Privacy Tool Kit 9 of 9
The American Library Association has developed policies, guidelines, and resources to assist librarians in preserving privacy and confidentiality for library users.
Privacy and Confidentiality Policies, Procedures and Statements
Policies and Statements about the Patriot Act and Law Enforcement Inquiries
U.S.A. Patriot Act & Libraries
Including links to statements by other library and civil liberties organizations
Other ALA Privacy Related Resolutions
Types of Law Enforcement Requests and Court Orders
Sample Federal Search Warrants and Subpoenas
Sample National Security Letters
Sample FISA (section 215) Order for Business Records
U.S. Congress. House Judiciary Subcommittee on Crime, Terrorism and Homeland Security
“FISA provisions authorizing Roving Surveillance, Lone Wolf and Business Records”
Note: FISA has approved the Department of Justice’s request to modify the telephony metadata program
Also check the laws and regulations governing court orders in your state courts
Statements of Other Library and Professional Associations
Federal Privacy Laws, Policies and Programs
This act, 5 U.S.C. § 552a (2006), can generally be characterized as an omnibus “code of fair information practices” that attempts to regulate the collection, maintenance, use, and dissemination of personal information by federal executive branch agencies. However, the Act’s imprecise language, limited legislative history, and somewhat outdated regulatory guidelines have rendered it a difficult statute to decipher and apply. Moreover, even after more than thirty-five years of administrative and judicial analysis, numerous Privacy Act issues remain unresolved or unexplored. Adding to these interpretational difficulties is the fact that many earlier Privacy Act cases are unpublished district court decisions. A particular effort is made in this “Overview” to clarify the existing state of Privacy Act law while at the same time highlighting those controversial, unsettled areas where further litigation and case law development can be expected.
This act, 47 U.S. Code §551, restricts access to cable television subscriber information.
COPA, 15 U.S.C. § 6501; 16 CFR 312, requires commercial online content providers who either have actual knowledge that they are dealing with a child 12 or under or who aim their content at children to obtain verifiable parental consent before they can collect, archive, use, or resell any personal information pertaining to that child. In addition, the Act requires commercial Web sites and online services covered by COPPA to place their information collection, use and disclosure practices prominently on their Web site. The law also mandates that site operators allow parents to review and delete information about their children collected by the site.
CALEA, 18 USC §2522, requires a "telecommunications carrier," as defined by the Act, to ensure that equipment, facilities, or services that allow a customer or subscriber to "originate, terminate, or direct communications," enable law enforcement officials to conduct electronic surveillance pursuant to court order or other lawful authorization.
Critical Infrastructure Information Protection
This Program is an information-protection program that enhances voluntary information sharing between infrastructure owners and operators and the government. PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data.
Digital Millennium Copyright Act of 1998
Section 512 contains a provision to ensure that service providers are not
placed in the position of choosing between limitations on liability on the one hand and
preserving the privacy of their subscribers, on the other. Subsection (m) explicitly
states that nothing in section 512 requires a service provider to monitor its service or
access material in violation of law (such as the Electronic Communications Privacy Act) in order to be eligible for any of the liability limitations
Do-Not-Call Implementation Act of 2003
Pursuant to its authority under the Telephone Consumer Protection Act (TCPA), 47 US Code §227, the FCC established, together with the Federal Trade Commission (FTC), a national Do-Not-Call Registry. The registry is nationwide in scope, applies to all telemarketers (with the exception of certain non-profit organizations), and covers both interstate and intrastate telemarketing calls. Commercial telemarketers are not allowed to call you if your number is on the registry, subject to certain exceptions. As a result, consumers can, if they choose, reduce the number of unwanted phone calls to their homes. The Do-Not-Call Implementation Act, 15 U.S.Code 87A §6151, authorized the Federal Trade Commission to implement and enforce the national do-not-call registry
Driver License Privacy Act [Prohibition on release and use of certain personal information from State motor vehicle records]
This act, 18 U.S. Code §2721, prohibits the release and use of certain personal information from State motor vehicle records.
the Supreme Court ruled that solicitation is not a permissible use of state motor vehicle records under the Driver's Privacy Protection Act.
E-Government Act of 2002
This act, U.S. Code § 3601-3606, requires Federal Agencies to conduct privacy impact assessments.
