Patron Privacy in Libraries

Running head: LIBRARY PRIVACY IN THE MODERN ERA 1

Library Privacy in the Modern Era

Deidre Black

University of North Texas

SLIS 5000

August 4, 2014

Dr. Xin Wang

LIBRARY PRIVACY IN THE MODERN ERA 2

Abstract

This report examines library privacy and how it is being compromised in the technological age.

It provides specific instances of how the ALA Code of Ethics and the Library Bill of Rights are

being bypassed as libraries broaden their services and how the U.S. government violates patron

privacy through the Patriot Act. The report acknowledges the need for technological evolution in

libraries in order to maintain relevance, while also keeping a sharp eye on patron privacy issues.

Certain authors cited in this report express concern over online chats and forums posted to

library sites and also self-service holds—all of which encourage exposure of patrons, their

personal information, reading habits and possibly more. Other authors referenced take a less

rigid view, calling for overhauls of the library system and encouraging a greater amount of

information sharing and user options that are not in keeping with traditional library policy. This

report presents these differing points of view while giving real-world examples of how library

websites and policies are changing in the age of social media. It also contends that, in an age in

which people seem less concerned for their own privacy, public and academic libraries still have

an obligation to protect them.


Breaches in Library Privacy

Privacy is simply the right and expectation to be left alone (Shuler, 2004). The ALA Code of

Ethics and the Library Bill of Rights are guidelines or social contracts which dictate how libraries

should preserve this privacy for their patrons. In an age when personal information is being

circulated at a dizzying rate, library professionals find themselves in a precarious position.

Following the 9/11 attacks, the Patriot Act was signed into law in order to intercept and combat

acts of terrorism. However, the Patriot Act includes sections that are relevant to libraries and

carry the potential to damage and erode the library-patron relationship. Section 215 permits the

federal government to seize “borrowing records as well as records of Internet activity in a public

library” (Drabinski, 2006). A gag order provision in Section 215 prohibits librarians from

discussing these seizures of patron information with anyone other than a staff member for the

purposes of producing the requested materials and an attorney. Section 505 contains a gag order

which is not subject to judicial oversight (Hill & Delaney, 2013). This can all occur without a

patron ever being made aware that their information has been seized.

A recent library amenity, the self-service hold, also threatens the privacy of patrons. This

practice is popular with customers and librarians alike, but it comes with possible privacy risks.

“For example, if the library places hold materials on an open shelf for patrons to peruse…other

patrons will be able to discover what materials are being requested by particular patrons”

(Stevens, Bravender, & Witteveen-Lane, 2012). In a personal investigation, it was discovered

that the Freeman Library in Houston (part of the Harris County Public Library System), places

self-service holds inside yellow envelopes in an attempt to preserve privacy, and patrons’ full


names are written on the outsides. The shelving area where these items are situated is seldom

monitored, however, allowing patrons access to others’ requested materials.

Library 2.0 could be the “next big thing” for libraries, keeping them relevant in an age of social

networks, blogs, instant messaging and online rating systems. Unfortunately, these kinds of

activities bring with them an element of vulnerability for participants. “Library patrons could

potentially be required to create user accounts, engage in activities that divulge personal interests

and intellectual activities” (Zimmer, 2013). Ideally, patrons’ activities are protected and private,

as outlined in the ALA Code of Ethics and Library Bill of Rights. Although libraries must follow

trends in order to maintain relevancy, encouraging patrons to essentially expose themselves is

deemed unethical by ALA standards. The Harris County Public Library website supports patron

forums and book reviews through a third party vendor, EngagedPatrons.org. In creating their

accounts, some participants chose to divulge their names, jobs, details about their families,

personal photos and a list of books they had read ([HCPL Adult Reading], n.d.). This is being

done on the library’s watch.

MAA (mutually assured anonymity) is the balance between patron privacy and academic

freedom that university or school librarians strive to achieve. In an electronic era when students

must be identified in order to borrow or browse information, this anonymity is being

compromised. Technologies such as Radio Frequency Identification are being used to identify

patrons in academic libraries, and their electronic activities are all being tracked. “As long as the

user signs on legitimately, resources used, Web sites visited, people who exchanged email,

instant messages, or chatted with is all documented in some fashion and kept track of by the

technology” (Shuler, 2004). This retention of information is a violation of privacy according to

the ALA Code of Ethics and the Library Bill of Rights. “There is a great difference between the


passive accumulation of personal data for a variety of legitimate purposes and the deliberate,

active invasion of privacy. The former has potential for abuse, the latter is abuse” (Gorman,

1999).

