All posts by griffey

Beware Library Cobras…

This post is a short excerpt from my upcoming Library Technology Report on Smart Buildings. I’m just returning from attending LITA Forum 2017, and had a fantastic experience. My one disappointment was in the lack of problematization of data collection, retention, and analysis…especially as it relates to the “Internet of Things” and the coming flood of data from IoT.

This excerpt contains no solutions, only questions, concerns, and possible directions. If anyone has thoughts or would like to start a dialogue about these issues, I’d love to talk. The full Library Technology Report on Smart Libraries will be published by ALA TechSource in the next few months.


The end-game of the Internet of Things is that computing power and connectivity is so cheap that it is literally in every object manufactured. Literally everything will have the ability to be “smart”; Every chair, every table, every book, every pencil, every piece of clothing, every disposable coffee cup. Eventually the expectation will be that objects in the world know where they are and are trackable and/or addressable in some way. The way we interact with objects will likely change as a result, and our understanding of things in our spaces will become far more nuanced and details than now.

For example, once the marginal cost of sensors drops below the average cost for human-powered shelf-reading, it becomes an easy decision to sprinkle magic connectivity sensors over our books, making each of them a sensor and an agent of data collecting. Imagine, at any time, being able to query your entire collection for mis-shelved objects. Each book will be able to communicate with each book around it, with the wifi basestations in the building, with the shelves, and be able to know when they are out of place. Even more radical, maybe the entire concept of place falls away, because the book (or other object) will be able to tell the patron where it is, no matter where it happens to be shelved in the building. Ask for a book, and it will be able to not only tell you where it is, it can mesh with all the other books to lead you to it. No more “lost books” for patrons, since they will be able to look on a map and see where the book is in their house, and have it reveal itself via an augmented reality overlay for their phone.

The world of data that will be available to us in 10-20 years will be as large as we wish it to be. In fact, it may be too large for us to directly make sense of it all. My guess is that we will need to use machine learning systems to sort through the enormous mounds of data and help us understand the patterns and links between different points of data. The advantage is that if we can sort and analyze it appropriately, the data will be able to answer many, many questions about our spaces that we’ve not even dreamed of yet, hopefully allowing the designing of better, more effective and useful spaces for our patrons.

At the same time, we need to be wary of falling into measurements becoming targets. I opened the larger Report with Goodhart’s Law, credited to economist Charles Goodhart and phrased by Mary Strathern, “When a measure becomes a target, it ceases to be a good measure.” We can see this over and over, not just in libraries, but in any organization. An organization will optimize around the measures that it is rewarded by, often to negative effects in other areas. This is captured in the idea of perverse incentives, where an organization rewards the achievement of an assessment, only to realize that the achievement undermines the original goal. The classic example of this is known colloquially as the “Cobra effect”, named after the probably-apocryphal story of the British colonizers in India rewarding citizens for bringing in dead cobras in an attempt to control their deadly numbers in cities. Of course, the clever people of India were then incentivized to breed cobras in secret, in order to maximize their profits….

Libraries should be wary of the data they gather, especially as we move into the next decade or two of technological development. The combination of data being toxic to the privacy of our patrons and the risks of perverse incentives affecting decisions because of measure’s becoming targets is actively dangerous to libraries. Libraries that wish to implement a data-heavy decision making or planning process need to be extraordinarily aware of these risks, both acute and chronic. I believe strongly in the power of data analysis to build a better future for libraries and our patrons. But used poorly or unthoughtfully, and the data we choose to collect could be secretly breeding own set of cobras.

About FaceID

I’ve seen the hottest of terrible hot-takes over the last couple of days about Apple’s announcement this past Tuesday (although leaked a few days before) that their new flagship iPhone, the iPhone X, will use a biometric system involving facial identification as the secure authentication mechanism for the phone. No more TouchID, which uses your fingerprint as your “key” to unlock the phone, we are now in the world of FaceID.

Let’s get this out of the way early in this essay: biometrics are for convenience, passcodes are for security. This doesn’t mean that biometrics aren’t secure, but they are secure in a different way, against different threats, for different reasons. The swap of FaceID for TouchID does nothing to lessen the security of your device, nor does it somehow given law enforcement or government actors increased magical access to the information on your phone.

You’d have thought, from the crazed reactions I’ve seen on Twitter and in the media, that Apple had somehow neglected to think of all of the most obvious ways this can be cheated.

 

and my personal favorite

The Wired article above, by Jake Laperuque, includes the breathless passage:

And this could in theory make Apple an irresistible target for a new type of mass surveillance order. The government could issue an order to Apple with a set of targets and instructions to scan iPhones, iPads, and Macs to search for specific targets based on FaceID, and then provide the government with those targets’ location based on the GPS data of devices’ that receive a match.

If we’re throwing out possibilities…any smartphone could do that right now based on photo libraries. If there was a legal order to do so. And IF the technology company in question (either Google or Apple, if we’re sticking to mobile phones as the vector) did indeed build that functionality (which would take a long, long time) and then did employ it on their millions and millions of phones (also: long time), it would involve an enormous amount of engineering resources. Coordination of the “real” target vs family members who just happened to have photos on their phones of Target X should be fairly easy to do via behavioral profiling and secondary image analysis.

But that, like the FaceID supposition above, is bonkers to believe. If anything, FaceID is more secure in every way than the equivalent attack via standard photo libraries. If a nation-state with the power to compel Apple or Google into doing something this complicated and strange really wanted to know where you were…they wouldn’t need Apple or Google’s help to do so.

The truth of the matter is that FaceID is no less secure than the systems we have now on Apple devices (here I am not including Android devices as there are simply too many hardware makers to be certain of the security). TouchID, the fingerprint authentication process that is available for use on every current iPhone (and the new iPhone 8 and 8 plus), every current iPad, and multiple models of MacBook, uses your fingerprint as the “key” to a hash that is stored on a hardware chip known as the Secure Enclave on the phone. When you place your finger on the TouchID sensor, it isn’t taking a picture of your print, or storing your print in any way. The information that is stored in the Secure Enclave isn’t retrievable by anything except your phone. Your fingerprints aren’t being stored at Apple Headquarters on some server. There is no “master database” of the fingerprints of all iPhone users. The authentication is entirely local, as witnessed by the fact that you have to enroll your print on every iOs device separately.

