8
Libraries and Privacy

Libraries have played a central role in American life for over a century. And the issues raised today about privacy are very similar to those associated with library privacy: tensions between values and between reality and perception; the potential for use of technology to help ensure privacy as well as compromise it; issues that affect all age groups; and issues related to national security, law enforcement, and commercial use.

Libraries have been at the forefront of discussions about the uses of technology to expand access to and use of information. Libraries of all types (e.g., local public libraries, metropolitan libraries, university research libraries, corporate libraries) see their core mission as storing and organizing information so that it can be accessed by their patrons. What may be surprising to some is that for more than 50 years libraries and librarians have been at the forefront of discussions concerning privacy. In fact, the American Library Association’s Code of Ethics for members (Box 8.1) explicitly recognizes a responsibility to protect the rights of library users to privacy and confidentiality regarding information that they have sought or received and resources that they have consulted, borrowed, acquired, or transmitted.

Unlike some who see privacy as a right or a good in and of itself, the library community sees privacy as a necessary condition for the accomplishment of its primary goal, which is to provide the atmosphere and the resources for patrons to educate themselves in whatever way they desire. For libraries, privacy is seen primarily as an instrumental good, but one that has been discussed and thought about to such an extent that



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age 8 Libraries and Privacy Libraries have played a central role in American life for over a century. And the issues raised today about privacy are very similar to those associated with library privacy: tensions between values and between reality and perception; the potential for use of technology to help ensure privacy as well as compromise it; issues that affect all age groups; and issues related to national security, law enforcement, and commercial use. Libraries have been at the forefront of discussions about the uses of technology to expand access to and use of information. Libraries of all types (e.g., local public libraries, metropolitan libraries, university research libraries, corporate libraries) see their core mission as storing and organizing information so that it can be accessed by their patrons. What may be surprising to some is that for more than 50 years libraries and librarians have been at the forefront of discussions concerning privacy. In fact, the American Library Association’s Code of Ethics for members (Box 8.1) explicitly recognizes a responsibility to protect the rights of library users to privacy and confidentiality regarding information that they have sought or received and resources that they have consulted, borrowed, acquired, or transmitted. Unlike some who see privacy as a right or a good in and of itself, the library community sees privacy as a necessary condition for the accomplishment of its primary goal, which is to provide the atmosphere and the resources for patrons to educate themselves in whatever way they desire. For libraries, privacy is seen primarily as an instrumental good, but one that has been discussed and thought about to such an extent that

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age BOX 8.1 The American Library Association’s Code of Ethics The American Library Association’s (ALA’s) Code of Ethics for members was adopted by the ALA Council on June 28, 1995. As members of the American Library Association, we recognize the importance of codifying and making known to the profession and to the general public the ethical principles that guide the work of librarians, other professionals providing information services, library trustees and library staffs. Ethical dilemmas occur when values are in conflict. The American Library Association Code of Ethics states the values to which we are committed, and embodies the ethical responsibilities of the profession in this changing information environment. We significantly influence or control the selection, organization, preservation, and dissemination of information. In a political system grounded in an informed citizenry, we are members of a profession explicitly committed to intellectual freedom and the freedom of access to information. We have a special obligation to ensure the free flow of information and ideas to present and future generations. The principles of this Code are expressed in broad statements to guide ethical decision making. These statements provide a framework; they cannot and do not dictate conduct to cover particular situations. the members of the American Library Association have become fierce advocates for the privacy of their patrons. Libraries come in almost as many different varieties as the people they serve. Indeed, the American Library Association estimates that there are “117,418 libraries of all kinds in the United States today,”1 a number that includes public libraries (large and small), school libraries, university libraries, research libraries, law libraries, institutional (or special) libraries, and medical libraries. This chapter presents the library community as a case study in the pursuit and protection of privacy. First, it examines what the library community sees as its primary goal, tracing the evolution of that goal from 1 See American Library Association, “Number of Libraries: ALA Fact Sheet 1,” September 2005, available at http://tinyurl.com/if19.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age We provide the highest level of service to all library users through appropriate and usefully organized resources; equitable service policies; equitable access; and accurate, unbiased, and courteous responses to all requests. We uphold the principles of intellectual freedom and resist all efforts to censor library resources. We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted. We recognize and respect intellectual property rights. We treat co-workers and other colleagues with respect, fairness and good faith, and advocate conditions of employment that safeguard the rights and welfare of all employees of our institutions. We do not advance private interests at the expense of library users, colleagues, or our employing institutions. We distinguish between our personal convictions and professional duties and do not allow our personal beliefs to interfere with fair representation of the aims of our institutions or the provision of access to their information resources. We strive for excellence in the profession by maintaining and enhancing our own knowledge and skills, by encouraging the professional development of co-workers, and by fostering the aspirations of potential members of the profession. SOURCE: See the American Library Association Web site at http://www.ala.org/alaorg/oif/ethics.html. the first establishment of public libraries in the United States to the ways in which those libraries fulfill that goal today. It then explores why this community has decided throughout its history that the preservation of privacy is required for it to accomplish that goal. Next, it looks at the ways in which libraries have responded to technological change, with respect to both their primary goal and efforts to secure the privacy of their patrons. Finally, it outlines some of the new technological developments that will affect the practices of librarians and describes actions that the library community is already taking to ensure that it will be able to guarantee the privacy of library patrons in the face of these developments. 