[Eril-l] O'Reilly, Federated SSO, and patron identity privacy - question

[Melissa Belvadi]

Hello, all.
This question is for those of you who subscribe to the O'Reilly HIgher Education ebook package, formerly known as "Safari", and uses the Federated/SSO method of authentication, and whose campuses have strong rules about patron privacy.

It appears to us that the SSO configuration sends O'Reilly our patron's campus username, which makes it trivial for them to identify the human being and link that info to the books that person reads on their platform if they did want to engage in that kind of data mining (they deny it, but some of us are skeptical).

We don't have any absolute rules on our campus about that, but we librarians are definitely not happy about it.

I was wondering, those of you who are at institutions that do have stronger rules about patron privacy matters and who use this configuration, can you tell me what you did to deal with it? Did you find a way to avoid sending O'Reilly that personally-identifiable username?


Thanks!

Melissa Belvadi
Collections Librarian
University of Prince Edward Island
mbelvadi at upei.ca<mailto:mbelvadi at upei.ca>  902-566-0581
ORCID iD: 0000-0002-4433-0189
my public calendar<https://outlook.office365.com/owa/calendar/0fbab27c909e4493be65313bd66d66b6@upei.ca/5fa60af92c6d451c9ddf90c0bb11e00f15552192987609852692/calendar.html>
Make an appointment<https://mbelvadi.youcanbook.me/> via YouCanBookMe


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eril-l.org/pipermail/eril-l-eril-l.org/attachments/20210805/a54d7066/attachment.html>