privacy law and practices in the public library
TRANSCRIPT
Privacy Law in the Public
Library
Libraries
Are
Unique
UNLIKE
EVERYWHERE
ELSE IN THE
WORLD…
Unlike everywhere else in the world
We are committed
to protecting the
privacy of our
patrons!
Many Layers
Established Practice
Constitution of the United States
American Library Association (ALA)
New Hampshire Library Association
(NHLA)
New Hampshire RSA
First Amendment
CONGRESS SHALL MAKE NO LAW
RESPECTING AN ESTABLISHMENT
OF RELIGION, OR PROHIBITING THE
FREE EXERCISE THEREOF; OR
ABRIDGING THE FREEDOM OF
SPEECH, OR OF THE PRESS; OR THE
RIGHT OF THE PEOPLE PEACEABLY
TO ASSEMBLE, AND TO PETITION
THE GOVERNMENT FOR A REDRESS
OF GRIEVANCES.
Fourth Amendment
The right of the people to be secure in
their persons, houses, papers, and
effects, against unreasonable
searches and seizures, shall not be
violated, and no warrants shall issue,
but upon probable cause, supported
by oath or affirmation, and particularly
describing the place to be searched,
and the persons or things to be
seized.
American Library Association
The Library Bill of Rights affirms the ethical imperative to provide unrestricted access to information and to guard against impediments to open inquiry. Article IV states: “Libraries should cooperate with all persons and groups concerned with resisting abridgement of free expression and free access to ideas.” When users recognize or fear that their privacy or confidentiality is compromised, true freedom of inquiry no longer exists.
NHLA Intellectual Freedom
Manual Freedom of expression is an inalienable
human right and the foundation for self-government. Freedom of expression encompasses the freedom of speech and the corollary right to receive information. These rights extend to minors as well as adults. Libraries and librarians exist to facilitate the exercise of these rights by selecting, producing, providing access to, identifying, retrieving, organizing, providing instruction in the use of, and preserving recorded expression regardless of the format or technology.
New Hampshire RSA
Library records which contain the names or other personal identifying information regarding the users of public or other than public libraries shall be confidential and shall not be disclosed
Such records include, but are not limited to, library, information system, and archival records related to the circulation and use of library materials or services, including records of materials that have been viewed or stored in electronic form.
What Does This All Mean?
How Do We Ensure Privacy?
Right to Privacy in the Public
Library
“All users have a right to be free from
any unreasonable intrusion into or
surveillance of their lawful library use”
(ALA, An Interpretation of the Library
Bill of Rights)
So We Provide…
Privacy
◦ Right to open inquiry
◦ Free from scrutiny or examination
Confidentiality
◦ No “data-mining”
◦ Not sharing PII
What is PII?
Personally Identifiable
Information
Credit card
Library card
Websites visited (cookies)
Can build up a picture of who you are
(tastes, interests, etc.)
◦ Inaccurate
◦ Dangerous (to individual and freedom of
expression/open inquiry)
Polaris
Our ILS, comes with
built-in safeguards
◦ Library card authentication
◦ Reading history must be turned on by patron, through patron account at home
◦ PIN chosen by patron, unseen by staff
◦ Each staff member has unique logon to prevent tampering of records
Envisionware
• Time management software
• Requires library barcode authentication
• Does not keep a record of who logged on
• Staff has no access to past logons
• After 10 minutes of inactivity, reboots
• Print jobs also are deleted at the end of the night
PUBLIC
COMPUTE
R
TERMINAL
S
Smartshield• By Centurion Guard
• License required per computer
• Locks down the computer so
that it reboots in between
users to a preset state
• Wipes the computer clean
between patrons, so no
browsing or download history
remains – nothing is saved
(personal info or Word
documents, etc)
Clean Slate
By Fortres
Licenses reasonably priced
Let’s you boot to a particular site only
Used for our catalog machines
Protects patron searches
BEST PRACTICES
Staff Interactions
• Patron must have card in hand or photo
ID
• Holds are kept behind desk
• Information is not given out by phone
• Reference will not do business for
patrons
• Discretion!
• Less convenient for
patron but necessary
Reference Services
Do not open patron records at public desk
Do not ask specific questions as to why they need the material
Do not discuss among other staff members what a patron is asking, looking for, researching, etc.
Do not make value judgments on material being viewed with public access computers, or about the patrons’ beliefs
Do not use patron checkout history for collection development; only item history
Circulation/Children’s
Do not give out information to a patron about another patron’s account (reading history, books due, address, telephone number, etc.)
Do not talk about a patron’s checkout history with coworkers, or about them at all.
Do not share any information about a patron, (the patron’s PII); even with authorities. ◦ A search warrant/court order is required for
release of ANY information.
What Do I Do If…
Authorities walk in and demand
records, information, computers, etc.
• Don’t Panic
• Under no obligation to provide without a
warrant
• RSA 201-D:11: “Library records which contain the
names or other personal identifying information
regarding the users of … public libraries shall be
confidential and shall not be disclosed except … [that
records] shall be disclosed upon request by or
consent of the user or pursuant to subpoena, court
order, or where otherwise required by statute.” This
includes electronic information, like browsing history.
The Library Receives a Search
Warrant
Can be executed immediately
Will be signed by a judge and the date
will be current
Will be specific
Do not provide additional information
Other Possibilities
The Library
Receives a
Subpoena
◦ Will be seeking
records
◦ Is not immediate
◦ Can be handled by
director
The Library
Receives an NSL
from the FBI
◦ Usually comes with
a gag order
◦ Also not immediate
◦ Can be handled by
director