Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Privacy and Libraries

2 789 vues

Publié le

Created for IST 618 Survey of Telecommunications and Information Policy, 2007

  • Soyez le premier à commenter

Privacy and Libraries

  1. 1. Privacy and Libraries in the Digital Age Bradley Shipps IST 618 Survey of Telecommunications and Information Policy November 5, 2007
  2. 2. Privacy laws in the United States A brief overview
  3. 3. Right to privacy <ul><li>The individual right to privacy is not explicitly addressed in the U.S. Constitution, but it has been recognized in many court cases. </li></ul>(Rubin, 2001 also Neuhaus, 2003) The United States Consititution (AP)
  4. 4. Source of right to privacy <ul><li>Privacy is a penumbra right. </li></ul><ul><li>It is “guaranteed by implication.” </li></ul><ul><li>( Merriam-Webster Online ) </li></ul>(Image: http://www.schorsch.com/kbase/glossary/penumbra.html)
  5. 5. Supreme Court on privacy <ul><li>Griswold v. Connecticut </li></ul><ul><li>The first, third, fourth, fifth, and ninth amendments provide a constitutional basis for the right to privacy. </li></ul><ul><li>(Neuhaus, 2003) </li></ul>The United States Supreme Court (AP)
  6. 6. Privacy in libraries Why is privacy important in libraries?
  7. 7. ALA on Privacy <ul><li>An Interpretation of the </li></ul><ul><li>Library Bill of Rights </li></ul><ul><li>Without privacy protections, individuals may avoid researching controversial topics out of fear of exposure. </li></ul><ul><li>Such fear creates a “chilling effect” on free inquiry. </li></ul><ul><li>(ALA, 2002) </li></ul>(AP)
  8. 8. Legal protection of privacy in libraries
  9. 9. State laws on privacy in libraries <ul><li>The Supreme Court and federal law do not directly address privacy of library data, but 48 states and the District of Columbia have enacted statutes to protect library patrons’ privacy. (Neuhaus, 2003) </li></ul>
  10. 10. Types of state laws <ul><li>State laws vary widely in their details. </li></ul><ul><li>Integrated statutes: revise existing open records laws to address libraries </li></ul><ul><li>Independent statutes: new laws written expressly to address library records </li></ul><ul><li>(Neuhaus, 2003) </li></ul>
  11. 11. <ul><li>The New York statute is an example </li></ul><ul><li>of broad coverage: </li></ul><ul><li>Library records, which contain… personally </li></ul><ul><li>identifying details … including but not limited to </li></ul><ul><ul><li>circulation </li></ul></ul><ul><ul><li>database searches </li></ul></ul><ul><ul><li>interlibrary loan </li></ul></ul><ul><ul><li>reference queries </li></ul></ul>
  12. 12. NY Statute, cont. <ul><ul><li>requests for photocopies </li></ul></ul><ul><ul><li>title reserve requests </li></ul></ul><ul><ul><li>use of audio-visual materials </li></ul></ul><ul><li>shall be confidential… except… </li></ul><ul><ul><li>[as] necessary for the proper operation of such library </li></ul></ul><ul><ul><li>upon request or consent of a user </li></ul></ul><ul><ul><li>pursuant to subpoena or court order </li></ul></ul><ul><ul><li>where otherwise required by statute </li></ul></ul><ul><li>(New York State Statutes, Section 4509) </li></ul>
  13. 13. Librarians’ professional commitment to privacy
  14. 14. <ul><li>American Library Association , Code of Ethics, excerpt: </li></ul><ul><li>III. We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted. </li></ul><ul><li>(ALA, 1995) </li></ul>
  15. 15. <ul><li>American Society of Information Science and Technology , Professional Guidelines, excerpt: </li></ul><ul><li>To uphold each user’s, provider’s or employer’s right to privacy and confidentiality … by… </li></ul><ul><ul><ul><li>limiting access to, providing proper security for and ensuring proper disposal of data about clients, patrons or users. </li></ul></ul></ul><ul><li>(ASIS&T, 1992) </li></ul>
  16. 16. <ul><li>International Federation of </li></ul><ul><li>Library Associations </li></ul><ul><li>The Glasgow Declaration </li></ul><ul><li>on Libraries, Information Services </li></ul><ul><li>and Intellectual Freedom, excerpt: </li></ul><ul><li>Libraries and information services shall protect each user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted. </li></ul><ul><li>(IFLA, 2002) </li></ul>
  17. 17. Examples of best practices <ul><li>Access to user data should be restricted to staff who need it to perform their duties. </li></ul><ul><li>Circulation data, patron telephone numbers, addresses, social security numbers, etc. should be held private. </li></ul><ul><li>Reference inquiries should be confidential. </li></ul><ul><li>(Fourie, 2002) </li></ul>
