensuring that that all of their decisions are subject to scrutiny, not merely about how money is spent. This narrow perspective is still very much central to the government’s thinking, as evidenced by Matt Hancock’s statement in response to the findings:

“We will not make any legal changes to FoI. We will spread transparency throughout public services, making sure all public bodies routinely publish details of senior pay and perks. After all, taxpayers should know if their money is funding a company car or a big pay off.”

For the Conservatives, it makes sense that this is the extent of their endorsement of transparency. Spending taxpayers’ money plays directly into their narrative of difficult economic conditions that warrant the rolling back of public spending. Ensuring a focus on FoI as purely a mechanism to monitor local government spending shifts the emphasis and, ultimately, sends a message about how they view FoI. It’s not about transparency, or holding politicians to account. It is purely and simply about being a stick with which members of the public can beat local government profligacy.

One recommendation that is worth noting is the position regarding the “Cabinet veto”. The Commission recommended that:

“…the government legislates to clarify beyond doubt that it does have this power. We recommend that the veto should be exercisable where the executive takes a different view of the public interest in release, and that the power is exercisable to overturn a decision of the IC. We recommend that in cases where the IC upholds a decision of the public authority, the executive has the power to issue a ‘confirmatory’ veto with the effect that appeal routes would fall away, and any challenge would instead be by way of judicial review of that veto in the High Court.”

Although the government have decided that the veto will only be deployed “after an Information Commissioner decision”, the Minister’s statement adds that so long as this approach proves “effective”, legislation will not be brought forward “at this stage”. This is, to say the least, disappointing. As has been noted before, the veto simply acts as a way for ministers to avoid embarrassment (see the Prince Charles letters for example). Of course concerns about this particular aspect need to be considered in the context of the fact that the worst case scenario regarding Freedom of Information has not come to pass, but the phrase “at this stage” should put us all on alert regarding the government’s intentions.

That said, contrast the government’s position on freedom of information (where openness comes with caveats) with their position on surveillance (where caveats barely seem to exist)…

Information For Them

Following a number of critical reports about its Investigatory Powers Bill, the Home Office yesterday put forward revised draft legislation seeking to, in their words, “reflect the majority of the recommendations” from these reports. The reality is quite different, and very troubling on a number of levels, not least because of the intention to rush this bill through parliament at a time where other stories with substantial ramifications are dominating the news cycle (the intention seems to be to rush it through before DRIPA expires at the end of the year).

What of the proposals themselves? Well, they don’t make for comforting reading if you care about individual liberty and intellectual privacy. Despite criticism that the initial draft lacked any sense that privacy was to form the backbone of the legislation, the only change in this respect has been to add the word “privacy” to the heading for Part 1 (“General Protections” becomes “General Privacy Protections”). This tells you all you need to know about how the government views privacy. It’s a minor concern when compared to the apparent desire to engage in mass surveillance.

The Bill proposes that police forces will be able to access all web browsing records and hack into phones, servers and computers. Although the Home Office later claimed that hacking powers date from the 1997 Police Act and would only be used in “exceptional circumstances”, when giving evidence to the scrutiny committee, Det Supt Paul Hudson noted that these powers were used “in the majority of serious crime cases”. Needless to say, he refused to provide any further detail on the record. But there does appear to be a shift here from the police being able to view any illegal sites you have visited, to enabling them to view any website you visit.

In terms of encryption technologies (the bête noire of Western democracies hostile to privacy), there has been some clarity and yet there also seems to be somewhat of a loophole that could prove advantageous to those who know what tools to use to ensure their intellectual privacy. In the government’s response to pre-legislative scrutiny it advises:

“The revised Bill makes clear that obligations to remove encryption from communications only relate to electronic protections that have been applied by, or on behalf of, the company on whom the obligation has been placed and / or where the company is removing encryption for their own business purposes.”

The implication here seems pretty clear: to ensure you provide sufficiently strong encryption technologies, move towards encryption that you do not control, rather than those you do. If you don’t control it, you cannot remove it. I suspect the net consequence of this will be a muddying of the waters for those who wish to protect their intellectual privacy. It is already difficult to differentiate between which encryption tools truly protect you from mass surveillance, and which arguably do not (consequence being a new manifestation of the digital divide). Being able to differentiate between which tools do control the encryption placed on communications and which tools do not will undeniably require a degree of social capital that not everyone has the privilege to possess.

