Drop that book and back
away slowly…
Electronic Privacy Information Center
Freedom 2.0
Distributed Democracy
Dialogue for a Connected World
May 22, 2004
Washington Club
Washington, D.C.
Privacy, Libraries,
and the Law
Infopeople Webcast
Thursday October 21, 2004
12:00 noon to 1:00 p.m.
Mary Minow, J.D., A.M.L.S.
LibraryLaw.com
consult@librarylaw.com
Housekeeping
• New interface! HorizonLive is now
Don’t wait
HorizonWimba
for Q&A to
• Today’s webcast:
submit
– presentation: 50 minutes
– Q&A: final 10 minutes
questions
• Submit your questions via ‘Chat’
during webcast so presenter gets
them in time
• Fill out evaluation during Q&A
Webcast Archives: http://infopeople.org/training/webcasts/archived.html
When to Use Chat
• Get help with technical difficulties
• send message to “HorizonHelp”
• Ask presenter questions
• send message to “ALL”
• Chat with other participants
• “select name from dropdown list”
Chat Area There
List of Participants There
Legal Disclaimer
• Legal information
• Not legal advice!
Privacy Agenda
1. Professional ethics
2. Legal Framework
because ethics aren’t enough
3. Library Policies
can strengthen user privacy
4. Emerging issues
RFID, Biometrics
ethics
law
National Attention
on Library Privacy
We worship an
awesome God in the
Blue States, and we
don’t like federal
agents poking around
in our libraries in the
Red States.
Barak Obama at Democratic National Convention 2004
Still, We Need to Communicate
Professional Ethics to Others
“County doesn’t
understand library’s
ethical concerns. They
just want to turn over
the records.”
– library attorney
Staff – when hiring
Volunteers
Communicating Concerns Not Enough
Tell History
Library
Awareness
Program
Librarian Code of Ethics
"It is the librarian's
obligation to treat as
confidential any private
information obtained
through contact with
library patrons.“
1939
Why Privacy Matters
• “You’re only as sick as
your secrets”
• Yet research disease,
depression, abuse
• Behave differently when
we are watched
Professional Ethics: Anonymity
“When you speak with a
librarian, it is similar to
speaking with a holy
person.
…Wild partners could not
drag this type of
confidence from a
librarian.”
Eric Kaufman, “Firm Librarians: How They Enrich Your Experience,”
New York Law Journal (June 5, 2000).
Anonymity vs. Confidentiality
Anonymity
No records created
No personal information required
to use library services
Confidentiality
Records created
Library will not disclose
… except under specified
circumstances
Honor System experiment
…is WORKING
depression, drug abuse, sex, contraception
Pam Davis, “The honor system: a library encourages kids to take books
without checking them out,” School Library Journal, (March 2004).
Law Outweighs
Professional Ethics
ethics
LAW
LEGAL FRAMEWORK
Federal, State, Local Laws
Federal, State, Local Laws
Records v. Observations
Records v. Observations
Type of Record
Request
Type of Record
Request
Librarian
Suspicion
Librarian
Suspicion
Federal, State, Local Laws
Constitution
Federal Law
State Laws
Local laws
Library Policies
U.S. Constitution
Fourth Amendment quite weak
allows third parties
to reveal user
information
…even if user believed
the information was
confidential
United States v. Miller, 425 U.S. 435, 443 (1979)
U.S. Constitution
First Amendment and the Right to Read
Unconventional ideas might
disturb the complacent
… but essential if vigorous
enlightenment is to triumph
over slothful ignorance
necessarily protects
the right to receive
information
Martin v. Struthers, 319 U.S. 141, 143 (1943).
See also Susan Nevelow Mart, “The Right to Receive Information,”
http://www.aallnet.org/products/2003-11.pdf
U.S. Constitution
First Amendment and Anonymity
Once the government can
demand of a publisher the names
of the purchasers …
the spectre of a government
agent will look over the shoulder
of everyone who reads.
