Protecting privacy on the web

Purpose The purpose of this paper is to examine the extent to which HTTPS encryption and Google Analytics services have been implemented on academic library websites, and discuss the privacy implications of free services that introduce web tracking of users. Design/methodology/approach The home pages of 279 academic libraries were analyzed for the presence of HTTPS, Google Analytics services and privacy-protection features. Findings Results indicate that HTTPS implementation on library websites is not widespread, and many libraries continue to offer non-secured connections without an automatically enforced redirect to a secure connection. Furthermore, a large majority of library websites included in the study have implemented Google Analytics and/or Google Tag Manager, yet only very few connect securely to Google via HTTPS or have implemented Google Analytics IP anonymization. Practical implications Librarians are encouraged to increase awareness of this issue and take concerted and coherent action across five interrelated areas: implementing secure web protocols (HTTPS), user education, privacy policies, informed consent and risk/benefit analyses. Originality/value Third-party tracking of users is prevalent across the web, and yet few studies demonstrate its extent and consequences for academic library websites.