8.1 THE MISSION OF LIBRARIES Public libraries were established in the United States at a time when the average level of education was not much beyond elementary school,

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age and at a time when large numbers of immigrants were coming to the country. The public library movement was based on the conviction that democracy in the United States could only be furthered if members of the public were able to educate themselves, and to have access to information that would allow them to make informed decisions. The public library was seen as a way of allowing individuals to find information that would enable them to form opinions on current issues and in general become more informed citizens. This ideal, combining practical access to information with the notion that, given the chance, people would educate themselves, drove the development of public libraries and shaped the role of the librarian. Rather than seeing themselves as caretakers of information, librarians saw themselves as educators and enablers whose stock in trade was helping others to access information. Rather than hoarding information and protecting it from those outside the library, the librarian’s job was to spread the information contained in the library to the community in which the library was located. The information to be distributed was not to be determined by the tastes of the librarian, but rather by the interests and desires of library patrons. It was the job of the librarian to help when needed, but it was up to the patron to decide what he or she wanted to read, study, or learn. This historical background can still be seen in the mission statements of public libraries. For example, the Louisville, Kentucky, Public Library’s mission statement begins, “The Louisville Public Library is committed to providing its citizens: The benefit and pleasure of learning and discovery through its collections, services, and staff”;2 the Greene County, Ohio, Public Library’s mission statement begins, “The Greene County Public Library system is the community connection to reading, lifelong learning, and personal and professional enrichment for people of all ages.”3 While the mission of public education was first articulated as part of the movement to establish public libraries, this mission now has been adopted by all kinds of libraries. For example, research libraries that are part of universities might be seen as having a mission more narrowly directed toward the needs of the university community, but the mission statements of such institutions look remarkably like those of the public libraries. In all of these cases, a primary mission of the library is to enable its users to gain access to materials that will allow them to learn. 2 City of Louisville Public Library, “Mission Statement of the Louisville Public Library,” November 17, 2004, available at http://www.ci.louisville.co.us/library/mission.asp. 3 Greene County Public Library, “Mission,” available at http://www.gcpl.lib.oh.us/mission.asp, accessed June 12, 2006.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age 8.2 LIBRARIES AND PRIVACY To meet their primary mission, libraries have had to ensure that the atmosphere they provided did not discourage patrons from investigating any subject that they found of interest. In a statement that is strikingly relevant today, the American Library Association stated in 1953 that: … reading is among our greatest freedoms. The freedom to read and write is almost the only means for making generally available ideas or manners of expression that can initially command only a small audience. The written word is the natural medium for the new idea and the untried voice from which come the original contributions to social growth. It is essential to the extended discussion that serious thought requires, and to the accumulation of knowledge and ideas into organized collections….4 In order to provide this right, librarians have affirmed as a part of their contract with their patrons that they will “protect each individual’s privacy and confidentiality in the use of library resources and services.”5 The connection between privacy and the goal of enabling individual learning reflected several different considerations. Many patrons of the early public libraries were members of the waves of immigrants that came to the United States during the late 19th and early 20th centuries. The public libraries were seen as a way of helping those immigrants assimilate into a new country and culture. Many of the newcomers came from countries whose governments took great care to monitor the interests of their citizens, often to the citizens’ detriment. The library community felt that it was necessary to protect the privacy of these patrons so that they would feel free to use the libraries, and so that their self-education would not be, or appear to be, subject to government scrutiny. This consideration is still a major concern for librarians in areas with large immigrant populations.6 For librarians, similar considerations applied even when library 4 American Library Association, “The Freedom to Read Statement,” adopted June 25, 1953, by the ALA Council and the AAP Freedom to Read Committee, available at http://www.ala.org/ala/oif/statementspols/ftrstatement/freedomreadstatement.htm. 5 American Library Association, “Libraries: An American Value,” adopted February 3, 1999, available at http://www.ala.org/ala/oif/statementspols/americanvalue/librariesa-merican.htm. 6 For example, the committee took testimony in April 2003 from the director of the Queensborough Public Library in New York City, which serves a population that is predominantly immigrant. He indicated that as the result of such concerns, the library took several steps to protect the privacy of patron information, including the separation of the library’s information retention policies into “paper” and “electronic,” the delinking of electronic book/patron information when the book is returned, and the daily destruction of Internet usage sign-up sheets.