Access and Data Security: Difference between revisions
No edit summary |
No edit summary |
||
| Line 7: | Line 7: | ||
== Access == | == Access == | ||
Providing access to our archive’s content is a balancing act between two of our Guiding Principles: defining the goal to provide as wide access to our archive as possible, and defining our responsibility to safeguard data and adhere to legal and ethical norms regarding data privacy, sensitivity, confidentiality, and copyrights. Having a well-considered and clear Access Plan will help achieve that balance. | |||
An archive’s Access Plan should guide both decision-making and implementation related to provision of access. There is no template for a digital archive Access Plan; however, we can identify five elements it should describe and define. | |||
{| class="wikitable" | |||
|Resource alert! | |||
|Planning for Access | |||
A systematic approach to planning different levels and modes of access is provided in detail in “Levels of Born-Digital Access” by the Digital Library Foundation (USA). | |||
|} | |||
'''Access Objectives''' | |||
While our archive’s access-related goal might be generic—such as to provide wide access—the Access Plan should specify more concrete objectives that will contribute to that goal. For example, we could set an objective to create a set of useful finding aids to facilitate use. Or we could seek to make the access modes user-friendly and easily available. | |||
Specific objectives we set will of course differ for different archives, depending on their goals, users, content, etc. Regardless of these differences, setting up clear and concrete objectives will allow us to develop and then implement a comprehensive plan tailored to our needs and requirements. | |||
'''Users and Modes of Use''' | |||
Users of an archive have an essential importance for it—why it exists. The reason we aim to preserve our archival content long-term is to make it available to future users. | |||
Therefore, our Access Plan needs to be grounded in users’ needs and requirements. More than that, the Plan should envision a two-way relationship with users so that their input shapes the way the archive develops its access policies and practices. | |||
On the primary level, we should differentiate between internal (archive and organization’s staff) and external users. Within the internal user group, there will be varying levels of access, depending on a person’s role and their access-related needs. Some staff members will have unrestricted access, while others might have restrictions in terms of different groups of material or type of access they have (e.g., to view or manage files). | |||
When planning for external users’ access, we can distinguish between fully open public access and access provided to predefined groups of users, such as registered users, members of selected external organizations, or similar. The Access Plan should define the level of access to be provided to each of these groups of external users. | |||
Regarding open, public access, the Plan should specify whether such access can be provided for selected groups of material in the digital archive, or for an entire collection. It should also define how material can be accessed (i.e., whether it is only available for viewing, or also for copying and reuse). | |||
'''Access Levels''' | |||
To provide tailored access to different groups of materials, we will need to first have them categorized based on their security status. We can do this using metadata collected in the description stage and in the phase of preparations for ingest. If collected properly, our metadata should allow us to clearly map any content that should be considered “sensitive.” Archival data may be sensitive because of legal, security, or personal considerations. Marking material as “sensitive” may imply limited use (e.g., on-site only, or closed, or conditional access). | |||
The number and names of access levels we create can vary depending on our needs but should cover the following three basic categories: | |||
· Open access: Open materials are available for use with no known restrictions. Materials can be directly accessed by users. Access may occur in an on-site public access point or online. | |||
· Conditional access: This refers to collections that include both open material and material that has restrictions. These restrictions may include materials that are deemed sensitive or under copyright. Conditional access is a continuum that includes documents with differing levels | |||
· of restricted access. | |||
· Closed: Closed materials are not made available to users, but may eventually be made available after an embargo period. Collections or materials may be closed if they contain information protected by applicable law or private, privileged, or sensitive information. | |||
'''Modes and Conditions of Access''' | |||
Access to digital archival material can be provided in three main modes: | |||
● On-site access: Access to archive content is provided on a dedicated on-site public access computer with security measures implemented. This is a viewing-only mode of access, hence any form of copying of content is not allowed. | |||
