A recent article in Public Library News by my friend Ian Anstice talked about his experiences at the recent Spanish library conference in Badajoz. He had been invited to talk about the current situation in the UK – which horrified his audience – but it was another presentation that really set him thinking.

Jane Cowell – the Director of Public & Indigenous Services at State Library of Queensland in Australia – talked about library security and that set several hares running through Mr A’s thoughts – why do we need it and is it value for money being very prominent.

From my perspective it was quite refreshing to see these questions being asked at all. Security is a subject of many conversations in the world I most frequent – RFID.

In the confused and often confusing world of RFID the usual starting point for conversations I’ve had with librarians over the last seven years is not whether but when they should invest. Back in 2006 my advice was to wait until the market stabilised.

In effect that happened in 2011 when suppliers agreed to use common standards. By then more than 50% of UK libraries had spent the money anyway. Which I found rather ironic as if libraries hadn’t been so eager to buy non standards-based solutions we could have created a more open and integrated market rather earlier.

But that was then, and this is now. The main question Ian raises is, essentially, do we really need security? Which made me wonder if he has a point…

There’s not much advantage in investing in security if the cure is worse than the disease. To put that another way – is the cost of providing a solution higher than the cost of the losses? In my naïve, simplistic way I always assumed that someone somewhere does the sums when libraries go out to market for security solutions. But after reading Ian’s piece I’m not so sure.

In calculating the cost of losses we must take account not only of the actual cost of purchase but any intrinsic value of items. Are items irreplaceable, in heavy use, reference only? Would there be a reputational cost to the library of any losses? So calculating that side of the equation clearly isn’t straightforward, but is it done at all?

Then there’s the efficacy of the security. Reports from libraries switching to RFID suggest that even with pre-existing security systems up to 30% of stock listed in the catalogue cannot be traced when items are tagged. Many libraries used some form of security before they switched – and some even bought RFID solutions from the same company that sold the system being replaced. (I wonder if they got a discount on the new security system to compensate for the shortcomings of the original.)

These concerns apply to any form of security of course but – as you might imagine – my primary interest lies in the use of RFID. Are things different when the security system is based on that technology?

To answer that question let’s first return to the scenario that Jane spoke about in Spain – and that has been implemented in West Downs Library in Queensland.

West Downs use Civica’s Spydus software as their management system (variously known as the LMS, ILS and even ILMS in Anglophone countries).  Only one of their nine branches has any form of security at that one is based on UHF RFID.

Spydus – like many LMS providers these days – offer a library “app” for readers to use on their smartphones and tablets. Once “logged in” a user is known to the system and can – if the library allows it – use the app to borrow and return items. This is done by scanning the item barcode using the mobile’s camera.

In the eight branches without security theft is of an order of magnitude that the library determined to be acceptable when they did their initial analysis. Sylvia Swalling (Library Service Coordinator at West Downs) suggested to me that this is “perhaps because we are a regional library service and things are a bit more personal… ”.

In the ninth branch the security is based on a UHF solution. Unlike HF – the predominant system in use in the world’s RFID equipped libraries – UHF doesn’t use security on tags as such. Instead the status of an item is set within the LMS once the barcode has been read. If the reader tries to remove an item that has not been released the gates will sound an alarm.

In an HF system the security gates generally have only to scan a security bit on the tag to determine whether items may pass but in the UHF model every item has to be verified with the LMS. This can cause delays in busy libraries and is perhaps one reason why using security at all is viewed rather differently in Australian libraries than in say a busy Inner London authority.

In another popular form of self-service in the international market sees readers store their user ID as a barcode in an app. Users then use this “electronic” barcode in the same way as a membership card and take their device to a staff or self-service device to scan in the usual way. My local supermarket uses the same solution for crediting my loyalty account. Whilst this is sometimes represented in the literature as being a “mobile” solution it barely qualifies as such since security and validation are entirely separated from the “app”.