  18. 18. <ul><li>Many paraprofessionals have access to customer data. They may not be familiar with or feel obligated to follow ALA policies. Each library must establish clear privacy policies and communicate them to all employees. </li></ul>Charleston County Public Library Staff Day (Image: mstephens7, http://flickr.com/photos/michaelsphotos/475515141/)
  19. 19. Legal challenges to privacy in libraries
  20. 20. <ul><li>Legitimate issues of law enforcement, public safety, and national security supersede privacy of library records, but this is often a gray area. </li></ul><ul><li>(Neuhaus, 2003) </li></ul>(Image: sunside, http://flickr.com/photos/10832246@N06/1433052868/)
  21. 21. Challenge: <ul><li>1970s - FBI institutes Library Awareness Program. Questioned librarians about individuals making reference requests related to scientific and technical information that might be of strategic interest to foreign agents. </li></ul><ul><li>(Rubin, 2001 and Neuhaus, 2003) </li></ul>(AP)
  22. 22. Response: <ul><li>1988 - American Library Association </li></ul><ul><ul><li>Condemns program and calls for its end </li></ul></ul><ul><ul><li>Characterizes program as intimidation </li></ul></ul><ul><ul><li>Resolution sent to </li></ul></ul><ul><ul><ul><li>President </li></ul></ul></ul><ul><ul><ul><li>Senate Subcommittee on Technology and the Law </li></ul></ul></ul><ul><ul><ul><li>House Judiciary Subcommittee on Civil and Constitutional Rights </li></ul></ul></ul><ul><ul><ul><li>Director of the Federal Bureau of Investigation </li></ul></ul></ul><ul><li>1989 - FBI ends Library Awareness Program </li></ul><ul><li>(ALA, 1988) </li></ul>
  23. 23. Challenge: <ul><li>2001 - USA PATRIOT Act </li></ul><ul><li>Allows use of National Security Letters to obtain access to electronic transaction records and possible seizure of computers or servers </li></ul><ul><li>Expands the use of FISA warrants and reclassifies library and student records as business records </li></ul><ul><li>(Neuhaus, 2003) </li></ul>
  24. 24. Response: <ul><li>January 2002 - ALA Resolution Reaffirming the Principles of Intellectual Freedom </li></ul><ul><ul><li>Encourages libraries to uphold privacy of user data </li></ul></ul><ul><li>(ALA, 2002) </li></ul>(AP)
  25. 25. Response: <ul><li>January 2003 - ALA passes Resolution on the USA Patriot Act and Related Measures that Infringe on the Rights of Library Users </li></ul><ul><ul><li>The Patriot Act infringes upon privacy rights and impedes free inquiry, thereby preventing libraries from achieving their democratic mission. </li></ul></ul><ul><ul><li>Libraries should educate their users about the act and take steps to protect their privacy. </li></ul></ul><ul><ul><li>(Rubin, 2004) </li></ul></ul>
  26. 26. Best Practices: <ul><li>Refuse to release information until a subpoena is issued. </li></ul><ul><li>Request a court hearing to verify that the subpoena has been obtained properly. </li></ul><ul><li>Set policies before the problem arises and train librarians and staff on how to follow policies. </li></ul><ul><li>(Neuhaus, 2003) </li></ul>
  27. 27. <ul><li>Library employees can consult an attorney before complying with a subpoena, but may have to comply with a search warrant immediately. Library employees may inform their supervisor and attorney of the event regardless of secrecy provisions. (Neuhaus, 2003) </li></ul>Four Connecticut librarians sought help from the ACLU after the FBI demanded patron records through a National Security Letter. (AP)
  28. 28. Technological Challenges to Privacy
  29. 29. March 21, 2006 - FBI agents followed terror suspect Syed Ahmed into the Chestatee Regional Library in Dawsonville, Georgia. After Ahmed left the library, the agents accessed the browser history of the computer. The FBI agents did not have a search warrant. Syed Ahmed (AP)
  30. 30. “ The actions of the government agent, contrary to the policies and procedures of the library … violated the defendant’s reasonable expectations of privacy.” - Jack Martin, attorney for Syed Ahmed (Terror suspect, 2007) Technology allowed federal agents to bypass library policy….
  31. 31. Digital library transactions involve outside parties, such as software developers, database vendors, or Internet service providers. Existing laws and policies may not protect privacy of digital transactions. None of the existing state laws specifically discuss privacy of digital reference records. (Neuhaus, 2003)
  32. 32. Technology challenge: <ul><li>Digital Rights Management (DRM) </li></ul><ul><li>Libraries are increasingly digitizing their assets, often with the goal of improving access. </li></ul>(AP)