There are many significant concerns regarding this draft bill, many of which would take a huge blog post to cover…and I’ve not even read the full bill and accompanying documents yet. Rather than hit the 2,000 word mark, I’ve put together a list of key resources below. As librarians and information professionals we need to be on top of this. Defending the intellectual privacy of our users (whether that be in schools, public libraries, further or higher education) is a fundamental ethical concern. We need to take whatever steps we can to ensure we advance privacy, ensure the protection of digital rights and reject the monitoring and/or collection of users’ personal data that would compromise such privacy.

One thing I will add is that the combination of these two developments speaks volumes about the nature and transparency of government and in the United Kingdom. It is far less about ensuring a democratic system by which elected officials can be held to account, and far more about treating citizens with suspicion and thus undermining the democratic process. Given these circumstances, it is difficult to conclude that we live in a fully functioning democracy. When the state is entitled to more information about us than we are about them, there is no democracy.

Further resources

IFLA Statement on Privacy in the Library Environment

Investigatory Powers Bill – all government documents

Privacy International statement on IPBill

Investigatory Powers Bill – How To Make It Fit-For-Purpose

Don’t Spy On Us (authors of the above report on making it fit for purpose)

Access Now statement on IP Bill


Independent Commission on Freedom of Information report

Statement by Matt Hancock on Commission’s report

Campaign for Freedom of Information statement

The permanence of corporate surveillance

Image c/o Barbara Friedman on Flickr.

I’ve been thinking a lot recently about the nature of surveillance now as compared to how it operated in the pre-internet era (if we can even imagine such an era even existed). Surveillance is, of course, an age-old technique employed by the state to protect, to control and to manage. In many respects, the Snowden revelations shouldn’t have surprised us in the least. Did anyone really believe that a mass communication tool could be introduced without the state wishing to have a poke around in what was being communicated? Perhaps the only real surprise was the scale. Nonetheless, history provided us with the clues.

However, we can draw a very clear line between the kind of surveillance that was popularly recognised before 2013 and that which has come to light post-2013. The first, and most obvious, point to make is that surveillance has historically been targeted, not indiscriminate. Targets were identified and surveillance approved and conducted. It may be against particular groups, or specific individuals, but it was always targeted. Now, however, everyone’s communications are subject to collection and scrutiny. We are all, to a certain extent, suspects.

The other clear difference is the fluidity of the nature of our surveillance regimes. It is not merely the state that collects vast amounts of data about our activities, the corporate sector also gathers huge amounts of information about what w do, where we go, who we talk to etc etc. This data does not reside securely in the hands of corporations however. We know, following Snowden, that much of the data private corporations collect about our activities is also accessed by the state, either with or without the consent of said corporations. Thus we find ourselves in an environment of what has been described as “liquid surveillance” – a fluid state of surveillance where data flows, particularly between the state and corporations.

But there is a further difference between that which occurred pre-Snowden and that which we know post-2013: the permanence of it. Before the emergence of the internet, the course of surveillance wasn’t always unimpeded.  There were concerns and efforts to limit its scope or even to roll it back. The use of wiretaps in the United States is a good example of surveillance strategies being strongly criticised and, ultimately, rolled back.

Back in the early part of the 20th century, there was outrage about the federal use of wiretapping. This outrage wasn’t restricted merely to the strands of libertarianism on the left and the right (such as the right can be described as “libertarian” when it argues for the replacement of state authority with corporate authority), it cut across the entire mainstream of political opinion. Conservative newspapers were as outraged as the liberal press. The outrage was such that, in 1934, the Communications Act federally outlawed the use of wiretaps (reinforced by a Supreme Court ruling in 1939).