United States v. Rumely, 345 U.S. 41, 57-58
(1953) (Douglas, J., concurring)
See also Julie Cohen, A Right to Read Anonymously
http://www.law.georgetown.edu/faculty/jec/read_anonymously.pdf
48 State Laws Protect
Library Records
Hawaii and Kentucky have Atty Gen. opinions
www.ala.org/alaorg/oif/stateprivacylaws.html
Local Laws, Library Policies
• Local - Possible
record retention
laws
• Library policies
– May offer greater
protection than
state law
Local Government Records Management Guidelines (2004)
www.ss.ca.gov/archives/locgov/localgovrm6.pdf
www.ss.ca.gov/archives/locgov/localgovrm6.pdf
Records vs. Observations
Records
Documents, writing,
recording on any media
Observations
•
“plain view”
– (what’s visible on screen)
• patron behavior
• physical descriptions
Observations: Dead Body in
Library Parking Lot
Memphis Public Library
Green Plymouth Fury
“massive amount of flies”
Police found dead body
Tennessee v. Rickman, 2002 Tenn. Crim. App. LEXIS 449 (May 17, 2002)
Observations: Tylenol Murders
Librarian tipped off FBI
Observations:
Library Security Videotapes
Children reported man in
bookshelves exposing himself
Library security tapes showed
man leaning forward in
bookshelves
Convicted - criminal sexual
conduct
Minnesota v. Sihler, 2002 Minn. App. LEXIS 376
Don’t Need Court Order for
Observations
UCLA Library –manipulating NEI
Webworld stock
FBI tracked extortion messages
–quiet stakeouts
Crofton (MD), Falls Church (VA)
libraries
FBI used “BACK Button” to find embassy
addresses
SEC v. Aziz Golshani; Tarpon Springs FL, U.S. v. Regan
Records vs. Observations
Protected by
Documents, writing,
State
Law
recording on any media
Records
Observations
•
“plain view”
– (what’s visible on screen)
• patron behavior
• physical descriptions
Records vs. Observations
Protected by
Documents, writing,
State
Law
recording on any media
Records
Observations
•
“plain view”
– (what’sNot
visibleProtected
on screen)
• patron behavior
State Law
• physical descriptions
by
Types of Record Requests
Federal
Federal libraries – subject to Privacy Act
Schools with federal funds – subject to
FERPA confidential “student records”
Federal Library and Information Center Committee (FLICC)
and Family Educational Rights and Privacy Act (FERPA)
20 U.S.C. § 1232g; 34 CFR Part 99
Videos
Protected by Federal Law
Video Privacy Protection Act, 18 U.S.C. § 2710 et seq.
State Libraries in California
Information
Practices Act
governs
state
collection of
personal info
California Civil Code Sect. 1798 et seq.
Plus required to set privacy policies per California Govt Code Sect. 11019.9
All Libraries in California:
May not display Social Security Numbers
nor embed them on a
barcode, chip, etc.
www.privacy.ca.gov/recommendations/ssnrecommendations.pdf
Calif. Civil Code Sects. 1798.85-1798.86, 1785.11.1, 1785.11.6 and 1786.60
Local Libraries
California Public Records Law requires
disclosure of
"Public records" - any writing relating
to the conduct of the public's
business used by any state or local
agency regardless of physical form
California Govt Code Sect. 6252(d)
Incident Reports
are Public Records
Expunge names
“Balancing Test” Exception
When public interest in confidentiality
clearly outweighs the public interest
in disclosure
Cal. Govt. Code Sect. 6255(a)
Not Protected by Public Records law:
Library Registration and Circulation Records
Registration records
any information which
a library requires a patron
to provide in order to
become eligible to
borrow books and
other materials
Must disclose statistical
reports of registration and
circulation and fine records
Circulation records
information which identifies
the patrons borrowing
particular books and other material.
California Govt Code Sect. 6267
Unclear Status: Reference Records,
Online Searches etc.
Virtual Reference chats
Need to broaden legal
definitions
Exceptions
ACC
Administration of the library
Consent – Written
Order of superior
Court
California Govt Code Sect. 6267
Court Orders
• Search warrants are court orders
– Try for delay to get lawyer
– Immediately executable
• Subpoenas are not court orders
(unless signed by a judge)
– Gives time to see a lawyer
– e.g. five days
Come back Nov 4 webcast
responding to search warrants
What about Parents?
• 8 states amended laws to give
parents access in past three years
(Alabama, Florida, Louisiana, Massachusetts, Ohio,
South Dakota, West Virginia, Wisconsin)
• Failed attempts:
Alaska, New Hampshire
• California law:
No parental exception
Parents – Technology Solution
User types in PIN
to see record
Teenager
has PIN
Parent has PIN
Librarian Suspicion
May release electronic
communications if
Reasonable belief
emergency involving
immediate death or
serious physical injury
Sect. 212 Patriot Act, amending ECPA Sect. 2702
Librarian Initiated 9-11
Facts:
Sept 15, 2001 Kathleen Hensman,
reference librarian, Delray Beach
recognized name of patron
Talked to library director
Called local police; forwarded to FBI
Delray Beach FL
Library’s Legal Opinion: Observation
Legal opinion by library’s lawyers:
•
Recollection not records
•
Records released only after
“properly drawn” order
Bottom Line
• Never respond to informal request
for user records
• Local libraries – user records private
unless court order
• Search warrant – on the spot
• Subpoena – date to respond
POLICIES
American Library Association
Model Library Privacy Policy
• Notice & Openness
• Choice & Consent
• Access by Users
• Data Integrity & Security
• Enforcement & Redress
tinyurl.com/32xhc
Notice & Openness
Post personal informationgathering policies
where stored, how long,
who has access, how used
e.g.