FaceID appears to be exactly the same setup, with exactly the same security oversight as TouchID. It’s entirely local to the phone, and all of the information (a “hash” of information about your face…it’s really not fair to call it a “picture”) is stored on the Secure Enclave within the iPhone. We haven’t seen the full security report on FaceID and iOS 11 yet, but I am certain it will be available soon (iOS 10 and TouchID is available here). Given the other well-considered aspects of security on iOS 11 that we have seen, such as requiring a passcode before trusting an untrusted computer, I am confident that iOS 11 and FaceID will be at least as secure as their previous iterations.

Is it possible that Apple, the most valuable technology company in the world in large part due to their ability to develop hardware and software in concert with each other, completely missed something in making FaceID? Of course it’s possible. But all of the ways that technology of this sort has failed from other companies (racial bias, poor security models, data leakage) have not yet been true for TouchID. I do not believe they will be true for FaceID either.

Even setting aside the purely technical aspects, legally there is no difference in the risks of using FaceID over using TouchID. In the tweet above about police holding your phone up to your face to unlock it, it would be important to note that they can compel a fingerprint now. It is entirely legal (with a lot of “if”s and “but”s) for a police officer to force your finger onto your phone to unlock it. No warrant is necessary for that to happen. FaceID is exactly the same, as far as legal allowances and burden of proof and such, as TouchID is now. In the case of preventing law enforcement access to your phone, the only answer is a strong password and your refusal to give it to someone.

It isn’t clear to me if FaceID is going to be a good user experience…without devices in user’s hands, we have no idea. But the knee-jerk response that somehow Apple is building a massive catalog of faces is neither true, nor possible given the architectures of their hardware and software.

This isn’t to say that there isn’t some real danger somewhere:

I think Zeynep has this (as most things) exactly right. This technical implementation is really quite good. The normalization of the technology in our culture may well not be…but this is why I am so vehement about defending this positive implementation as positive. Let Apple’s method of doing this be the baseline, the absolute minimum amount of care and thought that we will accept for a system that watches us. They are doing it well and thoughtfully, so let’s understand that and not let anyone else do it poorly. And for goodness sake don’t cry wolf when technologies understand their risks and are built securely. Because just like the story, when the real wolves show up, it will be that much harder for those of us paying attention to raise the alarm.

EDIT: After writing this entire thing, I found Troy Hunt’s excellent analysis, which says many of these same things in a much better way than I. Go read that if you want further explication of my take on this, as I agree with his essay entirely.

Monoprice Mini Delta 3D Printer

The world of low-price 3D printing has been upended by Monoprice over the last several months. They’ve launched a handful of very inexpensive but well-reviewed printers at price points that basically no other manufacturer can touch.

Their latest printer, the Monoprice Mini Delta was launched earlier this year on Indiegogo, and I just received one of them. It’s a very small delta style 3D printer that’s rated to handle ABS and PLA. It has a heated bed, and more importantly, an auto-leveling feature, even if the build volume is only 120mm x 120mm (Delta printers have circular beds, which makes the bed size a diameter rather than an X/Y plane measurement). It even has wifi built in, so that prints can be sent wirelessly.

Did I mention that the printer is rumored to cost only $149? Fully assembled, ready to go out of the box.  They haven’t publicly announced retail pricing yet, but it looks like they are aiming at a $149 as the price, which will make this an amazing deal.

Even $149 is still a fair amount of money for many people, but relative to other 3D printers it is an amazing entry-level price.  For that price, you don’t get the long-term reliability of something like a Lulzbot Mini…the Monoprice Mini Delta is all metal, but is clearly not as well-built as more expensive printers. The tech support alone is going to be far, far less competent that companies that specialize in 3D printing. It’s louder, it rattles a bit, the fit and finish isn’t perfect. But in my testing, the quality of the prints it is putting out for me is much higher than one might expect given the price point.

I’ve printed a couple of Benchys at different orientations, and they have all been well within my expectations for accuracy.

All in all, this is a heck of a printer for the price. The reports online are that Monoprice is having a few issues with first-round production errors…bad control boards mostly. Those are being fixed with new machines immediately, though, so it looks like they are handling the launch and initial support problems fairly well.

I’m not yet certain if I’d recommend the Monoprice Delta Mini to libraries, as I haven’t had time to put hours and hour of printing on the thing to test its reliability. Given the overall build quality, I’m betting that this printer will need a bit of attention to keep running smoothly, which is something that libraries often can’t take the time to do. For libraries, I still recommend going with proven workhorses like the Lulzbot Mini as an entry level printer, or the Taz 6 as a high-end production machine. Even though the Delta Mini is almost 1/10th of the price of the Lulzbot Mini, I’m not convinced it’ll last 10 times as long, or print reliably 10 times as often.

What I would do is recommend the Delta Mini to librarians who are interested in playing around with the technology without a huge investment. For $150, you can have your own 3D printer to play with sitting on your desk at home….one that takes up about as much space as a large houseplant. This is the perfect sort of printer for individuals that just want to play around with printing things for the house, or their kids.

It has definitely made me set up and take notice of what Monoprice is doing in this space. I expect we’ll keep hearing from them over the next year or so with bargain-basement prices on interesting hardware. I’ll keep my eyes out.

3D Printers for Libraries, 2017 Edition

Back in 2014, I wrote a Library Technology Report for ALA entitled 3D Printers for Libraries (Creative Commons licensed version found can be found here). In the past 3 years, much has changed in the world of 3D printing: they exploded across libraryland, became cheaper and more useful, and the number of printer makers has grown like mad. So when ALA asked if I’d update the LTR for 2017, I said yes.

In it, I cover many of the changes in the 3D printing landscape, including the huge variety of new filaments and their properties. Tons of new printers, new types of control software that’s emerged since the last Report, and lots more that can help inform libraries and librarians about the possibilities for 3D printers in 2017.

I hope people find it useful and informative!

Berkman Klein Center Affiliate 2017-2018

I am honored to be included in the list of 2017-2018 Berkman Klein community members. This group of scholars, researchers, legal experts, technologists, information specialists, and more inspire me every year, and I can’t wait to meet the newest class. Here’s hoping I can continue to be worthy of inclusion in this fantastic community…the things I’ve learned over the last two years makes me incredibly excited for what’s to come in year three.