Although these safeguards were whittled away by successive administrations (Democrat and Republican), there was still a sense at the heart of the establishment that surveillance must be limited, at least this was the case publicly if not privately. In 1967, for example, the President’s Commission on Law Enforcement and Administration of Justice stated that “privacy of communications is essential if citizens are to think and act creatively and constructively” (the mere fact that our current government thinks privacy of communication is unnecessary suggests they rather don’t want citizens to think and act constructively…). Privacy of communications is crucial in a democratic society, the fact that this was endorsed by the President’s Commission underlines the extent to which this was hardly a view taken by a few radicals outside the mainstream. It was, to all intents and purposes, a conservative viewpoint on the impact of such intrusions. The big difference now, I think, is I couldn’t envisage such an acknowledgement or a restriction upon contemporary forms surveillance.

The emergence of the notion that information is a commodity has changed all this. In a capitalist society, where information/data has value, where the harvesting of such data can produce profit, corporations are obliged to seek out that commodity, secure it and draw profit from it. Any effort to inhibit this will surely be resisted, both by the corporations themselves, and their allies in the political elite (particularly on the right of course). It is simply not possible to imagine a situation where the current environment is over-turned. Pandora’s box has been opened, there is no way we are going to be able to put everything back inside. Corporate surveillance is, therefore, a permanent state of affairs. It will never face the legislative restrictions that wiretapping faced in the last century. No, it is a permanent fixture because a commodity that drives profit will not ever be restricted so long as capitalist orthodoxy is dominant. Therefore, in a state in which data flows between the state and corporate bodies, it is hard to imagine that surveillance in a capitalist society can ever truly be curtailed.

We may well be able to limit the extent to which the state directly collects data on individuals, but will we ever really halt access to data that we have voluntarily surrendered to profit-making entities on the internet? Is it possible to prevent this in a capitalist society? It seems to me that it probably isn’t. Whilst a large state society results in intrusive state surveillance, surely a free market, “libertarian” society would result in wide scale corporate surveillance (under the guise of being voluntary…”voluntary” being a notion to which right-libertarians have a liberal interpretation)? And as we edge towards an extreme free-market state, won’t such surveillance become permanent and inescapable? Perhaps, under capitalism, corporate surveillance is here to stay?

Surveillance, libraries and digital inclusion


Librarians have a key role to playing in terms of digital inclusion and protecting intellectual privacy. [Image c/o Duca di Spinaci on Flickr – CC-BY-NC license]

Towards the end of last year, I was privileged to be invited to talk at CILIP’s Multimedia Information and Technology (MmIT) Group AGM about digital inclusion as a representative of the Radical Librarians Collective (see the presentation below – which includes a list of recommended reading!). The invitation was well timed in terms of coming up with a focus for my talk as I have spent the best part of 5 months working on a journal article for the Journal of Radical Librarianship on the digital divide (which, pending peer review, will hopefully be published in the early part of this year). Specifically, I’ve been interested in looking at digital inclusion from a slightly different angle, that of the divide in terms of state and corporate surveillance.

As followers of this blog will know, I’ve been talking about surveillance and the Snowden revelations for some time now. Concerned about the gathering of information about us, whilst the state seeks to limit the amount of information we obtain about them, I’ve mainly been focused on the impact this has in terms of our democratic processes. However, since the emergence of the Library Freedom Project (founded by the awesome Alison Macrina), I’ve been increasingly interested in the role that libraries and librarianship has to play in this area. It seems to me, that the disclosures have to expand the terms by which we define what the digital divide is. Whilst there has always been a focus on access, and on skills, there must be greater attention on what people actually do online and, furthermore, the extent to which individuals are able to act freely in terms of seeking information.

Being able to seek out information that offers alternatives to the status quo (indeed, not just “offers” but challenges) is vital in a democratic society. Without the ability to seek out and understand alternatives, it is hard to accept that our society can possibly be described as “democratic”. What is clear from Snowden’s disclosures is that the ability to seek out information and communicate with others whilst ensuring your intellectual privacy is increasingly difficult. Difficult unless you have the skills and knowledge with which to defend your intellectual privacy.

I tend to think that I am fairly skilled in terms of using the internet. I can seek out information quickly and efficiently, I can provide assistance for others, I am fairly innovative in the ways in which I use certain online services. What I lack, however, is the skills necessary to really ensure my intellectual privacy, to defend myself against state or corporate surveillance. I have some skills, I have some basic knowledge, but I don’t know how to protect myself fully. And yet I consider myself reasonably skilled. What about those that have difficulties in using the internet in a basic way? What about those that struggle to do the things that I take for granted? Aren’t they even more exposed to state and corporate surveillance? Isn’t their intellectual privacy even more under threat? Surveillance tends to affect the most disadvantaged to the greatest extent, is intellectual privacy something only for the privileged?