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age patrons were native to the United States. The goal of self-education was meant to allow patrons to explore controversial and unpopular ideas and ideologies. To engage in this sort of exploration, patrons of the library needed to feel that their choice of reading material would not be subject to the scrutiny of neighbors, friends, or employers, even though concerns about government scrutiny were perhaps less common among the non-immigrant U.S. population. For citizen and non-citizen alike, the interest in privacy extended even to scrutiny by the librarians themselves; it dictated that librarians should not try to guide their patrons’ self-education activities, but instead should merely enable whatever study a patron wished to undertake. This connection between self-education and privacy is made explicit in the official interpretation of the American Library Association’s Library Bill of Rights (Box 8.2).7 This interpretation conceptualizes privacy as follows: “In a library (physical or virtual), the right to privacy is the right to open inquiry without having the subject of one’s interest examined or scrutinized by others.” This conception of a privacy interest in one’s intellectual pursuits is arguably different from an interest in maintaining the confidentiality of one’s medical records or in resisting broad law enforcement surveillance tactics for privacy reasons. While one might worry about embarrassment resulting from the disclosure of medical information, or about interference by government or law enforcement in the study of politically or socially unacceptable ideas, the concern for intellectual privacy also rests on a more general fear of the ostracism, ridicule, or loss of social status that could result if the subject matter of inquiry were generally known. The kind of privacy that libraries seek to guarantee also is different from the kind of privacy that might be needed by the patron of an abortion clinic, pawnshop, or drug rehabilitation center. In those other cases, the privacy interest extends to the actual use of the service being provided. In the case of the library, worries about privacy do not center on the fact that a person is a patron of a library, but rather about the content of that patron’s use. Indeed, the interpretation states that “when users recognize or fear that their privacy or confidentiality is compromised, true freedom of inquiry no longer exists.” Well before the advent of modern information technology, the desire to ensure patron privacy led librarians to develop techniques for tracking books checked out of the library that minimized leakage of information 7 American Library Association, “Privacy: An Interpretation of the Library Bill of Rights,” adopted June 19, 2002, by the ALA Council, available at http://www.ala.org/Template.cfm?Section=interpretations&Template=/ContentManagement/ContentDisplay.cfm&ContentID=76546.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age BOX 8.2 The American Library Association’s Library Users’ Bill of Rights The American Library Association’s (ALA’s) Library Users’ Bill of Rights was adopted by the ALA Council on June 18, 1948. It was amended on February 2, 1961, and January 23, 1980, and inclusion of “age” was reaffirmed on January 23, 1996. The American Library Association affirms that all libraries are forums for information and ideas, and that the following basic policies should guide their services. Books and other library resources should be provided for the interest, information, and enlightenment of all people of the community the library serves. Materials should not be excluded because of the origin, background, or views of those contributing to their creation. Libraries should provide materials and information presenting all points of view on current and historical issues. Materials should not be proscribed or removed because of partisan or doctrinal disapproval. Libraries should challenge censorship in the fulfillment of their responsibility to provide information and enlightenment. Libraries should cooperate with all persons and groups concerned with resisting abridgment of free expression and free access to ideas. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use. SOURCE: See the American Library Association Web site at http://www.ala.org/work/freedom/lbr.html. about who was reading which books. Many libraries were early adopters of systems in which patrons were identified by the numbers on their library cards. Only the library could make the correlation between the numbers and the people to whom they were assigned. The records of who had checked out the books (often available on paper cards placed in the books when those books were on the shelves) contained only the numbers. Further, more complete records linking numbers to names were destroyed soon after the book had been returned. Although there are no federal laws protecting the privacy of library patrons, 48 states and the District of Columbia have passed laws and the other two states have prevailing opinions from their attorneys general.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age The language of these laws varies from state to state. The American Library Association recommends that librarians understand state confidentiality laws and that libraries have in place procedures for cooperating expeditiously with law enforcement officers when a subpoena or other legal order for records is made within the framework of state law.8 8.3 LIBRARIES AND TECHNOLOGY Modern information technology has become central to all parts of a modern library. Libraries were early adopters of computerized systems and have used these systems to organize their holdings, to keep track of which patrons have checked out which items, and to expand the range of materials that they are able to offer to patrons. In all of these applications, the privacy of patrons has been a major concern. The library community also has taken a proactive approach to evaluating the potential and the privacy implications of new technologies, and has recognized that raising questions about privacy is much more difficult after a technology has been adopted. One of the first uses of information technology in libraries was for tracking the books checked out by patrons. Many systems adopted by libraries needed to be altered so that records associating patrons with the books they had checked out would be purged from the system as soon as possible. Even though that information might be useful for tracking the popularity of some titles or the interests of the library’s patrons, enabling secondary use of circulation information was considered improper because this capability might enable use of the information for other purposes in ways that could compromise patron privacy. Rather than risk compromising privacy, the library community generally has required that information systems purchased for library use be tailored to capture only the minimum amount of data necessary to track who has checked out a book, and to ensure that the information is purged as soon as possible after the book has been returned. In this way, the computer-based systems adopted by librarians would provide the same privacy guarantees as the non-computerized systems previously in use. Indeed, librarians are constantly looking for ways to use technology to enhance the privacy protections they offer to their patrons. Michael Gorman has talked about an example of a technology that might help preserve patron privacy and intellectual freedom in libraries. He describes how self-service book checkout systems might make a “signal contribu- 8 American Library Association, “State Privacy Laws Regarding Library Records,” available at http://www.ala.org/alaorg/oif/stateprivacylaws.html, accessed June 12, 2006.