Documente Academic
Documente Profesional
Documente Cultură
dominate our conscience with the prevalence of data collection and data mining traditionally
associated with consumer information and marketing strategies, and security breaches of well-
known banks and credit bureaus, but while we recognize that our personal information can be
compromised, libraries are no exception. Public libraries are integral to the very fabric of the
communities they serve, but vulnerability exists with public use and access, from basic privacy
issues, like openly displayed screens and Internet search history on public computers, to more
technical concerns over data and Wi-Fi exposures (Falk, 2004) and those bred from personalized
environment” (Breeding, 2016), but the “challenges of establishing adequate defensive measures
have never been more daunting” on the aggregate level, as most “libraries lack the on-site
resources that must be dedicated to security in this hostile context.” The purpose of this paper is
to review some of the existing privacy and security issues libraries face at present and the ethical
dilemma therein, followed by a brief analysis of the published research, policies and
speech, free thought, and free association” (Falk, 2004), but as libraries “provide Internet access
for patrons, or keep computer-based records, employ electronic techniques for circulating and
tracking the use of library materials,” the association has released statements of intent
broad guide for the behavior of library personnel. Confidentiality is integral to the trust a patron
STEPHENSON 2
has in their institutions, and for this reason, the ALA has also developed privacy guidelines that
many libraries have adopted in an effort to protect user privacy. Every patron should feel free to
seek out “and share information and ideas without scrutiny or other negative effects” (Hirsh,
2015, p. 346), thus information professionals are not only “tasked with managing information,”
but “benefit from an understanding of the laws affecting the collection, use, and storage of
personal data.” The release of personal information to third parties and the reality of data
collection, or data mining, is often considered when using our credit cards, shopping at the store
or reviewing our credit, but libraries “are not free from the problem of personal information
leakage in that they retain user personal information such as mobile phone numbers, family
relations, occupations, and other information as well as resident registration numbers.” (Noh,
2016) With “convenience come problems, such as the exposure of patron private information and
library usage records” (Kim & Noh, 2014), so libraries must “think carefully about how they are
computers and Wi-Fi, this public use breeds vulnerability, from the basic intrusion of privacy
resulting from openly displayed screens and Internet search history to the more technical
consequence of data and Wi-Fi exposures. Personalized services are often lauded but also
increase the possibility of breach of privacy, as seen with user predictions and preferences, book
assistance, all of which require personal information for allocation and efficiency. While
predicting a patron’s “needs and creating more effective modes of interaction allow users to
obtain the best information with the least effort” (Noh, 2013), “these individual-specific services
require as much personal data as possible, and thus libraries and librarians often obtain and
manage a large amount of personal information.” The library services we have come to hold so
STEPHENSON 3
dear “are gradually becoming more sophisticated, owing to information technology providing
convenience is the hallmark of innovation, we lose anonymity in the process through such
services as those designed to “inform users of newly arrived books, new information on areas of
interest, newly subscribed journals and return times for borrowed books through e-mail.”
“Concerns for security apply to every component of a library’s technical environment”
(Breeding, 2016), including hardware, software, mobile devices, applications, and internal
networks, an intrusion of which would thereby mean that “any data within the system can be
exposed or destroyed and the operation of the systems can be vandalized or rendered
inoperable.” Although violations can occur through hacking and illegal use of data, issues of
security may reach beyond nefarious intent. One point of contention over user security stems
from the U.S. Patriot Act of 2011 passed following the terrorist attacks on September 11th. The
ethical question as to whether a person’s privacy should be compromised in the name of security
has yet to be answered, but while the debate continues, libraries are not exempt from the
crossfire. A bill was introduced to the U.S. House of Representatives in 2003 “to free libraries
and bookstores from intrusive provisions of the USA Patriot Act” (Falk, 2004), but failed to be
taken up by the Senate. Since then, over “250 US cities, towns and counties have enacted
resolutions or ordinances to protect the civil liberties against undesirable features” of the Act,
and the “American Booksellers Association, the American Library Association, and the writers
group PEN American Center” have collectively taken steps towards engaging the public to push
“congress to amend the law.” One journal in 2008 reported that, “As libraries have become
subject to government invasions of privacy in the name of national security, librarians have come
to understand that there is no better way to protect national security than to make sure that due
process and basic rights are not sacrificed in the name of expedience.” (Kniffel, 2008) Therefore,
STEPHENSON 4
the “state of privacy in our democracy demands a renewed advocacy for the readers’ right to
privacy,” which goes “beyond crafting effective policy” and “political advocacy,” but librarians
must also do their part to “engage their own community readers in the discussion.”