Office of Management and Budget. OMB Guidance for Implementing the Privacy
Provisions of the E-Government Act of 2002. M-03-22 Sept. 26, 3003
ECPA, Public Law 99-508; 18 U.S.Code § 2510-22, includes provisions for access, use, disclosure, interception and privacy protections of electronic communications. The law, which covers various forms of wire and electronic communications, prohibits unlawful access and certain disclosures of communication contents and prevents government entities from requiring disclosure of electronic communications from a provider without proper procedure. ECPA was amended by Sections 209- 212 and 216 of the USA PATRIOT ACT.
restricts the use of the information in the system so as to protect privacy, and it creates criminal penalties for the misuse of the information.
The Fair Credit Reporting Act (1970)
FCRA, 15 U.S. Code §1681, promotes the accuracy, fairness, and privacy of information in the files of consumer reporting agencies.
FERPA, 20 U.S.Code §1232g; 34 CFR Part 99, protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. The main focus of FERPA is to define who can access student records. FERPA grants parents the rights until the child turns 18 years old or attends a school beyond the high school level. The Act spells out the conditions that allow schools to release records without consent to certain designated parties. Title V, section 507 of the USA PATRIOT Act amended FERPA by creating a new exception to the privacy protections.
Federal Trade Commission's Consumer Protection, Privacy Oversight
The Federal Trade Commission Consumer Protection Division, under Section 5 of the FTC Act, administers a privacy program in order to make sure that companies keep the promises they make to consumers about privacy and take precautions to secure consumers' personal information. The Commission has brought a number of cases to enforce the promises in privacy statements, including promises about the security of consumers' personal information.
The Financial Modernization Act of 1999, Title V, Subtitle A (Gramm-Leach-Bliley Act)
This act, 12 U.S. Code §1811, also known as the "Gramm-Leach-Bliley Act" or GLB Act, includes provisions to protect consumers' personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions. The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions -- such as credit reporting agencies -- that receive customer information from other financial institutions.
Foreign Intelligence Surveillance Act (FISA) (1978)
FISA, 18 U.S. Code §1801, prescribes procedures for requesting judicial authorization for electronic surveillance and physical search of persons engaged in espionage or international terrorism against the United States on behalf of a foreign power.
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA, Public Law 104-191, required the Secretary to issue privacy regulations governing individually identifiable health information. The HIPPA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes. http://www.hhs.gov/ocr/privacy/hipaa/administrative/combined/hipaa-simpl...
Homeland Security Act of 2002
6 U.S. Code §101, adopted after the Sept. 11, 2001 terrorist attacks with the intention of improving U.S. domestic security.
Privacy Protection Act of 1980
42 U.S.Code § 2000aa et seq., protects journalists from being required to turn over to law enforcement any work product and documentary materials, including sources, before it is disseminated to the public.
Right to Financial Privacy Act (1978)
12 U.S. Code § 3401 -3422, enacted to provide the financial records of financial institution customers a reasonable amount of privacy from federal government scrutiny.
The Student and Exchange Visitors Information System (SEVIS), administered by the Department of Homeland Security in partnership with the Department of State and the Department of Education, maintains updated information on approximately one million non-immigrant foreign students and exchange visitors during the course of their stay in the United States each year. Schools are now required to report a foreign student's failure to enroll or if students drop out of their programs. Certain requirements imposed by the Family Educational Rights and Privacy Act (FERPA) are waived and conditions for employment specified.
Telecommunications Act of 1996
7 U.S.C. § 222 was enacted as part of the Telecommunications Act of 1996 and is
entitled "Privacy of Customer Information." It states generally that "[e]very
telecommunications carrier has a duty to protect the confidentiality of proprietary
information of, and relating to . . . customers." To effectuate that duty, § 222 places
restrictions on the use, disclosure of, and access to certain customer information
Video Privacy Protection Act of 1988
The Video Privacy Protection Act of 1988, 18 U.S.C. § 2710, was passed in reaction to the disclosure of Supreme Court nominee Robert Bork's video rental records in a newspaper. The Act is not often invoked, but stands as one of the strongest protections of consumer privacy against a specific form of data collection. Generally, it prevents disclosure of personally identifiable rental records of "prerecorded video cassette tapes or similar audio visual material. http://epic.org/privacy/vppa/
For current information on privacy-related legislation, see:
Appendix B: Privacy Bibliography
Adams, Helen R., Robert F. Bocher, Carol A. Gordon, and Elizabeth Barry-Kessler. Privacy in the 21st Century; Issues for Public, School, and Academic Libraries, Westport, CT: Libraries Unlimited, 2005.