Measure the Future project goes Public Beta

Over on the Measure the Future project blog, I posted about going formally into public beta. I’m very proud of the work that’s been done to get the project to this point. I couldn’t have gotten this far without help from so many people, including especially the Alpha testers and the development team (Clinton Freeman, you’re a miracle worker). Here’s an excerpt from the longer post over on the MtF blog:

Measure the Future is also adding additional locations for installs with a new round of 4 Beta partner libraries. These additional locations (announcement soon on who those are) will give us even more feedback and will work with us to determine the best way to present this new type of library usage data. We will be answering the questions that our Beta partners want answered, so if you have questions you want our help with, please let us know. We have room for a couple more libraries in our Beta testing, and would love to work with you.

The big development goal for our Beta period is the move from local visualization of activity and attention in library spaces to a cloud-based portal that will allow for much richer visualizations. We are dedicated to making this move from local-to-cloud as privacy-focused and security-aware as possible, and so we will be taking great care in how we move forward.

Head over to read the full announcement, and visit Measure the Future to see all the code, instructions, and more that we released this weekend. There’s more to come, including a walk-though of a setup as soon as I can get some video and screen recordings together.

Personal International Infosec

This year I have a small number of international speaking engagements, and I just returned from the first of those in 2017…which means it was the first since the recent spat of increased DHS and Customs enforcement. It was also my first trip to a Muslim-majority country, and while not one on the magic list, it still made me consider my re-entry into the US and the possible attention therein. These things combined to make me far more attentive to and aware of my personal information security (infosec) than every before. This post will be an attempt to catalog the choices I made and the process I used, as well as details of what actual technological precautions I took prior to leaving and when actively crossing the border.

This trip was to the SLA Arabian Gulf Library Conference, held this year in Manama, Bahrain, where I was on a panel discussing future tech. This means flying internationally through a major city, which for me meant flights from Nashville to JFK to Doha International Airport in Qatar, then finally to Manama, Bahrain. The return was was the same, with the exception of flying back into the US via O’Hare in Chicago rather than JFK. This meant crossing into at least 2 foreign countries physically on each leg of the trip, although in Qatar I remained in the international section of the airport and didn’t go through customs and enter the country proper. Still, there were LOTS of checkpoints, which meant lots of potential checks of my luggage and technology.

Threat Model

What was my concern, and why was I thinking so hard about this prior to the trip? After all, I’m a law-abiding US citizen, and as the saying goes, if you’ve nothing to hide, why worry? First off, the “if you’ve nothing to hide” argument is dismissible, especially given the last 6 weeks of evidence of harassment and aggression at the US border. I am a citizen of the US, but I have also been very outspoken online regarding my feelings for the actions of the current administration. On top of that, information security isn’t just about the individual…it’s about everyone I’ve exchanged email with, texted, messaged on Facebook, sent a Twitter DM, and the like….the total extent of my communications and connections could, if dumped to DHS computers, theoretically harm someone that isn’t me, and that was not ok in my book. A primary goal was to prevent any data about my communications or contacts from being obtained by DHS.

DHS and Border Control has very, very broad powers when it comes to searching electronic devices at the border. I was not certain of the power granted to Border Agents in Qatar and Bahrain, but my working assumption was they had at least the powers that the US Agents did. I also assumed that the US agents would probably have better technological tools for intrusion, so if I could protect my data against that threat, I was safe for the other locations as well.

A secondary goal in my particular model was to attempt to limit the possibility for delay in my travels. If I could comply with requests up to a certain point without breaking my primary goal of data protection, that would likely result in less delay. When considering these levels of access, I thought about questions like: could I power on my devices without any data leakage? Could I unlock my devices if requested and allow the Agent to handle my phone, for instance, without risking data leakage? Could I answer questions about my device and the apps on it (or other apps in question, for instance social media accounts such as Facebook or Twitter) honestly without risking data leakage?

With all of that in mind, here’s how I secured my technology for border crossing. Your mileage may vary, as your threat model may be very different, and the manner in which you choose to answer the various questions above may be different. If everything had gone south and my devices were impounded, I’d be writing a very different post (and contacting the EFF). But for this particular trip, this is my story.

What to Take

First off, I decided quickly that I wasn’t going to travel with my MacBook Pro. I was lucky enough that I didn’t need it for this trip, because there wasn’t any work that I would be doing on the road that necessitated a general purpose computer. I had work to do, but it all involved writing…some email, some writing text for a project, some viewing of spreadsheets and analysis of them. Simple and straightforward things that luckily could easily be done with a tablet and a decent keyboard. I already had an iPad with the Apple keyboard case, which made for an easily-carried and totally capable computing device for the trip. I could load some movies and music on it, fire up a text editor, answer email, and generally communicate without issue. It’s also iOS based, which makes it enormously more secure than Mac OS from first principles.

Since both my main computing device and my phone ran the same OS, I was able to also double-up any planning and efforts in security, as any decision I made could be equally applied to both devices. This turned out to be very, very convenient, and saved me time and effort.

The first thing that I did was backup the both the iPad and iPhone to a local computer here at my house (not iCloud) and ensure that those backups were successful. I stored those backups on my home network to ensure their safety…if anything went wrong later, these would be my “clean” images that I could revert to upon returning home. Then I used Apple Configurator 2 to “pair lock” my devices to my laptop, which would remain at home.

Pair Locking

This process was best described back in 2014 by security researcher Jonathan Zdziarski. While his instructions are fairly out of date, the general idea is still there and still works in iOS 10 and Apple Configurator 2. Basically, pair-locking an iOS device is a method by which the device is flashed with a cryptographic security certificate that prevents it from allowing a connection to any computer that doesn’t have the other half of the cryptographic pair on it. This means that once locked to my laptop (which, again, wasn’t in my possession and was still at my home), my iPhone and iPad would simply refuse to connect to any other computer in the world…whether that was someone that stole it from me and and attempted to reflash it using iTunes on their computer, or whether that is a diagnostic device being used by law enforcement.

This process is designed with the concept of using it for enterprise installation of iOS devices that need high security procedures to prevent employees from being able to connect their home computer to their work phone and retrieve any information. But it works very well for the purposes of preventing any possible attacker from accessing the phone’s memory directly through it’s lightning port. This processes ensures that even if the phone is unlocked and taken from my possession, DHS or other attacker cannot dump the memory directly or examine it using typical forensic information gathering devices.