An analysis of privacy concerns would be incomplete without acknowledging the
inherently ethical dilemma libraries contend with. Intellectual freedom is a core value to a
library’s operation, so it is a dichotomous issue at best. For instance, patrons “search and use
various information data at the library or on the library’s website, and that use pattern is
monitored and analyzed” (Noh, 2017), and as consequence, that “collected data is then utilized
without the users’ consent.” On the other hand, “libraries are established in order to protect the
intellectual freedom of citizens, and the citizens have the right to keep confidential the
information that they request, access, and use.” A library’s integrity is at risk when patron’s fear
their computer use is “monitored and all the information about their books borrowed, websites
visited, contents of SMS communication and e-mails, and subjects researched are recorded” and
“could be leaked at any time” due to “failure by the library to secure the users’ intellectual
statements of will and intent, but these established rules and guidelines “are not enough in
libraries that provide internet access, maintain computer-based records, trace the use of library
resources, or use electronic technology for the return of borrowed books.” (Noh, 2013) The
“ethical, legal, and practical” policies adopted “for the sake of public interests” must be tempered
by “the interest of the concerned individuals.” A study released in 2014 recommended a private
information management plan encouraging public education of the collection and preservation of
usage records, terms and conditions of service clearly defined for users, and a revised system of
monitoring library networks for leaks, which can “come from both inside and outside the
STEPHENSON 5
institution” (Kim & Noh, 2014), followed by immediate action to rectify in such a case.
Education is key, urges Younghee Noh, who “developed an education program along with
comprehensive investigation and analysis of the privacy infringement probability in the library”
(Noh, 2014), adding a summation of this “training session for librarians” in her report. The “duty
to protect user privacy,” Noh concludes, is “one of the most basic responsibilities of libraries and
librarians,” and in keeping with these values, recommends stronger engagement, communication,
and efficiency, the debate over privacy in the twenty-first century forges on. Libraries must
contend with this complicated issue, made more complex by “the filter bubble argument” and
“anxiety about records and location information utilized by communication companies” (Noh,
2013). Librarians now face “access demands affected by the legal issues surrounding file sharing,
filtering, and copyright violations” in addition to the collection and management of records kept
on patrons, which can easily be “exposed to vendors or institutions like the federal government.”
Ethical issues of privacy and security remain at the forefront of our digital information age, but
the research suggests a more intensive monitoring of library network leakage, swift action in
response, and improved education for all involved in an effort to mitigate threats of violations
and intrusions going forward, as a lack of public trust and confidence could hinder our most
References
Breeding, M. (2016). High Security and Flexible Privacy for Library Services. Computers in
Libraries, 36(5), 12-15. doi:10.1108/02640470410541697
Falk, H. (2004). Privacy In Libraries. The Electronic Library, 22(3), 281-284.
doi:10.1108/02640470410541697
Hirsh, S. (2015). Information Privacy and Cybersecurity. In Information Services Today: An
Introduction (p. 346). Lanham, MD: Rowman & Littlefield.
Kim, D. S., & Noh, Y. (2014). A Study of Public Library Patrons’ Understanding of Library
Records and Data Privacy. International Journal Of Knowledge Content Development
doi:10.5865/IJKCT.2017.7.2.053