E-books and Privacy …. Again.
A few years ago, after the disclosure that Amazon was collecting and storing user data associated with the loan of library e-books to Kindle users, I wrote an article briefly exploring the “digital dilemma” associated with providing users access to e-books and other resources via third party vendors. At the time I noted that
[t]he current model of digital content delivery for libraries places library users’ privacy at risk. Authorizing the loan of an ebook or the use of a database can communicate unique identifiers or personally identifiable information that reveals a user’s identity. Databases and e-readers create records of users’ intellectual activities that can include search terms, highlighted phrases, and what pages the individuals actually read. Easily aggregated–and then associated–with a particular user, such records can be used against the reader as evidence of intent or belief, especially if the records are stored on vendors’ servers, where they are subject to discovery by law enforcement.
Now the same issue has arisen in regards to Adobe Digital Editions’ collection of reader data and its transmission back to Adobe as unencrypted data sent through unsecured networks. The Library Information Technology Association’s LITA Blog outlines the technical issues. ALA President Courtney Young has commented on the issue and outlines ALA’s planned response.
The ethical issues are clear: it is the responsibility of librarians to establish policies to prevent any threat to privacy posed by new technologies. Libraries need to ensure that contracts and licenses reflect their policies and legal obligations concerning user privacy and confidentiality. Whenever a third party has access to personally identifiable information (PII), the agreements need to address appropriate restrictions on the use, aggregation, dissemination, and sale of that information, particularly information about minors. In circumstances in which there is a risk that PII may be disclosed, the library should warn its users. (See Questions 13 and 22 in the IFC’s Q & A on Privacy and Confidentiality, and Privacy: An Interpretation of the Library Bill of Rights.) In addition, careful thought should be given to the kinds of data that are collected and stored about library users’ reading habits; no personally identifiable data should be collected unless it is essential for the provision of resources and services to the library user, and any data collected should be discarded as soon as it is no longer needed (See the 2006 Resolution on the Retention of Library Usage Records.)
The legal issues are murkier. The majority of state library confidentiality records require libraries to prevent disclosure of library users’ records to third parties in the absence of user consent or a court order or other legal process compelling disclosure. But these laws often do not govern the behavior of third party vendors entrusted with library users’ information. Both Missouri and California have tried to address this by amending their library confidentiality laws to extend the duty to protect library user records to vendors. (See Missouri §185.815 – §185.817, amended and Cal. Gov. Code §6267.) Ultimately, however, the library must be responsible for assuring the privacy and confidentiality of their users’ records.
As libraries move to adopt digital content and new technologies, librarians need to assure that the use of library users’ data for these services does not weaken privacy protections for library users’ data or blur the line between public and confidential records. This will require a firm commitment to the profession’s obligation to protect the confidentiality of library users’ information and the will to advocate for greater legal protections for library users’ data that ensure reader privacy and protect against censorship, whether it is a private, contractual arrangement with the vendor or a public policy solution that includes amending or adopting library confidentiality laws that apply equally to any entity, public or private, that manages, stores, or uses library user data.
2 comments
I’m glad to see ALA speaking up on this issue.
I want to push harder on this sentence, though: “Libraries need to ensure that contracts and licenses reflect their policies and legal obligations concerning user privacy and confidentiality.”
I absolutely agree with this; insisting on ethical contract terms is crucial. But we also need ways to verify that the technical design and implementation of our software is consistent with those contract terms. If the contract says “user data is protected” but the system sends it in cleartext, or maintains it in cleartext on the servers, or collects significantly more than is required for the contracted functionality, or keeps it for too long… the system we actually have does not protect our values or embody our contracts.
This type of verification is, of course, beyond most people’s skills (including, often, mine), but it only has to be done once per software version; I’ve been mulling over what systems would allow the profession to investigate whether software encodes our values, and then to disseminate that information. Thoughts?
I agree with Andromeda on the need to verify how vendors are treating personally identifiable information.
I am the new chair of the privacy subcommittee of ALA’s Intellectual Freedom Committee. We have done some work with the Office of Intellectual Freedom over the past couple of years to promote and advocate for online privacy, including Choose Privacy Week (http://chooseprivacyweek.org/) and the Privacy Tool Kit (http://www.ala.org/advocacy/privacyconfidentiality/toolkitsprivacy/privacy).
I think we need to do a better job of letting the rest of ALA know about these efforts and resources. The privacy tool kit is great resource for laying out many of the issues and is a good start.
What we need to work on now is a framework for collaborative action in regards to patron privacy and reader confidentiality and online vendors. As individual libraries, we don’t have much say in terms of changing the vendors licensing agreements. But as a profession and market segment, we do have the power to establish expectations (or maybe even standards?) for how vendors treat patron data.
As someone who makes technology and digital content purchasing decisions in our library, I would love to see some sort of resource that reviewed vendors TOS/licensing agreements in light of privacy concerns. This would help establish a baseline of data in regards to what vendors are claiming in regards to privacy. We could then explore ways to independently verify those claims.