26
Sep
2008

Protecting User Privacy in the Age of Digital Libraries

Abstract: Coombs highlights 3 areas of privacy libraries need to pay attention to and then details the 5 steps she took to safeguard users' privacy in her library.

The three areas of privacy to keep watch on are:

  1. federal and state legislation;
  2. the Library User's Bill of Rights and the ALA's Code of Ethics; and
  3. the internet's largely commercial landscape.

Due to the Patriot Act and implementing a new ILS, Coombs' awareness of privacy as an issue increased and so, she took the following steps to protect users' data:

  1. Developing privacy policies and posting them to the web
  2. Determine what user data the library is collecting
  3. Decide which of that data is and isn't mission critical for the library
  4. Develop strategies for removing non-critical data. These strategies include:
    • IP washing,
    • delinking borrower records,
    • removing personally-identifiable information from data archiving routines, and
    • evaluating and selecting data protective tools.
  5. Implement privacy protections in one system at a time, including:
    • ILS,
    • OPAC,
    • ILL,
    • web sites,
    • proxy server, and
    • public computers and their web browsers.

Learning that she can't control all of these systems, she nonetheless passes on five takeaways from this learning experience about privacy in libraries.

Review

Coombs gives me some additional ideas for how to safeguard my own data privacy, as well as raising concerns that my libraries may not be doing so. I'll have to inquire as to whether they have any data privacy policies.

It's interesting how libraries are seeking to balance legal and ethical obligations, especially when the two conflict (like the Patriot Act and the Library Users' Bill of Rights). Their advocacy for user's privacy takes interesting forms: refusing to keep private data, for instance.

But I'm not sure that libraries market either this effort or its desirability very well. When I was evaluating the Ixquick search engine, I noticed that they heavily marketed their privacy-friendly features. It may be that more education/marketing efforts are needed in this area - even for librarians themselves, as I know many who are unaware of these technological avenues (such as search engines) for potential privacy infringement.

Coombs, K. A. (2005). Protecting User Privacy in the Age of Digital Libraries. Computers in Libraries, 25(6), 16-20. Retrieved September 21, 2008 from EBSCO HOST - Academic Search Complete.