Password Manager

Once both devices were pair-locked, I was left with two freshly installed iOS devices that I needed to reload with apps and content that would be useful for me. After loading a set of games and apps that would allow me to pass the time and still get some work done, as well as media I might want to consume on the road, I loaded my password manager (I use and am very happy with 1Password) and created a very, very long and complicated vault password that there was no possibility I could remember. I recorded that password on paper (left at home in a fireproof safe) and gave it to a trusted person that had instructions not to give the password to me until I had cleared the border and only over a secured channel.

I then changed the 1Password vault password to be that password plus a phrase that I knew and could remember (a sort of salt). 1Password was set up to allow me to login with TouchID, so I could still operate normally (logging into services and such) until such a time as that TouchID credential was revoked. Once revoked, I would be completely locked out of my passwords, with no ability to access them, until through a pre-arranged time and secure channel I got the vault password from either of the mentioned trusted sources. Those trusted sources, meanwhile, couldn’t access my password vault either, since the salt was resident only in my head.

It may be obvious, but I also ensured that everything in my life that was accessed with a password had a very strong one that was held by 1Password, and that I didn’t know and couldn’t memorize even if I tried. My bank, social media, dropbox…everything that could get a password, had a very, very secure one. Any service that supported 2-factor authentication had said 2 factor turned on, with the second factor set to an authentication app that supports a PIN (or, in the case of Very Important Accounts, a physical Yubikey that was left in TN as well). This is security 101, and not directly related to my border crossing…but if you don’t have the basics covered, nothing else really matters.

Sanitization

I made sure that iOS had most iCloud sync services off….no contact syncing, no calendar syncing, really the only thing I left syncing was my photo gallery. I did not install any social media apps (no Facebook app, no Twitter app, etc) and only logged in and out on the websites in question. The browser on both devices was set to not remember passwords, and I clear cache and history regularly when traveling. As far as I could, I eliminated anything that stored conversations or messages between myself and others…no Facebook Messenger app, etc. I deleted my email app, and didn’t enter my account information for email into the standard iOS mail app.

This was, keep in mind, just for the transit period. Once in country and across borders, I could use a VPN to connect to the ‘net and download any apps needed, log into them after retrieving the password from one of the trusted sources, and effectively use both devices normally (with basic security measures in place all the time, of course).

Crossing Borders

At this point, I had a device that couldn’t be memory dumped, that had very little personal information on it, and even less information about my contacts on it. It mostly acted normally for me, because 1Password handled all of my logins and I used TouchID during daily usage…right up until I needed to cross a border. Before I did so, I deleted my TouchID credentials via Settings (by deleting the fingerprint credential), and powered-cycled my phone. Those two actions did several things all at once:

The first was that it prevented me from being able to know or retrieve any passwords for anything in my life. That’s a pretty scary situation, but I knew it was fixable in the future (this wasn’t a permanent state). It also meant that if I were asked to unlock my phone, I could do so pretty much without anything of interest being capable of access. Without the ability to dump the phone forensically, officers could ask me for passwords for accounts and I could truthfully say that I had no way of telling them, because the password manager knew them all and I didn’t. And I couldn’t give them the password vault login because I literally didn’t know it.

The idea with all of this was to create a boundary of information access beyond which, if DHS wanted to try and access, they would need to impound the phone and potentially subpoena the information from me with a warrant. My guess (which turned out to be correct) was that they would ask to have it powered on, and maybe they would ask to see it unlocked, but that would be it. If they pried further, well…I was prepared to tell them truthfully that I didn’t know, that I couldn’t know. And I would call a lawyer if detained, and proceed from there.

The worst case scenario for me was minimal delay and discomfort. I am enormously privileged in my position to be able to think about this sort of passive resistance without actual fear for bodily harm or other forms of retribution. For me, the likely worst case, even if things had escalated to asking for social media passwords, would have been the confiscation of my devices and my being detained for a time. This is assuredly not the worst case for many, and it is extraordinarily important that each person judge their own risks when deciding on security practices.

For some, it is far better to simply not carry anything. Or to carry a completely blank device. Or purchase an inexpensive device when you arrive in the country of your destination. For me, I had the ability to prepare and be ready for resistance if needed. Your mileage may, and should, vary.

Conclusion

The results of all this thought and effort? Nothing at all. Not a single bit of attention was paid to me at the various border crossings, by either US or foreign agents. On the leg of my flight leaving Qatar, I went through no fewer than 4 security checkpoints from the time I landed until getting onto the plane taking me to O’Hare, and at each one there was a baggage scanner and metal detector, agents pulling people out of line for additional screening, and the like. When I finally got to my gate, it had its own private security apparatus,  again with metal detector and baggage X-ray. At this security checkpoint, I was randomly selected for additional screening, but the agent in question (a Qatar security agent) was incredibly professional, thorough, and neither invasive nor abusive. I got a pat down (much less severe than those I’ve been given at US airports), and they asked to look inside my carryon…they even asked me to power on my iPhone and iPad. But they didn’t ask to unlock them, and they didn’t ask for passwords of any type.

When entering into the US at O’Hare, the plane was greeted by DHS agents at the gate, who asked to check passports upon exiting the plane. The agent I was greeted by barely had time to glance at my US Passport before waving me through…again, the privilege of my appearance and nationality was evidenced by the fact that several of my fellow passengers were not waved through so easily. The last thing I heard as I walked up the jetway towards Customs was a DHS Agent saying to the robed gentleman behind me “So you don’t speak very much English, huh….”

The current state of our country cannot stand. We are a nation of immigrants many peoples1, and a nation that believes in the privacy of our affairs and effects. This concern I had for my own and my friends’ information shouldn’t have been necessary. We should be able to be secure in our possessions, even and especially when those possessions are information about ourselves and our relationships to others. I do not want to be in a position where I have to threat model crossing the border of my own country. And yet, here we are.

I’d love any thoughts about the process described above, especially from security types or lawyers. Any holes or issues, any thoughts about what was useless, anything at all would be great to hear. I hope, as I so often hope these days, that all of this information never becomes applicable to you and that you never need to use it. But if you do, I hope this helped in some way.

