New Challenges to Privacy

 

An Educational Service of the American Library Association Office

for Information Technology Policy

 

Prepared by Leslie Harris & Associates

www.lharris.com

 

------------------------------------------------------

In our previous message, we noted that there are new challenges to privacy, many but not all of which are due to technological change. Growing demands, legal and otherwise, for access to personal information about library users place new burdens on the library staff to assure that their users' rights are protected and create contentious and complex policy issues for library advocates.

 

These demands are manifold. The principal ones are:

1. Commercial interests want to collect personally identifiable information about customers. When users employ a library computer to engage in a web-based commercial transaction, whether buying a shirt or using a search engine, they exchange data with an outside service provider. Commercial firms have discovered that information generated by these transactions is a potentially useful and valuable asset. Consumer privacy "rules of the road" for Internet services are far from settled, and the political debate over the respective merits of law, regulation, and self imposed codes of conduct is intense.

2. Government agencies are collecting an increasing amount of personal information.  As e-government grows, people are increasingly using library computers to transact business with government-to apply for licenses or benefits, to pay taxes, and so on. A complicated web of state and federal law, some dating back to the 1970's, governs how agencies can use and share this data. But, as e-government grows, so will the demands to collect, keep, and share personal information generated on-line.

3. Law enforcement wants access to Internet data in order to track criminals and terrorists. Not surprisingly, the Internet has become a new venue for crime. To the extent that an individual may use a library computer to plan, commit or discuss a crime or a terrorist act, law enforcement will seek access to library records. More troubling for library privacy in the future is the interest law enforcement and national security agencies have shown in "data mining," the collection and integration of personal data from a wide variety of sources including commercial, public and private databases in order to analyze it for suspicious patterns of activity. Library records could be included in data mining activities.

4. Finally, the public wants access to public records. Public libraries are, for the most part, government institutions.  With some exceptions, the records of government institutions including transactions with them are open to the public. Although laws vary by state, public records are often subject to laws regarding retention and public access. While many states have library record confidentiality laws that exclude some, if not all, library records from the public records access laws, those laws are far from secure.

 

It is most important to note that libraries are by no means obliged to yield user privacy in the face of each and every one of these demands. The key points to remember are:

 

* The privacy of library patrons rests on a variety of complex laws and regulations that result from negotiations among competing interests.

* Demands for access are likely to intensify. Libraries will need to assert a strong voice in the policy debate in order to protect their values and the rights of their patrons.

-----------------------------------------------------

Further information:

 

Electronic Frontier Foundation's Online Privacy Page:

http://www.eff.org/privnow/

 

Privacy.Org, a site for daily news, information, and initiatives on privacy; a joint project of the Electronic Privacy Information Center (EPIC) and Privacy International: http://www.privacy.org/

 

Center for Democracy and Technology's Privacy Page:

http://www.cdt.org/privacy/

-----------------------------------------------------

Copyright 2002, American Library Association, Office for

Information Technology Policy

 

Disclaimer

 

This Online Privacy Tutorial is a service of the American Library Association. The content of this tutorial is primarily the work of Leslie Harris & Associates in Washington, DC. The views expressed in these messages are not necessarily the views of ALA or Leslie Harris & Associates. This tutorial is for information only and will not necessarily provide answers to concerns that arise in any particular situation. This service is not legal advice and does not include many of the technical details arising under certain laws. If you are seeking legal advice to address specific privacy issues, you should consult an attorney licensed to practice in your state.