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age tion to the library right to privacy.”9 Patrons might be more willing to borrow sensitive or controversial material if they know that the transactions will be handled entirely by the checkout machine. For similar reasons, libraries have developed computerized catalog systems that do not require identification of the patron using the catalog. This ensures that patrons’ searches of the catalog will remain private. Libraries have made this decision even though records of past searches might be used to help patrons find other holdings of interest. There is also some interest in recommender systems that can suggest to a given user that he or she might be interested in certain references, based on the preferences and access behavior of other members of the user community, though these systems do not make reference to specific user identities. Perhaps the most visible and dramatic change that information technology has brought about in libraries relates to the holdings of those libraries. Modern libraries are far more than book repositories. Over the years, libraries have expanded their holdings to include music, movies, and most recently access to the Internet (especially that part of the Internet known as the World Wide Web). All these developments further the goal of providing educational materials to the public. But as libraries have expanded their holdings beyond books to other forms of media and other methods of information access, the pressures on their commitment to protecting the privacy of their patrons have intensified. The provision of access to music and film can be seen as a simple extension of the traditional role of the library as a place to access books, but the provision of Internet access seems different. Public access to the Internet is now nearly universal in modern libraries, both through computers connected to the Internet that are owned by the library and through access to networks owned and maintained by the library to which individuals can connect their own computers. Indeed, many libraries now offer unrestricted wireless network access, allowing patrons to connect to the Internet not only inside the library itself but also from an area around the library. In many ways, the Internet seems to be the ultimate mechanism for fulfilling the goal of public libraries, as it opens up to all library patrons a vast world of information that they can explore at their leisure. The Internet multiplies the holdings of any library by allowing access to information stored anywhere in the world, without expanding the physical space needed for the library. But there are also aspects of the Internet that make it different from 9 Michael Gorman, “Privacy in the Digital Environment—Issues for Libraries,” 67th IFLA Council and General Conference, August 16-25, 2001, available at http://www.ifla.org/IV/ifla67/papers/145-083e.pdf. This paper is adapted from a chapter in the author’s Our Enduring Values, American Library Association, Chicago, 2000.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age the other means of information access that have traditionally been offered by libraries. The most obvious of these is that unlike the physical holdings of a library, which are chosen by the library staff after being vetted by publishers, the offerings on the Internet are not required to be selected by either a librarian or a publisher. Anyone can publish on the World Wide Web with little or no expense. This means that while there are great amounts of information on the Web, there is also a great amount of misinformation on the Web. Along with expanded access to information of great educational value, the Web offers access to sites that contain racist, sexist, and homophobic diatribes, as well as sexually explicit material. Access to the Internet is also different from the traditional access to information offered by libraries, because the Internet is a two-way mechanism for communication. This means that not only can patrons of a library use the Internet to access information, but they also can use that access to send communications of their own. In providing patrons with Internet access, libraries are also providing patrons with a communication mechanism that is generally difficult to trace. The American Library Association has developed a toolkit to help individual libraries develop policies designed to address both of these aspects of Internet use.10 This toolkit acknowledges that there is content on the Internet that is both inappropriate and, in some cases, illegal, but also emphasizes the importance of ensuring patron privacy, allowing patrons free use of the tools that enable access to information, and ensuring that the dignity and autonomy of individual patrons is not compromised. In general, the library community rejects the notion that librarians should act as guardians or gatekeepers of their patrons’ access to the Internet. In the case of patrons who are children, the American Library Association’s policy toolkit makes explicit that the primary responsibility for enforcing restrictions on Internet access for children rests with the parents of those children, not with the librarians.11 The Children’s Internet Protection Act of 2002 (P.L. 1060-554) sought to change this approach by conditioning eligibility for certain federal funding on a library’s willingness to block all patrons’ access to sexually explicit material deemed harmful to minors. The American Library Association (ALA) challenged this law, and in 2002 a three-judge panel in the federal court for the Eastern District of Pennsylvania overturned the law, ruling that it violated the First Amendment rights of library patrons. However, the federal government appealed this decision, and in 2003 the 10 See http://www.ala.org/ala/oif/iftoolkits/litoolkit/librariesInternet.htm. 11 American Library Association, “Libraries and the Internet Toolkit: Key Messages,” updated December 1, 2003, available at http://www.ala.org/Template.cfm?Section=litoolkit&Template=/ContentManagement/ContentDisplay.cfm&ContentID=50645.