Blockchain holds a great potential for both innovation and disruption. The adoption of blockchain also poses certain risks, and those risks will need to be addressed and mitigated before blockchain becomes mainstream. A lot of people have heard of blockchain at this point. But many are unfamiliar with how this new technology exactly works and unsure about under which circumstances or on what conditions it may be useful to libraries.
In this post, I will provide a brief overview of the merits and the issues of blockchain. I will also make some suggestions for compelling use cases of blockchain at the end of this post.
What Blockchain Accomplishes
Blockchain is the technology that underpins a well-known decentralized cryptocurrency, Bitcoin. To simply put, blockchain is a kind of distributed digital ledger on a peer-to-peer (P2P) network, in which records are confirmed and encrypted. Blockchain records and keeps data in the original state in a secure and tamper-proof manner[1] by its technical implementation alone, thereby obviating the need for a third-party authority to guarantee the authenticity of the data. Records in blockchain are stored in multiple ledgers in a distributed network instead of one central location. This prevents a single point of failure and secures records by protecting them from potential damage or loss. Blocks in each blockchain ledger are chained to one another by the mechanism called ‘proof of work.’ (For those familiar with a version control system such as Git, a blockchain ledger can be thought of as something similar to a P2P hosted git repository that allows sequential commits only.[2]) This makes records in a block immutable and irreversible, that is, tamper-proof.
In areas where the authenticity and security of records is of paramount importance, such as electronic health records, digital identity authentication/authorization, digital rights management, historic records that may be contested or challenged due to the vested interests of certain groups, and digital provenance to name a few, blockchain can lead to efficiency, convenience, and cost savings.
For example, with blockchain implemented in banking, one will be able to transfer funds across different countries without going through banks.[3] This can drastically lower the fees involved, and the transaction will take effect much more quickly, if not immediately. Similarly, adopted in real estate transactions, blockchain can make the process of buying and selling a property more straightforward and efficient, saving time and money.[4]
Disruptive Potential of Blockchain
The disruptive potential of blockchain lies in its aforementioned ability to render the role of a third-party authority obsolete, which records and validates transactions and guarantees their authenticity, should a dispute arise. In this respect, blockchain can serve as an alternative trust protocol that decentralizes traditional authorities. Since blockchain achieves this by public key cryptography, however, if one loses one’s own personal key to the blockchain ledger holding one’s financial or real estate asset, for example, then that will result in the permanent loss of such asset. With the third-party authority gone, there will be no institution to step in and remedy the situation.
Issues
This is only some of the issues with blockchain. Other issues include (a) interoperability between different blockchain systems, (b) scalability of blockchain at a global scale with large amount of data, (c) potential security issues such as the 51% attack[5], and (d) huge energy consumption[6] that a blockchain requires to add a block to a ledger. Note that the last issue of energy consumption has both environmental and economic ramifications because it can cancel out the cost savings gained from eliminating a third-party authority and related processes and fees.
Challenges for Wider Adoption
There are growing interests in blockchain among information professionals, but there are also some obstacles to those interests gaining momentum and moving further towards wider trial and adoption. One obstacle is the lack of general understanding about blockchain in a larger audience of information professionals. Due to its original association with bitcoin, many mistake blockchain for cryptocurrency. Another obstacle is technical. The use of blockchain requires setting up and running a node in a blockchain network, such as Ethereum[7], which may be daunting to those who are not tech-savvy. This makes a barrier to entry high to those who are not familiar with command line scripting and yet still want to try out and test how a blockchain functions.
The last and most important obstacle is the lack of compelling use cases for libraries, archives, and museums. To many, blockchain is an interesting new technology. But even many blockchain enthusiasts are skeptical of its practical benefits at this point when all associated costs are considered. Of course, this is not an insurmountable obstacle. The more people get familiar with blockchain, the more ways people will discover to use blockchain in the information profession that are uniquely beneficial for specific purposes.
Suggestions for Compelling Use Cases of Blockchain
In order to determine what may make a compelling use case of blockchain, the information profession would benefit from considering the following.
(a) What kind of data/records (or the series thereof) must be stored and preserved exactly the way they were created.
(b) What kind of information is at great risk to be altered and compromised by changing circumstances.
(c) What type of interactions may need to take place between such data/records and their users.[8]
(d) How much would be a reasonable cost for implementation.
[3] The World Food Programme, the food-assistance branch of the United Nations, is using blockchain to increase their humanitarian aid to refugees. Blockchain may possibly be used for not only financial transactions but also the identity verification for refugees. Russ Juskalian, “Inside the Jordan Refugee Camp That Runs on Blockchain,” MIT Technology Review, April 12, 2018, https://www.technologyreview.com/s/610806/inside-the-jordan-refugee-camp-that-runs-on-blockchain/.
A few members of Tech Connect attended the recent Code4Lib 2018 conference in Washington, DC. If you missed it, the full livestream of the conference is on the Code4Lib YouTube channel. We wanted to highlight some of our favorite talks and tie them into the work we’re doing.
Also, it’s worth pointing to the Code4Lib community’s Statement in Support of opening keynote speaker Chris Bourg. Chris offered some hard truths in her speech that angry men on the internet, predictably, were unhappy about, but it’s a great model that the conference organizers and attendees promptly stood in support.
Ashley:
One of my favorite talks at Code4lib this year was Amy Wickner’s talk, “Web Archiving and You / Web Archiving and Us.” (Video, slides) I felt this talk really captured some of the essence of what I love most about Code4lib, this being my 4th conference in the past 5 years. (And I believe this was Amy’s first!). This talk was about a technical topic relevant to collecting libraries and handled in a way that acknowledges and prioritizes the essential personal component of any technical endeavor. This is what I found so wonderful about Amy’s talk and this is what I find so refreshing about Code4lib as an inherently technical conference with intentionality behind the human aspects of it.
Web archiving seems to be something of interest but seemingly overwhelming to begin to tackle. I mean, the internet is just so big. Amy brought forth a sort of proposal for ways in which a person or institution can begin thinking about how to start a web archiving project, focusing first on the significance of appraisal. Wickner, citing Terry Cook, spoke of the “care and feeding of archives” and thinking about appraisal as storytelling. I think this is a great way to make a big internet seem smaller, understanding the importance of care in appraisal while acknowledging that for web archiving, it is an essential practice. Representation in web archives is more likely to be chosen in the appraisal of web materials than in other formats historically.
This statement resonated with me: “Much of the power that archivists wield are in how we describe or create metadata that tells a story of a collection and its subjects.”
And also: For web archives, “the narrative of how they are built is closely tied to the stories they tell and how they represent the world.”
Wickner went on to discuss how web archives are and will be used, and who they will be used by, giving some examples but emphasizing there are many more, noting that we must learn to “critically read as much as learn to critically build” web archives, while acknowledging web archives exist both within and outside of institutions. And that for personal archiving, it can be as simple as replacing links in documents with perma.cc, Wayback Machine links, or WebRecorder links.
Another topic I enjoyed in this talk was the celebration of precarious web content through community storytelling on Twitter with the hashtags #VinesWithoutVines and #GifHistory, two brief but joyous moments.
Bohyun:
The part of this year’s Code4Lib conference that I found most interesting was the talks and the discussion at a breakout session related to machine learning and deep learning. Machine learning is a subfield of artificial intelligence and deep learning is a kind of machine learning that utilizes hidden layers between the input layer and the output layer in order to refine and produce the algorithm that best represents the result in the output. Once such algorithm is produced from the data in the training set, it can be applied to a new set of data to predict results. Deep learning has been making waves in many fields such as Go playing, autonomous driving, and radiology to name a few. There were a few different talks on this topic ranging from reference chat sentiment analysis to feature detection (such as railroads) in the map data using the convolutional neural network model.
“Deep Learning for Libraries” presented by Lauren Di Monte and Nilesh Patil from University of Rochester was the most practical one among those talks as it started with a specific problem to solve and resulted in action that will address the problem. In their talk, Di Monte and Patil showed how they applied deep learning techniques to solve a problem in their library’s space assessment. The problem that they wanted to solve is to find out how many people visit the library to use the library’s space and services and how many people are simply passing through to get to another building or to the campus bus stop that is adjacent to the library. This made it difficult for the library to decide on the appropriate staffing level or the hours that best serve the users’ needs. It also prevented the library from showing the library’s reach and impact based upon the data and advocate for needed resources or budget to the decision-makers on the campus. The goal of their project was to develop automated and scalable methods for conducting space assessment and reporting tools that support decision-making for operations, service design, and service delivery.
For this project, they chose an area bounded by four smart control access gates on the first floor. They obtained the log files (with the data at the sensor level minute by minute) from the eight bi-directional sensors on those gates. They analyzed the data in order to create a recurrent neural network model. They trained the algorithm using this model, so that they can predict the future incoming and the outgoing traffic in that area and visually present those findings as a data dashboard application. For data preparation, processing, and modeling, they used Python. The tools used included Seaborn, Matplotlib, Pandas, NumPy, SciPy, TensorFlow, and Keras. They picked the recurrent neural network with stochastic gradient descent optimization, which is less complex than the time series model. For data visualization, they used Tableau. The project code is available at the library’s GitHub repo: https://github.com/URRCL/predicting_visitors.
Their project result led to the library to install six more gates in order to get a better overview of the library space usage. As a side benefit, the library was also able to pinpoint the times when the gates malfunctioned and communicate the issue with the gate vendor. Di Monte and Patil plan to hand over this project to the library’s assessment team for ongoing monitoring and to look for ways to map the library’s traffic flow across multiple buildings as the next step.
Overall, there were a lot of interests in machine learning, deep learning, and artificial intelligence at the Code4Lib conference this year. The breakout session I led at the conference on these topics produced a lively discussion on a variety of tools, current and future projects for many different libraries, as well as the impact of rapidly developing AI technologies on society. This breakout session also generated #ai-dl-ml channel in the Code4Lib Slack Space. The growing interests in these areas are also shown in the newly formed Machine and Deep Learning Research Interest Group of the Library and Information Technology Association. I hope to see more talks and discussion on these topics in the future Code4Lib and other library technology conferences.