For those libraries (the vast majority) using HF RFID the most attractive, value for money, option would be to have the user use their own device to issue items to themselves. Since HF based security systems rely on data being written and read directly to and from the tag (rather than by having to link to the LMS) a truly mobile solution requires that devices not only read item IDs but can also write the necessary data to an item tag in order for it to be removed from the library.

This can now be achieved using devices that are NFC (Near Field Communication) enabled. But devices also need to have NFC “opened up” for use by applications – and despite introducing the technology in the iPhone 6 and 6s Apple has not yet allowed anyone else to use it. So for the moment we’re talking about Android devices only.

In one scenario a user might identify an item they wish to borrow and interact directly with it via the item tag using NFC. Then, in the same way as kiosks interact with the LMS to establish if an item can be borrowed (interpreting loan rules, checking reservations etc.) If the device receives a positive response from the LMS it can write the necessary data to the tag allowing the item to pass the security gates. Otherwise the user will be told to replace the item.

Using this approach a significant amount of the cost of expensive self-service equipment is passed onto the library user. As the number of NFC devices owned by the public grows so the number of kiosks required might be expected to fall. Security costs fall commensurately.

So far I haven’t found a company that offers this option although there are variations that come close. In the UK and ANZ some RFID suppliers now enable staff to issue items at the shelf, either via NFC Android devices or using a standard 13.56 MHz RFID scanner attached to a smartphone. It’s a halfway house to full user-powered self-service.

This recently created (and almost accidental) ability of smartphones to communicate with stock opens up a number of other possibilities for interaction of course. In house use could be monitored, linking to related resources becomes possible via the physical item and not just via the catalogue, other RFID enabled items in the library landscape might be read in the same way as QR codes – with the advantage that RFID tags are dynamic and the data they contain can be altered, whereas QR codes are static.

Now all of that is still in the future – though probably not much more than months away. So for any librarians that are now pondering whether they should ditch their expensive RFID security systems and absorb the possible consequential losses I have another suggestion. Wait a while. If you were wise enough to buy after 2011 (or have subsequently migrated to the data standard) your original investment decision may be about to unexpectedly pay off more than any of us could have imagined as RFID delivers new ways of exploiting both your physical and virtual collections.

Of course if you bought non-standards based solutions – or the UHF form of RFID none of this applies. NFC only operates at HF frequencies.

So is library security worth the money? Well like everything else, it depends. The Australian solution works in their circumstances, and could work in some UK libraries too.

But if, like most UK public libraries, you have already heavily invested in RFID I think it’s a very different matter. Can you buy RFID without the security? Yes – but why would you? The only component that would be an extra cost would be the gates – and as others have pointed out – that’s nothing like as big a figure as the rest of the RFID infrastructure and software. Consider too the possible savings to be made on staff and self-service terminals.

As with most things it pays to look at the whole picture. That will become even more important as RFID solutions become more sophisticated. The important thing is to do your homework.

For some time now my iPhone has been issuing daily reminders to me to write about my August visit to Woolwich and Wandsworth. My apologies to my gracious host and old friend Diana Edmonds for taking so long to sit down at a desk again and go over my notes.

However, as is so often the case, the passing of time has already brought new developments in the story that hopefully make it more informative – so here is my account of my return to the noble town of Woolwich, Greenwich Leisure Limited and a brief profile of one of the newest members of the RFID scene in the UK – Solus UK Limited.

Diana invited me to see what GLL were doing in both Greenwich and Wandsworth some time ago. As something of an advocate (one might almost say “pioneer”) of new technologies in libraries I knew that GLL had recently invested in new self-service kiosks and digital tables from Solus and I was interested both to see the devices in action and to discuss how the problem of interoperability – a perennial topic of discussion among London libraries were being overcome.

The first, and very gratifying, impression one has on arriving in Woolwich Library is of excitement. The place was simply buzzing with enthusiasm. Peoples’ network PCs were in high demand near the entrance, while two lively children’s groups were occupying another corner. About twenty members of the knitting circle were engaged in lively debate and creativity in one of the glass cubes that are made available to a large number of interest groups. And that was just the ground floor.