I don’t want to get into this even further here (wait for the longer version!), but I do think there are issues here about the nature of the digital divide and how we should view digital inclusion post-Snowden. There was a time when it was considered fanciful that librarians could even consider to provide the sort of skills that the state may see as a threat to the status quo. However, the efforts by the Library Freedom Project in the United States underlines that this is no longer the case. If librarians in the United States, the home of the NSA, can help people defend their intellectual privacy, why can’t we do the same in the United Kingdom? I’m not suggesting that we can collectively as a profession start setting up Tor nodes in libraries or teaching people how to use encryption technologies, but we need to have the debate about how we ensure the intellectual privacy of everyone in our society, not just the privileged few.

CILIP’s Ethical principles for library and information professionals states that we must have a:

“Commitment to the defence, and the advancement, of access to information, ideas and works of the imagination.

If we are to defend and advance that access to information then we must, in my mind, do whatever we can to defend the intellectual privacy of everyone.

You can also download a PDF version of this presentation here [PDF – 6.29MB].

Recommended Reading

Coustick-Deal, R. (2015). Responding to “Nothing to hide, Nothing to fear”. Open Rights Group.
Gallagher, R. (2015). From Radio to Porn, British Spies Track Web Users’ Online Identities. The Intercept.
Murray, A. (2015). Finding Proportionality in Surveillance Laws. Paul Bernal’s Blog.
Richards, N. M., (2008). Intellectual Privacy. Texas Law Review, Vol. 87.
Shubber, K. (2013). A simple guide to GCHQ’s internet surveillance
programme Tempora. Wired.
@thegrugq. Short guide to better information security.
@thegrugq (2015). Operational Telegram.
Whitten, A. & Tygar, J.D. (1999). Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0.

Library Freedom Project. Privacy toolkit for librarians.
Let’s Encrypt.
Electronic Frontier Foundation
Digital Citizenship and Surveillance Society
Surveillance & Society (OA journal).
The Digital Divide in the post-Snowden era (a micro-blog curating interesting links and resources – by me!)

Why are Barclays in our libraries?

In many respects, having a pop at the banks is a bit of a case of “low hanging fruit”…but in the case of Barclays and their supposed altruistic effort to boost the digital skills of the nation, sometimes that low hanging fruit is too tempting to ignore. And when that fruit is also a fruit that compromises the library service and the profession to which I belong, then that fruit needs picking and crushing. I think I may have hit a metaphorical dead end, so let’s move on – what exactly is my beef?

Concerns have been raised about the relationship between public libraries (which don’t have a profit motive because they provide a social good) and Barclays (which does have a profit motive and, well, social good…hmm) for some time now. The main cause for concern? The invasion of a public space by a corporate entity providing a service traditionally delivered by library staff (in one form or another). Of course, once a corporate entity (driven by profit) enters a public space, that public space has been corrupted. It’s no longer a public space, but an “opportunity” for corporate enterprises to exploit (because they are driven by profit and are answerable to shareholders). The decision, therefore, to allow Barclays to use a public space to “help” the community seemed a little bit out of kilter with what we would ordinarily expert in the delivery of public library services.

What do Barclays actually do?

Well, I’ll hold my hands up and say I’ve not experienced it first hand, so all I have to go on is whatever information is in the public domain. A quick glance of their website gives a fair indication of the kind of support they provide. For example, they help people set up email accounts. Great. Email is a great way to connect people at great distance, particularly useful for those who have relatives far afield and are unable to visit. So what email services to they advise? Well, this is hardly going to come as a surprise: Google, Yahoo! and Microsoft. Brilliant. All of which rely on, you guessed it, advertising (and have generally not been too great when it comes to privacy see here, here and here – the last one is really interesting, check it out…then never ever use Outlook for personal email). And the way the advertising works is particularly interesting…

On their website, Google explain how ads are delivered to your inbox:

We are always looking for more ways to deliver you the most useful and relevant ads – for example, we may use your Google search queries on the Web, the sites you visit, Google Profile, +1’s and other Google Account information to show you more relevant ads in Gmail.