Eric:
One of the talks which struck me the most this year was Matthew Reidsma’s Auditing Algorithms. He used examples of search suggestions in the Summon discovery layer to show biased and inaccurate results:
In 2015 my colleague Jeffrey Daniels showed me the Summon search results for his go-to search: “Stress in the workplace.” Jeff likes this search because ‘stress’ is a common engineering term as well as one common to psychology and the social sciences. The search demonstrates how well a system handles word proximities, and in this regard, Summon did well. There are no apparent results for evaluating bridge design. But Summon’s Topic Explorer, the right-hand sidebar that provides contextual information about the topic you are searching for, had an issue. It suggested that Jeff’s search for “stress in the workplace” was really a search about women in the workforce. Implying that stress at work was caused, perhaps, by women.
This sort of work is not, for me, novel or groundbreaking. Rather, it was so important to hear because of its relation to similar issues I’ve been reading about since library school. From the bias present in Library of Congress subject headings where “Homosexuality” used to be filed under “Sexual deviance”, to Safiya Noble’s work on the algorithmic bias of major search engines like Google where her queries for the term “black girls” yielded pornographic results; our systems are not neutral but reify the existing power relations of our society. They reflect the dominant, oppressive forces that constructed them. I contrast LC subject headings and Google search suggestions intentionally; this problem is as old as the organization of information itself. Whether we use hierarchical, browsable classifications developed by experts or estimated proximities generated by an AI with massive amounts of user data at its disposal, there will be oppressive misrepresentations if we don’t work to prevent them.
Reidsma’s work engaged with algorithmic bias in a way that I found relatable since I manage a discovery layer. The talk made me want to immediately implement his recording script in our instance so I can start looking for and reporting problematic results. It also touched on some of what despairs me in library work lately—our reliance on vendors and their proprietary black boxes. We’ve had a number of issues lately related to full-text linking that are confusing for end users and make me feel powerless. I submit support ticket after support ticket only to be told there’s no timeline for the fix.
On a happier note, there were many other talks at Code4Lib that I enjoyed and admired: Chris Bourg gave a rousing opening keynote featuring a rallying cry against mansplaining; Andreas Orphanides, who keynoted last year’s conference, gave yet another great talk on design and systems theory full of illuminating examples; Jason Thomale’s introduction to Pycallnumber wowed me and gave me a new tool I immediately planned to use; Becky Yoose navigated the tricky balance between using data to improve services and upholding our duty to protect patron privacy. I fear I’ve not mentioned many more excellent talks but I don’t want to ramble any further. Suffice to say, I always find Code4Lib worthwhile and this year was no exception.
“Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums,” panel discussion program held at the University of Rhode Island Libraries on Thursday November 30, 2017.
Getting Minorities on Board
I recently moderated a panel discussion program titled “Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums.”1 Participating in organizing this program was interesting experience. During the whole time, I experienced my perspective constantly shifting back and forth as (i) someone who is a woman of color in the US who experiences and deals with small and large daily acts of discrimination, (ii) an organizer/moderator trying to get as many people as possible to attend and participate, and (iii) a mid-career librarian who is trying to contribute to the group efforts to find a way to move the diversity agenda forward in a positive and inclusive way in my own institution.
In the past, I have participated in multiple diversity-themed programs either as a member of the organizing committee or as an attendee and have been excited to see colleagues organize and run such programs. But when asked to write or speak about diversity myself, I always hesitated and declined. This puzzled me for a long time because I couldn’t quite pinpoint where my own resistance was coming from. I am writing about this now because I think it may shed some light on why it is often difficult to get minorities on board with diversity-related efforts.
A common issue that many organizers experience is that often these diversity programs draw many allies who are already interested in working on the issue of diversity, equity, and inclusion but not necessarily a lot of those who the organizers consider to be the target audience, namely, minorities. What may be the reason? Perhaps I can find a clue for the answer to this question from my own resistance regarding speaking or writing about diversity, preferring rather to be in the audience with a certain distance or as an organizer helping with logistics behind the scene.
To be honest, I always harbored a level of suspicion about how much of the sudden interests in diversity is real and how much of it is simply about being on the next hot trend. Trends come and go, but issues lived through many lives of those who belong to various systematically disadvantaged and marginalized groups are not trends. Although I have been always enthusiastic about participating in diversity-focused programs as attendees and was happy to see diversity, equity, and inclusion discussed in articles and talks, I wasn’t ready to sell out my lived experience as part of a hot trend, a potential fad.
To be clear, I am not saying that any of the diversity-related programs or events were asking speakers or authors to be a sell-out. I am only describing how things felt to me and where my own resistance was originating. I have been and am happy to see diversity discussed even as a one-time fad. Better a fad than no discussion at all.
One may argue that that diversity has been actively discussed for quite some time now. A few years, maybe several, or even more. Some of the prominent efforts to increase diversity in librarianship I know, for example, go as far back as 2007 when Oregon State University Libraries sponsored two scholarships to the Code4Lib conference, one for women and the other for minorities, which have continued from then on as the Code4Lib Diversity Scholarship.2 But if one has lived the entire life as a member of a systematically disadvantaged group either as a woman, a person of color, a person of certain sexual orientation, a person of a certain faith, a person with a certain disability, etc., one knows better than expecting some sudden interests in diversity to change the world we live in and most of the people overnight.
I admit I have been watching the diversity discussion gaining more and more traction in librarianship with growing excitement and concern at the same time. For I felt that all of what is being achieved through so many people’s efforts may get wiped out at any moment. The more momentum it accrues, I worried, the more serious backlash it may come to face. For example, it was openly stated that seeking racial/ethnic diversity is superficial and for appearance’s sake and that those who appear to belong to “Team Diversity” do not work as hard as those in “Team Mainstream.” People make this type of statements in order to create and strengthen a negative association between multiple dimensions of diversity that are all non-normative (such as race/ethnicity, religion, sexual orientation, immigration status, disability) and unfavorable value judgements (such as inferior intellectual capacity or poor work ethic).3 According to this kind of flawed reasoning, a tech company whose entire staff consists of twenty-something white male programmers with a college degree, may well have achieved a high level of diversity because the staff might have potentially (no matter how unlikely) substantial intellectual and personal differences in their thinking, background, and experience, and therefore their clear homogeneity is no real problem. That’s just a matter of trivial “appearance.” The motivation behind this kind of intentional misdirection is to derail current efforts towards expanding diversity, equity, and inclusion by taking people’s attention away from the real issue of systematic marginalization in our society. Of course, the ultimate goal of all diversity efforts should be not the mere inclusion of minorities but enabling them to have agency as equal as the agency those privileged already possess. But objections are being raised against mere inclusion. Anti-diversity sentiment is real, and people will try to rationalize it in any way they can.
Then of course, the other source of my inner resistance to speaking or writing about diversity has been the simple fact that thinking about diversity, equity, and inclusion does not take me to a happy place. It reminds me of many bad experiences accumulated over time that I would rather not revisit. This is why I admire those who have spoken and written about their lived experience as a member of a systematically discriminated and marginalized group. Their contribution is a remarkably selfless one.
I don’t have a clear answer to how this reflection on my own resistance against actively speaking or writing about diversity will help future organizers. But clearly, being asked to join many times had an effect since I finally did accept the invitation to moderate a panel and wrote this article. So, if you are serious about getting more minorities – whether in different religions, genders, disabilities, races, etc. – to speak or write on the issue, then invite them and be ready to do it over and over again even if they decline. Don’t expect that they will trust you at the first invitation. Understand that by accepting such an invitation, minorities do risk far more than non-minorities will ever do. The survey I ran for the registrants of the “Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums” panel discussion program showed several respondents expressing their concern about the backlash at their workplaces that did or may result from participating in diversity efforts as a serious deterrent.4 If we would like to see more minorities participate in diversity efforts, we must create a safe space for everyone and take steps to deal with potential backlash that may ensue afterwards.5
A Gentle Intro or a Deep Dive?
Another issue that many organizers of diversity-focused events, programs, and initiatives struggle with is two conflicting expectations from their audience. On one hand, there are those who are familiar with diversity, equity, and inclusion issues and want to see how institutions and individuals are going to take their initial efforts to the next level. These people often come from organizations that already implemented certain pro-diversity measures such as search advocates for the hiring process.6 and educational programs that familiarize the staff with the topic of diversity, equity, and inclusion.7 On the other hand, there are still many who are not quite sure what diversity, equity, and inclusion exactly mean in a workplace or in their lives. Those people would continue to benefit from a gentle introduction to things such as privilege, microaggression, and unconscious biases.
The feedback surveys collected after the “Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums” panel discussion program showed these two different expectations. Some people responded that they deeply appreciated the personal stories shared by the panelists, noting that they did not realize how often minorities are marginalized even in one day’s time. Others, however, said they would be like to hear more about actionable items and strategies that can be implemented to further advance the values of diversity, equity, and inclusion that go beyond personal stories. Balancing these two different demands is a hard act for organizers. However, this is a testament to our collective achievement that more and more people are aware of the importance of continuing efforts to improve diversity, equity, and inclusion in libraries, archives, and museums.
I do think that we need to continue to provide a general introduction to diversity-related issues, exposing people to everyday experience of marginalized groups such as micro-invalidation, impostor syndrome, and basic concepts like white privilege, systematic oppression, colonialism, and intersectionality. One of the comments we received via the feedback survey after our diversity panel discussion program was that the program was most relevant in that it made “having colleagues attend with me to hear what I myself have never told them” possible. General programs and events can be an excellent gateway to more open and less guarded discussion.
