The first thing that many library eContent vendors require from our patrons is a working email address. To get an eBook, our patrons must sign up for an account, with their email addresses serving as the user name. In some cases, emails are sent to those addresses, requiring users to respond before the account is functional. A library card number is then additionally used for circulation of eContent.

We at ReadersFirst don’t take issue with email.  Libraries often ask for email addresses to let patrons know when holds are ready or items are due. In our case, however, mail or phone verification is also an option.  Email addresses are seldom required to use libraries.

Vendors might suggest that using email addresses is necessary for many reasons:

• An email address provides a unique identifying name, with no two users could having the same one
• Verifying an email address ensures that patrons are actual users and not spammers or spiders
• An email address helps vendors provide access to DRM protected content, such as ePub eBooks

We understand how email addresses work in these ways. We think, however, it’s time to investigate using patron library card numbers to establish eContent accounts.  There are many reasons why:

• Streamlined access: Could an account set up by library card number (and perhaps pin) verify against a library’s ILS upon sign in? Imagine providing access to patron accounts, checking out of new titles, returning currently held titles, or placing holds, all without need for typing in a library card number after signing in with email, or Facebook, or any other personal identifier.
• Privacy: Some patrons likely have no problem with providing their emails, nor with signing up for all email service and content updates from vendors. We have no issue with marketing, as long as our patrons get to make a choice about receiving it. Others, however, especially after last autumn’s revelations about Adobe Digital Editions relaying unencrypted information, might wish to have access to their library’s content without giving outside vendors their email addresses.  Shouldn’t it at least be an option for them?
• Foregrounding the library: We are giving access to materials that we, and our users, have purchased. Allowing the library card as an option to create accounts would remind our patrons that we, and not vendors, are their content provider.

We call upon vendors to experiment with us to allow the option of library card numbers serving as user IDs. Perhaps if a vendor has millions of users, some library card numbers would duplicate. We think this, and any other technical issue, can be overcome. It’s worth a try. What now, as for decades and even centuries, is the free resource that unlocks a world of content in every format? Why not the library card?    

On October 7, Nate Hoffelder, the editor of The Digital Reader blog reported that the newest version of the Adobe Digital Editions software (ADE 4) appears to be transmitting unencrypted data about eBooks back to Adobe's servers.

ADE is used to manage readers’ eBook collections, including eBooks borrowed from public libraries, and can be used to read eBooks on desktop and portable computers. A friend of Hoffelder’s discovered that ADE version 4 gathers and transmits data in plain text about eBooks that have been opened, which pages were read, and in what order. Hoffelder’s article includes samples of data captures and screenshots that seem to bear this out.

According to another source, this issue appears to only affect users who use ADE version 4 on a desktop or laptop computer for reading and managing eBooks ePub or PDF formats. Users of library vendors’ apps on portable devices do not seem to be affected. The Amazon Kindle suite (apps, readers, etc.) is not affected because Amazon uses proprietary DRM rather than Adobe software to manage eBooks.

Adobe confirmed that it is gathering eBook readers’ data and has issued a statement: “All information collected from the user is collected solely for purposes such as license validation and to facilitate the implementation of different licensing models by publishers. Additionally, this information is solely collected for the eBook currently being read by the user and not for any other eBook in the user’s library or read/available in any other reader. User privacy is very important to Adobe, and all data collection in Adobe Digital Editions is in line with the end user license agreement and the Adobe Privacy Policy.”

The American Library Association and its Library and Information Technology Association division have released a detailed statement exploring Adobe Digital Edition 4’s transmission of data and protesting Adobe’s current data collection practice, as well as noting the issues with related data collection practices among many other library vendors. ALA President Courtney Young has stated “ALA, and we hope the user and vendor community, will continue these inquiries and conversations—and not just for Adobe Digital Editions—to help ensure that only data necessary for user functionality are collected, are properly protected, are deleted as soon as possible, and licensing terms are as clear and transparent as possible.” In response, Adobe has indicated they “expect an update to be available no later than the week of October 20.”

ReadersFirst supports ALA’s position and makes the following specific requests of our members (indeed, all libraries) and vendors of library eBooks to protect the privacy of library eBook readers.

• As libraries, register your concerns with your vendors, asking them to advocate for library users; for vendors, support the requests of libraries to ensure the privacy of their users.
• Educate library staff about this breach of privacy so that they may inform and instruct concerned readers.
• Simply encrypting the data from plain text in ADE 4, but doing nothing else, is not enough; advise library customers to avoid ADE 4 until it is fixed to a standard acceptable to libraries, collecting only data absolutely essential to ensure the smooth operation of eBooks and ensuring that data related to individual users is never kept beyond the time users have their eBooks. If users recently updated their version of ADE to version 4, recommend that they download and install ADE version 3 to continue reading eBooks until these issues are resolved.