Handily, Barclays also have a load of useful resources on their website, including how to create an email account. Which handily seems to favour Google. So, get email guidance from Barclays, create a Google account, login, head to the Barclays website for more hints and tips and VOILA!, Barclays advertising direct to your inbox. Nice one Barclays. You’ve found a way to drive up online advertising direct to customers and potential customers without having to worry about a large advertising spend, all the while appearing as if you are simply trying to help people for no other reason than to provide a social good.

Of course, much of this is speculation given I’ve not actually experienced the delivery of their support. Maybe they never introduce them to the materials they have on their website. But it seems hard to believe that people would receive help from a Barclays Digital Eagle to create an email account then never visit the Barclays website ever again, or indeed manage to have help from a Barclays Digital Eagle without ever being aware that they also offer advice online. Can we seriously believe that they do not mention Barclays at all to library users? Or mention the fact that they are Digital Eagles? Do they really just sit in the library as a member of staff, never revealing anything at all about the company that employs them? Well, it seems that some library leaders believe that this is exactly the case…

Capitalism is neutral

Having a pootle around the Libraries Taskforce website (fascinating stuff, watch how many times they mention “business” in their various materials), I was interested to see an article by Nick Stopforth on the Barclays/public library initiative which was…er…interesting. Here’s his take on the partnership:

“These initiatives will not achieve their aims – to increase digital participation, skills and confidence – to best effect in isolation. We will see more people supported more effectively and with greater reach by working out new connections, new opportunities, and being entrepreneurial and opportunistic. Library services will have to be as customer focussed and facilitative as always, but also more corporate, and with appropriate risk management in place.”

Oh dear…

“To reassure stakeholders and customers who will understandably have a view that all off this sounds to be contrary to the ethos of library services to provide free and neutral public spaces, there is no hard sell (or even soft sell) from the Digital Inclusion Stakeholder partners in libraries.”

So they never once mention the materials on the Barclays website, never direct them there, never inform them of the support materials they provide, never mention that they are Digital Eagles (which may prompt an online search on one of their recommended search engines)? Never? At all? Not once? Ok…

So I think that we have a choice – our corporate partners could provide those free, neutral digital skills support hours in other venues, or they could provide the support in libraries.

“Neutral digital skills”? NEUTRAL. Let’s have a look at the services they recommend:

Email: Gmail, Yahoo!, Outlook.

Search engines: Google, Yahoo!

Setting up a community group: Facebook, Google, Yahoo!, social media.

Well, that all seems neutral. Recommending a series of services that monetise your data and help ensure targetted advertising. Surely if it was truly “neutral” you would also have things like Duck Duck Go for search engine, riseup for email, Tor for browsing, Crystal for ad blocking, Ghostery for tracking etc etc. Surely the recommendation of these services would be “neutral” (if we are to accept the premise that that is even a thing), not the promotion of services that, ultimately, lead to the delivery of advertising direct to the user? Encouraging the surrendering of personal data to a large corporation for profit is not by any stretch of the imagination “neutral”. Nor is it in the best interests of users. Encouraging them to give up their data to drive the profits of large corporations is not what we should be about. We should be about protecting their personal data, ensuring that they aren’t a cash cow but a citizen seeking information and communicating with others securely, ensuring the protection of their intellectual privacy.

The choice should not be “either they deliver those services in competition with us or we incorporate them”. The choice should be whether we seek to deliver a service that ensures people connect online and use the internet freely without surrendering their personal data or whether we just ask as a conduit for the profit motive of private enterprise (or “neutrality” as it now appears to be dubbed). The latter, for me, should never be central to the mission of the public library service. It’s saddening that we have allowed the supposed threats to our future force us to become a service geared to the benefit of large corporations, rather than asserting our confidence as a public service providing a common good.

