New Challenges to Privacy
An Educational Service of
the American Library Association Office
for Information Technology
Policy
Prepared by Leslie Harris
& Associates
www.lharris.com
------------------------------------------------------
In our previous message, we
noted that there are new challenges to privacy, many but not all of which are
due to technological change. Growing demands, legal and otherwise, for access
to personal information about library users place new burdens on the library
staff to assure that their users' rights are protected and create contentious
and complex policy issues for library advocates.
These demands are manifold.
The principal ones are:
1. Commercial interests want
to collect personally identifiable information about customers. When users
employ a library computer to engage in a web-based commercial transaction,
whether buying a shirt or using a search engine, they exchange data with an
outside service provider. Commercial firms have discovered that information
generated by these transactions is a potentially useful and valuable asset.
Consumer privacy "rules of the road" for Internet services are far
from settled, and the political debate over the respective merits of law,
regulation, and self imposed codes of conduct is intense.
2. Government agencies are
collecting an increasing amount of personal information. As e-government grows, people are
increasingly using library computers to transact business with government-to
apply for licenses or benefits, to pay taxes, and so on. A complicated web of
state and federal law, some dating back to the 1970's, governs how agencies can
use and share this data. But, as e-government grows, so will the demands to
collect, keep, and share personal information generated on-line.
3. Law enforcement wants
access to Internet data in order to track criminals and terrorists. Not
surprisingly, the Internet has become a new venue for crime. To the extent that
an individual may use a library computer to plan, commit or discuss a crime or
a terrorist act, law enforcement will seek access to library records. More
troubling for library privacy in the future is the interest law enforcement and
national security agencies have shown in "data mining," the
collection and integration of personal data from a wide variety of sources
including commercial, public and private databases in order to analyze it for
suspicious patterns of activity. Library records could be included in data
mining activities.
4. Finally, the public wants
access to public records. Public libraries are, for the most part, government
institutions. With some exceptions, the
records of government institutions including transactions with them are open to
the public. Although laws vary by state, public records are often subject to
laws regarding retention and public access. While many states have library
record confidentiality laws that exclude some, if not all, library records from
the public records access laws, those laws are far from secure.
It is most important to note
that libraries are by no means obliged to yield user privacy in the face of
each and every one of these demands. The key points to remember are:
* The privacy of library
patrons rests on a variety of complex laws and regulations that result from
negotiations among competing interests.
* Demands for access are
likely to intensify. Libraries will need to assert a strong voice in the policy
debate in order to protect their values and the rights of their patrons.
-----------------------------------------------------
Further information:
Electronic Frontier
Foundation's Online Privacy Page:
http://www.eff.org/privnow/
Privacy.Org, a site for
daily news, information, and initiatives on privacy; a joint project of the
Electronic Privacy Information Center (EPIC) and Privacy International:
http://www.privacy.org/
Center for Democracy and
Technology's Privacy Page:
http://www.cdt.org/privacy/
-----------------------------------------------------
Copyright 2002, American
Library Association, Office for
Information Technology Policy
Disclaimer
This Online Privacy Tutorial
is a service of the American Library Association. The content of this tutorial
is primarily the work of Leslie Harris & Associates in Washington, DC. The
views expressed in these messages are not necessarily the views of ALA or
Leslie Harris & Associates. This tutorial is for information only and will
not necessarily provide answers to concerns that arise in any particular
situation. This service is not legal advice and does not include many of the
technical details arising under certain laws. If you are seeking legal advice
to address specific privacy issues, you should consult an attorney licensed to
practice in your state.