Includes information about the laws affecting personal privacy and privacy in library
as well as the impact on accessibility of online information in these settings.
Allen, Anita. Unpopular Privacy: What Must We Hide? (Studies in Feminist Philosophy). N.Y.: Oxford University Press, 2011.
A discussion of when government should mandate privacy and when privacy should be a matter of personal choice.
Andrews, Lori. I Know Who You Are and I Saw What You Did: Social Networks and the Death of Privacy. Florence, MA: Free Press, 2012.
Andrews gives concrete examples of misuse of personal information gleaned from the internet, and provides the information we need to protect ourselves from these abuses, including how to remove personal date from aggregator site.
Bennett, Colin. The Privacy Advocates: Resisting the Spread of Surveillance. Cambridge, MA: MIT Press, 2008.
Bennett analyzes the people and groups around the world who have risen to challenge the most intrusive surveillance practices by both government and corporations.
Boghosian, Heidi. Spying on Democracy: Government Surveillance, Corporate Power, and Public Resistance. San Francisco, CA: City Lights Publishing, 2013
Boghosian provides the answer to the question ‘If you’re not doing anything wrong, why should you care if someone’s watching you?’ She discusses how technology is being used to categorize and monitor people based on their associations, their movements, their purchases, and their perceived political beliefs.
Brin, David. The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? Jackson, TN: Perseus Press, 1998.
Cassel, Elaine. (2004). The war on civil liberties: How Bush and Ashcroft have dismantled the Bill of Rights. Chicago, IL: Lawrence Hill Books, 2004.
Cassell provides a series of examples based on national and international media coverage illustrating the extent to which our individual rights have been curtailed.
Cate, Fred H. Privacy in the Information Age. Washington D.C.: Brookings, 1997.
Includes four sets of principles for protecting information privacy that recognize the significance of individual and collective nongovernmental action, the limited role for privacy laws and government enforcement of those laws, and the ultimate goal of establishing multinational principles for protecting information privacy
Chmara, Theresa. Privacy and Confidentiality Issues; a Guide for Libraries and their Lawyers.
Chicago, IL: American Library Association, 2009.
Chmara has represented ALA, the Freedom to Read Foundation and the American Booksellers Association on free speech issues. This is a collection of frequently asked questions based on her experiences.
Etzioni, Amitai. How patriotic is the Patriot Act? Freedom versus security in the age of terrorism. NY: Routledge, 2004.
Fisher, Louis. The Constitution and 9/11: Recurring threats to America’s freedoms. Lawrence, KS: University Press of Kansas, 2008.
Foerstel, Herbert N. Refuge of a Scoundrel; The Patriot Act in Libraries. Westport, CT: Libraries Unlimited, 2004.
History of the origins of library surveillance and the implications of the Patriot Act for libraries and booksellers
… Surveillance in the Stacks, The FBI’s Library Awareness Programs. Westport, CT: Greenwood Publishing, 1999.
Relying on previously classified FBI reports, Foerstel traces the history of federal library surveillance, documents the media and congressional response to the Library Awareness Program, and discusses the professional and legislative moves that were taken to safeguard library confidentiality.
Herman, Susan N. Taking Liberty: The War on Terror and the Erosion of American Democracy
N.Y.: Oxford University Press, 2011.
Includes several chapters on the impact on libraries and librarians.
Lane, Frederick S. American Privacy: the 400-Year History of Our Most Contested Right. Boston, MA: Beacon Press, 2009.
A sweeping story of the right to privacy from colonial postal routes to today's fiber-optic cables on a collision course with programmers, librarians and letter-writers.
Levmore, Saul and Martha Nussbaum, eds,, The Offensive Internet: Speech, Privacy, and Reputation. Cambridge, MA: Harvard University Press, 2001.
A Collection of essays about the clash between free speech and privacy online.
