Library Privacy Guidelines for Public Access Computers and Networks

Introduction

Libraries provide patrons with opportunities to use computers and other devices (e.g. laptops, tablets, ebook readers, etc.) to access online resources such as library catalogs, research databases, ebooks, other digital content, and the Internet.  Patrons use library computers to create content including word processing documents, multimedia projects, email messages, and posts to social media and other websites.  In addition, libraries often provide wired and wireless public networks that allow patrons to connect using a personal device.

Use of any computer or network may create records of users' activities that can jeopardize their privacy.  In addition libraries may collect personal information from users for a variety of reasons such as reserving a computer or checking out a device.  Libraries must work to ensure that their procedures and practices for managing public access computers and devices reflect library ethics, policies, and legal obligations involving user privacy and confidentiality.

These guidelines are issued to provide libraries with information about appropriate data management and security practices with respect to library patrons' personally identifiable information and data about their use of public access computers and networks.

Why Privacy Is Important

Protecting user privacy and confidentiality has long been an integral part of the intellectual freedom mission of libraries. The right to free inquiry as assured by the First Amendment depends upon the ability to read and access information free from scrutiny by the government or other third parties.  In their provision of services to library users, librarians have an ethical responsibility, expressed in the ALA Code of Ethics, to preserve users' right to privacy.  Librarians and libraries may also have a legal obligation to protect library users' personally identifiable information and data from unauthorized disclosure and use.

Clear Privacy Policies

Users should be notified about library privacy policies when accessing a computer or a public network in the library.  The privacy policies should be made easily available and understandable to users.  Safeguarding user privacy requires that individuals know what personally identifiable information is gathered about them, how long it is stored, who has access to it and under what conditions, and how it is used.  A proactive process should be created to notify ongoing users of any changes to the library's privacy policies.

Access Control & Device Checkout

Libraries can use a variety of methods to manage access to computers and networks. These methods range from a clipboard with a sign-up sheet to sophisticated access control software that can include user authentication, reservations, time limits, and management of Internet content filters.  The integrated library system may be used to checkout laptops and other devices.  In addition, libraries may require users to authenticate in order to access the network when using their personal device.

Whatever methods are employed, libraries should develop appropriate policies and procedures to protect the privacy of patrons and their computer and network activity in the library. Transactional logs generated by access control software and network authentication should be anonymized or destroyed when no longer needed.  Sign-up sheets should be redacted or shredded. Checkout records should be purged or anonymized when the device is returned and any overdue fines paid.

Display Screens

Computer display screens are often easily visible to nearby people.  Libraries should make privacy screens or recessed displays available to patrons who desire to use them while recognizing no screen will render a user's display completely invisible to other people. In addition, many people dislike privacy screens or recessed displays and therefore should not be forced to use them.

Browser Activity

Many websites track user behavior and share data with third parties via cookies and other technologies.  The library should provide browsers and plugins that offer privacy protections when surfing the Web.  In addition, browsers should be configured to clear all data (cache, history, cookies, passwords) upon exit.

Routine Maintenance

Public computers should be routinely maintained to ensure they are operating properly, and that the software on the computer designed to protect the user’s privacy is activated and effective.  A security audit of the computer could be routinely performed to attempt to locate deficiencies in the security of the computer.  A physical inspection should also include the identification of unknown devices attached to the computer designed to steal personal information such as keyloggers.  

Personal Data on Computer or Device

Use of any computer or device may create records of the user's activities that can jeopardize their privacy.  Documents, emails, and other files that may contain private information could be left on the device.  The library should use restoration software or other technological means to remove traces of individual use on public access computers and other devices provided by the library.

Malware

Malware can be a serious threat to personal privacy and security when using a computer.  If the malware captures login information and passwords, the user's online accounts maybe compromised.  Libraries should take appropriate steps to ensure that malware or other unauthorized software does not reside on the computer or device.  These steps could include security protection (anti-malware, anti-spam, anti-virus programs) as well as restoration software to remove all software installed without authorization.

Computer Monitoring & Usage Tracking

Monitoring software can be installed to record activities or remotely view what a user is doing on a device.  It is often used for technical support or for compliance with an organization's computer use policy.  To protect users' privacy, libraries should avoid using monitoring software on public access computers or other devices provided by the library.  If monitoring is employed, users should be informed of its purpose and scope in the library's privacy policies.

Many applications and operating systems are configured by default to automatically share activity data with the software publisher to identify errors, enhance usability, or provide personalization.  When possible, the library should disable such usage tracking on public access computers or other devices provided by the library.

[The Library Privacy Checklist for Public Access Computers and Networks is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in this guideline.] 

Approved June 24, 2016 by the Intellectual Freedom Committee of the American Library Association