At the same time, it seems to be high time for us in libraries, museums, and archives to take a deep dive into different realms of diversity, equity, and inclusion as well. Diversity comes in many dimensions such as age, disability, religion, sexual orientation, race/ethnicity, and socioeconomic status. Many of us feel more strongly about one issue than others. We should create opportunities for ourselves to advocate for specific diversity issues that we care most.
The only thing I would emphasize is that one specific dimension of diversity should not be used as an excuse to neglect others. Exploring socioeconomic inequality issues without addressing how they work combined with the systematic oppression of marginalized groups such as Native Americans, women, or immigrants at the same time can be an example of such a case. All dimensions of diversity are closely knitted with one another, and they do not exist independently. For this reason, a deep dive into different realms of diversity, equity, and inclusion must be accompanied by the strong awareness of their intersectionality.8
Recommendations and Resources for Future Organizers
Organizing a diversity-focused program takes a lot of effort. While planning the “Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums” panel discussion program at the University of Rhode Island Libraries, I worked closely with my library dean, Karim Boughida, who originally came up with the idea of having a panel discussion program at the University of Rhode Island Libraries, and Renee Neely in the libraries’ diversity initiatives for approximately two months. For panelists, we decided to recruit as many minorities from diverse institutions and backgrounds. We were fortunate to find panelists from a museum, an archive, both a public and an academic library with varying degrees of experience in the field from only a few years to over twenty-five years, ranging from a relatively new archivist to an experienced museum and a library director. Our panel consisted of one-hundred percent people of color. The thoughts and perspectives that those panelists shared were, as a result, remarkably diverse and insightful. For this reason, I recommend spending some time to get the right speakers for your program if your program will have speakers.
Discussion at the “Building Bridges in a Divisive Climate: Diversity in Libraries, Archives, and Museums,” at the University of Rhode Island Libraries.
Another thing I would like to share is the questions that I created for the panel discussion. Even though we had a whole hour, I was able to cover only several of them. But since I discussed all these questions in advance with the panelists and they helped me put a final touch on some of those, I think these questions can be useful to future organizers who may want to run a similar program. They can be utilized for a panel discussion, an unconference, or other types of programs. I hope this is helpful and save time for other organizers.
Sample Questions for the Diversity Panel Discussion
Why should libraries, archives, museums pay attention to the issues related to diversity, equity, and inclusion?
In what ways do you think the lack of diversity in our profession affects the perception of libraries, museums, and archives in the communities we serve?
Do you have any personal or work-related stories that you would like to share that relate to diversity, equity, and inclusion issues?
How did you get interested in diversity, equity, and inclusion issues?
Suppose you discovered that your library’s, archive’s or museum’s collection includes prejudiced information, controversial objects/ documents, or hate-inducing material. What would you do?
Suppose a group of your library / archive / museum patrons want to use your space to hold a local gathering that involves hate speech. What would you do? What would you be mostly concerned about, and what would the things that you would consider to make a decision on how you will respond?
Do you think libraries, archives, and museums are a neutral place? What do you think neutrality means to a library, an archive, a museum in practice in a divisive climate such as now?
What are some of the areas in libraries, museums, and archives where you see privileges and marginalization function as a barrier to achieving our professional values – equal access and critical thinking? What can we do to remove those barriers?
Could you tell us how colonialist thinking and practice are affecting libraries, museums, and archives either consciously or unconsciously? Since not everyone is familiar with what colonialism is, please begin with first your brief interpretation of what colonialist thinking or practice look like in libraries, museums, and archives first?
What do you think libraries, archives, and museums can do more to improve critical thinking in the community that we serve?
Although libraries, archives, museums have been making efforts to recruit, hire, and retain diverse personnel in recent years, the success rate has been relatively low. For example, in librarianship, it has been reported that often those hired through these efforts experienced backlash at their own institutions, were subject to unrealistic expectations, and met with unsupportive environment, which led to burnout and a low retention rate of talented people. From your perspective – either as a manager hiring people or a relatively new librarian who looked for jobs – what do you think can be done to improve this type of unfortunate situation?
Many in our profession express their hesitation to actively participate in diversity, equity, and inclusion-related discussion and initiatives at their institutions because of the backlash from their own coworkers. What do you think we can do to minimize such backlash?
Some people in our profession express strong negative feelings regarding diversity, equity, and inclusion-related initiatives. How much of this type of anti-diversity sentiment do you think exist in your field? Some worry that this is even growing faster in the current divisive and intolerant climate. What do you think we can do to counter such anti-diversity sentiment?
There are many who are resistant to the values of diversity, equity, and inclusion. Have you taken any action to promote and advance these values facing such resistance? If so, what was your experience like, and what would be some of the strategies you may recommend to others working with those people?
Many people in our profession want to take our diversity, equity, and inclusion initiatives to the next level, beyond offering mere lip service or simply playing a numbers game for statistics purpose. What do you think that next level may be?
Lastly, I felt strongly about ensuring that the terms and concepts often thrown out in diversity/equity/inclusion-related programs and events – such as intersectionality, white privilege, microaggression, patriarchy, colonialism, and so on – are not used to unintentionally alienate those who are unfamiliar with them. These concepts are useful and convenient shortcuts that allow us to communicate a large set of ideas previously discussed and digested, so that we can move our discussion forward more efficiently. They should not make people feel uncomfortable nor generate any hint of superiority or inferiority.
To this end, I create a pre-program survey which all program registrants were encouraged to take. My survey simply asked people how familiar and how comfortable they are with a variety of terms. At the panel discussion program, we also distributed the glossary of these terms, so that people can all become familiar with them.9 Also, videos can quickly bring all attendees up-to-speed with some basic concepts and phenomena in diversity discussion. For example, in the beginning of our panel discussion program, I played two short videos, “Life of Privilege Explained in a $100 Race” and “What If We Treated White Coworkers The Way We Treat Minority Coworkers?”, which were well received by the attendees.
I am sharing the survey questions, the video links, and the glossary in the hope that they may be helpful as a useful tool for future organizers. For example, one may decide to provide a glossary like this before the program or run an unconference that aims at unpacking the meanings of these terms and discussing how they relate to people’s daily lives.10
In Closing: Diversity, Libraries, Technology, and Our Own Biases
Disagreements on social issues are natural. But the divisiveness that we are currently experiencing seems to be particularly intense. This deeply concerns us, educators and professionals working in libraries, archives, and museums. Libraries, archives, and museums are public institutions dedicated to promoting and advancing civic values. Diversity, equity, and inclusion are part of those core civic values that move our society forward. This task, however, has become increasingly challenging as our society moves in a more and more divisive direction.
To make matters even more complicated, libraries, archives, museums in general lack diversity in their staff composition. This homogeneity can impede achieving our own mission. According to the recent report from Ithaka S+R released this August, we do not appear to have gotten very far. Their report “Inclusion, Diversity, and Equity: Members of the Association of Research (ARL) Libraries – Employee Demographics and Director Perspectives,” shows that libraries and library leadership/administration are both markedly white-dominant (71% and 89% white non-Hispanic respectively).11 Also, while librarianship in general are female dominant (61%), the technology field in libraries is starkly male (70%) along with Makerspace (65%), facilities (64%), and security (73%) positions.12 The survey results in the report show that while the majority of library directors say there are barriers to achieving more diversity in their library, they attribute those barriers to external rather than internal factors such as the library’s geographic location and the insufficiently diverse application pool resulting from the library’s location. What is fascinating, however, is that this directly conflicts with the fact that libraries do show little variation in the ratio of white staff based on degree of urbanization. Equally interesting is that the staff in more homogeneous and less diverse (over 71% White Non-Hispanic) libraries think that their libraries are much more equitable than the library community (57% vs 14%) and that library directors (and staff) consider their own library to be more equitable, diverse, and inclusive than the library community with respect to almost every category such as race/ethnicity, gender, LGBTQ, disabilities, veterans, and religion.
While these findings in the Ithaka S+R report are based upon the survey results from ARL libraries, similar staff composition and attitudes can be assumed to apply to libraries in general. There is a great need for both the library administration and the staff to understand their own unconscious and implicit biases, workplace norms, and organizational culture that may well be thwarting their own diversity efforts.
Diversity, equity, and inclusion have certainly been a topic of active discussion in the recent years. Many libraries have established a committee or a task force dedicated to improving diversity. But how are those efforts paying out? Are they going beyond simply paying a lip service? Is it making a real difference to everyday experience of minority library workers?13 Can we improve, and if so where and how? Where do we go from here? Those would be the questions that we will need to examine in order to take our diversity efforts in libraries, archives, and museums to the next level.
Carol Bean, Ranti Junus, and Deborah Mouw, “Conference Report: Code4LibCon 2008,” The Code4Lib Journal, no. 2 (March 24, 2008), http://journal.code4lib.org/articles/72. ↩
Note that this kind of biased assertions often masquerades itself as an objective intellectual pursuit in academia when in reality, it is a direct manifestation of an existing prejudice reflecting the limited and shallow experience of the person posting the question him/herself. A good example of this is found in the remark in 2005 made by Larry Summers, the former Harvard President. He suggested that one reason for relatively few women in top positions in science may be “issues of intrinsic aptitude” rather than widespread indisputable everyday discrimination against women. He resigned after the Harvard faculty of arts and sciences cast a vote of no confidence. See Scott Jaschik, “What Larry Summers Said,” Inside Higher Ed, February 18, 2005, https://www.insidehighered.com/news/2005/02/18/summers2_18. ↩
For this purpose, asking all participants to respect one another’s privacy in advance can be a good policy. In addition to this, we specifically decided not to stream or record our panel discussion program, so that both panelists and attendees can freely share their experience and thoughts. ↩
For the limitations of the mainstream diversity discussion in LIS (library and information science) with the focus on inclusion and cultural competency, see David James Hudson, “On ‘Diversity’ as Anti-Racism in Library and Information Studies: A Critique,” Journal of Critical Library and Information Studies 1, no. 1 (January 31, 2017), https://doi.org/https://doi.org/10.24242/jclis.v1i1.6. ↩
For the nitty-gritty logistical details for organizing a large event with a group of local and remote volunteers, check the Organizer’s Toolkit created by the 2017 #critlib Unconference organizers at https://critlib2017.wordpress.com/organizers-toolkit/. ↩
Many libraries today provide 3D printing service. But not all of them can afford to do so for free. While free 3D printing may be ideal, it can jeopardize the sustainability of the service over time. Nevertheless, many libraries tend to worry about charging service fees.
