Here are questions pertaining to policies. I am glad to have the opportunity to step back and consider these over the long term:
1. When interpreting the neutrality mandate with regards to candidates, but policy implies support of specific candidates or candidate-associated action, how are we supposed to report that?
2. What is the standard for determining whether reasons to keep logs (i.e., ops, research, and possibly unknown other needs) when compared to the possible implications of reader privacy requirements?
3. If staff suggests there is no time to research reasons to keep logs, let alone comparison to the likely implications of reader privacy violations, how are we supposed to report that?
4. What happened to the Chief Privacy Officer position?
5. Does ops need records of articles, or just lists of accessing IP-associated accesses?
6. Is there a "hash/rotating salt/pepper" technique which will fulfill research needs?
7. Does including the log proxy information with the IP address prevent cryptographic hash guess reversals?
8. To what extent are ALA's Privacy standards pertinent:
http://www.ala.org/advocacy/intfreedom/librarybill/interpretations/privacy
http://www.ala.org/advocacy/library-privacy-guidelines- data-exchange-between-networked-devices-and-services
http://www.ala.org/advocacy/privacyconfidentiality
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1450006
I am not advocating eliminating IP address retention from editors' edits (please see Brion Vibber's earlier proposal on this list this month.)
Best regards, Jim