The Snowden revelations had nothing to do with Paris


Mass surveillance is simply about control, we should resist the calls to permit mass surveillance by our intelligence agencies. (Image c/o Frederico Cintra on Flickr used under CC-BY)

Encryption. It’s the weapon of choice for terrorist communications. At least, that’s what they say. Within days of the attack, the director of the CIA, John Brennan, complained about the hand-wringing over mass surveillance and claimed that the Snowden revelations about intelligence gathering had made it harder to identify figures involved in Islamic State. This was followed by FBI Director James Comey calling for “access to encrypted data” to detect terrorist threats. With the government’s attempts to legalise mass surveillance via the investigatory powers bill, the use of encryption technologies is once again on the agenda.

And yet…

In the wake of Paris it does not appear that encryption technologies were used by the terrorists in planning and organising the events that took place last week. Reports on Wednesday suggested that rather than using complex encryption technologies, the terrorists were simply communicating using SMS. Alongside the fact that at least one of the individuals was known to the intelligence agencies, it’s not clear what difference either mass surveillance or the beloved (and non-sensical) back-door to encryption would have made in this particular case.

This notion that encryption technologies provides a safe space for terrorists to plan their activities doesn’t hold up to much scrutiny. Of course Snowden gets the blame, he’s a “traitor” to the US specifically and the West in general (how dare a whistle-blower reveal that states are monitoring the internet activities of all their citizens), but there’s scant evidence that his revelations have made any difference at all. Much less that they have endangered anyone in any Western state.

A report recently published by Flashlight underlines the extent to which any suggestion by politicians, or intelligence agencies, that Snowden’s revelations have forced terrorists to adapt their communications strategies is complete garbage. Dedicated to gathering intelligence about online communities in the “deep and dark web”, they recently produced a report that suggests the Snowden revelations have had a limited impact. The primary findings from the report include:

  • The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden.


  • Well prior to Edward Snowden, online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them. As a result, the Snowden revelations likely merely confirmed the suspicions of many of these actors, the more advanced of which were already making use of – and developing –secure communications software.

The second of these is so obvious, it seems bizarre that it needs to be stated. Of course terrorists would have been aware that intelligence agencies would be attempting to monitor them and of course they would have been taking precautions. The Snowden revelations merely confirmed what they already suspected and, ultimately, reinforced that they were correct to make use of secure communications software.

This understanding of the use of encryption software by terrorists is not new. Before the Snowden revelations, in 2008, it was noted that encryption technologies were no more frequently used by terrorists than by the general population. Furthermore, that encryption technologies were more frequently discussed by intelligence agencies rather than by terrorists, primarily because of it is more “technically challenging” and therefore less appealing to use. Those that were technically able were, of course, would clearly have been using the technology back in 2008 – long before the Snowden revelations. If researchers were writing papers on the use of encryption technologies back in 2008, then of course terrorists who were seeking to hide their activities from the state would also be aware of the existence of such technologies. It would be breath-takingly naïve to believe that they weren’t aware of such technologies pre-Snowden. And no-one could reasonable accuse intelligence agencies of being naïve. They know that this is the case, but the political urge for mass surveillance is so strong, the will to talk up the threat of encryption technologies is so tempting and the desire to prevent future whistle-blowers revealing the undemocratic activities of the state, that of course they will link any terrorist attack to the information revealed by Snowden.

What we need to remember is that this is part and parcel of an effort to make Western democratic societies accept the need for mass surveillance. The facts don’t support it, but the desire to create a state in which everyone is monitored ultimately leads to a disciplined populace more easily controlled by the state (see Foucault). Encryption isn’t the problem. Mass surveillance isn’t the answer. As Paris showed, the information was there, the clues were present…mass surveillance or back doors to encryption wouldn’t have made one iota of difference in terms of the tragedy in Paris. As politicians and ignorant political commentators talk up the need for mass surveillance, we must not forget that one simple fact.

Surveillance, freedom, Tor and libraries

Surveillance inhibits intellectual freedom.

The internet has brought new threats to intellectual freedoms…what can librarians do? (Image c/o Amélien Bayle.

For some time now I’ve followed (and admired greatly) the work of Alison Macrina and the Library Freedom Project (LFP) in the United States. Teaching citizens how to protect themselves from surveillance (both state and corporate) seems to me to be a fundamental role for librarians in a digital information society. Indeed, the International Federation of Library Associations and Institutions’ (IFLA) internet manifesto clearly states:

“Library and information services…have a responsibility to…strive to ensure the privacy of their users, and that the resources and services that they use remain confidential.”

