In EZproxy v7.1, OCLC introduced an optional feature that releases pseudonymous identifiers to content providers. Pseudonymization is a data management and de-identification procedure by which personally identifiable information is replaced with one or more pseudonymous identifiers. Releasing pseudonymous identifiers to content providers enables them to identify an unauthorized e-content user—without obtaining personally identifiable information—so they don’t resort to turning off licensed databases. This allows for more continuous access for the library while continuing to honor library patrons’ rights to privacy. These features will help libraries
Enabling the pseudonymous identifier will release a short-lived, opaque ID to allow content providers to distinguish between individual users (not identify them). This will help realize benefits of content provider intrusion detection systems while continuing to honor patron privacy. Libraries and content providers can use these IDs to resolve issues without blocking campus access.
Please contact OCLC Support in your region to enable the identifier and/or display a privacy notice to end users.
The identifier is enabled when you define a secret for the identifier in the config.txt file. This secret does not allow publishers to decode privacy information but is used to cause each EZproxy site to send a differently-encoded identifier via hashing.
In config.txt, this statement must be included to enable the identifier:
Identifier Secret <a-value-you-set-here>
where <a-value-you-set-here> is a string that will be used as part of the hashing process. Restart your EZproxy server after adding this configuration statement.
Example:
Identifier Secret WQpx*YhF5Y?Wad?M
Note that messages.txt will indicate that the identifier feature is enabled at EZproxy startup.
In order to receive the identifier, each publisher must enter into a data protection agreement with OCLC in order to preserve patron privacy. The following publishers are currently participating:
When a Secret value is established, the pseudonymous identifier will by default be sent to all participating publishers, though it can be disabled on a per-publisher basis. The syntax for disabling the identifier for a specific publisher is:
Identifier Disable <publisher>
The possible values for <publisher> are acs.org, optica.org, tandfonline.com, sciencedirect.com, and wiley.com