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age Supreme Court ruled that the law was valid.12 The ALA now suggests that if libraries install filtering software, such software be placed “at the least restrictive level.”13 Better yet, the ALA advises that libraries comply with the law by educating their patrons on the appropriate use of the Internet rather than restricting such use. The use of the Internet and networked information services (such as some specialized databases) also brings third-party suppliers into the relationship between the library and its patrons. Many of the databases that libraries wish their patrons to be able to access require that users log on or otherwise identify themselves. While this can be done through the library’s computer system, and the library can ensure that it does not keep information about which patron uses what database, the library has little or no control over whether the database provider gathers information on the subjects of interest to the library patrons. Although libraries are the primary customers for computer systems used to track the circulation of library materials, they are simply patrons of the database service (and often patrons requesting discounted fees). As such, they often cannot dictate the privacy policies that will be enforced by the database service. In such cases, librarians are put in the delicate position of having to choose between being able to offer the service and being able to ensure adherence to the standards of privacy to which they have become accustomed. Some libraries, with better bargaining power, have addressed this issue through detailed policies and agreements with vendors. Columbia University, for instance, requires that “[s]ervices licensed by Columbia that gather user or marketing data … notify users in each session how and why this data is being collected and … provide users the option of not having such data collected about them.”14 Patrons’ use of the Internet as a communication medium raises other issues that are more complex. In some cases,15 threatening e-mail has been sent from an Internet connection provided by a library, and the library subsequently has made the computer from which the threat was sent available to law enforcement officers seeking to identify the person who sent the threat. These libraries did not, however, keep records that enabled law enforcement personnel to discover this information, nor did 12 United States v. American Library Assn., Inc. (02-361) 539 U.S. 194 (2003), 201 F. Supp. 2d 401, reversed. 13 American Library Association, “Libraries and the Internet Toolkit: Libraries, the Internet and Filtering,” updated December 1, 2003, available at http://www.ala.org/Template.cfm?Section=litoolkit&Template=/ContentManagement/ContentDisplay.cfm&ContentID=50667. 14 See Columbia University’s “Information Sheet for Database Vendors,” updated December 6, 2005, available at https://www1.columbia.edu/sec/cu/libraries/staffweb/digital/ner/vendor_data.html. 15 Carla Stoffle, University of Arizona, testimony to the committee, January 30, 2003.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age the librarians believe that such record keeping would comport with the library’s commitment to ensure privacy.16 There are other emerging technologies suggested for use within libraries that have caused additional privacy concerns. The two most commonly cited are radio-frequency identification (RFID) tags and digital rights management systems, discussed further in Section 8.5. 8.4 LIBRARIES AND PRIVACY SINCE 9/11 In the wake of the terrorist attacks of 2001 and the subsequent increased focus on national and homeland security, libraries have seen their commitment to privacy questioned in the name of the need for safety. As repositories of information, libraries have been seen by some as fertile grounds for the education of terrorists. With their policy of open access to the Internet, libraries also have been seen as venues from which terrorists can safely communicate with each other. Certainly a factor in the increasing scrutiny of libraries was the revelation that some of the September 11 terrorists, including Mohammed Atta himself, had used publicly available library computers to access e-mail17 and possibly conduct terrorist business. The traditional privacy policies of libraries have come into conflict with some of the provisions of laws passed in response to the 9/11 attacks and the continued worries about terrorism. Legislation passed in the post-9/11 period, including the USA PATRIOT Act, has expanded the authority of law enforcement to conduct surveillance and gather data on individu- 16 Under the provisions of 18 U.S.C. 2709, an “electronic communication service provider” must comply with “a request for electronic communication transactional records in its custody or possession made by the Director of the Federal Bureau of Investigation.” However, Section 5 of the USA PATRIOT Act Additional Reauthorizing Amendments Act of 2006, P.L. 109-178, exempts libraries from this requirement if they provide Internet access but are not themselves “providing” the users with “the ability to send or receive wire or electronic communications.” According to the Congressional Research Service, a reasonable interpretation of this definition suggests that to be considered an electronic communication service provider under this law, a library must independently operate the means by which transmission, routing, and connection of digital communication occur. In contrast, a local county library usually has a service contract with an Internet service provider (ISP) to furnish the library with the electronic communication service, as many businesses and individuals do; the fact that the library has set up a computer with Internet access for the use of its patrons probably does not, by itself, turn the library into a communications service “provider.” Under this characterization, the actual “provider” of Internet access is the ISP, not the library. See Brian Yeh and Charles Doyle, “USA PATRIOT Improvement and Reauthorization Act of 2005: A Legal Analysis,” RL Order Code 33332, Congressional Research Service, Washington, D.C., March 24, 2006. 17 “Privacy and Security: A Librarian’s Dilemma,” The San Francisco Chronicle, February 2, 2003, p. D4.