In this post, I will outline how I determined the pricing schema for our library’s new 3D Printing service in the hope that more libraries will consider offering 3D printing service if having to charge the fee is a factor stopping them. But let me begin with libraries’ general aversion to fees.
A 3D printer in action at the Health Sciences and Human Services Library (HS/HSL), Univ. of Maryland, Baltimore
Service Fees Are Not Your Enemy
Charging fees for the library’s service is not something librarians should regard as a taboo. We live in the times in which a library is being asked to create and provide more and more new and innovative services to help users successfully navigate the fast-changing information landscape. A makerspace and 3D printing are certainly one of those new and innovative services. But at many libraries, the operating budget is shrinking rather than increasing. So, the most obvious choice in this situation is to aim for cost-recovery.
It is to be remembered that even when a library aims for cost-recovery, it will be only partial cost-recovery because there is a lot of staff time and expertise that is spent on planning and operating such new services. Libraries should not be afraid to introduce new services requiring service fees because users will still benefit from those services often much more greatly than a commercial equivalent (if any). Think of service fees as your friend. Without them, you won’t be able to introduce and continue to provide a service that your users need. It is a business cost to be expected, and libraries will not make profit out of it (even if they try).
Still bothered? Almost every library charges for regular (paper) printing. Should a library rather not provide printing service because it cannot be offered for free? Library users certainly wouldn’t want that.
Determining Your Service Fees
What do you need in order to create a pricing scheme for your library’s 3D printing service?
(a) First, you need to list all cost-incurring factors. Those include (i) the equipment cost and wear and tear, (ii) electricity, (iii) staff time & expertise for support and maintenance, and (iv) any consumables such as 3d print filament, painter’s tape. Remember that your new 3D printer will not last forever and will need to be replaced by a new one in 3-5 years.
Also, some of these cost-incurring factors such as staff time and expertise for support is fixed per 3D print job. On the other hand, another cost-incurring factor, 3D print filament, for example, is a cost factor that increases in proportion to the size/density of a 3d model that is printed. That is, the larger and denser a 3d print model is, the more filament will be used incurring more cost.
(b) Second, make sure that your pricing scheme is readily understood by users. Does it quickly give users a rough idea of the cost before their 3D print job begins? An obscure pricing scheme can confuse users and may deter them from trying out a new service. That would be bad user experience.
Also in 3D printing, consider if you will also charge for a failed print. Perhaps you do. Perhaps you don’t. Maybe you want to charge a fee that is lower than a successful print. Whichever one you decide on, have that covered since failed prints will certainly happen.
(c) Lastly, the pricing scheme should be easily handled by the library staff. The more library staff will be involved in the entire process of a library patron using the 3D printing service from the beginning to the end, the more important this becomes. If the pricing scheme is difficult for the staff to work with when they need charge for and process each 3D print job, the new 3D printing service will increase their workload significantly.
Which staff will be responsible for which step of the new service? What would be the exact tasks that the staff will need to do? For example, it may be that several staff at the circulation desk need to learn and handle new tasks involving the 3D printing service, such as labeling and putting away completed 3D models, processing the payment transaction, delivering the model, and marking the job status for the paid 3D print job as ‘completed’ in the 3D Printing Staff Admin Portal if there is such a system in place. Below is the screenshot of the HS/HSL 3D Printing Staff Admin Portal developed in-house by the library IT team.
The HS/HSL 3D Printing Staff Admin Portal, University of Maryland, Baltimore
Examples – 3D Printing Service Fees
It’s always helpful to see how other libraries are doing when you need to determine your own pricing scheme. Here are some examples that shows ten libraries’ 3D printing pricing scheme changed over the recent three years.
2014 – $0.20 per gram of the finished print; 2017 – ?
UCLA Library, Dalhousie University Library (2014)
Free
Types of 3D Printing Service Fees
From the examples above, you will notice that many 3d printing service fee schemes are based upon the weight of a 3D-print model. This is because these libraries are trying recover the cost of the 3d filament, and the amount of filament used is most accurately reflected in the weight of the resulting 3D-printed model.
However, there are a few problems with the weight-based 3D printing pricing scheme. First, it is not readily calculable by a user before the print job, because to do so, the user will have to weigh a model that s/he won’t have until it is 3D-printed. Also, once 3D-printed, the staff will have to weigh each model and calculate the cost. This is time-consuming and not very efficient.
For this reason, my library considered an alternative pricing scheme based on the size of a 3D model. The idea was that we will have roughly three different sizes of an empty box – small, medium, and large – with three different prices assigned. Whichever box into which a user’s 3d printed object fits will determine how much the user will pay for her/his 3D-printed model. This seemed like a great idea because it is easy to determine how much a model will cost to 3d-print to both users and the library staff in comparison to the weight-based pricing scheme.
Unfortunately, this size-based pricing scheme has a few significant flaws. A smaller model may use more filament than a larger model if it is denser (meaning the higher infill ratio). Second, depending on the shape of a model, a model that fits in a large box may use much less filament than the one that fits in a small box. Think about a large tree model with think branches. Then compare that with a 100% filled compact baseball model that fits into a smaller box than the tree model does. Thirdly, the resolution that determines a layer height may change the amount of filament used even if what is 3D-printed is a same model.
Different infill ratios – Image from https://www.packtpub.com/sites/default/files/Article-Images/9888OS_02_22.png
Charging Based upon the 3D Printing Time
So we couldn’t go with the size-based pricing scheme. But we did not like the problems of the weight-based pricing scheme, either. As an alternative, we decided to go with the time-based pricing scheme because printing time is proportionate to how much filament is used, but it does not require that the staff weigh the model each time. A 3D-printing software gives an estimate of the printing time, and most 3D printers also display actual printing time for each model printed.
First, we wanted to confirm the hypothesis that 3D printing time and the weight of the resulting model are proportionate to each other. I tested this by translating the weight-based cost to the time-based cost based upon the estimated printing time and the estimated weight of several cube models. Here is the result I got using the Makerbot Replicator 2X.
9.10 gm/36 min= 0.25 gm per min.
17.48 gm/67 min= 0.26 gm per min.
30.80 gm/117 min= 0.26 gm per min.
50.75 gm/186 min=0.27 gm per min.
87.53 gm/316 min= 0.28 gm per min.
194.18 gm/674 min= 0.29 gm per min.
There is some variance, but the hypothesis holds up. Based upon this, now let’s calculate the 3d printing cost by time.
3D plastic filament is $48 for ABS/PLA and $65 for the dissolvable per 0.90 kg (=2.00 lb) from Makerbot. That means that filament cost is $0.05 per gram for ABS/PLA and $0.07 per gram for the dissolvable. So, 3D filament cost is 6 cents per gram on average.
Finalizing the Service Fee for 3D Printing
For an hour of 3D printing time, the amount of filament used would be 15.6 gm (=0.26 x 60 min). This gives us the filament cost of 94 cents per hour of 3D printing (=15.6 gm x 6 cents). So, for the cost-recovery of filament only, I get roughly $1 per hour of 3D printing time.
Earlier, I mentioned that filament is only one of the cost-incurring factors for the 3D printing service. It’s time to bring in those other factors, such as hardware wear/tear, staff time, electricity, maintenance, etc., plus “no-charge-for-failed-print-policy,” which was adopted at our library. Those other factors will add an additional amount per 3D print job. And at my library, this came out to be about $2. (I will not go into details about how these have been determined because those will differ at each library.) So, the final service fee for our new 3D printing service was set to be $3 up to 1 hour of 3D printing + $1 per additional hour of 3D printing. The $3 is broken down to $1 per hour of 3D printing that accounts for the filament cost and $2 fixed cost for every 3D print job.
To help our users to quickly get an idea of how much their 3D print job will cost, we have added a feature to the HS/HSL 3D Print Job Submission Form online. This feature automatically calculates and displays the final cost based upon the printing time estimate that a user enters.
The HS/HSL 3D Print Job Submission form, University of Maryland, Baltimore
Don’t Be Afraid of Service Fees
I would like to emphasize that libraries should not be afraid to set service fees for new services. As long as they are easy to understand and the staff can explain the reasons behind those service fees, they should not be a deterrent to a library trying to introduce and provide a new innovative service.
There is a clear benefit in running through all cost-incurring factors and communicating how the final pricing scheme was determined (including the verification of the hypothesis that 3D printing time and the weight of the resulting model are proportionate to each other) to all library staff who will be involved in the new 3D printing service. If any library user inquire about or challenges the service fee, the staff will be able to provide a reasonable explanation on the spot.
I implemented this pricing scheme at the same time as the launch of my library’s makerspace (the HS/HSL Innovation Space at the University of Maryland, Baltimore – http://www.hshsl.umaryland.edu/services/ispace/) back in April 2015. We have been providing 3D printing service and charging for it for more than two years. I am happy to report that during that entire duration, we have not received any complaint about the service fee. No library user expected our new 3D printing service to be free, and all comments that we received regarding the service fee were positive. Many expressed a surprise at how cheap our 3D printing service is and thanked us for it.
To summarize, libraries should be willing to explore and offer new innovating services even when they require charging service fees. And if you do so, make sure that the resulting pricing scheme for the new service is (a) sustainable and accountable, (b) readily graspable by users, and (c) easily handled by the library staff who will handle the payment transaction. Good luck and happy 3D printing at your library!
