A few months ago I was in a vendor presentation for a popular wifi company pitching an upgrade to their login interface. Most of it was pretty stock standard sales pitch and the interface was ten years too late but what made me pay attention was the mention of statistics. Part of this new interface allowed clients to login using their Twitter or Facebook profile, when I questioned this the vendor replied saying it allowed better data collection. Luckily (?), this is an option that can be turned on or off and clients could choose to access the wifi portal without having to login. Further questioning about the statistics package relieved that the vendor didn’t know where the data resided (with them or a 3rd party) and since the main selling point of the wifi package is that libraries have nothing to do with it, the data certainly doesn’t belong to us. We can of course access this data, pull huge amounts of information about our wifi clients and do what to them? Advertise to them!
A vendor was actually trying to sell advertising space to public librarians aimed at their clients. The scary thing was that several libraries had apparently already subscribed to the upgrade. Of course myself and colleagues interpreted ‘adverts’ as ‘promote free council events’ which is all we would want to do but the option for paid adverts was there. Was the data collected going to be passed on to advertisers or 3rd parties, the vendor couldn’t give me a good enough answer (by my high standard at least). At the end of the presentation the price for this new interface came up and it was revealed that even if we didn’t pay for it, the upgrade would probably happen anyway, except we wouldn’t get access to the data collected.
I haven’t been a fan of this particular wifi service for a long time. My argument is that public libraries have the infrastructure to do wifi themselves, plug an access point onto your public internet and away you go (it’s a little more complicated but that’s the basic gist). The library would own any data the client’s created using the AP and it wouldn’t cost any more than the current public internet fees. The outsourcing to a 3rd party provider is very attractive to ICT departments though (and many librarians). For a while I have been thinking that it would be good for libraries to run something like a ‘defence against the digital dark arts‘ workshop for our clients to protect them from (amongst others) our data collecting 3rd party providers, but that seems a little counter intuitive. Shouldn’t we be looking out for our clients, protecting them, at least a little? When did it get so bad that we have to teach our clients to protect themselves from us? We’re the trusted ones. Right? Would you log into your public wifi and conduct your banking or shopping or networking? If not why not, and what if that was all you had? Who would you trust to protect you then?