LendLocked: Privacy & Transparency for Digital Library Lending
Authors: Boya Wang (MPI-SP & EPFL), Peter Hall (New York University), Sunoo Park (New York University)
Volume: 2026
Issue: 4
Pages: 83–113
DOI: https://doi.org/10.56553/popets-2026-0111
Artifact: Available, Functional, Reproduced
Abstract: Digital library lending is a critical resource for access to information. Currently prevalent models of digital lending, however, involve opaque licensing schemes that entail serious drawbacks to reader privacy and freedom of expression. In popular modern library apps, publishers and hidden intermediaries control a wealth of information about readers and reading habits, at a scale and level of detail that would be essentially impossible in physical library lending.
To understand digital lending needs in practice, our work begins with a series of interviews with library professionals (N=11). We present thematic findings on their concerns with existing systems, including privacy, surveillance, preservation, and lack of library control over resources. Many of the concerns raised are inherently unproblematic in the context of physical library lending---leading us to our central technical question: Can digital lending achieve privacy and transparency at least as strong as physical library lending?
Based on our qualitative findings, we provide the first rigorous modeling of security, privacy, and transparency requirements in digital library lending. As existing systems fall short of the strong guarantees we model, we propose a new system design, LendLocked, based on cryptography and trusted hardware, and prove it achieves these guarantees in the random oracle model. We micro-benchmark our design's key cryptographic functionalities, showing tolerable efficiency at the scale of the largest libraries.
Keywords: Privacy-Enhancing Technologies, Cryptography, Transparency
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.