We screwed up: identities in loosely-coupled systems

Posted on Sun 04 October 2015 in misc

A few weeks ago, I came to the startling and depressing realization that we had screwed up. It started when someone I know and greatly respect ran into me in the library and said "We have a problem".

I'm the recently appointed Chair of our library and archives department, so being approached about a problem isn't surprising. However, the severity of the problem was.

Here's what happened: the person in question had asked for a group study key at the circulation desk, and handed over the university photo ID card to check the item out. The library staff person noted that the name on the photo ID card didn't match the name in the library system. Even though the photo was an exact match, the staff person refused to check out the item to the patron.

The next day, after the person who suffered that indignity approached me, I was able to update the name for the account in the library system in about a minute. While apologizing profusely. And I had to explain why our system had failed this person. A few years back we were able to start automatically polling our university's LDAP server for new university accounts and immediately create the corresponding library system account, with a unique barcode, and update the LDAP account with that new barcode. That removed an entire set of (essentially duplicated) paperwork that new students and faculty used to have to fill out to get a university photo ID card, as well as reduced the amount of personally identifiable information held in our library system to the bare minimum of name, email address, and university ID number.

However, we have never been able to poll the university LDAP server for updates.

Admittedly, my primary interest in updates was to synchronize accounts when students become alumni, or staff retire, etc., but in retrospect the ability to synchronize name changes (and email addresses, which are often derived from names) is blindingly obvious and absolutely necessary. When a person goes through the effort of changing their name, they are changing their identity in a very meaningful, significant fashion. To have the identity they have consciously abandoned resurface in various systems is (at best) frustrating, but can also be utterly demeaning. This is not the experience we want for our patrons.

In retrospect, at least two problems have surfaced with this incident:

  1. The name attached to the account in the library system should have matched the name on the card.
  2. In a conflict between systems, given a choice between believing the person in front of you or one of the systems, staff should respect the person in front of them and note the problem for someone to follow up on.

I've held initial conversations with our university IT department to try and figure out strategies for closing that synchronization gap. In the short term, I'm willing to handle identity changes in a purely manual way (having the Registrar notify me when a change needs to be made). We have also reminded staff to defer to people rather than systems, as the people who make and maintain the systems are fallible (mea culpa).

In the slightly longer term, I'm building the synchronization piece so that we can trigger an update for an individual account at any given time. And I'm posting this in the hopes that it might prompt you to consider your various loosely-coupled systems and the identity management for the accounts within, just in case there are some synchronization gaps that you might be able to close.

Because our patrons deserve respect, in person, and in the systems we design to serve them.