Member Privacy Center

The Member Privacy Center has gone live. It collects various privacy data in one place, as called for by GDPR experts.

https://www.librarything.com/settings/privacy

What am I missing?

More, related features coming, but anyway this is now live.

Some comments:

* You have "show email on profile to" as a setting, but hasn't that been totally disabled for everyone for years?

* Sometimes you say "disabled", sometimes "not enabled". It's not clear what the distinction is here, if any; maybe standardize the terminology?

>2 lorax: Good question. It still exists for staff (i.e. admin accounts). I don't know that it should exist for regular members.

Status for ER should probably read "You are not signed up." rather than "You have not signed up."

>2 lorax:

Thanks. I'm looking into it. I feel like we changed the default, but didn't get rid of the setting. Finding out.

>4 MarthaJeanne:

Thanks.

>5 timspalding:

This is what I was thinking of with that comment:

https://www.librarything.com/topic/167474

I see we crossposted with that link. I don't remember the announcement of re-implementing it.

>7 lorax:
>2 lorax:

So, we removed emails from profiles in 2014 (https://www.librarything.com/topic/167474), but also said that we might bring them back if we had options about WHO to show it to. ("In the future, we may bring it back with options—like showing only to friends, to people signed on, etc.") That's what we have now—nobody is the default, but you can show it to others.

I'm struggling to find when this was re-implemented, with the ability to do that. But we clearly added the feature mentioned then.

I could see killing it entirely. Only 1,000 users have ever set it to open, and many (most?) of them are spammers. I'd kill that option at least.

>8 timspalding:

It's off entirely for now, while I look into it.

>9 timspalding:

I'm going to kill it entirely. There are few organizations that clearly want it--libraries. But I see too many arguments here against it. If you want it, put it in the various text areas.

Yeah, summary is that it was re-introduced as an option after 2014. The default was to never show it, but there were options for friends only, signed in, or always. Most members never changed it form the default. In removing it, I am going against user wishes, in theory. A fair number of users chose to show it to friends. But I think I want to contract user exposure, even against user wishes in a small way.

>4 MarthaJeanne:

Changed.

>10 timspalding: and >11 timspalding: I personally would strongly prefer that at least staff to have our emails on our profiles on LT (and if libraries want it, too, I see no real reason to deny them). I prefer folks contact me via email (rather than LT profile comments, for a host of reasons), so I want to make my email address easy to find. Yes, it's out there on our Contact pages and things like that, but I want it on my profile, too.

In the Privacy Center, it says my LT account is linked with Twitter and Facebook. But I deleted my Facebook account at the beginning of 2018. When I click through to edit the Sites/Apps info, I get this message: "There was a problem accessing your Facebook information. Click here to fix the issue." Clicking just takes me to a Facebook log-in page. Facebook is NOT listed in the "Also On" list on my profile because I removed it quite some time ago.

tl;dr The Privacy Center should not say that my LT account is linked to Facebook, even though it used to be. And there should be way within LT to remove all connections to Facebook, even invalid ones like mine.

>13 lorannen:

Surely you and the libraries can just put your email address in the "About Me" portion?

Honestly, it's tremendously discouraging to me that you want to be emailed rather than contacted via profile comment, both for the "eat your own dogfood" reason and because that requires disclosing my real name and contact information. Why doesn't just setting up your account so that you get email notifications of profile comments work for you?

>14 rosalita:

You have an interesting point.

When we link the account, we get the appropriate linking IDs. But we don't go back and refresh it, except that I guess we ping it when you are on the linking page, to see if it's working.

On the one hand, perhaps we should, to forestall this problem. On the other hand, I want LibraryThing interacting with your Facebook as little as possible. I don't honestly know what we get from their API, but I know we process or store NOTHING except the basics of name and contact keys. Time was, as we've learned with the Cambridge Analytics stories, that Facebook provided everything imaginable via the API—huge amounts of your info and that of your friends. I know we never used it, or stored it, but I don't like that it was ever provided to us.

Anyway, unless we did it CONSTANTLY, it would be potential out of date. So that can't be the answer.

And there should be way within LT to remove all connections to Facebook, even invalid ones like mine.

When I go to https://www.librarything.com/settings/sites for you I get "There was a problem accessing your Facebook information. Click here to fix the issue." Clearly that's not good enough. It assumes that if it's broken, you want to fix it. Your example shows it can be broken for another reason.

I think the solution here is:

1. To do what we do now, with not reaching out to FB unless called for.
2. Change the words to "Click to fix the issue (link) or to remove the link (link)."

How's that?

Facebook is NOT listed in the "Also On" list on my profile because I removed it quite some time ago.

This is separate, however. Far more users are linked to Facebook than announce it on their profile with that feature.

>10 timspalding: I'm going to kill it entirely. There are few organizations that clearly want it--libraries. But I see too many arguments here against it. If you want it, put it in the various text areas.

Well, I liked being able to have it visible to friends only. I won't put it in public areas, so "the various text areas" are insufficient.

>17 paradoxosalpha:

Hmm. That's true.

