The debate over data privacy heated up this year when Apple refused access to the government for the cellphone records of the shooters in the San Bernardino attack. The debate about who should have access to private information is not new. Before the Apple case, there was Snowden. Before Snowden, there were librarians, specifically Connecticut librarians who came to be known as the Connecticut Four.
The Patriot Act became law a little more than a month after September 11, 2001. Among other things, the Patriot Act’s intent was to update wiretap and surveillance laws for the internet age, giving law enforcement greater authority to conduct searches of property, including library records. Within a few months, at least 85 libraries received government requests for patron records.
In 2005, an FBI agent presented a National Security Letter (NSL) to George Christian, Director of the Library Connection in Windsor, CT, a consortium of 27 libraries in Connecticut (Kent Memorial Library had left this consortium shortly before). The NSL asked for “any and all subscriber information, billing information and access logs of any person or entity” that had used computers between 4 p.m. and 4:45 p.m. on February 15, 2005, in all the consortium libraries. The demand was a “protection against international terrorism” with no probable cause or judicial oversight and equipped with a gag order. If Christian disclosed to any person that the FBI sought or obtained access to information or records, he could be imprisoned for up to five years. Once the agent left, Christian defied the gag order, and informed his lawyer and three librarians, members of his board.
NSLs, always with a gag order, were originally used in foreign intelligence surveillance to obtain phone, financial, and electronic records without court approval. Rarely employed until 2001, they exploded in number after the Patriot Act. In 2000, 8,500 NSLs were issued, but between 2003 and 2005 the FBI issued more than 143,000, but only one led to a conviction in a terrorism case.
Christian and the three librarians agreed to guard the confidentiality of library patrons and engaged the American Civil Liberties Union to challenge the NSL and gag order. Almost a year later the FBI dropped the lawsuit.
However, librarians across the nation did not drop it. Signs posted in libraries informed patrons that their privacy could not be guaranteed. New technologies to circumvent surveillance were invented. Library transactions once completed, were deleted. Patrons (and the government) could no longer see what book was checked out last week or ever, once the book was returned.
In 2015, the controversial provision of the Patriot Act which allowed the seizure of business (library) records expired. However, much of the Patriot Act remains and portions could be restored. Government surveillance is probably here to stay. All should learn how to keep private data private, if not from the government, at least safe from cyber thieves. When using a public computer use DuckDuckGo, a privacy-conscious alternative to Google. Switch to Firefox as a default browser in order to install privacy-protective extensions. There are a lot more tips. Use them. It’s getting serious out there.