This document discusses privacy audits that libraries can conduct to ensure compliance with privacy policies and laws. It provides an overview of relevant federal and state laws and defines key terms like privacy, confidentiality, and personally identifiable information. The document outlines steps for a privacy audit, including reviewing existing policies and practices, categorizing data based on sensitivity, assessing security risks, training staff, and properly destroying data. Areas to audit include circulation data, payments, reference logs, computer settings and logs, holds, and fines/notices. The goal is to protect patron privacy while meeting legal obligations.

1. Privacy Audits in the Law Library
What is a privacy audit?
 Review existing privacy policies
 Evaluate practices to ensure compliance
with goals/policies
 Protect from liability
Federal Laws
 1st Amendment: right to not have the subject of your interest scruti-
nized
 Video Privacy Protection Act: video borrowing data protected
 Freedom of Information Act: certain libraries may have to disclose
certain information
 Family Educational Rights and Privacy Act (FERPA)
State Laws
 Privacy: look for statutes governing privacy of business records
 Library privacy: most states have statutes (2 have AG Opinions)
 Records retention/destruction: timeframe for retention/destruction
may be set by statute for certain data in certain libraries
 Open records: libraries receiving public funds may have to disclose
certain information
Definitions:
Privacy: the right to open inquiry without having the
subject of one’s interest examined or scrutinized by others. (ALA)
Confidentiality: exists when a library is in possession of personally
identifiable information about users and keeps that information private
on their behalf. (ALA)
Personally Identifiable Information (PII): Information that alone or in
conjunction with other data points can identify a specific individual. See
diagram below for examples. Audit—Step 1: Determine what data is being collected, whether it
needs to be collected, and how long it should be retained
Areas to audit
 Circulation data (what is collected?, who can see data on screen?,
what happens to inadvertent prints?, how are histories managed?)
 Payments received (do you keep copies of checks/credit card
receipts?)
 Reference logs (keep general statistics but nothing that identifies an
individual)
 Public computer settings and logs (level of tracking, filter settings)
 Holds (cover names if shown on materials)
 Fines & notices (paper records should be secured if retained)
Components of a good privacy policy
 Notice of rights and applicable laws: definitions and standards set
 Choice and consent: opt-in for contact not related to library activities
 Access and updating: provide users access to own data
 Data integrity and security: state what is retained and for how long
 Data aggregation: PII not included, aggregate data may be disclosed
 Required disclosures: law enforcement compliance
Initial Considerations/Questions
 What laws apply in your state?
 Does your library have an existing privacy policy?
 Who is/will be responsible for the policies?
 Will the policies apply to one library or several across an institution?
Audit—Step 2: Categorize the data based on degree of security needed
Sample categories
 Public: can be disclosed freely
 Confidential: may be subject to disclosure under open records laws
 Sensitive: includes PII , cannot be disclosed by law, policy, or
contractual obligation
Audit—Step 4: Train staff & test your security measures
 Engage staff during audit process to gain buy-in
 Student workers may handle some privacy-related requests, so
include privacy issues in their initial training and provide refresher
training periodically to keep knowledge fresh.
 Use scenarios to develop a deeper understanding of the reasoning
behind a policy.
 Spend time observing interactions at the reference and circulation
desks to ensure that practice matches goals/policies.
Audit—Step 3: Assess sensitivity, security risks, and public percep-
tions of collected information
 Assure that access is restricted to staff who need the information.
 Only collect what is reasonably necessary to library functions.
 Assess how information is stored and ensure security
 Identify staff members responsible for ongoing data privacy/audits
Audit—Step 5: Destroy data at correct time in the correct manner
 Check for statutes governing time of retention/destruction (even if
they apply to different types of data/organizations they can be
valuable as guidelines).
 Check for statutes governing manner of destruction (GA options are
erase, shred, redact).
 Don’t retain things indefinitely because you don’t know what to do
with them. Examine the process and determine why you’re keeping
something in order to determine how long you reasonably need to
keep it.
Resources
Audit Checklist
Rachel Gordon For a copy of this poster:
Mercer University School of Law
Macon, Georgia
gordon_r@law.mercer.edu
ALA Materials
 Privacy: An Interpretation of the Library Bill of Rights:
www.ala.org/Template.cfm?
Section=interpretations&Template=/ContentManagement/
ContentDisplay.cfm&ContentID=34182
 Questions & Answers on Privacy and Confidentiality:
www.ala.org/Template.cfm?
Section=Interpretations&Template=/ContentManagement/
ContentDisplay.cfm&ContentID=15347
 Policy Concerning Confidentiality of Personally Identifiable
Information About Library Users: www.ala.org/Template.cfm?
Section=otherpolicies&Template=/ContentManagement/
ContentDisplay.cfm&ContentID=13087
 Privacy Tool Kit: www.ala.org/advocacy/
privacyconfidentiality/toolkitsprivacy/privacy
 Office for Intellectual Freedom, State Privacy Laws:
www.ala.org/offices/oif/ifgroups/stateifcchairs/
stateifcinaction/stateprivacy
Books and Articles
 THERESA CHMARA, PRIVACY AND CONFIDENTIALITY ISSUES: A GUIDE FOR
LIBRARIES AND THEIR LAWYERS (2009). Very detailed information
on how to handle various types of law enforcement requests.
 PAUL D. HEALEY, PROFESSIONAL LIABILITY ISSUES FOR LIBRARIANS AND
INFORMATION PROFESSIONALS (2008). Explains privacy-related
causes of action in tort.
 Anne Klinefelter, First Amendment Limits on Library Collection
Management, 102 L. LIBRARY J. 343 (Summer, 2010).
 Anne Klinefelter, Privacy and Library Public Services: Or, I
Know What You Read Last Summer, 26 LEGAL REFERENCE SER-
VICES Q. 253 (2007).
 Ann Mackay Snowman, Privacy and Confidentiality: Using
Scenarios to Teach Your Staff about Patron’s Rights, 10 J.
ACCESS SERVICES 120 (Mar. 2013). Contains sample scenarios to
reinforce staff training on patron privacy.
 Daniel J. Solove, A Taxonomy of Privacy, 154 U. PA. L. REV. 477
(2006). Good overview of privacy law.
Selected Library Privacy Policies
 library.law.unc.edu/about/policies/privacy
 www.lib.wayne.edu/info/policies/privacy.php
 briefs.lalawlibrary.org/about/privacy.aspx
1. When do we collect information? (Identify the process)
2. What information is being collected?
o Name
o Mailing Address
o Email Address
o Phone/Fax Number
o ID Number (Student ID, Driver’s License, or Bar Number)
o Age/DOB
o Ethnicity
o Marital Status
o Gender
o Medical Information
o Mother’s Maiden Name
o Spouse Information
o Financial Information
o Educational Information
o IP Address
o Signature
3. Why is the information being collected?
4. Who is collecting this information?
5. Who else uses or has access to the information?
6. How is this information being kept, and for how long?
7. Where is this information being kept?
8. How is the information being used?
9. How is the information secured?
10. How and when is the information destroyed?