An example model with the 3D printing cost and the filament info displayed at the HS/HSL, University of Maryland, Baltimore
This year’s election result has presented a huge challenge to all of us who work in higher education and libraries. Usually, libraries, universities, and colleges do not comment on presidential election result and we refrain from talking about politics at work. But these are not usual times that we are living in.
Libraries and educational institutions exist because we value knowledge and science. Knowledge and science do not discriminate. They grow across all different races, ethnicities, religions, nationalities, sexual identities, and disabilities. Libraries and educational institutions exist to enable and empower people to freely explore, investigate, and harness different ideas and thoughts. They support, serve, and belong to ‘all’ who seek knowledge. No matter how naive it may sound, they are essential to the betterment of human lives, and they do so by creating strength from all our differences, not likeness. This is why diversity, equity, inclusion are non-negotiable and irrevocable values in libraries and educational institutions.
How do we reconcile these values with the president-elect who openly dismissed and expressed hostility towards them? His campaign made remarks and promises that can be interpreted as nothing but the most blatant expressions of racism, sexism, intolerance, bigotry, harassment, and violence. What will we do to address the concerns of our students, staff, and faculty about their physical safety on campus due to their differences in race, ethnicity, religion, nationality, gender, and sexual identity? How do we assure them that we will continue to uphold these values and support everyone regardless of what they look like, how they identify their gender, what their faiths are, what disabilities they may have, who they love, where they come from, what languages they speak, or where they live? How?
If you think that your organization is already very much pro-diversity that there is no need to confirm or reaffirm diversity, you can’t be farther from the everyday life minorities experience. Sometimes, saying isn’t much. But right now, saying it out loud can mean everything. If you support those who belong to minority groups but don’t say it out loud, how would they know it? Right now, nothing is obvious other than there is a lot of hate and violence towards minorities.
The entire week after the election, I agonized about what to say to my small team of IT people whom I supervise at work. As a manager, I felt that it was my responsibility to address the anxiety and uncertainty that some of my staff – particularly those in minority groups – would be experiencing due to the election result. I also needed to ensure that whatever dialogue takes place regarding the differences of opinions between those who were pleased and those who were distressed with the election result, those dialogues remain civil and respectful.
Crafting an appropriate message was much more challenging than I anticipated. I felt very strongly about the need to re-affirm the unwavering support and commitment to diversity, equity, and inclusion particularly in relation to libraries and higher education, no matter how obvious it may seem. I also felt the need to establish (within the bounds of my limited authority) that we will continue to respect, value, and celebrate diversity in interacting with library users as well as other library and university staff members. Employees are held to the standard expectations of their institutions, such as diversity, equity, inclusion, tolerance, civil dialogue, and no harassment or violence towards minorities, even if their private opinions conflict with them. At the same time, I wanted to strike a measured tone and neither scare nor upset anyone, whichever side they were on in the election. As a manager, I have to acknowledge that everyone is entitled to their private opinions as long as they do not harm others.
I suspect that many of us – either a manager or not – want to say something similar about the election result. Not so much about who was and should have been as about what we are going to do now in the face of these public incidences of anger, hatred, harassment, violence, and bigotry directed at minority groups, which are coming out at an alarming pace because it affects all of us, not just minorities.
Finding the right words, however, is difficult. You have to carefully consider your role, audience, and the message you want to convey. The official public statement from a university president is going to take a tone vastly different from an informal private message a supervisor sends out to a few members of his or her team. A library director’s message to library patrons assuring the continued service for all groups of users with no discrimination will likely to be quite different from the one she sends to her library staff to assuage their anxiety and fear.
For such difficulty not to delay and stop us from what we have to and want to say to everyone we work with and care for, I am sharing the short message that I sent out to my team last Friday, 3 days after the election. (N.B. ‘CATS’ stands for ‘Computing and Technology Services’ and UMB refers to ‘University of Maryland, Baltimore.’) This is a customized message to address my own team. I am sharing this as a potential template for you to craft your own message. I would like to see more messages that reaffirm diversity, equity, and inclusion as non-negotiable values, explicitly state that we will not step backwards, and make a commitment to continued unwavering support for them.
Dear CATS,
This year’s close and divisive election left a certain level of anxiety and uncertainty in many of us. I am sure that we will hear from President Perman and the university leadership soon.
In the meantime, I want to remind you of something I believe to be very important. We are all here – just as we have been all along – to provide the most excellent service to our users regardless of what they look like, what their faiths are, where they come from, what languages they speak, where they live, and who they love. A library is a powerful place where people transform themselves through learning, critical thinking, and reflection. A library’s doors have been kept open to anyone who wants to freely explore the world of ideas and pursue knowledge. Libraries are here to empower people to create a better future. A library is a place for mutual education through respectful and open-minded dialogues. And, we, the library staff and faculty, make that happen. We get to make sure that people’s ethnicity, race, gender, disability, socio-economic backgrounds, political views, or religious beliefs do not become an obstacle to that pursuit. We have a truly awesome responsibility. And I don’t have to tell you how vital our role is as a CATS member in our library’s fulfilling that responsibility.
Whichever side we stood on in this election, let’s not forget to treat each other with respect and dignity. Let’s use this as an opportunity to renew our commitment to diversity, one of the UMB’s core values. Inclusive excellence is one of the themes of the UMB 2017-2021 Strategic Plan. Each and every one of us has a contribution to make because we are stronger for our differences.
We have much work ahead of us! I am out today, but expect lots of donuts Monday.
Have a great weekend,
Bohyun
Monday, I brought in donuts of many different kinds and told everyone they were ‘diversity donuts.’ Try it. I believe it was successful in easing some stress and tension that was palpable in my team after the election.
Photo from Flickr: https://www.flickr.com/photos/vnysia/4598569232
Before crafting your own message, I recommend re-reading your institution’s core values, mission and vision statements, and the most recent strategic plan. Most universities, colleges, and libraries include diversity, equity, inclusion, or something equivalent to these somewhere. Also review all public statements or internal messages that came from your institution that reaffirms diversity, equity, and inclusion. You can easily incorporate those into your own message. Make sure to clearly state your (and your institution’s) continued commitment to and unwavering support for diversity and inclusion and explicitly oppose bigotry, intolerance, harassment, and acts of violence. Encourage civil discourse and mutual respect. It is very important to reaffirm the values of diversity, equity, and inclusion ‘before’ listing any resources and help that employees or students may seek in case of harassment or assault. Without the assurance from the institution that it indeed upholds those values and will firmly stand by them, those resources and help mean little.
Below I have also listed messages, notes, and statements sent out by library directors, managers, librarians, and university presidents that reaffirm the full support for and commitment to diversity, equity, and inclusion. I hope to see more of these come out. If you have already received or sent out such a message, I invite you to share in the comments. If you have not, I suggest doing so as soon as possible. Send out a message if you are in a position where doing so is appropriate. Don’t forget to ask for a message addressing those values if you have not received any from your organization.
Cybersecurity is an interesting and important topic, one closely connected to those of online privacy and digital surveillance. Many of us know that it is difficult to keep things private on the Internet. The Internet was invented to share things with others quickly, and it excels at that job. Businesses that process transactions with customers and store the information online are responsible for keeping that information private. No one wants social security numbers, credit card information, medical history, or personal e-mails shared with the world. We expect and trust banks, online stores, and our doctor’s offices to keep our information safe and secure.
Image from Flickr – https://www.flickr.com/photos/topgold/4978430615
Cybersecurity vs. Usability
To prevent such a data breach, institutional IT staff are trained to protect their systems against vulnerabilities and intrusion attempts. Employees and end users are educated to be careful about dealing with institutional or customers’ data. There are systematic measures that organizations can implement such as two-factor authentication, stringent password requirements, and locking accounts after a certain number of failed login attempts.
While these measures strengthen an institution’s defense against cyberattacks, they may negatively affect the usability of the system, lowering users’ productivity. As a simple example, security measures like a CAPTCHA can cause an accessibility issue for people with disabilities.
Or imagine that a university IT office concerned about the data security of cloud services starts requiring all faculty, students, and staff to only use cloud services that are SOC 2 Type II certified as an another example. SOC stands for “Service Organization Controls.” It consists of a series of standards that measure how well a given service organization keeps its information secure. For a business to be SOC 2 certified, it must demonstrate that it has sufficient policies and strategies that will satisfactorily protect its clients’ data in five areas known as “Trust Services Principles.” Those include the security of the service provider’s system, the processing integrity of this system, the availability of the system, the privacy of personal information that the service provider collects, retains, uses, discloses, and disposes of for its clients, and the confidentiality of the information that the service provider’s system processes or maintains for the clients. The SOC 2 Type II certification means that the business had maintained relevant security policies and procedures over a period of at least six months, and therefore it is a good indicator that the business will keep the clients’ sensitive data secure. The Dropbox for Business is SOC 2 certified, but it costs money. The free version is not as secure, but many faculty, students, and staff in academia use it frequently for collaboration. If a university IT office simply bans people from using the free version of Dropbox without offering an alternative that is as easy to use as Dropbox, people will undoubtedly suffer.
Some of you may know that the USPS website does not provide a way to reset the password for users who forgot their usernames. They are instead asked to create a new account. If they remember the account username but enter the wrong answers to the two security questions more than twice, the system also automatically locks their accounts for a certain period of time. Again, users have to create a new account. Clearly, the system that does not allow the password reset for those forgetful users is more secure than the one that does. However, in reality, this security measure creates a huge usability issue because average users do forget their passwords and the answers to the security questions that they set up themselves. It’s not hard to guess how frustrated people will be when they realize that they entered a wrong mailing address for mail forwarding and are now unable to get back into the system to correct because they cannot remember their passwords nor the answers to their security questions.
To give an example related to libraries, a library may decide to block all international traffic to their licensed e-resources to prevent foreign hackers who have gotten hold of the username and password of a legitimate user from accessing those e-resources. This would certainly help libraries to avoid a potential breach of licensing terms in advance and spare them from having to shut down compromised user accounts one by one whenever those are found. However, this would make it impossible for legitimate users traveling outside of the country to access those e-resources as well, which many users would find it unacceptable. Furthermore, malicious hackers would probably just use a proxy to make their IP address appear to be located in the U.S. anyway.