>15 lorax: That's a fair point, and at no time will I ever remove the ability for folks to contact me via LT profile comment, for many reasons, and I do have them sent to my email. That said, my biggest problems with profile comments over email are thus:

• Threading responses (or lack thereof). Members reply to old messages of mine, and I have no idea what they're referring to, because while conversations display things in order, they could be replying to any of many different messages (automated or no) they've received from me.
• One party to a conversation deleting a message deletes it for both. This was debated at great length when we redid profile comments a few years back, but that's what we landed on. That means if members I'm corresponding with delete, rather than archive, old messages from me or to me, I lose important context.

>19 lorannen:

One party to a conversation deleting a message deletes it for both.

Yeah, well, blame Tim for that one. I was adamantly against it. But it's the decision you as a company made, and it's the decision you as a company should live with, not find workarounds that don't exist for all of us and that introduce invasions of privacy for the rest of us.

>15 lorax: >19 lorannen: Another aspect for me is wanting LT info all together in LT, and not scattered through my email messages. I'm not good at filing old messages in my email account, so old messages there are really gone and I'd have a hard time finding them. Whereas if I want to find messages to and from an LT member, it is relatively easy as long as both of us thought it worth archiving.

>16 timspalding: I think the solution here is:
1. To do what we do now, with not reaching out to FB unless called for.
2. Change the words to "Click to fix the issue (link) or to remove the link (link)."

Yes, that seems sensible. The reason I linked Facebook originally was to post my reviews there, and I trusted that LT was not misusing the connection, as indeed you were not. Adding the link to just remove the connection altogether would satisfy my situation entirely.

This (the ALSO ON profile feature) is separate, however. Far more users are linked to Facebook than announce it on their profile with that feature.

I did not know that! Although it is logical, since the two are really for entirely different purposes: "Also On" being a way for people also on those other platforms to find you there, while the Facebook connection (for me) was to enable posting my LT reviews to my Facebook timeline/feed/whatever they're calling it these days.

Thanks for all of this, and the hours you are putting into this privacy issue. It's much appreciated.

>20 lorax: I wasn't a fan of it either, but it's what we've got, so it's what I work with. I don't understand what you're referring to by invasions of privacy, though? How is allowing the field (and making it default off) an invasion of privacy?

>21 MarthaJeanne: Understood. And that's fine—folks who message me via LT profile comment, I respond to via profile comment.

My preference for email is that: a preference and not a requirement. I want to make it easy for members who are inclined to email to do so.

>23 lorannen: The invasion of privacy comes if you make sending a message require giving out an email address. That has to do with prefering email to profile messages. You aren't requiring it in this case, but it's one of the tendencies that I see more and more of on the web.

One local company has been advertising how few complaints they get. Well, yes. Their personel say that complaints shouldn't be made at their counter, but rather online or by telephone. The online form requires a lot of personal data. The phone makes you wait for a long time listening to loud noise. (They may think it is music.) So nobody complains.

It seems reasonable to me that both email and profile comments be available, and used as useful and necessary to staff and users. I'm not sure what we're arguing about.

>23 lorannen:

The field is not the invasion of privacy. Asking users to communicate with you via email, thus giving you OUR email addresses, is.

Small suggestion: maybe make it much clearer on the page who can see various types of data? I'm thinking particularly of the addresses for ER. The limits on use are on the page when you go into edit, but seeing it on the page will all of my profile info, with no mention of who can see it and when, gave me a double-take, even though I know very well that y'all keep it private. Meanwhile, the LT local location says 'private' on the privacy page but there's nothing about who can see it when you go into edit.

It would be nice to have a concise, consistent statement of who can see the personal information for each type of personal information on that page.

>27 lorax:

Is asking, but not requiring, an invasion of privacy?

>29 timspalding:

Not as long as people who choose to communicate via profile comments get the same level of response and attention. It's a tricky thing to phrase personal preferences like this in a professional setting - users are predisposed from interactions elsewhere to view "We prefer to be contacted via XYZ" as "You'll get a faster response via XYZ." If that's not the case here, there's no problem, so long as it's always made clear that profile comments are also an acceptable method of communication.

The Residency option says you need to know if I'm a EU resident, to know if I'm subject to the GDPR. I'm not a EU resident, but I am a resident in the EEA, which I think will make me subject. Do I change the residency option?

>31 ErlendSkjelten:

Make my head stop hurting https://planit.legal/blog/en/the-applicability-of-the-gdpr-within-the-eea/

>31 ErlendSkjelten:

Yes, change it, I think.

Anyone got better wording. Basically, "I am subject to the GDPR" vs. "I am not subject to the GDPR."

"resident in the EU or in Iceland, Lichtenstein, or Norway" should do the trick. It's easy to extend/rephrase as the need arises in the future.

The word "Lichtenstein" shall not be in the UI. I do proclaim it.

Okay, here's the export data page:

https://www.librarything.com/topic/292380

>35 timspalding: Let it be Lightstone and translateable then :-)

>35 timspalding: it's Liechtenstein, actually :-)