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age als even when there is not probable cause to believe that the individuals targeted for surveillance are engaged in any criminal activity. Although law enforcement officials have always had the ability to seek grand jury subpoenas (with no court order required) to compel the production of any information from any party, including libraries, that is (merely) relevant to a criminal investigation, Section 215 of the USA PATRIOT Act expanded the authority of the FISA Court to issue an order compelling the production of any tangible object from any source as part of an investigation to protect the United States from international terrorism or clandestine intelligence activities (Box 8.3). The American Library Association has been very active in opposing some sections of the USA PATRIOT Act, passing a resolution on January 29, 2003, that states, in part, “The American Library Association (ALA) opposes any use of governmental power to suppress the free and open exchange of knowledge and information or to intimidate individuals exercising free inquiry…. ALA considers that sections of the USA PATRIOT BOX 8.3 Section 215 of the USA PATRIOT Act “The Foreign Intelligence Surveillance Act previously allowed senior officials of the Federal Bureau of Investigation to apply for a court order, in connection with a foreign intelligence investigation, for access to the records of common carriers, public accommodation providers, physical storage facility operators, and vehicle rental agencies (50 U.S.C. 1861-1863 [2000 ed.]). “Section 215 rewrites those provisions. Assistant special agents in charge of the FBI field offices may now also apply. The court orders extend to any tangible object held by anyone. Items sought need not relate to an identified foreign agent or foreign power as was once the case, but they may be sought only as part of an investigation to protect the United States from international terrorism or clandestine intelligence activities. Nor may they be sought in conjunction with the investigation of an American or permanent resident alien predicated solely on the basis of activities protected by the First Amendment. There is a good faith defense for anyone who produces items in response to a court order under the section, and production does not constitute a waiver of applicable privilege. Under the USA PATRIOT Improvement and Reauthorization Act of 2005, Section 215 will expire on December 31, 2009, unless it is explicitly made permanent by an additional act of Congress.” SOURCE: Charles Doyle, “Terrorism: Section by Section Analysis of the USA PATRIOT Act,” Order Code RL 31200, Congressional Research Service, Washington, D.C., 2001, available at http://fpc.state.gov/documents/organization/7952.pdf.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age Act are a present danger to the constitutional rights and privacy rights of library users.”18 An example of the library community’s view of the dangers appears in the writing of a Washington state librarian who refused an FBI request for circulation records associated with a biography of Osama bin Laden and wrote about the USA PATRIOT Act’s implications for her profession (Box 8.4). The ALA also has urged librarians to review the records that they currently keep to ensure that they maintain only those that are absolutely needed, and that all other information about patrons is purged as soon as possible. It should be noted that the phenomenon of law enforcement personnel or agencies looking to libraries for information about particular people and their reading (or Web-surfing) habits is certainly not new.19 Indeed, during the 1980s, there was widespread concern within the library community regarding the FBI’s Library Awareness program (part of a foreign counterintelligence program that sought to discover what was interesting to people from Eastern Europe when they visited premier university research libraries). In the 1950s, the library community was sometimes approached in attempts to find evidence of communist sympathy. At those times, as now, the library community held to its commitment to privacy in the face of pressures in the name of security. 8.5 EMERGING TECHNOLOGIES, PRIVACY, AND LIBRARIES As mentioned in the discussion of technology drivers (Chapter 3), advances in technology have often led to new concerns about the impact of those advances on privacy. Emerging technologies that affect library operations such as digital rights management technologies (DRMTs) and RFID tags are timely illustrations and are already topics of controversy. Consider, for example, DRMTs, whose overall goal is to ensure that digital content is not copied and distributed without the knowledge and consent of the providers of that content. Some proposals for such technologies envision enabling content providers to trace every use of every copy, including not only who the purchaser might be but also who is actually viewing the content. If such technologies become widely used in connection with the digital content held by libraries, the difficulty of ensuring the privacy of patrons who view such content will increase. If every viewing is subject to the content provider’s being able to learn the 18 American Library Association, “USA PATRIOT Act and Intellectual Freedom,” available at http://www.ala.org/ala/oif/ifissues/usapatriotact.htm, accessed June 14, 2006. 19 Much of this story is told, from the perspective of the library community, at http://www.ala.org/ala/oif/ifissues/fbiyourlibrary.htm.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age BOX 8.4 A Librarian’s View of the USA PATRIOT Act On June 8, 2004, an FBI agent requested from the Deming branch of the Whatcom County Library System in northwest Washington state a list of people who had borrowed a biography of Osama bin Laden. The FBI said that a library patron had sent the FBI the book after discovering some words written in the margin: “If the things I’m doing is considered a crime, then let history be a witness that I am a criminal. Hostility toward America is a religious duty and we hope to be rewarded by God.” The library system attorney told the FBI that it would have to go through legal channels before the board of trustees would consider releasing the names of the borrowers, and also that a Google search indicated that the words in the margin were almost identical to a statement by bin Laden in a 1998 interview. The FBI served a subpoena on the library a week later demanding a list of everyone who had borrowed the book since November 2001. After deliberation, the board of trustees voted unanimously to go to court to quash the FBI subpoena. Fifteen days later, the FBI withdrew its request. However, for the library, the circumstances had been fortuitous. The subpoena had not been issued pursuant to the USA PATRIOT Act of 2001, which would have allowed the FBI to demand library records. It also could have prevented the library from revealing that it had received an order to surrender patron information, and thus could have prevented appeal or independent review of the order. As the librarian writing about this situation noted, if the FBI had returned with an order from a secret court under Section 215 of the USA PATRIOT Act, the FBI might now know which residents in that part of Washington state had simply tried to learn more about bin Laden. Faced with a USA PATRIOT Act order, the library would have been forbidden to disclose even the fact that it had