What would users do if their organization requires them to reset passwords on a weekly basis for their work computers and several or more systems that they also use constantly for work? While this may strengthen the security of those systems, it’s easy to see that it will be a nightmare having to reset all those passwords every week and keeping track of them not to forget or mix them up. Most likely, they will start using less complicated passwords or even begin to adopt just one password for all different services. Some may even stick to the same password every time the system requires them to reset it unless the system automatically detects the previous password and prevents the users from continuing to use the same one. Ill-thought-out cybersecurity measures can easily backfire.
Security is important, but users also want to be able to do their job without being bogged down by unwieldy cybersecurity measures. The more user-friendly and the simpler the cybersecurity guidelines are to follow, the more users will observe them, thereby making a network more secure. Users who face cumbersome and complicated security measures may ignore or try to bypass them, increasing security risks.
Image from Flickr – https://www.flickr.com/photos/topgold/4978430615
The invasion of privacy and the lack of transparency in these network monitoring programs has caused great controversy. Such wide and indiscriminate monitoring programs must have a very good justification and offer clear answers to vital questions such as what exactly will be collected, who will have access to the collected information, when and how the information will be used, what controls will be put in place to prevent the information from being used for unrelated purposes, and how the information will be disposed of.
We have recently seen another case in which security concerns conflicted with people’s right to privacy. In February 2016, the FBI requested Apple to create a backdoor application that will bypass the current security measure in place in its iOS. This was because the FBI wanted to unlock an iPhone 5C recovered from one of the shooters in San Bernadino shooting incident. Apple iOS secures users’ devices by permanently erasing all data when a wrong password is entered more than ten times if people choose to activate this option in the iOS setting. The FBI’s request was met with strong opposition from Apple and others. Such a backdoor application can easily be exploited for illegal purposes by black hat hackers, for unjustified privacy infringement by other capable parties, and even for dictatorship by governments. Apple refused to comply with the request, and the court hearing was to take place in March 22. The FBI, however, withdrew the request saying that it found a way to hack into the phone in question without Apple’s help. Now, Apple has to figure out what the vulnerability in their iOS if it wants its encryption mechanism to be foolproof. In the meanwhile, iOS users know that their data is no longer as secure as they once thought.
Around the same time, the Senate’s draft bill titled as “Compliance with Court Orders Act of 2016,” proposed that people should be required to comply with any authorized court order for data and that if that data is “unintelligible” – meaning encrypted – then it must be decrypted for the court. This bill is problematic because it practically nullifies the efficacy of any end-to-end encryption, which we use everyday from our iPhones to messaging services like Whatsapp and Signal.
Because security is essential to privacy, it is ironic that certain cybersecurity measures are used to greatly invade privacy rather than protect it. Because we do not always fully understand how the technology actually works or how it can be exploited for both good and bad purposes, we need to be careful about giving blank permission to any party to access, collect, and use our private data without clear understanding, oversight, and consent. As we share more and more information online, cyberattacks will only increase, and organizations and the government will struggle even more to balance privacy concerns with security issues.
Why Libraries Should Advocate for Online Privacy?
The fact that people may no longer have privacy on the Web should concern libraries. Historically, libraries have been strong advocates of intellectual freedom striving to keep patron’s data safe and protected from the unwanted eyes of the authorities. As librarians, we believe in people’s right to read, think, and speak freely and privately as long as such an act itself does not pose harm to others. The Library Freedom Project is an example that reflects this belief held strongly within the library community. It educates librarians and their local communities about surveillance threats, privacy rights and law, and privacy-protecting technology tools to help safeguard digital freedom, and helped the Kilton Public Library in Lebanon, New Hampshire, to become the first library to operate a Tor exit relay, to provide anonymity for patrons while they browse the Internet at the library.
New technologies brought us the unprecedented convenience of collecting, storing, and sharing massive amount of sensitive data online. But the fact that such sensitive data can be easily exploited by falling into the wrong hands created also the unparalleled level of potential invasion of privacy. While the majority of librarians take a very strong stance in favor of intellectual freedom and against censorship, it is often hard to discern a correct stance on online privacy particularly when it is pitted against cybersecurity. Some even argue that those who have nothing to hide do not need their privacy at all.
The Electronic Frontier Foundation states that privacy means respect for individuals’ autonomy, anonymous speech, and the right to free association. We want to live as autonomous human beings free to speak our minds and think on our own. If part of a library’s mission is to contribute to helping people to become such autonomous human beings through learning and sharing knowledge with one another without having to worry about being observed and/or censored, libraries should advocate for people’s privacy both online and offline as well as in all forms of communication technologies and devices.
A few of us at Tech Connect participated in the #1Lib1Ref campaign that’s running from January 15th to the 23rd . What’s #1Lib1Ref? It’s a campaign to encourage librarians to get involved with improving Wikipedia, specifically by citation chasing (one of my favorite pastimes!). From the project’s description:
Imagine a World where Every Librarian Added One More Reference to Wikipedia.
Wikipedia is a first stop for researchers: let’s make it better! Your goal today is to add one reference to Wikipedia! Any citation to a reliable source is a benefit to Wikipedia readers worldwide. When you add the reference to the article, make sure to include the hashtag #1Lib1Ref in the edit summary so that we can track participation.
Below, we each describe our experiences editing Wikipedia. Did you participate in #1Lib1Ref, too? Let us know in the comments or join the conversation on Twitter!
I recorded a short screencast of me adding a citation to the Darbhanga article.
— Eric Phetteplace
I used the Citation Hunt tool to find an article that needed a citation. I selected the second one I found, which was about urinary tract infections in space missions. That is very much up my alley. I discovered after a quick Google search that the paragraph in question was plagiarized from a book on Google Books! After a hunt through the Wikipedia policy on quotations, I decided to rewrite the paragraph to paraphrase the quote, and then added my citation. As is usual with plagiarism, the flow was wrong, since there was a reference to a theme in the previous paragraph of the book that wasn’t present in the Wikipedia article, so I chose to remove that entirely. The Wikipedia Citation Tool for Google Books was very helpful in automatically generating an acceptable citation for the appropriate page. Here’s my shiny new paragraph, complete with citation: https://en.wikipedia.org/wiki/Astronautical_hygiene#Microbial_hazards_in_space.
— Margaret Heller
I edited the “Library Facilities” section of the “University of Maryland Baltimore” article in Wikipedia. There was an outdated link in the existing citation, and I also wanted to add two additional sentences and citations. You can see how I went about doing this in my screen recording below. I used the “edit source” option to get the source first in the Text Editor and then made all the changes I wanted in advance. After that, I copy/pasted the changes I wanted from my text file to the Wikipedia page I was editing. Then, I previewed and saved the page. You can see that I also had a typo in my text and had to fix that again to make the citation display correctly. So I had to edit the article more than once. After my recording, I noticed another typo in there, which I fixed it using the “edit” option. The “edit” option is much easier to use than the “edit source” option for those who are not familiar with editing Wiki pages. It offers a menu bar on the top with several convenient options.
The menu bar for the “edit” option in Wikipeda
The recording of editing a Wikipedia article:
— Bohyun Kim
It has been so long since I’ve edited anything on Wikipedia that I had to make a new account and read the “how to add a reference” link; which is to say, if I could do it in 30 minutes while on vacation, anyone can. There is a WYSIWYG option for the editing interface, but I learned to do all this in plain text and it’s still the easiest way for me to edit. See the screenshot below for a view of the HTML editor.
I wondered what entry I would find to add a citation to…there have been so many that I’d come across but now I was drawing a total blank. Happily, the 1Lib1Ref campaign gave some suggestions, including “Provinces of Afghanistan.” Since this is my fatherland, I thought it would be a good service to dive into. Many of Afghanistan’s citations are hard to provide for a multitude of reasons. A lot of our history has been an oral tradition. Also, not insignificantly, Afghanistan has been in conflict for a very long time, with much of its history captured from the lens of Great Game participants like England or Russia. Primary sources from the 20th century are difficult to come by because of the state of war from 1979 onwards and there are not many digitization efforts underway to capture what there is available (shout out to NYU and the Afghanistan Digital Library project).
Once I found a source that I thought would be an appropriate reference for a statement on the topography of Uruzgan Province, I did need to edit the sentence to remove the numeric values that had been written since I could not find a source that quantified the area. It’s not a precise entry, to be honest, but it does give the opportunity to link to a good map with other opportunities to find additional information related to Afghanistan’s agriculture. I also wanted to chose something relatively uncontroversial, like geographical features rather than historical or person-based, for this particular campaign.
The movie, Robot and Frank, describes the future in which the elderly have a robot as their companion and also as a helper. The robot monitors various activities that relate to both mental and physical health and helps Frank with various house chores. But Frank also enjoys the robot’s company and goes on to enlist the robot into his adventure of breaking into a local library to steal a book and a greater heist later on. People’s lives in the movie are not particularly futuristic other than a robot in them. And even a robot may not be so futuristic to us much longer either. As a matter of fact, as of June 2015, there is now a commercially available humanoid robot that is close to performing some of the functions that the robot in the movie ‘Frank and Robot’ does.
Pepper Robot, Image from Aldebaran, https://www.aldebaran.com/en/a-robots/who-is-pepper
A Japanese company, SoftBank Robotics Corp. released a humanoid robot named ‘Pepper’ to the market back in June. The Pepper robot is 4 feet tall, 61 pounds, speaks 17 languages and is equipped with an array of cameras, touch sensors, accelerometer, and other sensors in his “endocrine-type multi-layer neural network,” according to the CNN report. The Pepper robot was priced at ¥198,000 ($1,600). The Pepper owners are also responsible for an additional ¥24,600 ($200) monthly data and insurance fee. While the Pepper robot is not exactly cheap, it is surprisingly affordable for a robot. This means that the robot industry has now matured to the point where it can introduce a robot that the mass can afford.