Library eBook vendors, and not just Adobe, should learn from this issue to develop library user accounts that require no personal information (including emails), relying only upon library barcodes for identification and authentication, and should require no other data from users beyond that which guarantees functionality. Should vendors wish to offer enhanced services dependent upon greater data collection, they should clearly indicate to library users what information will be collected and how it will be used, and allow users to opt out of any points not essential for authentication and fair use of library eContent. Data on circulated items should not be associated with individuals beyond the period during which the library user has the eContent. We recognize that library readers contracting with vendors agree to certain conditions, but their privacy should be respected and the use of their data disclosed.

ReadersFirst exists primarily to promote a smooth and trouble-free library eContent experience, but we join the rest of the library community in our shared concern about an unnecessary invasion of privacy that could have a chilling effect on the use of library ebook content.

For ReadersFirst Working Group,
Jim Loter, Seattle Public Library
Christina de Castell, Vancouver Public Library
Michael Blackwell, Columbus Metropolitan Library

Libraries agree on next steps to facilitate better e-book experiences for library users

The Leadership Group of the ReadersFirst initiative met with 30 representatives from organizations that license e-content and supply technical systems to libraries on January 28 at The Seattle Public Library, following the ALA Midwinter Conference. Members of ReadersFirst – an international coalition of over 225 library systems cooperating to improve the electronic lending experience – highlighted their concerns around issues with e-book access, which make it difficult for library users to quickly and easily find and check out e-books or read them on multiple devices. Representatives from several library systems facilitated the event and participated in the conversation, including Brooklyn Public Library, Douglas County Libraries, Los Angeles Public Library, The New York Public Library, Ottawa Public Library (Canada), Queens Library, Salt Lake City Public Library, The Seattle Public Library, and Vancouver Public Library (Canada). Participating vendor organizations included Axis 360, OverDrive, and SirsiDynix. The group discussed the four primary ReadersFirst principles that members hope will advance a more seamless and less complicated electronic lending experience. The details of the principles can be found at www.readersfirst.org. “We look forward to continuing conversations about ReadersFirst with library vendors, where constructive dialogue will help us work together towards great e-book experiences for our readers,” said Christina de Castell from Vancouver Public Library on behalf of the ReadersFirst Leadership Group. Vendors were invited to describe steps they could take to respond to these principles and what key obstacles they might face. Andrew Pace, Executive Director of Networked Library Services at OCLC remarked, “There aren’t enough opportunities like this in the library field, so it was refreshing to engage directly with libraries around requirements that will improve the entire library, publisher, service provider ecosystem. We’ve found at OCLC that this leads to the best overall service delivery.” Many vendor representatives in attendance contributed to the conversation, discussing their efforts to build feature-rich products, and noting that these experiments drive innovation and market growth. Vendors also highlighted that terms and conditions set by content providers makes it difficult to provide single solutions. During the roundtable, member libraries were asked by vendors to prioritize their development requirements, work with vendors to establish measurable outcomes related to digital content integration, and vote “with their wallets” to purchase the best product available as a way to advance ReadersFirst’s goals At the request of the vendors, the Leadership Group will set priorities about desired changes they wish vendors to act on. The group will also publish a document in the coming weeks that will apply the ReadersFirst principles to vendor products in an effort to continue the conversation with the e-content distributors.

### About ReadersFirst: ReadersFirst is an international group representing over 225 library systems and 182 million readers. ReadersFirst was founded to bring together libraries that are interested in improving e-book access for public library users.

The Leadership Group Roster as of 2/1/13:

Amy Calhoun, Sacramento Public Library
Art Brodsky, Montgomery County Public Libraries
Carol Frost, Santa Clara County Library
Christina de Castell, Vancouver Public Library
Christopher Platt, New York Public Library
Jamie LaRue, Douglas County Libraries
Jean Hofacket, Alameda County Library
Jennifer Pearson, OCLC
Jennifer Stirling, Ottawa Public Library
Jim Loter, Seattle Public Library
Julianne Hancock, Salt Lake City Public Library
Kelvin Watson, Queens Library
Ken Roberts, CULC
Kim Fender, Public Library of Cincinnati and Hamilton County
Mana Tominaga, San José Public Library
Marylouise Daneri, Montgomery County Public Libraries
Megan Wong, Santa Clara County Library
Melissa A. DeWild, Kent District Library
Micah May, New York Public Library
Michael Ciccone, Hamilton Public Library
Michael Colford, Boston Public Library
Michael Santangelo, Brooklyn Public Library
Parker Hamilton, Montgomery County Public Libraries
Paul Whitney, IFLA
Peggy Murphy, Los Angeles Public Library
Sari Feldman, Cuyahoga County Public Library
Stuart Hamilton, IFLA
Susan Broman, County of Los Angeles Public Library
Tom Galante, Queens Library

We have been working to translate the ReadersFirst Principles into Technical Requirements for e-content distributors. This document will continue to evolve through discussions with the ReadersFirst membership as well as vendors. Read the latest draft of the Content Access Requirements Document.