In a post-Snowden world where state and corporate surveillance has merged as the internet has expanded, the principles of protecting privacy and ensuring intellectual freedom are more vital than ever.

Alison’s work has been particularly inspiring from afar due to the inherent difficulties of being able to deliver anything equivalent in UK public libraries. Whilst conducting the kind of work she does in the US is not without its hurdles, I tend to feel that the prospect of even offering the kind of support she provides would be impossible with our library and professional structures. I find it hard to conceive of a local authority permitting any kind of service that teaches citizens how to protect themselves online. Whilst libraries themselves are presented as “neutral” (despite the reality), they are delivered and sustained by political entities. Not only are they sustained by political entities, they are sustained by political entities that are broadly supportive of both the need for surveillance in the traditional sense (ie state) but also, due to the infection of neoliberal dogma, accepting of corporate data collection (corporate surveillance). In fact, considering recent developments, it would appear they are rather keen on using libraries as a mechanism to increase susceptibility to corporate data collection.

The recent announcement of a partnership between BT and Barclays in public libraries demonstrates how far we are from being able to provide the kind of training that Alison can provide in the United States. Presented as a crucial weapon in the bid to close the digital divide, the government announced a pilot project whereby BT provide wifi in public libraries and Barclays, through their Digital Eagles scheme, provides “free technology advice”. Putting aside the very obvious concerns about private influence in a public service, it’s pretty clear that a scheme funded by Barclays will work in the interests of Barclays (and by extension, corporate interests in general). It goes without saying that the kind of training the Digital Eagles provides does nothing to protect the privacy of internet users. A flick through their various guides finds advocacy of Google and Yahoo! as “very reliable and easy to use” and the guide to online safety only provides the most basic of advice. If you want to learn about protecting yourself from corporate surveillance, surprise, surprise, a large bank is probably not going to offer a solution.

That’s how far away we are, in one of the most surveilled countries in the world, from being able to provide citizens with protection from state-corporate surveillance infrastructures. Rather than protecting people from such surveillance, we are partnering up with private companies who seek to benefit from the data collection opportunities the internet provides. We’re not so much protecting citizens from data collection, but encouraging greater data collection.

Of course, efforts by the LFP have not been without their own difficulties. Yesterday it emerged that the Department for Homeland Security contacted the police department in Lebanon, New Hampshire regarding Kilton Public Library becoming the first library in the country to become part of the anonymous Web surfing service Tor. Using the standard of trope that surveillance avoidance puts people in danger, the police applied pressure to ensure that the library pulled the plug on the project.

The ability to source and access information without restriction should be a core function of libraries. In a world of mass surveillance, a “chilling effect” inhibits our right to obtain information without fear. Tools such as Tor provide us with that freedom to seek out information without fear of state or corporate surveillance. This is a fundamental core concern of the librarianship profession, and it’s one that I think we have been slow (generally speaking) to address. Whether it be for fear of reprisals or lack of the requisite knowledge to provide this kind of support. The move by the Department for Homeland Security must be a concern for all of us, whether we reside in the US or not. If attempts to deliver projects that protect citizens from mass surveillance are shut down before they even get off the ground in the US, we can be assured that even attempting an equivalent in the UK would be impossible to get off the ground.

Ultimately, we are being pushed into a position that compromises the ethical underpinning of our profession. We know that seeking and obtaining information freely online is compromised due to a combination of state and corporate surveillance, and yet any attempt to protect our users to enable free and uninhibited access is shut down. So where do we go from here? Private tuition outside the confines of local government influence? Who knows. In the meantime, it’s vital to put pressure on the U.S. Department of Homeland Security and the local police department and assert that an attack on intellectual freedom in libraries should not be tolerated under any circumstances, not least on spurious grounds of security.

You can add your support here. Regardless of whether you are a US citizen or not, I’d urge you to sign. Intellectual freedom gets to the heart of our profession. When it is attacked, we are attacked.