User Registration
Circulation
Internet Sign-ups
Disclosure to Patrons
Santa Cruz
Choice and Consent
OPT-IN
*Registration Form*
Permission to share with
Friends
Offer Anonymity
On-site database use
Internet use
Virtual reference
Anonymous Internet Use
at SOME LIBRARIES
Anonymous when
•No sign-ups
•Paper sign-ups
“Mickey Mouse”
•Automated sign-ups
“guest cards”
Anonymous Internet Use
at SOME LIBRARIES
Anonymous when
•No sign-ups
•Paper sign-ups
“Mickey Mouse”
•Automated sign-ups
“guest cards”
Librarians can still be
called to testify
Surveillance Cameras
Virtual Reference
Many more records
Or GREATER anonymity?
Paul Neuhaus – Chart on Virtual Reference
Software Privacy Features :>
www.library.cmu.edu/People/neuhaus/software.html
Access by Users
• Personally identifiable information
• Addresses, circulation records, fines, blocks…
User has PIN
Data Integrity & Security
• Integrity
– use only reputable sources
– destroy old data or strip PII
– Shared Data (Consortia, Collection Agencies):
• Arrangements include confidentiality policies
• ensure timely corrections, deletions
• Security
– Block unauthorized access
– Avoid social security PIN's
Destroy Records When
No Longer Needed
PUT RECORD RETENTION POLICY IN WRITING
Remote Databases
Need Authentication
Privacy Guidelines for VENDORS
International Coalition of Library
Consortia 2002 (ICOLC)
PUBLISHER will not disclose
information about any user …
without permission of user,
except as required by law.
www.library.yale.edu/consortia/2002privacyguidelines.html
Solution: Shibboleth?
• Authenticate
• Let pass through
without attaching
PII
Enforcement & Redress
• Regular privacy audits
• Procedure for complaints
• Training
Further Resources on Privacy Policies
For Librarians and Libraries
| American Library Basics | Developing a Confidentiality Policy | State
Statutes on Library Confidentiality | Privacy Resources for
Librarians, Library Patrons, and Families |
ALA Policies and Guidelines
| Access to Electronic Information, Services, and
Networks | Questions and Answers: Access to Electronic
Information, Services, and Networks | Code of Ethics | Freedom to
Read Statement | Freedom to View Statement | Library Bill of
Rights | Policy concerning Confidentiality of Personally Identifiable
Information about Library Users | Policy on Confidentiality of
Library Records | Suggested Procedures for Implementing Policy
on Confidentiality of Library Records |
Privacy: An Interpretation of the Library Bill of Rights
Privacy: An Interpretation of the Library Bill of Rights
Questions and Answers on Privacy and Confidentiality
Privacy Tool Kit
Privacy Tool Kit
www.ala.org/privacy - then click “privacy resources”
EMERGING Technology
Self Check, RFID, Biometrics, Keyloggers
Privacy enhancing
IF
Patron information is
not seen by all
RIFD – Follow that Koran?
Tiny tags report data by radio
Less staff
Privacy concerns
galecia.com/included/docs/rfid_position_paper_rev2.pdf
Beware of Key Loggers
Thieves go to public
terminals to scour for
user info in cache
Automatic log out
Now: watch out for
keyloggers that capture
every key stroke
http://www.amecisco.com/keylogger.after.jpg
Biometrics: Fingerprints
Micro Librarian Systems
IdentiKit in U.K.
Retinal scans at
Venerable Bede Church
of England Aided School
www.buffalolib.org/events/touchngo.asp
http://www.smartid.gov.hk/en/library/index.html
www.ala.org/ala/washoff/WOissues/civilliberties/privacy/privacyrelated.htm
Further Resources
American Library Association
Privacy and Confidentiality
http://tinyurl.com/3oun4
Office for Intellectual Freedom. Call if
FBI visits.
Just say “I need to speak with an attorney”
1-800-545-2433 ext. 4223
Library Privacy Audits and Search
Warrants: Preparing for Inquiries
into User Records
Infopeople Webcast
Thursday November 4, 2004
12 noon – 1 p.m.
Karen Coyle and Mary Minow