Many school librarians spend hours developing and perfecting their web presence to help students access the most reliable resources they can for research. Many of us make access to the statewide databases and our own paid databases easy to use with links from one location. But, it is time to address an elephant in the room, or on your website! It has to do with passwords! Are your database passwords published on your webpage?
If the answer is “No, students need to get them in-house or through a protected manner.” Great! You are exhibiting ethical behavior and this is a teachable moment. If you are putting them online for anyone to access you are likely breaching a legal contract. Perhaps you have not even thought about this!
Last year the MSLA board had many excellent web pages submitted for evaluation to receive the Association’s “Web Seal of Excellence” Award. You can currently access the rubric to measure up how you stand at http://www.maschoolibraries.org/uploads/5/7/2/2/57223027/sealofexcellencecriteria.pdf. With some difficulty, the Awards Co-Chairs had to finally round up those “elephants.” Exactly half of our member applicants had their database passwords published on their websites. We had to assume that if we could easily bring up the passwords, they were not protected from anyone else in the general public.
Access to all computer software and online content is governed by an agreement in the form of a contract, the license agreement between the vendor and the purchaser or licensee. Even shrink-wrapped software that one buys in the store has a license on it where the buyer usually has agreed that by opening the package, they will not reproduce or distribute, the software.
According to Marlene Heroux, Reference Information Systems Specialist at the MBLC, the following language was sent in a letter to each MLS member library at the start of the database contract informing the libraries of the content to be provided and what is permitted under the state’s contract:
"The licensing process between electronic resource vendors and the MBLC results in a legal document that specifies who, what, when, where and how the electronic resources may be used. Access by unauthorized users or from unauthorized locations violates the spirit of the contract and may ultimately result in deactivation for an MLS member library or an individual patron."
She further comments that:
"The use of passwords by library users for statewide licensed databases is not permitted due to their lack of security. Each MLS member library is provided with their own geolocation links that do not require any identification or passwords by end users. The one exception is that if the user’s computer is not recognized as having a Massachusetts IP address, they will be prompted for their Massachusetts library card number. Similar to passwords, library card numbers cannot be placed on a web page that is open to anyone, or a public brochure or document.
Vendors price their contracts based on the content, type and number of authorized users for an institution and/or geographic area. Usage can be monitored by statistical data which you too can use to your advantage. However, providing unauthorized access also drives up the cost of these purchases, and this impacts all Massachusetts libraries."
As with any copyrighted material that is purchased, whether books, games, software or music, it is a violation of the producer’s intellectual property rights to disseminate it freely. And, as one longtime MSLA vendor told me, contract violations also cause difficulty because “ it could mean losing a valued customer.” This is how our vendors make a living! In general, a library that uses passwords should not post their passwords on publicly accessible websites or general brochures or handouts.
You can learn more about your free access to Statewide Databases at
http://mblc.state.ma.us/grants/licenses/index.php.
Sandy Kelly is a National Board Certified School Librarian retired from the Carlisle Public Schools. She is a past president of MSLA and a long time member of the board.
If the answer is “No, students need to get them in-house or through a protected manner.” Great! You are exhibiting ethical behavior and this is a teachable moment. If you are putting them online for anyone to access you are likely breaching a legal contract. Perhaps you have not even thought about this!
Last year the MSLA board had many excellent web pages submitted for evaluation to receive the Association’s “Web Seal of Excellence” Award. You can currently access the rubric to measure up how you stand at http://www.maschoolibraries.org/uploads/5/7/2/2/57223027/sealofexcellencecriteria.pdf. With some difficulty, the Awards Co-Chairs had to finally round up those “elephants.” Exactly half of our member applicants had their database passwords published on their websites. We had to assume that if we could easily bring up the passwords, they were not protected from anyone else in the general public.
Access to all computer software and online content is governed by an agreement in the form of a contract, the license agreement between the vendor and the purchaser or licensee. Even shrink-wrapped software that one buys in the store has a license on it where the buyer usually has agreed that by opening the package, they will not reproduce or distribute, the software.
According to Marlene Heroux, Reference Information Systems Specialist at the MBLC, the following language was sent in a letter to each MLS member library at the start of the database contract informing the libraries of the content to be provided and what is permitted under the state’s contract:
"The licensing process between electronic resource vendors and the MBLC results in a legal document that specifies who, what, when, where and how the electronic resources may be used. Access by unauthorized users or from unauthorized locations violates the spirit of the contract and may ultimately result in deactivation for an MLS member library or an individual patron."
She further comments that:
"The use of passwords by library users for statewide licensed databases is not permitted due to their lack of security. Each MLS member library is provided with their own geolocation links that do not require any identification or passwords by end users. The one exception is that if the user’s computer is not recognized as having a Massachusetts IP address, they will be prompted for their Massachusetts library card number. Similar to passwords, library card numbers cannot be placed on a web page that is open to anyone, or a public brochure or document.
Vendors price their contracts based on the content, type and number of authorized users for an institution and/or geographic area. Usage can be monitored by statistical data which you too can use to your advantage. However, providing unauthorized access also drives up the cost of these purchases, and this impacts all Massachusetts libraries."
As with any copyrighted material that is purchased, whether books, games, software or music, it is a violation of the producer’s intellectual property rights to disseminate it freely. And, as one longtime MSLA vendor told me, contract violations also cause difficulty because “ it could mean losing a valued customer.” This is how our vendors make a living! In general, a library that uses passwords should not post their passwords on publicly accessible websites or general brochures or handouts.
You can learn more about your free access to Statewide Databases at
http://mblc.state.ma.us/grants/licenses/index.php.
Sandy Kelly is a National Board Certified School Librarian retired from the Carlisle Public Schools. She is a past president of MSLA and a long time member of the board.