I was called out on Twitter for my use of “immigrant” as an inclusive term for people in the US, when, of course, many US citizens ancestry is far more complicated and difficult than “they chose to come here”. It was written in haste and while it works for the emotion I was attempting to convey, it definitely undercuts the violent and difficult history of many people in the US. I’ve edited the text to reflect the meaning more clearly and left the original to indicate my change.

Plan, Prepare, Act

Warning: This is a very long post. There are lots of resources mentioned, laws referenced, and opinions given. If you’re looking for a TL;DR version for a tweet, here you go:

Recent immigration enforcement efforts by the current administration should be alarming to libraries & we need to have action plans in hand.

Read on for lots, lots more.

Table of Contents

Libraries and Immigration
Threat Models
Why Libraries?
How to Prepare
Laws Regarding Resistance
Call to Action

Libraries and Immigration

With the release on Feb 21st of Department of Homeland Security (DHS) memos (one and two) detailing increased efforts relating to the efforts of Immigration and Customs Enforcement (ICE) and related federal offices (Customs and Border Control ((CBP)) and the like), the threat that there may be immigration raids in libraries continues to grow. I have been trying to gather information about such threats since the initial increase in ICE raids began just a few weeks ago, and here is what I’ve discovered, links to resources, and some of my thoughts on the matter.

Since Trump took office, ICE and CBP have been on a much, much looser leash when it comes to the allowances they have to question, detain, and remove non-citizens from the US. Reports of mothers being removed from their children, removal of someone after a court appearance, arresting people leaving church-based hypothermia shelters, and the like have shown a willing disregard for humanitarian instincts and that no location should consider itself safe from the threat of immigration officers entering your space, questioning individuals, and potentially removing them for deportation.

Threat Models

As I see it, there are two threats for libraries that emerge from the current reimagining of US immigration policy. The first is similar to the threat that the PATRIOT act and other historical efforts have illustrated: the use of library-gathered information to target or identify an individual or group of people. That information could be circulation records, attendance lists for library programs, library card records, and the like. Libraries are aware of the threat to these sorts of records, there are State laws that outline limitations and protections for that information, and we have a history of protecting it. There are myriad resource that will give libraries tips on how to manage their technology in such a way to limit the information  they keep, and action plans that outline how to react to an information request.

The second threat is, however, a new(ish) one. That threat is to the patrons inside or around your library, and the threat that an “enforcement action” could result in ICE agents entering your building, asking patrons for proof of citizenship, detaining those that cannot provide such, and expeditiously moving those patrons into “detention centers” and from there to deportation and out of the US entirely. If we protect patrons information so closely, with so much effort and vigor, how much more effort must we put forth in protecting the patrons themselves? What are the limits of protecting individuals in your community?

Why Libraries?

Given libraries’ efforts in assisting  immigrant populations of the US, and that many libraries provide significant citizenship assistance, we should be very aware of the potential for a visit by ICE officers. Public libraries in particular should have an action plan for this, in the same sort of way that we had action plans for an FBI visit post-9/11 in regards to the PATRIOT act.

The Department of Homeland Security does specify “Sensitive Locations” within which ICE must meet a higher degree of legal proof before they are empowered to enter, question, detain, or remove someone. These include schools, hospitals, churches, and more:

it is worth noting that libraries are NOT called out in this list. It’s possible that they could be construed as part of “educational-related activities,” but in practice that refers to school activities that may take place after official school hours. I do not believe that any of the above categories affirmatively includes libraries.

Even if libraries WERE to be construed as Sensitive Locations, that designation only protects what ICE refers to as an “enforcement action”:

The question of what powers ICE and CBP can bring to bear is a complicated one. Within the borders of the US, ICE has particular limits to their operations. They cannot enter a private home without permission or a warrant, for example. However, there is special legal dispensation given in US law to what is commonly known as the 100 Mile Zone, that is, any area within 100 miles of the border of the US.

As you may note, that 100 mile zone includes enormous sections of the population of the US, including the entirety of Florida, Hawaii, Maine, Michigan, and most of the largest cities (New York, Los Angeles, Houston, Chicago, Miami, San Francisco, and more. Within this zone, CBP has more authority to pursue immigration issues. The memos linked above direct ICE to hire an addition 10,000 agents, and CBP to hire an addition 5,000 agents, in order to pursue immigration issues more aggressively.  I hope that it is obvious why this might be worrisome.

Finally, while we are seeking things to worry about, there’s the Delegation of Immigration Authority Section 287(g). This allows the Department of Homeland Security to “partner” with local and/or state law enforcement and thus allow the local officers to act on immigration issues…effectively, a form of ICE deputization.  The memos linked above also direct ICE to more regularly use this in their enforcement efforts, increasing the number of officers available to detain and arrest immigrants even further.

How to Prepare

Given the combination of the broad powers assigned to DHS and the zeal with which the current administration appears to be going after immigrants, I believe strongly that it would be a dereliction of our duty to our communities to not consider how to respond to the potential of immigration officer activity in your library. This is a situation of not if, but when.

The resources linked below are almost all available in both English and Spanish, and most of those that are designed to be handed out to patrons are available in several languages.

A first step is being the information resource that your patrons need. Print and distribute rights cards for your patrons, so that they understand what their rights are here in the US, and how they should and shouldn’t interact with ICE agents. Here is a page with even more resources for patrons, many of which you could provide in your buildings.

This Community Raid Preparedness Checklist is a fantastic resource (with more coming from the same group), and outlines several steps that libraries should be looking at as quickly as they possibly can. NILC also has a presentation called Raids: What is Happening and How to Respond that was put together jointly with the Southern Poverty Law Center, and other stakeholders just a week ago that outlines the current state of things as well as possible responses.

The National Immigration Project has a variety of other amazing resources that libraries should have on hand, discuss, and implement where they can, including this FAQ that answers questions in a framework that I feel is very useful for libraries.

Finally, the most thorough response document I have found is this one, the Defend Against ICE Raids and Community Arrests toolkit, which has well-considered suggestions, resources, and ideas in it. It focuses on home raids, but much of the advice can be adjusted and used for public places.

ALA has a Libraries Respond page entitled Immigrants, Refugees, and Asylum Seekers with links to ALA statements on service to these communities, as well as a few external links to resources. Some of the resources are older than I would like, but there are links to more current news reporting on the current situation. I would prefer to see ALA taking a much stronger stance on this, but understand their limitations.

