Library Privacy Checklist for Students in K-12 Schools

This checklist is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in the Library Privacy Guidelines for Students in K-12 Schools

Priority 1 are actions that hopefully all libraries can take to improve privacy practices.  Priority 2 and Priority 3 actions may be more difficult for libraries to implement depending on their technical expertise, available resources, and organizational structure.

Priority 1 Actions

  1. Create internal library procedures to protect student privacy based on:
    1. school policies related to privacy and confidentiality of student data, especially student circulation records and the use of library resources in all formats.
    2. federal laws such as the Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Act (COPPA), and state privacy laws regarding library records.
    3. ALA and AASL policy statements, online tool kits and Q & A’s, guidelines, and other resources provided by national and state library associations.
  2. Collect the minimum amount of information necessary about students to conduct library business.
  3. Configure circulation software to delete students’ borrowing history and retain only necessary records.
  4. Ensure any paper records with sensitive information are stored in a secure area and shredded when no longer needed.
  5. Train library staff and volunteers to respect students’ privacy and the confidentiality of their library records.

Priority 2 Actions

  1. Educate administrators, faculty, and support staff about students’ library privacy and the confidentiality of student data using a variety of communication methods.
    1. Initiate conversations with the principal, teachers, students, and parents about the need for an official library privacy policy.
  2. Add privacy-related resources to the library collection including items related to personal privacy, minors’ privacy rights, and privacy as a national and international issue.
    1. Consider creating a privacy information section on the school library web page or a privacy-themed pathfinder (e.g. LibGuide) with privacy resources.
  3. Integrate online privacy into library instruction and programming.  For example:
    1. Introduce students to online privacy information such as secure passwords and web tracking during library orientations and other brief presentations.
    2. Celebrate Choose Privacy Week and other privacy-related observances (Data Privacy Day, Teen Tech Week, etc.) with the school community.
    3. Create privacy-related displays and set up videos in the library to educate parents during during parent-teacher conferences and other evening school and community events
    4. Offer presentations to parents about students’ privacy online and other topics of interest to families.
  4. Advocate within the school or district for protecting students’ privacy rights in learning management systems or other technologies that enable educators to monitor student reading and research habits.  Assessment should not  include monitoring how students use specific library materials and online resources as part of free inquiry and research.
  5. Volunteer to serve on the school’s data governance committee.  If one does not exist, advocate for its creation.

Priority 3 Actions

  1. Work with other stakeholders in the school or district to create an official library privacy policy in regards to student circulation records and the use of library resources.
    1. The privacy policy should be approved by the school’s governing body (e.g. school board, school committee, etc.)
    2. Post the policy in the library and on the library’s section of the school website.
    3. Promote the library’s privacy policy within the school community.
  2. Work through school lines of authority to write or adapt a K-12 privacy curriculum and have it formally approved and taught.  Collaboratively teach privacy units with teachers using the  iKEEPSAFE and/or other privacy curricula.
  3. Work with school officials to incorporate privacy protections into RFP’s and resulting contracts.  Discuss privacy concerns with digital resource and technology vendors, especially in regards to the school’s/library’s contracts with these vendors.
  4. Ensure that all online transactions between client applications and server applications are encrypted.
  5. Ensure that storage of personally identifiable student information is housed using encrypted storage.

Resources

ALA/AASL Policy statements

AASL Position Statement on the Confidentiality of Library Records (2012)

ALA Code of Ethics

Privacy: An Interpretation of the Library Bill of Rights.

Legislation

American Library Association. State Privacy Laws Regarding Library Records.

Federal Trade Commission. Children’s Online Protection Act (COPPA)

U.S. Department of Education. Laws and Guidance: Family Educational Rights and Privacy Act (FERPA)

U.S. Department of Education. Laws and Guidance: Family Policy Compliance Office

Learning Resources

Choose Privacy Week. Students and Minors’ Privacy- Selected Resources.

ALA Privacy Tool Kit.

Questions and Answers on Privacy and Confidentiality.

Colchester High School (VT) Intellectual Freedom LibGuide on Choose Privacy Week

Common Sense Media. Privacy and Internet Safety [Information aimed at parents].

Consortium for School Networking. Protecting Privacy in a Connected World.

Library Freedom Project Teen Privacy Guide

National Cyber Security Alliance. “Privacy Library.” https://staysafeonline.org

YALSA Teen Tech Week. http://teentechweek.ning.com/page/faq

U.S. Department of Education. Privacy Technical Assistance Center

Teaching Tools

Choose Privacy Week Programming Guide and Activities

iKEEPSAFE. K-12 Curriculum Matrix

San Jose Public Library Virtual Privacy Lab (modules in English, Spanish, and Vietnamese)

Digital Defenders (free, CC-licensed kids' booklet about privacy)

Advocacy

Data Quality Campaign and Consortium for School Networking Student Data Principles

EPIC Student Privacy Bill of Rights

Student Privacy Pledge

Approved January 21, 2017 by the Intellectual Freedom Committee