● Controlled remote access: Secure remote access is provided to a limited group of users, either through a local computer network (LAN) or using a secure remote online access platform. This type of access is often provided to internal users who are not archival staff but work on archive-related projects. Also, this mode of access can be provided to partner organizations working on joint, archive-related projects or to selected individual researchers. The organization can specify whether this mode of access includes only viewing permissions or the users can also copy digital items. | |||
● Open access: Open access is provided on-site or through a website or dedicated online platform. Although open, access can still be controlled, for example by requiring future users to register before using the archive, submit a justified request for access approval, or similar. Open access allows for copying of archival digital material under the presumption that access is only provided to public material that allows reproduction. | |||
'''Access Levels Scheme''' | |||
Considering that different modes of access to material with varying permitted levels of access need to be provided for different user groups, to avoid confusion, it could be useful for an archive to create an Access Levels Scheme as part of the Access Plan. Such a scheme provides an overview of “who has access to what, and how” in the form of a table, such is the example shown in Figure 14. The scheme can be a useful tool for devising as well as for technical and logistical implementation of the planned access levels. | |||
Figure 14. Example of an Access Levels Scheme, with an overview of access levels for different groups of users and different groups of material | |||
{| class="wikitable" | |||
| | |||
|Collection 1 | |||
|Collection 2 | |||
|Collection 3 | |||
|Collection 4 | |||
|- | |||
|Archive staff | |||
|Open | |||
|Open | |||
|Open | |||
|Open | |||
|- | |||
|Project staff | |||
|Open | |||
|Open | |||
|Conditional (view & copy) | |||
|Conditional (view only) | |||
|- | |||
|Partner organizations staff | |||
|Open | |||
|Open | |||
|Conditional (view & copy) | |||
|Closed | |||
|- | |||
|General public | |||
|Open | |||
|Conditional | |||
|Conditional | |||
|Closed | |||
|} | |||
'''Opening the Open Level Access''' | |||
It is useful here to make a distinction between a passive and active approach to provision of access. A passive access approach would be an archive created with the main goal of long-term preservation of the material for historical, legal, or other reasons. Provision of access might be of secondary concern for such an archive, and its efforts in this area might be limited to providing access only to requested materials or on-site only. The focus of such an archive would be to respond to users’ requests and ensure it provides the appropriate level of access to the material for different user groups (e.g., institutions, researchers, etc.). | |||
Most CSOs working with human rights violations archives, however, will likely be taking the other route of an active approach to the provision of access, which is focused on facilitating and providing as wide an access as possible to its users. | |||
The active access approach predominantly concerns “Open Access” mode and does not include materials marked with “Closed” access level. To make our “Open Access” mode truly open, we need to consider accessibility, searchability and usability of access to our archive and content. “Accessibility” concerns the ease of access to archives for everyone. For example, we should consider whether anyone with an internet connection—even an unstable or a weak one—can access the archive, how difficult it is to find and load the online access portal, whether it can be used via mobile devices, and similar. With respect to accessibility for persons with disabilities, we should consider providing a collection-level note about which born-digital materials comply with accessibility needs and/or what is required to render materials for those with visual or hearing impairments. Additional measures could introduce practical arrangements, such as a screen reader, color contrast, or adding tags to define reading order. | |||
{| class="wikitable" | |||
|Resource alert! | |||
|Web Content Accessibility Guidelines (WCAG) are an international standard that provides documentation and guidance on making online content more accessible to people with disabilities. | |||
|} | |||
“Searchability” for our users determines how easy or difficult it is for them to find what they are looking for in our archive. Searchability of our archive will depend on the type and quality of metadata we collected about our material and how well we organize it and provide it to the archive’s users. Using different metadata as “tags” or “keywords” associated with certain items or groups will help users find them more easily. Further, we can provide a user with a map of our archive to guide them by preparing a catalog using the descriptions of the collections, series, and other elements of our archive’s structure. However, searchability of any online accessible archive will mainly rely on the quality of search that can be performed through a dedicated search engine. | |||
“Usability” of an archive relates to how easy it is to use it. That includes, for example, how an archive’s online access point looks and feels and what kind of user experience it creates. A well-designed and organized online access platform can attract more users and encourage current visitors to use it more. It can further support novel archive-related projects and extend the scope of both its use and its beneficiaries. | |||