Laws Regarding Resistance

In classic Internet style, here is where I remind you that I Am Not A Lawyer. Luckily, my friend Kyle K. Courtney is a lawyer, and a damned good one. He is, however, not your lawyer, and this section is meant as a summary of possibly applicable laws and cases regarding interfering with federal officers. The more you know, the better off you are in developing your action plan. Take it away, Kyle:


The concept of resisting, opposing, impeding, intimidating, or interfering with federal agents’ duties has been considered by the courts for decades, and is governed by federal statutes. It is important that you know and understand the law surrounding these actions. While we outline some of the major laws here, there are usually a large segment of ways you can be held or, of course, simply detained and later charged with misdemeanors.

Main Federal Statutes

18 U.S.C.A. § 111

This federal statute makes it a crime for anyone forcibly to assault, resist, oppose, impede, intimidate, or interfere with certain enumerated federal officers and employees while they are engaged in the performance of their official duties.

Note also that 18 U.S.C.A. § 1114 is critical to determining the official status of the person assaulted, so, in order to fall within the scope of 18 U.S.C.A. § 111, the person assaulted must be within the definition of government officers, etc. as defined in § 1114.

The statute provides for two offense levels:

  • simple assault—a misdemeanor
  • forcible assault—a felony
  • Enhanced penalty for a forcible assault that involves use of a deadly or dangerous weapon or one that inflicts bodily injury.

The elements of the offense of an assault on a federal officer are:

(1) a forceful assault;
(2) committed voluntarily and intentionally;
(3) against an officer employed by the federal government who was then engaged in the performance of an official duty or on account of the performance of official duty.

*Cases have found that § 111 does not require that the assailant be aware that the victim is a federal officer.

  • The scope of what a federal officer is “employed to do,” for purposes of determining whether an officer is engaged in the performance of official duties within the meaning of the statute, is not defined by whether the officer is abiding by the laws and regulations in effect at the time of the incident, nor is the touchstone whether the officer is performing the functions covered by his or her job description. Rather, the test is whether the officer was engaged in what he or she was employed to do rather than being on what the courts refer to as a “personal frolic.” There is no bright-line test, it is a case-by-case factual judgment.

28 U.S.C.A. § 1501

There is also a lesser offense of willful and knowing obstruction defined in 28 U.S.C.A. § 1501, making it a misdemeanor to obstruct, resist, or oppose any officer of the United States in attempting to serve or execute any legal or judicial writ or process.

A § 1501 violation contains all of the elements of a § 111 violation, except the element of force is required for a conviction under § 111.


18 U.S.C.A. § 1071

§1071 makes it a federal offense for a person to harbor or conceal any person for whose arrest a warrant or process has been issued under the provisions of any law of the United States, so as to prevent that person’s discovery or arrest, after notice or knowledge that a warrant or process has been issued for his arrest.

The federal offense of harboring or concealing a fugitive so as to prevent his discovery and arrest may be viewed as being comprised of three elements. Thus, in order for § 1071 to be applicable there must be:

(1) an act or acts of harboring or concealing done so as to prevent the discovery and arrest of an individual;
(2) a warrant or process issued under the provisions of any law of the United States for the arrest of the individual who is harbored or concealed; and
(3) notice or knowledge on the part of the person who performs the act or acts of harboring or concealing, before the performance of such act or acts, that a warrant or process has been issued under the provisions of any law of the United States for the arrest of the individual who is harbored or concealed

Sample Cases

The following caselaw is a sample of the enforcement of the federal statutes listed above. Some are specific to immigration and border patrol officers, while other are interpretations of the statutes for any enumerated federal officers and employees. There are even a few cases where third parties attempt to resist, oppose, impede, intimidate, or interfere with federal officers that are engaged in the performance of their official duties, namely arresting another party.

CASE CITATION SUMMARY
Bennett v. U.S., 285 F.2d 567 (5th Cir. 1960) In a prosecution for assault on an immigration officer, it is not necessary to prove scienter, that is, that the accused knew the object of the assault was a federal officer (Border Patrol officers in plain clothes on horseback)
U.S. v. Varkonyi, 645 F.2d 453 (5th Cir. 1981).

 

It is no defense that the accused was attempting to protect his or her private property from trespassers who were immigration officers.
United States v. Vigil, 431 F.2d 1037 (10th Cir. 1970)

 

Third person does not have right to assist in resisting the arrest of another if third person knows or has good reason to believe the person making arrest is government official authorized to make arrest and official is not clearly using unnecessary force.
United States v. Ulan, 421 F.2d 787 (2d Cir. 1970)

 

Demonstrating bystander, who voluntarily intervened and struck federal deputy marshal in attempt to prevent arrest of co-demonstrator was found guilty of assaulting and interfering with federal deputy marshal in performance of his official duties
U.S. v. Davis, 690 F.3d 127 (2nd Cir. 2012) Evidence was insufficient to support defendant’s conviction for misdemeanor of resisting arrest which showed only that defendant ran from a DEA agent and, when tackled to the ground, struggled against being handcuffed, primarily by putting their hands under their stomach. There was no evidence that defendant engaged in any conduct that demonstrated a desire to injure an agent or would cause an agent to apprehend immediate injury.
U.S. v. Steele, 550 F.3d 693 (8th Cir. 2008) When defendant’s mother gave federal officer permission to enter her house and defendant was extremely angry and made threatening gestures, a reasonable juror could determine that defendant was not justified in using force to resist arrest.
U.S. v. Span, 970 F.2d 573 (9th Circ. 1992) Defendants do not have a right to resist arrest by federal officers even if supported by probable cause
U.S. v. Cunningham, 509 F.2d 961 (D.C. 1975) Federal officers engaged in performance of their duty may not be forcibly resisted; the subject of officers’ action must submit peaceably and seek legal redress thereafter.
U.S. v. Beyer, 426 F.2d 773 (2nd Cir. 1970) Even if warrant of arrest or arrest itself had been invalid, defendant was not entitled to resist arrest by physically assaulting federal officer executing warrant
Darrah v. City of Oak Park, 255 F.3d 301 (6th Cir. 2001)

 

Federal court (applying state law) found that while arrestees have the right to use physical force to resist an unlawful arrest, third-party intervenors do not have the same right.
United States v. Heliczer, 373 F.2d 241 (2d Cir. 1967)

 

Bystander was guilty of assaulting a federal narcotics agent and interfering with agent’s performance of official duties because bystander attempted to kick one of the agents, even though bystander had opportunity to inquire of the agents about the arrest of another party, but did not do so.

