by Morgan Daigneault on Jul 1, 2021
Intellectual freedom and access to information are some of the most valued tenets of librarianship, with the right to privacy at their foundation. Libraries strive to uphold privacy for their users with policies and systems that protect user checkout history and other personally identifying information.
While Aspen itself is open source, the user data pulled into Aspen is definitely not! Aspen has several features that safeguard privacy and allow you and your patrons to make choices about what they can track, see, or share.
Reading History
By default, reading history is not enabled in Aspen. Users who navigate to the “My Reading History” section of their account for the first time will see a statement about patron privacy and a thorough explanation of the reading history feature. Users who choose to enable this can delete any entries that appear or stop recording their reading history at any time.
While Aspen’s systems do not encrypt titles from a user’s history to allow for sorting and record-linking functionality, the underlying data is only accessible via the back end and cannot be retrieved directly even by the library unless they are self-hosted.
Masquerade Mode
If you’ve been using Aspen for a while (or have at least been through some administration training sessions during implementation), you may be familiar with the Masquerade feature. Staff accounts granted the appropriate permissions from their administration can “masquerade,” or act as, a library patron within Aspen without the staff member needing to ask for the user’s password or PIN. This feature can be helpful when trying to help a patron troubleshoot their account over the phone or perform actions for the patron. However, libraries can choose not to enable this feature altogether.
If your library chooses to turn on the Masquerade feature, you can still build in an extra layer of privacy for your patrons by leaving the “Allow Display of Reading History in Masquerade Mode” option disabled. This way, library staff masquerading as a patron will not be able to see their reading history, even if the patron has it turned on. Additionally, you can specify an automatic timeout length so that the Masquerade Mode will end and log out completely after a short period of inactivity. Masquerade settings are located within the Primary Configuration module under ILS/Account Integration.
Search History
While logged into Aspen, users also have access to their own search history during a session. To view search history, visit My Account and click Search History at the bottom of the left-hand menu. Upon logging out, a user’s search history is automatically cleared. Searches are only saved if the patron specifically chooses to save them in case they would like to easily access the same search results at a later time. At any time during an Aspen session, users can choose to purge their unsaved search history and delete their saved searches.
User Lists
Whether it’s for a book club, a favorite author, or a personal interest, patrons love their lists! While Aspen does allow users to create lists of items and make their lists “public,” this only means that they are able to share their lists by sending others the direct URL or sharing via the Email List button.
Patron lists will otherwise never appear in a Lists search in the catalog or be viewable by anyone else.
Linked Accounts
Aspen allows patrons to link to other user accounts as long as they have both the username and password/PIN of the account to which they wish to link. This feature can be really helpful for families managing checkouts and holds across multiple accounts, assisting a homebound neighbor, or for a variety of other reasons.
A user managing another linked account will be able to see their current checkouts and holds, but will never be able to see the other user’s reading history, even if they have it enabled. At any time, logged in users can see accounts they manage in addition to any accounts who have linked to them. If at any time a user sees an account linked to them that shouldn’t be, they can contact library staff for assistance. Changing their password will also instantly unlink their account.
In the Aspen Discovery team, we know that libraries believe in informed and empowered users. For every applicable account setting, users are provided information about their options and are allowed to opt in or leave a feature disabled.
We want to give patrons the option to browse, search, share, and retain their account activity as they wish, while at the same time respecting and protecting their information -- because in Aspen, privacy is the default.
Did You Know?
All personally identifiable account information in Aspen is encrypted. Even if someone were to access our servers illegitimately, your patrons’ data is safe!
Read more by Morgan Daigneault