Over the past four months, I have had the pleasure to have been involved in and on the steering committee for an effort to build a consensus framework that focuses on the privacy of library patron data, beginning with the United States. NISO is shepherding this initiative and has gathered representatives from the library, publisher and vendor communities to work on solving the problem of how to best protect patron’s privacy in the era of increasing use of service providers by libraries, and the demand for information-driven services by patrons.
For those of you that are not involved in the library/information space, there are a number of deeply-embedded principles that are long-held by libraries, especially that of patron privacy. The American Library Association (ALA) has a Code of Ethics which describes:
We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.
And further to this, there is a Library Bill of Rights and a specific privacy-based interpretation of that bill of rights. Additionally, 48 out of the 50 US states have distinct library patron privacy laws on the books today. Needless to say, librarians take this topic very seriously.
As patrons and libraries have grown their use of electronic services, including the use of online ILS, eBooks and others, the once-clear lines of what is “patron data” which could be actively protected by the library is increasingly blurred. And layer on top of this, a growing expectation by patrons that their online services be as “smart” as that which they get from Google, Facebook and other services that cull massive amounts of personal data in order to do so (oftentimes unbeknownst to the user to what extent that data is being taken and to whom it is being sold beyond the site itself). Needless to say, librarians, and by extension libraries, are challenged with how to handle such a paradox.
This initiative seeks to get all the players mentioned above to a common understanding and agree to priciples of how patron-focused privacy can be incorporated into processes, technology and services that are and will be leveraged by libraries to serve their patron communities.
Beginning in May 2015, a series of webinar-style meetings took place, each focused on one of the following topic areas:
- Patron privacy in internal library systems
- Patron privacy in vendor systems
- Patron privacy in publisher systems
- Legal frameworks influencing data sharing and policies
the results of which were used as the basis for an in-person meeting in San Francisco last week to finalise a set of principles that can be used going forward.
If you are interested in hearing the recordings of the four webinars, or seeing the presentation materials given in the various lightning talks, please click here
I had originally thought about putting all of this into one post, but I don’t want to lose the importance of the outcomes amongst the background, so look for a shortly-upcoming post for the follow-up post on the nature and directions of the discussions from the in-person meetings held in San Francisco last week.