Lisa Rein: Our next speaker is the founder of the Library Freedom Project, which brings together three of Aaron’s favorite things: privacy, libraries, and Tor. Without further ado, Alison Macrina.
Alison Macrina: Hi, guys. Oh my God I’m a little frazzled. I just had a crazy travel experience. I got in horrible traffic because LA is a cesspit. Sorry if anyone’s from LA. But I’m here and I’m so excited to be here and there’s so many people and this is so wonderful and amazing.
My name is Alison and I run an organization called Library Freedom Project. The mission of Library Freedom Project is to make real the promise of intellectual freedom in libraries. The whole Library Freedom Project, everything that we do is very deeply inspired by Aaron’s spirit, his work in resistance, his legacy. And every day that we go into libraries and teach practical privacy trainings, I feel like Aaron is very much present in all that we do. So it means so much to get to talk about the work that I do, framing it in the memory of this wonderful powerful person who inspires me every day.
So, Library Freedom Project. Basically what we do is we teach librarians about three things. We teach them about surveillance threats. So, what we know about the NSA after Snowden; how that fits into FBI and local police surveillance; what that means with corporate‐level surveillance and how these things work together; what the real impact on our local communities is; what the material effect on the people that we serve in libraries [is].
We teach librarians about their privacy rights and responsibilities. So what to do if they get a National Security Letter; how to read the attached gag order; what to do if you receive one of these; who to call; what this means for your First and Fourth Amendment rights.
And kind of the biggest thing we do at Library Freedom Project is teach librarians about using free software for surveillance resistance to protect privacy. So we teach them about things like Tor Browser, Signal, GPG, OTR in Jabber, all that wonderful fun stuff.
The reason we teach this in libraries is because libraries have a really special role in their communities. They are sometimes the only free computer assistance that you can find in most places. They have free computer classes at all levels. They tend to be identifying computer literacy needs at really low levels; people who maybe have never touched a computer before or are very afraid of them, who are confused by the kinds of things that are happening to them on the Internet, and surveillance and privacy violations only exacerbate that. And libraries also have the only computer terminals that most people can use in their communities. Most libraries, particularly public libraries, serve people who have no computer access elsewhere.
They also serve people who have a special relationship to surveillance in that they have been under surveillance for much longer than the general population, so people of color, immigrants, Muslim Americans in particular, queer people, people who have been homeless, people who have been incarcerated. These are people that we serve in libraries and make up a greater proportion of our population than they do of the general populace. So it’s especially important that we get this information to these local communities.
So in Library Freedom Project I work with the ACLU, the American Civil Liberties Union. You might know them as the people who represent Snowden. I work very closely with the ACLU of Massachusetts in particular, because I live in Boston. ACLU Massachusetts is a cool ACLU because Massachusetts, we kind of worked out all the stuff that a lot of ACLUs end up fighting for all the time, so no one’s coming for our reproductive rights, we’ve got decriminalized weed, all the good stuff. So ACLU gets to work pretty particularly on police militarization issues and surveillance issues, and the intersection of the two.
So the ACLU are the folks who come with me to our privacy traninings. They teach librarians about their rights under the law and their privacy responsibilities, and kind of what to do if they find themselves in certain situations, and it comes up in ways that maybe you wouldn’t expect. The National Security Letters are a big thing. Libraries have gotten these before and folks might not know that libraries were some of the first people to resist the receipt of NSLs. They were co‐plaintifs with awesome Nick [Merrill] from Calyx Institute. Some librarians in Connecticut challeneged the constitutionality of the gag, and we want to see more of that kind of resistance in our libraries. We want to let librarians know that they can do this.
But them some other ways that it might come up. You know, if the local police install a ShotSpotter on the building of your library, which is essentially an audio surveillance device, what are your rights? How can you get rid of this thing? What are the capabilities of it? So the ACLU gets to bring in those contours.
When we go to different states, we bring in the local ACLU so that each place we go to can get the special local relationship to the law, whatever their data privacy rights are, what existing law reform efforts are happening, what impact litigation their local ACLU is working on. And then there’s a great community connection that happens, so that the libraries get to meet their ACLU reps and then go forward and maybe be clients and do awesome stuff together.
We’re also super lucky that we get to work with the Tor Project. We started working with Tor Project maybe about a year ago, right when the project was kind of taking off—Library Freedom Project, that is. Obviously the Tor Porject is old‐school. We get to work with them on outreach, community efforts, giving our usability experience, and helping make Tor Browser easier for ordinary people, non‐technical people to use.
We also work with some other groups on a here and there basis, like the Free Software Foundation, Electronic Frontier Foundation, the good people working on Sandstorm over at Thoughtworks, and independent privacy activists, attorneys, and all kinds of cool people all over the place.