More »

Being an enthusiastic supporter of RFID I was pleased to see Apple finally embrace NFC in its latest iPhone range – albeit a little half-heartedly – joining the growing list of devices that already support the technology.

Apple’s diffidence in restricting NFC to payments for the time being is perhaps understandable given its enormous market potential and their caution should probably be applauded.

For libraries the potential is obvious. Library users in possession of an NFC device potentially already have access to any item bearing the most common type of RFID tag since they not only operate at the same frequency as NFC but support communication protocols that enable devices to read and write data to both smartcards and item tags (subject to any encryption or data-locking that may be in place).

Up until now NFC has been rightly viewed with some caution by librarians since it could be used maliciously in libraries using RFID for self-service etc. The UK’s library and book trade standards body – Book Industry Communication (BIC) – gave an assessment of the risks and issued its guidance for librarians earlier in the year. To date there have been no reported malicious attacks on library stocks so it would seem that the optimism the document expressed was justified. More »

Recently I have received a number of communications about my 2014 Library RFID survey that have given me cause for concern.

More than one sent an attachment – a PDF copy of Part 3 of the survey – the section that gives details of supplier performance against a number of different criteria. Flattering though it was to note that someone in America (the PDF had an American date format on each page) had thought the survey of sufficient interest to make a PDF copy I was more than a little concerned to discover that the file was being distributed as part of a marketing campaign by a US RFID supplier because, taken out of context, the information it contained might be misleading.

So I’d like to take this opportunity to remind readers who may not have been reading the survey for themselves (and that presumably includes those who were sent a copy from by this US supplier) how the results are compiled – and how much credence should be given to the findings.

The first thing to remind everyone is that it is by no means a comprehensive survey. No-one on the planet has any clear idea how many libraries use RFID technology – I read an article only this morning about the number of new UHF installations in China alone. I can’t email every library on Earth so I rely on the goodwill and enthusiasm of those who use and supply the systems, and in some countries, the help of professional bodies and standards agencies to promote the survey. More »

Day One – Amersfoort, Almere and Amstelveen

Following a most enjoyable visit to Lyon for the 80th World Library and Information Congress in August I accepted invitations from two companies operating in the RFID market to go and visit their installations in Belgium and the Netherlands.

Having previously worked in both countries (for three different companies!) it seemed too good an opportunity to see not only how RFID is being used but to renew my acquaintance with the two library communities. I was also eager to see how public libraries in particular were facing up to the challenges that seem at times to be overwhelming their UK counterparts.

My hosts for the first day were the recently renamed Nedap Library Solutions (@nedaplibrix). Having met with Sharon Beening and Ruud Owens in Lyon – and having had some contact with an earlier UK incarnation of Nedap’s library division I wanted to understand more about a company that works extensively with business partners in the UK and elsewhere but which does sell directly into the UK market.

Up until 2014 there had been few Nedap users in the annual survey – despite their obvious considerable presence in the Dutch library market – and I wanted to know more about the development of their product portfolio –especially since the Netherlands developed a national data standard for RFID some time before the UK. More »

On July 31st the European Union finally published directive M436 on Radio Frequency Identification (RFID). M436 has been in process for so long that many RFID users may have forgotten all about it some time ago. A few may never even have heard of it.

M436 attempts to deal with concerns over the privacy issues that have surrounded this technology since it first appeared – in libraries over 20 years ago. The directive is “application agnostic” – meaning that the rules apply to RFID users regardless of how they are using the technology. Libraries are one of the key areas of activity already earmarked by the EU for special attention and will certainly feel the effects of mandate M436 over the next few months/years.

Locations will be required to display a sign

Locations will be required to display a sign

There are two main elements to the directive as I outlined in my “quick guide” for librarians back in 2013. The first, and simplest, is signage. Locations where RFID is being used will be required to display a sign advising users of this fact.