Robots come in varying capabilities and forms. Some robots are as simple as a programmable cube block that can be combined with one another to be built into a working unit. For example, Cubelets from Modular Robotics are modular robots that are used for educational purposes. Each cube performs one specific function, such as flash, battery, temperature, brightness, rotation, etc. And one can combine these blocks together to build a robot that performs a certain function. For example, you can build a lighthouse robot by combining a battery block, a light-sensor block, a rotator block, and a flash block.
By contrast, there are advanced robots such as those in the form of an animal developed by a robotics company, Boston Dynamics. Some robots look like a human although much smaller than the Pepper robot. NAO is a 58-cm tall humanoid robot that moves, recognizes, hears and talks to people that was launched in 2006. Nao robots are an interactive educational toy that helps students to learn programming in a fun and practical way.
Noticing their relevance to STEM education, some libraries are making robots available to library patrons. Westport Public Library provides robot training classes for its two Nao robots. Chicago Public Library lends a number of Finch robots that patrons can program to see how they work. In celebration of the National Robotics Week back in April, San Diego Public Library hosted their first Robot Day educating the public about how robots have impacted the society. San Diego Public Library also started a weekly Robotics Club inviting anyone to join in to help build or learn how to build a robot for the library. Haslet Public Library offers the Robotics Camp program for 6th to 8th graders who want to learn how to build with LEGO Mindstorms EV3 kits. School librarians are also starting robotics clubs. The Robotics Club at New Rochelle High School in New York is run by the school’s librarian, Ryan Paulsen. Paulsen’s robotics club started with faculty, parent, and other schools’ help along with a grant from NASA and participated in a FIRST Robotics Competition. Organizations such as the Robotics Academy at Carnegie Mellon University provides educational outreach and resources.
Image from Aldebaran website at https://www.aldebaran.com/en/humanoid-robot/nao-robot
There are also libraries that offer coding workshops often with Arduino or Raspberry Pi, which are inexpensive computer hardware. Ames Free Library offers Raspberry Pi workshops. San Diego Public Library runs a monthly Arduino Enthusiast Meetup. Arduinos and Raspberry Pis can be used to build digital devices and objects that can sense and interact the physical world, which are close to a simple robot. We may see more robotics programs at those libraries in the near future.
Robots can fulfill many other functions than being educational interactive toys, however. For example, robots can be very useful in healthcare. A robot can be a patient’s emotional companion just like the Pepper. Or it can provide an easy way to communicate for a patient and her/his caregiver with physicians and others. A robot can be used at a hospital to move and deliver medication and other items and function as a telemedicine assistant. It can also provide physical assistance for a patient or a nurse and even be use for children’s therapy.
Humanoid robots like Pepper may also serve at a reception desk at companies. And it is not difficult to imagine them as sales clerks at stores. Robots can be useful at schools and other educational settings as well. At a workplace, teleworkers can use robots to achieve more active presence. For example, universities and colleges can offer a similar telepresence robot to online students who want to virtually experience and utilize the campus facilities or to faculty who wish to offer the office hours or collaborate with colleagues while they are away from the office. As a matter of fact, the University of Texas, Arlington, Libraries recently acquired several Telepresence Robots to lend to their faculty and students.
Not all robots do or will have the humanoid form as the Pepper robot does. But as robots become more and more capable, we will surely get to see more robots in our daily lives.
A biohackerspace is a community laboratory that is open to the public where people are encouraged to learn about and experiment with biotechnology. Like a makerspace, a biohackerspace provides people with tools that are usually not available at home. A makerspace offers making and machining tools such as a 3D printer, a CNC (computer numerically controlled) milling machine, a vinyl cutter, and a laser cutter. A biohackerspace, however, contains tools such as microscopes, Petri dishes, freezers, and PCR (Polymerase Chain Reaction) machines, which are often found in a wet lab setting. Some of these tools are unfamiliar to many. For example, a PCR machine amplifies a segment of DNA and creates many copies of a particular DNA sequence. A CNC milling machine carves, cuts, and drills materials such as wood, hard plastic, and metal according to the design entered into a computer. Both a makerspace and a biohackerspace provide access to these tools to individuals, which are usually cost-prohibitive to own.
Just as people in a makerspace work with computer code, electronics, plastic, and other materials for DYI-manufacturing, people in a biohackerspace tinker with bacteria, cells, and DNA. A biohackersapce allows people to tinker with and make biological things outside of the institutional biology lab setting. They can try activities such as splicing DNA or reprogramming bacteria.1 The projects that people pursue in a biohackerspace vary ranging from making bacteria that glow in the dark to identifying the neighbor who fails to pick up after his or her dog. Surprisingly enough, these are not as difficult or complicate as we imagine.2 Injecting a luminescent gene into bacteria can yield the bacteria that glow in the dark. Comparing DNA collected from various samples of dog excrement and finding a match can lead to identifying the guilty neighbor’s dog.3 Other possible projects at a biohackerspace include finding out if an organic food item from a supermarket is indeed organic, creating bacteria that will decompose plastic, checking if a certain risky gene is present in your body. An investigational journalist may use her or his biohacking skills to verify certain evidence. An environmentalist can measure the pollution level of her neighborhood and find out if a particular pollutant exceeds the legal limit.
Why Is a Biohackerpsace Important?
A biohackerspace democratizes access to biotechnology equipment and space and enables users to share their findings. In this regard, a biohakerspace is comparable to the open-source movement in computer programming. Both allow people to solve the problems that matter to them. Instead of pursing a scientific breakthrough, biohackers look for solutions to the problems that are small but important. By contrast, large institutions, such as big pharmaceutical companies, may not necessarily pursue solutions to such problems if those solutions are not sufficiently profitable. For example, China experienced a major food safety incident in 2008 involving melamine-contaminated milk and infant formula. It costs thousands of dollars to test milk for the presence of melamine in a lab. After reading about the incident, Meredith Patterson, a notable biohacker who advocates citizen science, started working on an alternative test, which will cost only a dollar and can be done in a home kitchen.4 To solve the problem, she planned to splice a glow-in-the-dark jellyfish gene into the bacteria that turns milk into yogurt and then add a biochemical sensor that detects melamine, all in her dining room. If the milk turns green when combined with this mixture, that milk contains melamine.
The DIYbio movement refers to the new trend of individuals and communities studying molecular and synthetic biology and biotechnology without being formally affiliated with an academic or corporate institution.5 DIYbio enthusiasts pursue most of their projects as a hobby. Some of those projects, however, hold the potential to solve serious global problems. One example is the inexpensive melamine test in a milk that we have seen above. Biopunk, a book by Marcus Wohlsen, also describes another DIYbio approach to develop an affordable handheld thermal cycler that rapidly replicates DNA as an inexpensive diagnostics for the developing world.6 Used in conjunction with a DNA-reading chip and a few vials containing primers for a variety of disease, this device called ‘LavaAmp’ can quickly identify diseases that break out in remote rural areas.
The DIYbio movement and a biohackerspace pioneer a new realm of science literacy, i.e. doing science. According to Meredith Patterson, scientific literacy is not understanding science but doing science. In her 2010 talk at the UCLA Center for Society and Genetics’ symposium, “Outlaw Biology? Public Participation in the Age of Big Bio,” Patterson argued, “scientific literacy empowers everyone who possesses it to be active contributors to their own health care; the quality of their food, water, and air; their very interactions with their own bodies and the complex world around them.”7
How Can Libraries Be Involved?
While not all librarians agree that a makerspace is an endeavor suitable for a library, more libraries have been creating a makerspace and offering makerspace-related programs for their patrons in recent years. Maker programs support hands-on learning in the STEAM education and foster creative and innovative thinking through tinkering and prototyping activities. They also introduce new skills to students and the public for whom the opportunities to learn about those things are still rare. Those new skills – 3D modeling, 3D printing, and computer programming – enrich students’ learning experience, provide new teaching tools for instructors, and help adults to find employment or start their own businesses. Those skills can also be used to solve everyday problem such as an creating inexpensive prosthetic limb or custom parts that are need to repair household items.
However, creating a makerspace or running a maker program in a library setting is not an easy task. Libraries often lack sufficient funding to purchase various equipment for a makerspace as well as the staff who are capable of developing appropriate maker programs. This means that in order to create and operate a successful makerspace, a library must make a significant upfront investment in equipment and staff education and training. For this reason, the importance of the accurate needs-assessment and the development of programs appropriate and useful to library patrons cannot be over-empahsized.
A biohackerspace requires a wet laboratory setting, where chemicals, drugs, and a variety of biological matter are tested and analyzed in liquid solutions or volatile phases. Such a laboratory requires access to water, proper plumbing and ventilation, waste disposal, and biosafety protocols. Considering these issues, it will probably take a while for any library to set up a biohackerspace.
This should not dissuade libraries from being involved with biohackerspace-related activities, however. Instead of setting up a biohackerspace, libraries can invite speakers to talk about DIYbio and biohacking to raise awareness about this new area of making to library patrons. Libraries can also form a partnership with a local biohackerspace in a variety of ways. Libraries can co-host or cross-promote relevant programs at biohackerspaces and libraries to facilitate the cross-pollination of ideas. A libraries’ reading collection focused on biohacking could be greatly useful. Libraries can contribute their expertise in grant writing or donate old computing equipment to biohackerspaces. Libraries can offer their expertise in digital publishing and archiving to help biohackerspaces publish and archive their project outcome and research findings.
Is a Biohackerpsace Safe?
The DIYbio movement recognized the potential risk in biohacking early on and created codes of conduct in 2011. The Ask a Biosafety Expert (ABE) service at DIY.org provides free biosafety advice from a panel of volunteer experts, along with many biosafety resources. Some biohackerspaces have an advisory board of professional scientists who review the projects that will take place at their spaces. Most biohackerspaces meet the Biosafety Level 1 criteria set out by the Centers for Disease Control and Prevention (CDC).