We have a few special projects. One of them is getting libraries to deploy HTTPS by default on all of their web sites and all the services they control. It’s called The Library Digital Privacy Pledge. We’re working with Let’s Encrypt on this a little bit, using the Let’s Encrypt initiative to push libraries forward and let them know that this is an industry standard and we can be leaders in our communities, and also making the case for it as a reader privacy issue. Letting libraries know that anything that folks are searching for in our catalogs, if it’s discoverable by someone observing their network traffic, then they truly can’t have intellectual freedom. The relationship of intellectual freedom and privacy is obviously that if you don’t have privacy, you can’t read, write, and research freely. Your speech is chilled, and we care kind of a lot about that in libraries. So, we’ve got this HTTPS campaign.
Another big thing that we’re working on is opening up Tor relays in libraries. Libraries sometimes have quite a lot of bandwidth. They’re moving to fiber in a lot of communities, especially bigger libraries, academic libraries, big public institutions. They can afford to donate some of the bandwidth to the project. It doesn’t affect their patrons at all. And it’s a really great higher‐level practical iteration of privacy protection, especially at a global level. We actually just got started [with] that project. We opened up our first one in the summer. We had a beautiful celebration of this library, our pilot library in New Hampshire, and we took all these photos and it was awesome and I worked very closely with Nima [Fatemi], who is a long‐term Tor project volunteer and an awesome dude if anyone knows him here.
We got a lot of great press attention, and then we heard from the library and they said, “Yeah, Department of Homeland Security just contacted us and said, ‘We don’t like that you’re participating in this project.’ ” Basically the DHS called their local police and spread a little fear, uncertainty, and doubt and made the library a little bit scared. So we mobilized a massive amount of community support at the local level and at the global level. EFF set up a petition for us. We set up this petition. EFF got us almost 5,000 signatures in just a few days. We wrote an open letter for the library supporting them and encouraging them to continue participating in the project. We got all these amazing public interest groups, a coalition of folks; all the ones that I mentioned and a whole bunch more. And then we went to the library, because they were having a board meeting and the decision was going to be made there.
So Nima and I get to this library and we’re like, alright, we’re ready, game face, we can do this. No matter what happens, we’ll get another library if it doesn’t work out. We turned the corner, and we’re in rural New Hampshire, so imagine what a library board meeting in rural New Hampshire is like on a typical night. You know, sort of…no one’s there. [We] turn the corner, and there’s a whole crew of people outside holding signs. It was the world’s first‐ever Tor protest. Pro-Tor protest, I should say.
So these community members are holding all these amazing signs, “DHS out of my library,” “I love Tor.” There were some curious ones that were like, “DHS, we’re gonna Tor them a new one,” a sort of bad pun but whatever. And there was even a little 4 year‐old girl holding a sign that said “Down with Big Brother” and I was like, I’m done.
So we went into the board meeting, and there were several dozen people there. I spoke for like two seconds and said this is who we are and what we’re trying to do and we’d like to continue this. Then the community got to speak, and what was on display there was one of the most powerful things I’ve ever witnessed. Community members talking about why they love using Tor, what intellectual freedom and privacy means to them, what fighting surveillance means to them, why this is such an important fight in our local communities.
People who had never heard of Tor before heard about it from the media attention that had happened around this thing, ended up downloading the browser and using it. One woman was holding her small child in her arms (it might’ve been the Big Brother kid, actually) and she said, “The idea that there are bad people on the Internet that want to hurt my child, that is horrifying to me, but that fear is not worth taking away other people’s freedoms, and I want to teach my child that this is the sort of life that she should live also,” and brought the house down. Another woman, who worked at the library, was from Colombia and said, “I’ve lived through a civil war in my country. I know what it means for people to face state violence because of their speech. And I wish that Tor had existed in my country when I lived there and lived through that because some of the people that I knew might still be with us today.”
It was this incredibly powerful public referendum around surveillance and privacy. The board was of course very moved. They had also done their own research and they were on board, too, so it was a little anti‐climactic at the end. Everybody was like, “Well we’re just into this. I guess we should keep going.” But we decided to keep the relay up, and I’m happy to announce that the pilot is now complete. We turned it into an exit just recently. We had to make some changes to the library’s network. It’s our first successful one in a library, and we’ve got a bunch more lined up, so it’s going to be a big huge project, and also international.
I think what is amazing to me about the work that we’re able to do at Library Freedom Project is it takes the incredible work of the free software community, the privacy activist community, people who work in impact litigation and law reform, and brings it to the people that it impacts the most. A what I’ve also seen is that there is a changing tide, [in] how people think about these things. That the public cares very deeply about their privacy, and they are ready to fight back.
So, you can join us. You can work with us to help make free software tools more ubiquitous. You can help us educate our local communities around surveillance threats and privacy rights. If you’re a technologist, you can volunteer your time to help some of these libraries set up the systems that we recommend to them. And all of us together, through collective direct action and resistance, can help honor Aaron’s legacy.
So I would love to hear from you. We’re at libraryfreedomproject.org. We’re also going to be at the hackathon tomorrow, so come and find me.
Thank you so much your time, everybody.