This is an especially important consideration for CSOs working with human rights violations archives, as their goal is often to not only provide access but also stimulate and facilitate different organizations and individuals to use archival material in their own projects, research, and activities. | |||
Technology allows us to create a whole range of different online access platforms with a variety of formats, visual presentation forms, tools, and other useful features. These solutions can be impressive and made very attractive for users, which generates multiple benefits for both them and the archive. | |||
However, we also need to bear in mind that any technical solution for an online access platform we might want to implement will need to be interoperable and compatible with our Digital Archiving System and any relevant external software tools we use. | |||
'''Access Technologies and Tools''' | |||
Providing a varied level of secure access to our content for different groups of users using different modes of access requires significant technological support that includes both hardware and software. | |||
Thankfully—provided that we have, as suggested earlier in this manual, considered our future access provision needs at the time we were selecting our Digital Archiving System—we can now rely on it for the basic technology needed for the implementation of our Access Plan. For example, if we would have planned for the need to provide different levels of access to different users, both internally and externally, our Digital Archiving System would be able to provide support for it. | |||
However, we will need to invest more time and resources in technical solutions, especially in terms of active approach to access, if we wish to build on these basic access capabilities. This would include using software and applications that allow for the development of digital archival tools and services users can benefit from, as well as improving the design, user-friendliness, and overall user experience of our online access platform. | |||
The choice of software tools we will use for developing our online access platform will be fully dependent on our requirements—the type of platform we want to make, services it will provide, users it will target, etc. A useful tip in selecting software is to search online for an archival online access platform that looks similar to the one you want to develop and then work out which software and technologies were used to make it. | |||
In addition to the technologies related to provision of Open Access, if we are planning to provide on-site or safe remote access, we will need to consider additional technological solutions. For on-site access, this would include a dedicated computer that is not connected to any local computer networks or the internet. We might also need other hardware or software for access to a specific group or format of the material. Safe remote access would also require specialized software that needs to be installed not only in the archive, administratively, but also by the users themselves on their devices. | |||
== Digital Archive Security == | == Digital Archive Security == | ||
Revision as of 20:33, 17 December 2023
Intro
Now that we have finally created our digital archive, we could be forgiven for being eager to share it with its intended users and beneficiary communities, as we envisioned at the beginning of the process in our Guiding Principles. However, providing access to any archive’s content, especially to a human rights violations archive, is not simple or straightforward. Access is closely linked to preservation but also to nearly all other processes and functions in a digital archive. Most closely, however, access is related to the data security function of an archive. These two functions are also the focus of the third stage of a digital archive’s life cycle: its safe opening to the world.
Access
Providing access to our archive’s content is a balancing act between two of our Guiding Principles: defining the goal to provide as wide access to our archive as possible, and defining our responsibility to safeguard data and adhere to legal and ethical norms regarding data privacy, sensitivity, confidentiality, and copyrights. Having a well-considered and clear Access Plan will help achieve that balance.
An archive’s Access Plan should guide both decision-making and implementation related to provision of access. There is no template for a digital archive Access Plan; however, we can identify five elements it should describe and define.
| Resource alert! | Planning for Access
|
Access Objectives
While our archive’s access-related goal might be generic—such as to provide wide access—the Access Plan should specify more concrete objectives that will contribute to that goal. For example, we could set an objective to create a set of useful finding aids to facilitate use. Or we could seek to make the access modes user-friendly and easily available.
Specific objectives we set will of course differ for different archives, depending on their goals, users, content, etc. Regardless of these differences, setting up clear and concrete objectives will allow us to develop and then implement a comprehensive plan tailored to our needs and requirements.
Users and Modes of Use
Users of an archive have an essential importance for it—why it exists. The reason we aim to preserve our archival content long-term is to make it available to future users.