Democratization of Biotechnology
While the DIYbio movement and biohackerspaces are still in the early stage of development, they hold great potential to drive future innovation in biotechnology and life sciences. The DIYbio movement and biohackerspaces try to transform ordinary people into citizen scientists, empower them to come up with solutions to everyday problems, and encourage them to share those solutions with one another. Not long ago, we had mainframe computers that were only accessible to a small number of professional computer scientists locked up at academic or corporate labs. Now personal computers are ubiquitous, and many professional and amateur programmers know how to write code to make a personal computer do the things they would like it to do. Until recently, manufacturing was only possible on a large scale through factories. Many makerspaces that started in recent years, however, have made it possible for the public to create a model on a computer and 3D print a physical object based on that model at a much lower cost and on a much smaller scale. It remains to be seen if the DIYbio movement and biohackerspaces will bring similar change to biotechnology.
Landrain, Thomas, Morgan Meyer, Ariel Martin Perez, and Remi Sussan. “Do-It-Yourself Biology: Challenges and Promises for an Open Science and Technology Movement.” Systems and Synthetic Biology 7, no. 3 (September 2013): 115–26. doi:10.1007/s11693-013-9116-4. ↩
Wohlsen, Marcus. Biopunk: Solving Biotech’s Biggest Problems in Kitchens and Garages. Penguin, 2011., p.38-39. ↩
Jorgensen, Ellen D., and Daniel Grushkin. “Engage With, Don’t Fear, Community Labs.” Nature Medicine 17, no. 4 (2011): 411–411. doi:10.1038/nm0411-411. ↩
Wohlsen, Marcus. Biopunk: Solving Biotech’s Biggest Problems in Kitchens and Garages. Penguin, 2011. p. 56. ↩
Recently, my library has been considering accepting library fines via online. Currently, many library fines of a small amount that many people owe are hard to collect. As a sum, the amount is significant enough. But each individual fines often do not warrant even the cost for the postage and the staff work that goes into creating and sending out the fine notice letter. Libraries that are able to collect fines through the bursar’s office of their parent institutions may have a better chance at collecting those fines. However, others can only expect patrons to show up with or to mail a check to clear their fines. Offering an online payment option for library fines is one way to make the library service more user-friendly to those patrons who are too busy to visit the library in person or to mail a check but are willing to pay online with their credit cards.
If you are new to the world of online payment, there are several terms you need to become familiar with. The following information from the article in SixRevisions is very useful to understand those terms.1
ACH (Automated Clearing House) payments: Electronic credit and debit transfers. Most payment solutions use ACH to send money (minus fees) to their customers.
Merchant Account: A bank account that allows a customer to receive payments through credit or debit cards. Merchant providers are required to obey regulations established by card associations. Many processors act as both the merchant account as well as the payment gateway.
Payment Gateway: The middleman between the merchant and their sponsoring bank. It allows merchants to securely pass credit card information between the customer and the merchant and also between merchant and the payment processor.
Payment Processor: A company that a merchant uses to handle credit card transactions. Payment processors implement anti-fraud measures to ensure that both the front-facing customer and the merchant are protected.
PCI (the Payment Card Industry) Compliance: A merchant or payment gateway must set up their payment environment in a way that meets the Payment Card Industry Data Security Standard (PCI DSS).
Often, the same company functions as both payment gateway and payment processor, thereby processing the credit card payment securely. Such a product is called ‘Online payment system.’ Meyer’s article I have cited above also lists 10 popular online payment systems: Stripe, Authorize.Net, PayPal, Google Checkout, Amazon Payments, Dwolla, Braintree, Samurai by FeeFighters, WePay, and 2Checkout. Bear in mind that different payment gateways, merchant accounts, and bank accounts may or may not work together, your bank may or may not work as a merchant account, and your library may or may not have a merchant account. 2
Also note that there are fees in using online payment systems like these and that different systems have different pay structures. For example, Authorize.net has the $99 setup fee and then charges $20 per month plus a $0.10 per-transaction fee. Stripe charges 2.9% + $0.30 per transaction with no setup or monthly fees. Fees for mobile payment solutions with a physical card reader such as Square may go up much higher.
Among various online payment systems, I picked Stripe because it was recommended on the Code4Lib listserv. One of the advantages for using Stripe is that it acts as both the payment gateway and the merchant account. What this means is that your library does not have to have a merchant account to accept payment online. Another big advantage of using Stripe is that you do not have to worry about the PCI compliance part of your website because the Stripe API uses a clever way to send the sensitive credit card information over to the Stripe server while keeping your local server, on which your payment form sits, completely blind to such sensitive data. I will explain this in more detail later in this post.
Below I will share some of the code that I have used to set up Stripe as my library’s online payment option for testing. This may be of interest to you if you are thinking about offering online payment as an option for your patrons or if you are simply interested in how an online payment API works. Even if your library doesn’t need to collect library fines via online, an online payment option can be a handy tool for a small-scale fund-raising drive or donation.
The first step to take to make Stripe work is getting an API keys. You do not have to create an account to get API keys for testing. But if you are going to work on your code more than one day, it’s probably worth getting an account. Stripe API has excellent documentation. I have read ‘Getting Started’ section and then jumped over to the ‘Examples’ section, which can quickly get you off the ground. (https://stripe.com/docs/examples) I found an example by Daniel Schröter in GitHub from the list of examples in the Stripe’s Examples section and decided to test out. (https://github.com/myg0v/Simple-Bootstrap-Stripe-Payment-Form) Most of the time, getting an example code requires some probing and tweaking such as getting all the required library downloaded and sorting out the paths in the code and adding API keys. This one required relatively little work.
Now, let’s take a look at the form that this code creates.
In order to create a form of my own for testing, I decided to change a few things in the code.
Add Patron & Payment Details.
Allow custom amount for payment.
Change the currency from Euro to US dollars.
Configure the validation for new fields.
Hide the payment form once the charge goes through instead of showing the payment form below the payment success message.
4. can be done as follows. The client-side validation is performed by Bootstrapvalidator jQuery Plugin. So you need to get the syntax correct to get the code, which now has new fields, to work properly.
This is the Javascript that allows you to send the data submitted to your payment form to the Stripe server. First, include the Stripe JS library (line 24). Include JQuery, Bootstrap, Bootstrap Form Helpers plugin, and Bootstrap Validator plugin (line 25-28). The next block of code includes an event handler for the form, which send the payment information to the Stripe via AJAX when the form is submitted. Stripe will validate the payment information and then return a token that identifies this particular transaction.
When the token is received, this code calls for the function, stripeResponseHandler(). This function, stripeResponseHandler() checks if the Stripe server did not return any error upon receiving the payment information and, if no error has been returned, attaches the token information to the form and submits the form.
The server-side PHP script then checks if the Stripe token has been received and, if so, creates a charge to send it to Stripe as shown below. I am using PHP here, but Stripe API supports many other languages than PHP such as Ruby and Python. So you have many options. The real payment amount appears here as part of the charge array in line 326. If the charge succeeds, the payment success message is stored in a div to be displayed.
The reason why you do not have to worry about the PCI compliance with Stripe is that Stripe API asks to receive the payment information via AJAX and the input fields of sensitive information does not have the name attribute and value. (See below for the Card Holder Name and Card Number information as an example; Click to bring up the clear version of the image.) By omitting the name attribute and value, the local server where the online form sits is deprived of any means to retrieve the information in those input fields submitted through the form. Since sensitive information does not touch the local server at all, PCI compliance for the local server becomes no concern. To clarify, not all fields in the payment form need to be deprived of the name attribute. Only the sensitive fields that you do not want your web server to have access to need to be protected this way. Here, for example, I am assigning the name attribute and value to fields such as name and e-mail in order to use them later to send a e-mail receipt.
(NB. Please click images to see the enlarged version.)
Now, the modified form has ‘Fee Category’, custom ‘Payment Amount,’ and some other information relevant to the billing purpose of my library.
When the payment succeeds, the page changes to display the following message.
Stripe provides a number of fake card numbers for testing. So you can test various cases of failures. The Stripe website also displays all payments and related tokens and charges that are associated with those payments. This greatly helps troubleshooting. One thing that I noticed while troubleshooting is that Stripe logs sometimes do lag behind. That is, when a payment would succeed, associated token and charge may not appear under the “Logs” section immediately. But you will see the payment shows up in the log. So you will know that associated token and charge will eventually appear in the log later.
Once you are ready to test real payment transactions, you need to flip the switch from TEST to LIVE located on the top left corner. You will also need to replace your API keys for ‘TESTING’ (both secret and public) with those for ‘LIVE’ transaction. One more thing that is needed before making your library getting paid with real money online is setting up SSL (Secure Sockets Layer) for your live online payment page. This is not required for testing but necessary for processing live payment transactions. It is not a very complicated work. So don’t be discouraged at this point. You just have to buy a security certificate and put it in your Web server. Speak to your system administrator for how to get the SSL set up for your payment page. More information about setting up SSL can be found in the Stripe documentation I just linked above.
My library has not yet gone live with this online payment option. Before we do, I may make some more modifications to the code to fit the staff workflow better, which is still being mapped out. I am also planning to place the online payment page behind the university’s Shibboleth authentication in order to cut down spam and save some tedious data entry by library patrons by getting their information such as name, university email, student/faculty/staff ID number directly from the campus directory exposed through Shibboleth and automatically inserting it into the payment form fields.
In this post, I have described my experience of testing out the Stripe API as an online payment solution. As I have mentioned above, however, there are many other online payment systems out there. Depending your library’s environment and financial setup, different solutions may work better than others. To me, not having to worry about the PCI compliance by using Stripe was a big plus. If your library accepts online payment, please share what solution you chose and what factors led you to the particular online payment system in the comments.