“[A]s a general rule, he has no right to intervene if in fact a lawful arrest is being made by a federal agent, whether the bystander knows it or not, because, like the person being arrested, he is subject to [other caselaw] and to a great degree takes a chance in assisting another to resist arrest.”

Amaya v. U.S., 247 F.2d 947 (9th Cir. 1957) Defendants, suspected to be aliens by an immigration officer, were found guilty of who 18 U.S.C.A. § 111, when immigration officer entered a public café and commenced asking persons therein suspected to be aliens as to their place of birth. The officer was struck by the first defendant while questioning the man, who was edging toward the front door. As the officer attempted to handcuff the first defendant, a co-defendant jumped the officer and took his gun.
U.S. v. Cho Po Sun, 409 F.2d 489 (2d Cir. 1969) Two immigration officers, employed to assist in obtaining compliance with immigration laws, were assaulted by the defendant when they went into the kitchen of a restaurant where six Asian employees were present and asked the defendant questions as to his citizenship status.

*Note: The court rejected the defendant’s argument that the officers had no right to interrogate him, since he was neither an alien nor a person reasonably believed to be an alien whom they were authorized by 8 U.S.C.A. § 1357 to interrogate.

United States v. Cain, 413 F. Supp. 2d 197 (W.D.N.Y. 2006)

 

U.S. Marshals were arguably engaged in the performance of official duties when they were allegedly assaulted while assisting state officers in executing a state arrest warrant, acting pursuant to a MOU where state and federal officers worked together in apprehending persons with outstanding state and federal bench warrants.

Call to Action

I feel strongly that the aggressive pursuit and removal of immigrants, in the manner of the current administration, is morally wrong and inhumane. It is driven by racism and xenophobia, and has at its base some of the ugliest of human beliefs. In Stand, Fight, Resist I wrote:

Libraries are powerful forces for good. Now is the time to muster our powers, to stand brave against the people who seek to limit and reduce our rights and our understanding of the world….This country, and the people in it, deserve a better world than the one that is currently being forced upon them. Use your power as pillars of your communities, as the guardians of knowledge and the providers of help, use that power now to resist the normalization of fascism and bigotry, of hate and fear and greed. Stand for truth and knowledge, justice and equity for all. Stand for facts, and stand for those who are most at risk. Stand against the horrorshow revealing itself to us, and fight with those who are determined to create equity among people, justice in the face of the unjust, and love out of hate.

I’m not sure how to say it better than that. Libraries must stand for justice and freedom for all people, for the best parts of our republic. We need to continue to fight on the information front, to show that immigrants who come to this country bring with them the strength that will make the US better than it is now.

Concretely, libraries need a clear and direct set of policies that outline their response to an immigration enforcement action. We need to have those in place now, as quickly as possible. There needs to be a clear set of directives for your staff, meetings to gather feedback and to clarify your local threat model (libraries on borders will have very different sets of threats than non-border libraries), and connections made with local civic and non-profit groups that are already active in this space. You need to have meetings with your Mayor, City Council, and local representatives about this issue. We need to be ready to protect our communities.

As bad as things are in this moment, they are going to get much, much worse. The administration has a stated goal of the removal of all undocumented immigrants in the US, which amounts to over 10 million people. There is no way to do this humanely, or with respect for human dignity and agency. It is the equivalent of rounding up, processing, and deporting every single person in New York City and Chicago, combined. It is easy on the Internet to fall into Godwin’s Law, and until recently one could expect that comparison of a current practice to the Nazi Party was, in fact, somewhat hyperbolic. Rounding up 11 million people, placing them into “detention centers” and attempting to remove them from our society…I’m not sure there are comparisons other than the Nazis that make any sense of it.

We are better when we embrace differences, when the marketplace of ideas is a bustling mercado and souq. None of us is as smart as all of us, and we are going to need all of us if we are to find that future where the United States is still a shining city upon the hill. That light is dimmed now, and sputtering, but it isn’t dark just yet. Libraries are partial keepers of this flame, and we need to be prepared to protect the people in our communities when they are threatened, however and whenever we can.

Plan. Prepare. Act.

Concerns & Travels

It has been quite a couple of months since my last post, and I suppose the best I can say right now is that my fears that were outlined in Stand, Fight, Resist have only amplified. Fascism is no longer a theoretical threat, it is real and it is working systematically to tear down the checks and balances of our republic, from an open and free press to judicial oversight of legislative and executive overreach. In the midst of all of this, I have never been prouder to be a librarian, to watch the profession react (sometimes poorly, but react all the same) to these political times. I’ve been doing what I can as a citizen to communicate to my elected representatives how important their choices are, and what they might mean for our collective future. I’m also looking for opportunities to write and present on privacy and information security for libraries and librarians, trying to help where my particular set of knowledge and skills may.

As a librarian and technologist, I’m doing several thing over the next few months that I wanted to mention here…if you are attending any of these events, please let me know!

February 24-26th – MisInfoCon, Cambridge, MA – http://www.misinfocon.com

I’m incredibly excited to be a part of this event, which is being hosted by the MIT Media Lab and the Neiman Foundation for Journalism. From their website:

MisinfoCon is a community of people focused on the challenge of misinformation and what can be done to address it. The gathering seeks to strengthen the trustworthiness of information across the entire news ecosystem: journalism, platform, community, verification, fact checking and reader experience.

Bringing together participants from different backgrounds to lead discussions and develop and test product prototypes, our goal is to connect leaders and develop actionable steps on how the various sectors can work together.

This is obviously somewhere where I think librarians have enormous knowledge and potential to make a difference. I often find that, unfortunately, journalists and policy makers don’t think about librarians in this capacity, but I’ll be there flying the librarian flag high. I hope others are there to help me in that quest.