Therefore, our Access Plan needs to be grounded in users’ needs and requirements. More than that, the Plan should envision a two-way relationship with users so that their input shapes the way the archive develops its access policies and practices.
On the primary level, we should differentiate between internal (archive and organization’s staff) and external users. Within the internal user group, there will be varying levels of access, depending on a person’s role and their access-related needs. Some staff members will have unrestricted access, while others might have restrictions in terms of different groups of material or type of access they have (e.g., to view or manage files).
When planning for external users’ access, we can distinguish between fully open public access and access provided to predefined groups of users, such as registered users, members of selected external organizations, or similar. The Access Plan should define the level of access to be provided to each of these groups of external users.
Regarding open, public access, the Plan should specify whether such access can be provided for selected groups of material in the digital archive, or for an entire collection. It should also define how material can be accessed (i.e., whether it is only available for viewing, or also for copying and reuse).
Access Levels
To provide tailored access to different groups of materials, we will need to first have them categorized based on their security status. We can do this using metadata collected in the description stage and in the phase of preparations for ingest. If collected properly, our metadata should allow us to clearly map any content that should be considered “sensitive.” Archival data may be sensitive because of legal, security, or personal considerations. Marking material as “sensitive” may imply limited use (e.g., on-site only, or closed, or conditional access).
The number and names of access levels we create can vary depending on our needs but should cover the following three basic categories:
· Open access: Open materials are available for use with no known restrictions. Materials can be directly accessed by users. Access may occur in an on-site public access point or online.
· Conditional access: This refers to collections that include both open material and material that has restrictions. These restrictions may include materials that are deemed sensitive or under copyright. Conditional access is a continuum that includes documents with differing levels
· of restricted access.
· Closed: Closed materials are not made available to users, but may eventually be made available after an embargo period. Collections or materials may be closed if they contain information protected by applicable law or private, privileged, or sensitive information.
Modes and Conditions of Access
Access to digital archival material can be provided in three main modes:
● On-site access: Access to archive content is provided on a dedicated on-site public access computer with security measures implemented. This is a viewing-only mode of access, hence any form of copying of content is not allowed.
● Controlled remote access: Secure remote access is provided to a limited group of users, either through a local computer network (LAN) or using a secure remote online access platform. This type of access is often provided to internal users who are not archival staff but work on archive-related projects. Also, this mode of access can be provided to partner organizations working on joint, archive-related projects or to selected individual researchers. The organization can specify whether this mode of access includes only viewing permissions or the users can also copy digital items.
● Open access: Open access is provided on-site or through a website or dedicated online platform. Although open, access can still be controlled, for example by requiring future users to register before using the archive, submit a justified request for access approval, or similar. Open access allows for copying of archival digital material under the presumption that access is only provided to public material that allows reproduction.
Access Levels Scheme
Considering that different modes of access to material with varying permitted levels of access need to be provided for different user groups, to avoid confusion, it could be useful for an archive to create an Access Levels Scheme as part of the Access Plan. Such a scheme provides an overview of “who has access to what, and how” in the form of a table, such is the example shown in Figure 14. The scheme can be a useful tool for devising as well as for technical and logistical implementation of the planned access levels.
Figure 14. Example of an Access Levels Scheme, with an overview of access levels for different groups of users and different groups of material
| Collection 1 | Collection 2 | Collection 3 | Collection 4 | |
| Archive staff | Open | Open | Open | Open |
| Project staff | Open | Open | Conditional (view & copy) | Conditional (view only) |
| Partner organizations staff | Open | Open | Conditional (view & copy) | Closed |
| General public | Open | Conditional | Conditional | Closed |
Opening the Open Level Access
It is useful here to make a distinction between a passive and active approach to provision of access. A passive access approach would be an archive created with the main goal of long-term preservation of the material for historical, legal, or other reasons. Provision of access might be of secondary concern for such an archive, and its efforts in this area might be limited to providing access only to requested materials or on-site only. The focus of such an archive would be to respond to users’ requests and ensure it provides the appropriate level of access to the material for different user groups (e.g., institutions, researchers, etc.).