received the order, and the librarian would not have been able to write the op-ed article. SOURCE: Adapted from Joan Airoldi, “Librarian’s Brush with FBI Shapes Her View of the USA PATRIOT Act,” USA Today, May 18, 2005, available at http://www.usatoday.com/news/opinion/editorials/2005-05-17-librarian-edit_x.htm. identity of the viewer, libraries will find it difficult to assure patrons that these records have been kept confidential, have been deleted as soon as possible, and have not been used for purposes other than that of ensuring that borrowed materials were returned.20 20 The problems posed for privacy protection are not necessarily insurmountable. For example, it might be possible for a library to provide users with a smart card keyed to allow access to DRM-protected content. There is no particular need for the smart card to be associated with a specific library patron, and indeed a library could present the patron with a bin of smart cards with different electronic identifiers that he or she could pick at random and/or trade in at any time. The bin itself could be made available only on presentation of

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age BOX 8.5 Digital Millennium Copyright Act and Digital Rights Management The protection afforded to digital files by digital rights management technologies (DRMTs) is bolstered by federal law. The Digital Millennium Copyright Act (DMCA), enacted in 1998, instituted a variety of penalties related to circumvention of technical protection measures applied to copyrighted works. In addition, other recent changes to the copyright laws are designed to assist copyright owners in their attempts to limit the flow of unauthorized, unprotected copies. In particular, the Online Service Provider Liability Limitation Act, enacted in 1998 as Title II of the DMCA and codified at Section 512 of the Copyright Act, grants online service providers (OSPs) immunity from secondary copyright infringement liability in exchange for their cooperation in stemming the flow of unprotected content on the Internet. Title I of the DMCA, codified at Sections 1201-1204 of the Copyright Act, establishes legal protection for DRMTs. This protection consists of two main prohibitions. First, the statute prohibits the circumvention of technologies that effectively control access to a copyrighted work. Second, it proscribes the manufacture and distribution of technologies or devices that can be used to circumvent either access-control technologies or technologies that protect a right of the copyright owner (e.g., copy-control technologies and the like).1 Both prohibitions are subject to a variety of narrow exceptions for a variety of activities ranging from reverse engineering to nonprofit library acquisition decisions. Section 512, meanwhile, establishes procedures for OSPs that provide Web hosting or information location services to remove infringing material upon receipt of notice    1A device falls within this prohibition if (1) it is primarily designed or produced for circumvention, (2) it has only limited commercially significant purpose or use other than to circumvent, or (3) it has been knowingly marketed for use in circumvention. See 17 U.S.C. 1201(a)(2), (b). The Digital Millennium Copyright Act (DMCA) further complicates matters from a privacy perspective. As noted in Box 8.5, Title I of the DMCA prohibits technological attempts to circumvent DRMTs deployed to protect digital content, and thus eliminates (or at least reduces significantly) the availability of such circumvention technologies to the public—and in particular to members of the public who are interested in protect- an ID (e.g., a library card), but the gap between the act of presenting the card and picking a smart card from the bin would ensure the patron’s privacy. Nevertheless, the easiest, most straightforward, and least expensive way to enable access to DRM-protected materials is indeed to use the library card infrastructure (presumably electronic) to provide such access, in which case the potential privacy problems described above become far more real.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age from the copyright owner. While OSPs are not required to comply with these provisions, those that do comply are granted immunity from contributory infringement liability. An OSP is ineligible to claim the shelter of the notice-and-takedown provisions, however, if it receives a direct financial benefit from the infringing activity and has the right and opportunity to control the activity, or if it knows or has reason to know of the infringing activity and takes no action to stop it. Section 512 also includes a provision authorizing a copyright owner to apply to the clerk of any federal district court for a subpoena requiring an OSP to furnish personal identifying information about a subscriber who is an alleged infringer identified in a takedown notice. Copyright owners also have attempted to use this provision to discover information about individuals alleged to be using Internet access services to trade copies of copyrighted works via peer-to-peer networks. However, two federal courts of appeal have rejected the argument that the subpoena provision should be read to apply to any subscriber, including subscribers who simply use an Internet connection supplied by the OSP.2 Copyright owners are now using a procedural device known as the “John Doe” lawsuit to discover information about these subscribers via judicially authorized subpoenas.3 Finally, at the behest of the motion picture industry, there is currently a movement underway at the state level to enact laws prohibiting the attachment of unauthorized devices to communications networks. Although these laws are described as simply targeting unauthorized and unpaid access to telecommunications and cable services, their breadth leaves them open to much broader interpretation, potentially encompassing any device that can be attached to a personal computer connected to the Internet. For this reason, they have been dubbed “mini DMCAs.”    2See RIAA v. Verizon Internet Services, Inc., 351 F.3d 1229 (D.C. Cir. 2003), cert. denied, 125 S. Ct. 309 (2004); In re Charter Communications, Inc., Subpoena Enforcement Matter, 393 F.3d 771 (8th Cir. 2005).    3See Sony Music Entertainment, Inc. v. Does 1-40, 326 F. Supp. 2d 556 (S.D.N.Y. 2004). ing their anonymous access to such content. It also eliminates or reduces the availability of these technologies to libraries that might otherwise be inclined to take affirmative steps in protecting patron privacy. DRMTs and the DMCA thus pose a potential threat to libraries’ current practice of ensuring that the content viewed by patrons of the library is kept private. The potential privacy problems have much in common with the problems libraries have already encountered in connection with patron access to information in subscription digital databases, discussed briefly above. However, the database access privacy is a problem that can be dealt with contractually between the libraries and the database vendors. Approaching the problem of privacy in the context of DRMTs may require that libraries negotiate with content providers regarding