A Struggle for Privacy

For those information professionals that remain ever-vigilant against forces which threaten

library core values and missions, retaining rights to privacy has become a constant battle. In

response to those sections of the Patriot Act which basically ignore patron privacy, libraries and

librarians have been taking a stand against the U.S. government. Emily Drabinski in her 2006

article writes that “resistance by librarians has taken many forms, including local actions meant

to inform patrons about the abridgement of their rights” (2006). At work, some librarians have

begun posting highly-visible flyers, alerting patrons that they may be monitored without their

knowledge or consent. The ALA website now includes support and advice on what librarians

should do if they happen to be subpoenaed under section 215 of the Patriot Act.

Drabinski references Doe v. Gonzalez in which “four Connecticut librarians challenged the gag

order embedded in Section 505 of the Patriot Act” (2006). Their case was dropped, with no

compromise provided by the government. The ALA has been lobbying in the House of

Representatives and the Senate in an effort to have library records exempted from the set of

documents that may be seized under the Patriot Act (Drabinski, 2006). These efforts have also

ended in failure, as Section 215 was recently re-authorized and Section 505 has been made into a

“permanent federal statute” (Hill & Delaney, 2013).

In response to privacy issues surrounding self-service holds, the ALA Council sent out a press

release urging “all libraries that implement self-service holds to protect patron identity by


adopting practices and procedures that conceal the library user’s personally identifiable

information in connection with the materials being borrowed” (2011). Lackluster management of

self-service holds directly violates the ALA Code of Ethics, which states “we protect library

user’s right to privacy and confidentiality with respect to information sought or received and

resources consulted, borrowed, acquired or transmitted” (as cited in American Library

Association, 2011).

Facebook and Information Commodities

“The point is that it is not technology that is the enemy of privacy but our joyful use of

technology. We give away something of ourselves each time we engage in online transactions”

(Gorman, 2001). As a society, most of us have online accounts for multiple websites (social

media sites, shopping sites, etc.) and multiple devices that connect to the Internet. We share

photos, vacation plans, opinions and ideas on a regular basis. Following this popular trend, David

Weinberger urges libraries to become more like Facebook, in that they offer any and all

information to their users by becoming a sort of platform with an unlimited set of resources. He

envisions a library website that offers products and services produced by non-employees, just as

Facebook allows third-party apps, such as the very popular Candy Crush. In addressing privacy

concerns, he contends that “increasingly many…users don’t care all that much about the privacy

their libraries are protecting” (Weinberger, 2012). If his vision were to become reality, library

users could fall prey to third parties whose privacy policies are more lax than those of the library.

When library patrons click third-party hyperlinks, their personal information is at risk. In the

instance of Facebook, in order for users to play Candy Crush, they must give permission for

Candy Crush to access to their personal profiles, email address and friend list. This tactic is used

to lure more people toward their product. Retained patron information is a precious commodity


for some commercial organizations in order to gain clients or customers. When patron

information carries a price tag, libraries need to ensure privacy measures are in place to protect

their privacy and interests.

Conclusion

Michael Zimmer states that libraries now find themselves “at a crossroads: several of the services

traditionally provided within their walls are increasingly made available online, often by non-

traditional sources, both commercial and amateur, thereby threatening the historical role of the

library in collecting, filtering, and delivering information” (2013). Now, more than ever, it is

important for librarians to be vigilant when protecting patron privacy. Shirking this responsibility

could destroy libraries if patrons feel vulnerable and choose to stay away.


References

American Library Association. (2011). ALA resolution promotes library user confidentiality in

self-service hold practices [Press release]. Retrieved from http://www.ala.org/news/press-

releases/2011/08/ala-resolution-promotes-library-user-confidentiality-self-service-hold

Drabinski, E. (2006). Librarians and the Patriot Act. Radical Teacher, (77), 12-14.

Gorman, M. (2001). Privacy in the digital environment--issues for libraries. Retrieved from

http://archive.ifla.org/IV/ifla67/papers/145-083e.pdf

[HCPL Adult Reading] (n.d.). Retrieved July 28, 2014 from

http://www.engagedpatrons.com/read/index.cfm?SiteID=7037&ReadID=316

Hill, J. & Delaney, J. (2013). The USA Patriot Act in 2013: What it currently means for libraries.

Retrieved from http://www.ila.org/the-usa-patriot-act-in-2012-what-it-currently-means-for-

libraries

Shuler, J. (2004). Information policy privacy and academic libraries: Widening the frame of

discussion. Journal of Academic Librarianship, 30(2), 157-159.

Stevens, R. S., Bravender, P., & Witteveen-Lane, C. (2012). Self-service holds in

libraries. Reference & User Services Quarterly, 52(1), 33-43.

Weinberger, D. (2012). Library as platform. Library Journal, 137(18), 34-36.

Zimmer, M. (2013). Assessing the treatment of patron privacy in Library 2.0

literature. Information Technology & Libraries, 32(2), 29-41.

Social Media

Patron Privacy in Libraries