  33. 33. Privacy issue: <ul><li>Libraries often require user authentication. </li></ul><ul><li>Use of the system might be recorded. </li></ul><ul><li>(Rubin, 2004) </li></ul>
  34. 34. Technology challenge: <ul><li>Internet Filters </li></ul><ul><li>The Children’s Internet Protection Act (CIPA) requires libraries that accept federal funds for Internet access to use filters. </li></ul>(AP)
  35. 35. Privacy issue: <ul><li>Aside from the ethical issues of censorship and freedom of information, Internet filtering raises privacy issues as well. Filtering software might record users’ online behavior. </li></ul><ul><li>(Rubin, 2004) </li></ul>(AP)
  36. 36. Technology challenge: <ul><li>Digital Reference </li></ul><ul><li>Chat, e-mail, and Web forms require collection of personal information. </li></ul><ul><li>Libraries can keep transcripts indefinitely. </li></ul><ul><li>(Neuhaus, 2003) </li></ul>
  37. 37. Privacy issue: <ul><li>Law enforcement may request reference records from the vendor rather than the library. </li></ul><ul><li>If the vendor complies, will the library or the patron ever know that it happened? </li></ul><ul><li>(Neuhaus, 2003) </li></ul>(Image: M.J.S., http://flickr.com/photos/booksnake/171233840/)
  38. 38. Conclusion <ul><li>Libraries must adapt their privacy policies and procedures to address technological changes. </li></ul>(Image: NJLA, http://flickr.com/photos/njla/473873371/)
  39. 39. Policy Recommendations
  40. 40. Librarians should… <ul><li>collect the minimum amount of data necessary </li></ul><ul><li>limit access to digital records to the fewest people possible </li></ul><ul><li>train personnel on privacy policies and procedures </li></ul><ul><li>inform users of the library’s privacy policies and procedures: what data is being collected and how </li></ul>
  41. 41. Librarians should… <ul><li>collaborate with software vendors to implement adequate security measures </li></ul><ul><ul><li>offer anonymity option as default </li></ul></ul><ul><ul><li>require encryption </li></ul></ul><ul><ul><li>negotiate policies regarding data storage </li></ul></ul>
  42. 42. Librarians should… <ul><li>encourage state and federal officials to update laws to protect digital library records </li></ul><ul><li>contact their federal representatives regarding bills that affect library privacy rights </li></ul><ul><li>(Neuhaus, 2003) </li></ul>
  43. 43. Works Cited American Library Association. (1988, July 13). Resolution in opposition to FBI Library Awareness Program (88.07.13 #77.4) . Retrieved October 21, 2007, from http://www.ala.org/ala/godort/godortresolutions/19880713153.htm _____. (1995, June 28). Code of ethics of the American Library Association. Retrieved October 19, 2007, from http://www.ala.org/ala/oif/statementspols/codeofethics/codeethics.htm _____. (2002, January 23) . Resolution reaffirming the principles of intellectual freedom in the aftermath of terrorist attacks. Retrieved October 13, 2007, from http://www.ala.org/Template.cfm?Section=ifresolutions&Template=/ContentManagement/ContentDisplay.cfm&ContentID=78173 _____. (2002, June 19). Privacy: an interpretation of the Library Bill of Rights. Retrieved October 19, 2007, from http://www.ala.org/Template.cfm?Section=interpretations&Template=/ContentManagement/ContentDisplay.cfm&ContentID=132904 American Society for Information Science and Technology. (1992, May 30). ASIS&T Professional Guidelines . Retrieved October 19, 2007, from http://www.asis.org/AboutASIS/professional-guidelines.html Fourie, D. K. & Dowell, D. R. (2002). Libraries in the information age: An introduction and career exploration . Greenwood Village, CO: Libraries Unlimited.
  44. 44. Works Cited, cont. International Federation of Library Associations and Institutions. (2002, August 19). The Glasgow Declaration on Libraries, Information Services and Intellectual Freedom . Retrieved October 20, 2007 from http://www.ifla.org/faife/policy/iflastat/gldeclar-e.html Merriam-Webster Online . (n.d.). Retrieved October 20, 2007, from http://www.merriam-webster.com/dictionary/penumbra Neuhaus, P. (2003). Privacy and confidentiality in digital reference [Electronic version]. Reference and User Services Quarterly, 43 (1), 26-36. Rubin, R. E. (2001). Ethical aspects of reference service. In R. E. Bopp & L. C. Smith (Eds.), Reference and information services: An introduction (3 rd ed., pp. 28-46). Englewood, CO: Libraries Unlimited. _____. (2004). Foundations of library and information science (2 nd ed.). New York: Neal-Schuman. Terror suspect says FBI spied on his library computer use. (2007, October 11). The International Herald Tribune. Retrieved October 12, 2007, from http://www.iht.com/articles/ap/2007/10/11/america/NA-GEN-US-Terrorism-Arrests.php