Most CSOs working with human rights violations archives, however, will likely be taking the other route of an active approach to the provision of access, which is focused on facilitating and providing as wide an access as possible to its users.
The active access approach predominantly concerns “Open Access” mode and does not include materials marked with “Closed” access level. To make our “Open Access” mode truly open, we need to consider accessibility, searchability and usability of access to our archive and content. “Accessibility” concerns the ease of access to archives for everyone. For example, we should consider whether anyone with an internet connection—even an unstable or a weak one—can access the archive, how difficult it is to find and load the online access portal, whether it can be used via mobile devices, and similar. With respect to accessibility for persons with disabilities, we should consider providing a collection-level note about which born-digital materials comply with accessibility needs and/or what is required to render materials for those with visual or hearing impairments. Additional measures could introduce practical arrangements, such as a screen reader, color contrast, or adding tags to define reading order.
| Resource alert! | Web Content Accessibility Guidelines (WCAG) are an international standard that provides documentation and guidance on making online content more accessible to people with disabilities. |
“Searchability” for our users determines how easy or difficult it is for them to find what they are looking for in our archive. Searchability of our archive will depend on the type and quality of metadata we collected about our material and how well we organize it and provide it to the archive’s users. Using different metadata as “tags” or “keywords” associated with certain items or groups will help users find them more easily. Further, we can provide a user with a map of our archive to guide them by preparing a catalog using the descriptions of the collections, series, and other elements of our archive’s structure. However, searchability of any online accessible archive will mainly rely on the quality of search that can be performed through a dedicated search engine.
“Usability” of an archive relates to how easy it is to use it. That includes, for example, how an archive’s online access point looks and feels and what kind of user experience it creates. A well-designed and organized online access platform can attract more users and encourage current visitors to use it more. It can further support novel archive-related projects and extend the scope of both its use and its beneficiaries.
This is an especially important consideration for CSOs working with human rights violations archives, as their goal is often to not only provide access but also stimulate and facilitate different organizations and individuals to use archival material in their own projects, research, and activities.
Technology allows us to create a whole range of different online access platforms with a variety of formats, visual presentation forms, tools, and other useful features. These solutions can be impressive and made very attractive for users, which generates multiple benefits for both them and the archive.
However, we also need to bear in mind that any technical solution for an online access platform we might want to implement will need to be interoperable and compatible with our Digital Archiving System and any relevant external software tools we use.
Access Technologies and Tools
Providing a varied level of secure access to our content for different groups of users using different modes of access requires significant technological support that includes both hardware and software.
Thankfully—provided that we have, as suggested earlier in this manual, considered our future access provision needs at the time we were selecting our Digital Archiving System—we can now rely on it for the basic technology needed for the implementation of our Access Plan. For example, if we would have planned for the need to provide different levels of access to different users, both internally and externally, our Digital Archiving System would be able to provide support for it.
However, we will need to invest more time and resources in technical solutions, especially in terms of active approach to access, if we wish to build on these basic access capabilities. This would include using software and applications that allow for the development of digital archival tools and services users can benefit from, as well as improving the design, user-friendliness, and overall user experience of our online access platform.
The choice of software tools we will use for developing our online access platform will be fully dependent on our requirements—the type of platform we want to make, services it will provide, users it will target, etc. A useful tip in selecting software is to search online for an archival online access platform that looks similar to the one you want to develop and then work out which software and technologies were used to make it.
In addition to the technologies related to provision of Open Access, if we are planning to provide on-site or safe remote access, we will need to consider additional technological solutions. For on-site access, this would include a dedicated computer that is not connected to any local computer networks or the internet. We might also need other hardware or software for access to a specific group or format of the material. Safe remote access would also require specialized software that needs to be installed not only in the archive, administratively, but also by the users themselves on their devices.