TY - JOUR
T1 - Protecting privacy on the web
T2 - A study of HTTPS and Google Analytics implementation in academic library websites
AU - OBrien, Patrick
AU - W.H. Young, Scott
AU - Arlitsch, Kenning
AU - Benedict, Karl
N1 - Publisher Copyright:
© 2018, Patrick OBrien, Scott W.H. Young, Kenning Arlitsch and Karl Benedict.
PY - 2018/9/13
Y1 - 2018/9/13
N2 - Purpose: The purpose of this paper is to examine the extent to which HTTPS encryption and Google Analytics services have been implemented on academic library websites, and discuss the privacy implications of free services that introduce web tracking of users. Design/methodology/approach: The home pages of 279 academic libraries were analyzed for the presence of HTTPS, Google Analytics services and privacy-protection features. Findings: Results indicate that HTTPS implementation on library websites is not widespread, and many libraries continue to offer non-secured connections without an automatically enforced redirect to a secure connection. Furthermore, a large majority of library websites included in the study have implemented Google Analytics and/or Google Tag Manager, yet only very few connect securely to Google via HTTPS or have implemented Google Analytics IP anonymization. Practical implications: Librarians are encouraged to increase awareness of this issue and take concerted and coherent action across five interrelated areas: implementing secure web protocols (HTTPS), user education, privacy policies, informed consent and risk/benefit analyses. Originality/value: Third-party tracking of users is prevalent across the web, and yet few studies demonstrate its extent and consequences for academic library websites.
AB - Purpose: The purpose of this paper is to examine the extent to which HTTPS encryption and Google Analytics services have been implemented on academic library websites, and discuss the privacy implications of free services that introduce web tracking of users. Design/methodology/approach: The home pages of 279 academic libraries were analyzed for the presence of HTTPS, Google Analytics services and privacy-protection features. Findings: Results indicate that HTTPS implementation on library websites is not widespread, and many libraries continue to offer non-secured connections without an automatically enforced redirect to a secure connection. Furthermore, a large majority of library websites included in the study have implemented Google Analytics and/or Google Tag Manager, yet only very few connect securely to Google via HTTPS or have implemented Google Analytics IP anonymization. Practical implications: Librarians are encouraged to increase awareness of this issue and take concerted and coherent action across five interrelated areas: implementing secure web protocols (HTTPS), user education, privacy policies, informed consent and risk/benefit analyses. Originality/value: Third-party tracking of users is prevalent across the web, and yet few studies demonstrate its extent and consequences for academic library websites.
KW - HTTPS
KW - Third-party tracking
KW - Web analytics
KW - Web privacy
UR - http://www.scopus.com/inward/record.url?scp=85053348932&partnerID=8YFLogxK
U2 - 10.1108/OIR-02-2018-0056
DO - 10.1108/OIR-02-2018-0056
M3 - Article
AN - SCOPUS:85053348932
SN - 1468-4527
VL - 42
SP - 734
EP - 751
JO - Online Information Review
JF - Online Information Review
IS - 6
ER -