Bobbi Newman - Protecting Patron Privacy: A LITA Guide

ROWMAN & LITTLEFIELD

Lanham Boulder New York London

Library of Congress Cataloging-in-Publication Data Available

ISBN 9781442269699 (hardback : alk. paper) | ISBN 9781442269705 (pbk. : alk. paper) | ISBN 9781442269712 (electronic)

TM The paper used in this publication meets the minimum requirements of American National Standard for Information Sciences Permanence of Paper for Printed Library Materials, ANSI/NISO Z39.48-1992.

Printed in the United States of America

James LaRue

A few years ago, when I was a public library director, I got an angry call from a patron. He demanded to know what our policy and procedures were for our public photocopy machines. When we got rid of them, how did we wipe their internal hard drives? Our vendor had sold the used machines to a company in Brazil. That company harvested the information on the hard drives, which included, among other things, our patrons tax returns. He was now dealing with various kinds of identity theft.

My response went from initial disbelief to puzzlement to embarrassment. Upon investigation, I discovered that everything he said was true.

It had never occurred to me that copy machines had hard drives, or that we needed to address this issue in our vendor contracts. There was no policy. We did then take steps to assure that this carelessness with photocopy data didnt happen againbut that was of little help to the patron.

Protecting Patron Privacy, by editors Newman and Tijerina, is an attempt to sound the alarm before the horse escapes the barn. Well versed in history and law, grounded in theory, immersed in the lively practitioner moment, eyes on the horizon, the authors in this volume tackle one of librarianships most urgent emerging issues.

The truth is, virtually every moment of our lives is now watchable, discoverable, and capable of being stored and used by others. Our defense against thatthe preservation of the right to be let alone that is one of the necessary conditions of intellectual freedomis, as always, policy and responsive practice.

To stay within sight of the growing challenges to our privacy, we must commit ourselves to three phases:

• Awareness. Early chapters define key terms, provide an excellent overview of the issues, and lay out the legal timelines and decisions.

• Analysis. Librarians and patrons must learn to think critically about issues as they happen. To that end, our authors offer and demonstrate a rigorous threat assessment model.

• Action. It isnt enough to educate ourselves about the past or even to stay current on the latest technologies that could compromise the privacy of our patrons. Librarians must intervene, putting ourselves between the threat and the patron. We must ask ourselves whether we should be gathering some kinds of data at all. We need not only identify potential abuse from 3rd party vendors with access to patron data, but also insert specific language in our contracts with them to prevent that abuse. We must lobby for more comprehensive legal protections, state by state, or nationally, as other countries have done. We must annually audit our systems both for privacy and security, adopting systems of authentication, encryption, backups, and destruction. We must adopt the best practice guidelines created and tested by librarians everywhere. We must train our staff and our public to stay both up-to-date and alert.

The thoughtful authors in this volume make an important contribution to the profession. This is both the time and the topic to watch closely, lest we all find ourselves wondering why our tax returns are being mailed to Brazil. I am grateful for LITA for their good work reflected in this volume. It is clear that we are going to need it.

James LaRue is director of the American Library Association Office for Intellectual Freedom & Freedom to Read Foundation.

In 2015 as part of an ongoing series of publications and research on public libraries in America, the Pew Research Center released a new report: Libraries at the Crossroads: The Public Is Interested in New Service and Thinks Libraries Are Important to Communities. This report reported that 76 percent of the public believe that libraries definitely should offer programs to teach patrons about protecting their privacy and security online security, with another 18 percent indicating maybe should. The public has questions and concerns about privacy and is looking to libraries as a trusted and reliable institution for instruction.

Although privacy is one of the core tenets of librarianship, technology changes have made it increasingly difficult for libraries to ensure the privacy of their patrons in the twenty-first-century library. Websites track patrons at home and on library computers. Database vendors gather and keep data on patrons. Ebook vendors gather information not just on who checked out a book, but also what page the reader is on and how fast he or she is reading.