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age terms that do not compromise the privacy of users—an approach that might significantly raise the cost of obtaining those terms. On the other hand, in much the same way that some online subscription databases simply require identification of the library as the entity responsible for access, content providers might be satisfied simply with measuring the number of accesses to protected content, the number of individual users per month, or the peak number of simultaneous users in a month. Concerns have also been raised about the use of RFID tags in library books.21 Some proposals envision placing RFID tags in all of the physical materials held by libraries. These tags could then be used to control loss and to speed checkout—another application of information and information technology to improve the efficiency of libraries and perhaps even enhance patron privacy, as the library staff would not have to conduct the checkout procedures. The privacy concern is that anyone with an RFID reader could then surreptitiously discover what any patron of the library was checking out by simply getting close enough to the patron to read the RFID tags of the books in the patron’s possession when he or she left the library. This assumes, however, that the individual doing the surreptitious reading of the tag would also have access to the database that linked the tag identification to the book title or ISBN. This worry is more evident in the community of privacy advocates than it is in the library community itself. Indeed, the attitude of the library community seems best summed up by David Dorman, who wrote, … Forgive me for being skeptical of all the hullabaloo, but I just can’t get too worked up about a library book broadcasting its bar code for several feet to any and all who care to lug around portable RFID readers and eavesdrop on the reading habits of passersby carrying library books. However, if that thought bothers some folks, I recommend they campaign for encrypting the barcode number in the RFID tag rather than foment (or buy into) vague apprehensions about a very useful and rather benign library inventory control tool.22 8.6 CONCLUSION Leadership for privacy within libraries has come from within that sector itself. Libraries have long been advocates of personal privacy, seeing privacy as a necessary condition for libraries’ fulfillment of their primary 21 Beth Givens, “RFID Implementation in Libraries: Some Recommendations for ‘Best Practices’,” Privacy Rights Clearinghouse, posted January 10, 2004, available at http://www.privacyrights.org/ar/RFID-ALA.htm. 22 David Dorman, “RFID Poses No Problem for Patron Privacy,” American Libraries Online, December 2003, available at http://www.ala.org/ala/alonline/techspeaking/2003columns2/december2003.htm.

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age function as facilitators of access to information. This function, in turn, serves libraries’ ultimate goal of enabling the ongoing education and cultural advancement of their patrons. Such an orientation makes the library community fundamentally different from other communities, such as businesses (as discussed in Chapter 6) or the medical establishment (discussed in Chapter 7), that have been perceived as compromising privacy from within, and on which privacy requirements have been imposed by law. Library professionals have championed laws protecting the privacy of library patrons as mechanisms to shore up their own guarantees of privacy to their patrons. Libraries have always had to keep significant amounts of personal information about their patrons. Because of this, and because of the close connection between library use and patrons’ intellectual lives, libraries have long been aware of the privacy problems that are now besetting other industries. The library community has a long and rich tradition of debate and policy formation around privacy and has taken seriously the problem of ensuring privacy. Librarians also have experience confronting and evaluating the asserted need to make tradeoffs between privacy and such other values as efficiency, law enforcement, and security. Electronic information technology has engendered a new cycle of debate about these tradeoffs. Whether it is the use of electronic systems to maintain checkout records or the new ways in which information can be accessed via the Internet, the library community has had to consider again whether and to what extent the privacy of its patrons should be compromised to enable full utilization of the new technologies. Without exception these decisions have come down on the side of privacy to the fullest extent permitted by law. Librarians have also become proactive in assessing the privacy implications of emerging technologies, such as digital rights management and RFID tags. Not all of these decisions have been left to the library community. Given the kind of information that library records might reveal about individuals, the law enforcement and intelligence communities have shown great interest in gaining access to that information. They have hoped that the information could be used to discover patterns of inquiry that might indicate threats to the United States. The library community has strenuously resisted such attempts, and continues to challenge recent laws that it believes compromise the privacy of library patrons. If history is any indication, attempts to use library information for these other means will be short lived and ultimately unsuccessful. The tradeoff between the freedom to read (and the associated freedoms of thought and expression) and the enhancement to security that might be gained from breaching the privacy guarantees provided by libraries has been examined many times

OCR for page 231
Engaging Privacy and Information Technology in a Digital Age in the past, and the end result has always been in favor of privacy as a means of ensuring freedom. However, it would be short-sighted to think that the only threat to the privacy of library patrons comes from governmental attempts to access library records in an attempt to discover what citizens are thinking or studying. As the format of the content that libraries offer their patrons becomes more and more digitally based, attempts by the providers of that content to ensure that they retain control of it may become as great a threat as that posed by the government, because of the financial implications of such control. While statutes like the USA PATRIOT Act may define the current battleground for the library community’s attempt to ensure patron privacy, DRMTs may well define the next battleground.