March 5-10th – Special Libraries Association, Arabian Gulf Chapter Conference, Manama, Bahrain
http://slaagc.com/

I am very excited about the opportunity to meet and speak with librarians from the Middle East, as it is a part of the world where I have very little personal knowledge of their challenges and opportunities. At the same time, the last couple of weeks have made me extremely cautious of international travel…especially to a Muslim-majority country. Not because I am concerned about my safety there, or that I have worries about Islam, but because of the recent actions of my own country relating to re-entry into the United States. Reports of highly-improper questioning, requests for social media information (including passwords), and seemingly arbitrary delays and overly-aggressive confrontations with DHS officers have all made me carefully consider what I am comfortable with on those fronts. And I’m a white male American, cis-presenting and everything…I am, as Scalzi pointed out, playing this game on easy mode. I cannot imagine the difficulties and considerations that must go into this sort of travel if I were not.

June 10-15th – Next Library 2017, Aarhus, Denmark
http://www.nextlibrary.net

I will be participating in the Next Library conference, as a part of a panel on Smart Libraries. It will be the European debut of Measure the Future, and I am very excited to be a part of it. I’ve spent most of the last 2 years thinking about and working on the development of sensor-based metrics that give librarians much better ideas of usage and attention in their spaces. I can’t wait to meet and learn from the amazing librarians in Aarhus.

There are a couple of open possibilities in April and May, but those aren’t quite nailed down yet, including maybe a couple of online “Personal Information Security” classes that I’m hoping to offer very soon. If you’re interested in that, watch this space.

Stand, Fight, Resist

The idea that libraries are neutral spaces has been well and disabused over the last few years. From the services we offer to the collections that we curate, the decisions that libraries and librarians make are political ones that reflect values. Sometimes those are the values of the organization, sometimes the values of the individuals, and sometimes they are the values of the communities that the library serves. Those values are illustrated by our technologies, our ontologies, and our descriptors. Those who attempt to hold that “neutrality” of information access is an ideal for which to strive have had a hard time holding to that stance as increasing numbers of librarians question and deconstruct our profession. I would like to suggest something even stronger…that even if it were possible for libraries to be neutral spaces, that to create such a space would be morally questionable, and potentially actively morally wrong.

I say this as someone who firmly believes in the maxim of combating bad speech with more speech. I am not here advocating controls or restrictions on speech. But it is not the responsibility of every library to collect and distribute literature of hate, or falsehoods, or lies. Some libraries do need to collect everything, the good and the bad, for archival and historical study purposes, but those libraries are fairly obviously identified in practice and the vast majority of libraries should and could take a stand with their actions, programs, policies, and collections to be on the side of justice and scientific fact.

Neutrality favors the powerful, and further marginalizes the marginalized. In the face of the current political climate, with the use of opinions as bludgeons and disinformation as the weapon of choice for manipulation and intellectual coercion, it is up to those who value fact and believe in the care of those in need to stand up and positively affirm that to do otherwise is evil.

For libraries and librarians, that means:

  • Making the physical space of the library safe for those that need it by publicly stating your stance on the targeting of marginalized communities and then following up with actions and policies that back up those statements
  • Protecting your patrons from targeting and oppression, even in the face of possible governmental pressures, by resisting calls for information about your patrons at every level
  • Making your digital spaces safe for patrons by limiting the data you collect, eliminating the data that you store, encrypting your communications at all levels and importantly insisting that your vendors do the same
  • Running programs that actively provide support for your at-risk patrons, whatever that looks like in your community
  • By being the voice of reason and compassion when dealing with your city or county government, and by modeling the same by advocating for those at risk

These things are vital and necessary. Especially now.

It has been barely more than a month since Election Night 2016, and the normalization of the President-Elect and his positions have already taken hold. Major media outlets report his actions but don’t follow up to question his statements or refute his words. When one of his key surrogates, Scottie Neil Hughes, says that facts aren’t real anymore, we that live in the real world must not simply accept these types of statements.

This moment in history is not the time for neutrality, it is not the time for libraries to quietly serve their communities. When I say that the next 4 years may be the most important in the history of our country, I am not doing so metaphorically or in an attempt at hyperbole. I sincerely believe that the fate of the republic is potentially at hand, and that the threat of fascism is real and imminent. In the face of such potential, the library is both refuge and target, bastion against disinformation and simultaneously at risk of being trampled under the boot of anti-intellectualism.

Neutrality should be abandoned, and we must stand positively against the threat of the removal of rights of citizens and noncitizens alike. We must eschew presenting false equivalency between two opposing explanations about the world when one is evidence-based and the other is not. We must continue to defend a fact-based world, rooted in the scientific method of understanding, an understanding of reality that is testable, refutable, and falsifiable . We must build collections that reflect the scientific consensus about the world, and not fall prey to the rhetoric of “balance” and “opinion”. Opinion does not hold once it begins impinging upon the personhood of others, nor when it stands in opposition to accepted scientific facts. We must be the defenders of fact and reason.

Maya Angelou said “when someone shows you who they are, believe them the first time.” Our President-Elect has shown us who he is: a shallow, ignorant man who surrounds himself with those who seek power at the expense of the marginalized and will use every opportunity to demonize in order to dehumanize those they wish to trample. Our government will soon be composed of those who want to actively harm LGBTQ people among us, that wish to hunt down and persecute people for their religion, that have such base misunderstandings of the Constitution and the Bill of Rights that they are prepared to roll back hard-won freedoms for the sake of their own comfort and power. If history shows us anything about those that seek this sort of power, it is that it is best for a society when that power is held in check and they are not allowed to be overly comfortable.

The library must be a space for all and everyone, but most importantly those at most risk, both now in the future. It must be a positive force for our understanding of the world and our compassion for the people within it. Neutrality and balance are not the way forward. We must resist the forces that seek to normalize segregation, aggression, and ignorance.

Libraries are powerful forces for good. Now is the time to muster our powers, to stand brave against the people who seek to limit and reduce our rights and our understanding of the world. Let us throw off the false cloak of neutrality and work to embrace and support a world of social justice, equity for all, and scientific understanding. This country, and the people in it, deserve a better world than the one that is currently being forced upon them. Use your power as pillars of your communities, as the guardians of knowledge and the providers of help, use that power now to resist the normalization of fascism and bigotry, of hate and fear and greed. Stand for truth and knowledge, justice and equity for all. Stand for facts, and stand for those who are most at risk. Stand against the horrorshow revealing itself to us, and fight with those who are determined to create equity among people, justice in the face of the unjust, and love out of hate.

Stand. Fight. Resist.


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.