The second, and slightly more demanding requirement is to carry out a Privacy Impact Assessment in order to produce a Privacy Impact Statement that should also be made available to anyone wishing to understand the implications of the use of RFID in an establishment. In a library this might be displayed alongside the sign – or advice be displayed indicating where the statement can be found – on a website for example.

 

The directive is in effect a European standard for RFID privacy. As such it has no legal force at this moment, but may grow teeth if either the UK Information Commissioner’s Office (ICO) or the European Union itself decides it requires formal legislation. Certainly the display of signs and the creation of a Privacy Impact Statement should now be regarded as “best practice” for librarians.

Book Industry Communication (BIC) established a Privacy Group (which I chaired) in 2013 to maintain a watching brief on the progress of M436 and to liaise with the ICO in order to ascertain that body’s attitude to possible legislation. This group will now be reconvened in the near future to initiate its education programme for librarians wishing to know more – or to comply with the directive. Invitations have been issued to both the Society of College, National and University Libraries (SCONUL) and the Society of Chief Librarians (SCL) to participate in this process.

 

Regular readers of this blog will be familiar with the issue of Near Field Communication (NFC) devices being used in conjunction with RFID systems. A quick search for “NFC” on this blog will throw up articles going back over several years explaining why this is an issue that needs to be considered and what steps might be taken to minimise any risks.

BIC has now published its guidance for librarians – available here.

The guidance is the product of BIC’s NFC Working Group and draws heavily on the opinions and expertise of most of the major RFID suppliers in the UK market. As the person tasked with bringing this project to completion I would like to add my personal thanks to representatives of 3M and Bibliotheca in particular for sharing their advice and suggestions so freely.

Is there any cause for concern?

Well the best way to find out is probably to read the document and then perhaps talk to the experts. The incontrovertible fact is that smartphones equipped with NFC can now read and write data to and from almost all the RFID tags used in the world’s libraries.

So it’s probably a good idea to find out what that might mean for you.

 

15. July 2014 · Write a comment · Categories: Uncategorized

The following is an article I wrote back in February for Access – CILIP’s Public and Mobile Libraries Group Journal.

For reasons that are still unclear to me it has never appeared, and since tomorrow sees the establishment of the governance body for BIC’s Library Communication Framework – something I believe will help deliver better and more economic solutions for our beleaguered public library service – I wanted to raise awareness among UK public librarians about the work done on their behalf by some of the agencies with which I work so – after advising the editor yesterday – I am publishing it here instead.

Besides, I spent a lot of time writing it and it seems a pity to waste the effort.

…………………………………………………………………………………………………

Helping to meet the challenge of technology

The UK public library service is changing.

That’s the least provocative opening I could think of – and about as anodyne as most of the remarks made by politicians I’ve read these past few years.

It is nonetheless an obvious truth. Whether you see the future of the service as being a community hub, entirely digital or returning to “traditional” values (whatever they might be) there can be little disagreement that the service will have to deal with some major challenges.

Many of these challenges are of course political in nature. Should library hardware, paid for out of library budgets, be re-purposed to pay your council tax bill for example?

Others may require commercial interests to be aligned with public expectations – should digital services be available universally?

But whether these challenges are political, economic or cultural there is a common thread that I believe runs through almost all of them – technology. More »

14. July 2014 · 3 comments · Categories: Surveys

A perennial question is which library management systems have been successfully installed with which RFID solutions?

I’m never too eager to publish this information since I fear that some may simply look for their ILS/LMS and see which RFID suppliers they should consider. Why is that a bad idea? Well if you’re not buying a solution based on the data standards recommended by the various national bodies around the world (the vast majority of them based on ISO 28560) then I suppose it’s the only way you can be sure of buying something that might work. More »

Last week’s publication of survey results provoked a couple of people to ask me how many UK public libraries are now using self-service kiosks in their libraries.

It’s a difficult question to answer for several reasons. Suppliers don’t publish lists of their clients, not every library responds to the survey, some libraries may still be using other technologies to support self-service (something that began long before RFID appeared),not everyone using RFID is in fact using it to provide self-service and even those that are have not deployed it across the whole authority. More »