Saving the Freedom of Information Act

Houses of Parliament (CC-BY)

Back in 2011, David Cameron announced that he was going to change the way government did business. No more hiding information away, making it difficult for people to retrieve. Instead, in an article published in the Telegraph, Cameron highlighted the importance of transparency at the heart of government. Information, said Cameron, “lets people hold the powerful to account” and, as a result, there needed to be more transparency about the workings of government. As Francis Maude, then Minister for the Cabinet Office, underlined, the “ambition [was] to make the UK the most transparent and accountable Government in the world“.

With such high words about the importance of transparency at the heart of government, it seems somewhat surprising (well, not that surprising) that Cameron’s government has launched a review into the Freedom of Information Act, a review that seems pretty loaded to produce a particular outcome: a curtailing of the power of the Act (which is saying something given its current limitations). So much for people holding the powerful to account.

The problem is that Cameron always had a particular narrow definition of government transparency. In his 2011 Telegraph article, he makes it pretty clear what he means by transparency: publicly accessible datasets. Releasing datasets is fine, indeed it’s a much welcome move. Their release certainly offers a degree of transparency. But it is a limited degree of transparency. Datasets alone can only tell you so much, they offer a very superficial form of transparency: transparency without context. Datasets do no negate FoI, they make FoI even more important.

At the recent Radical Librarians Collective (RLC) gathering in Huddersfield we talked about conducting research and the importance of FoI in helping to extract information from public bodies. The Act is a valuable tool for activists, enabling them to obtain information that can help to reinforce their case. It’s something that I have found an effective tool as part of my involvement in Voices for the Library – obtaining valuable information about the delivery of public library services throughout the UK.

Whilst the Act is limited at present, it does offer an opportunity to obtain information that can, just maybe, instigate change. Further restrictions to the Act will significantly limit its effectiveness and, further, make the kind of research discussed at the RLC gathering virtually impossible, not to mention creating difficulties for activists more generally. As Cameron himself said, “information is power”. Without access to the kind of information held by public bodies, we do not have power and without power we cannot instigate change.

But what of the review? Well, the figures involved in the review process should cause alarm for those concerned with transparent governance. Jack Straw, for example, is a known critic of the Act previously arguing that there needed to be substantial changes to the Act due to the impact it was having on government. Another figure on the panel, Michael Howard, was the subject of a number of freedom of information requests in 2005 that led to 500 pages of internal files being released relating to “controversial issues” he dealt with as home secretary in the 1990s. It seems hard to believe that he will be a great fan of the Act. And yet another member of the panel, Lord Carlile of Berriew, is not a particular fan of government transparency. The peer argued in 2013 that The Guardian’s publication of “stolen state secrets” was a “criminal” act.

With such figures involved in the review, it seems clear that at the very least the Act will be significantly watered down. This is not a surprise, it took years to make such an Act a reality and it’s not for nothing that the United Kingdom is known as one of the most secretive states in the Western world (we do, after all, retain an Official Secrets Act). Indeed, it transpired a couple of weeks ago that the Ministry of Justice is consulting on the introduction of Tribunal fees – which will very likely have the same effect as the introduction of tribunal fees elsewhere (ie people won’t take decisions to tribunals, which of course means that the government and public bodies are likely to get away with withholding information).

Given the attack on a vital piece of legislation that plays a vital role in giving people the information they require to hold the government to account, what can be done to put pressure on the government and ensure that at the very least the Act survives in its current form (it certainly needs extending, but that seems highly unlikely at present – if not impossible under a Tory government)? I’d highly recommend checking out this blog post by Paul Gibbons,  a consultant and trainer in information rights and information management. I’d also urge you to support the Campaign for Freedom of Information as much as you possibly can. I was very privileged to be invited to their recent 30th anniversary celebrations and hearing about the work they have done and continue to do was incredibly inspiring. But they need support to carry that work forward, so if you can support the Campaign (either through donations or amplifying their work on social media) please do so. Do also see their “Stop FoI Restrictions” page. They deserve all the support they can get for their tireless efforts to ensure that we all have access to information from the state.

Transparency at the heart of government should be a concern of every citizen, but I believe that information professionals have a particular obligation to ensure that not only is the Act not watered down, but that we also work to strengthen it. Information is power. With a weakened Freedom of Information Act, our power is severely curtailed.