Magi, Trina J. Protecting our precious liberties: What every educator needs to know about libraries, privacy and freedom of inquiry. Bloomington, IN: Phi Delta Kappa International, 2005.
Nissenbaum, Helen. Privacy in Context: Technology, Policy, and the Integrity of Social Life, Standford, CA: Stanford University, 2010.
Nissenbaum persuasively argues that privacy must be understood in its social context, and she provides an insightful and illuminating account of how to do so. For anyone considering the burgeoning problems of information privacy, Privacy in Context is essential reading." —Daniel J. Solove, George Washington University Law School and author of Understanding Privacy
O’Harrow, Robert, Jr. No Place to Hide. NY: Free Press, 2002.
O’Harrow, an award-winning Washington Post reporter, describes the emergence of a data-driven surveillance society intent on giving individuals the conveniences and services they crave, like cell phones, discount cards, and electronic toll passes, while watching them more closely than ever before. He shows that since the September 11, 2001, terror attacks, the information industry giants have been enlisted as private intelligence services for homeland security; revealing how people can lose control of their privacy and identities at any moment.
Raul, Alan Charles. Privacy and the Digital State: Balancing Public Information and Personal Privacy. Norwell, MA: Kluwer, 2002.
Raul argues that "privacy" is inherently relative, and is always balanced alongside of various social exigencies, such as other compelling rights guaranteed by the Constitution, the interest of the public in broad disclosure of and access to government records, and the desire to foster an efficient, productive economy. He examines the recurring conflict between "open government" and "privacy of personal information" and attempts to provide a perspective on striking a balance.
Rosen, Jeffrey. The Unwanted Gaze: The Destruction of Privacy in America. N.Y.: Random House, 2000.
Rosen argues that privacy helps to protect us from being judged ''out of context'' -- that is, from having an isolated bit of personal information exposed to the world, so that it becomes our defining characteristic in other people's eyes. Privacy, moreover, helps us to develop close personal relationships and to be creative without fear that our confidential disclosures will be held against us. He suggests that ''privacy is a form of opacity, and opacity has its values. We need more shades and more blinds and more virtual curtains.''
… The Future of Reputation: Gossip, Rumor, and Privacy on the Internet, New Haven, CT: Yale University Press, 2007.
…. Nothing to Hide: The False Tradeoff between Privacy and Security. New Haven, CT: Yale University Press, 2011
…. Privacy Law Fundamentals, International Association of Privacy Professionals. (IAPP). 2d Ed., Portsmouth, NH, 2013
…. Understanding Privacy. Harvard University Press, 2008.
A comprehensive, conceptual and clear analysis of privacy.
Articles and Reports
American Library Association. Office for Intellectual Freedom, Jason Griffey, Sarah Houghton-Jan, and Eli Neiburger. “Privacy and Freedom of Information in 21st-Century Libraries”. Library Technology Reports, 46, no. 8 (November/December 2010)
Bernstein, Joen E. “Train Employees and Officials to Be Ready for Privacy Challenges.”
Computers in Libraries 27, no. (June 6, 2007): 6 – 9.
Brandt, Allen. On Making Privacy Policies More Simple and User-Friendly,
California Digital Library, SOPAG Privacy Audit and Guidelines
Chmara, Theresa. “Minors' Rights to Receive Information Under the First Amendment” (Februry 2, 2004).
David H. Flaherty, David H. “How to Do a Privacy and Freedom of Information Act Site Visit.” (2001)
Greenleaf, Graham, (2013). “Sherezade and the 101 Data Privacy Laws: Origins, Significance
and Global Trajectories”, Journal of Law, Information & Science, (2013)
Jaeger, Paul T., John Carlo Bertot, Charles R. McClure. “The Impact of the USA Patriot Act on Collection and Analysis of Personal Information under the Foreign Intelligence Surveillance Act.” Government Information Quarterly, 20, no. 3 (July 2003): 295-314.
Johnston, Scott D. “Rethinking Privacy in the Public Library” International Information & Library Review 32, no. 3-4 (September 2000): 509 – 517.
“The dichotomy between personal privacy and free access to information, which has come increasingly to the fore with the advance of information technology, justifies a reconsideration of these traditional values and interests. In this article, it is contended that privacy, as a constitutional right, is subject to changing norms as a result of the advent of the information society. In today's information society, citizens weigh the importance of protecting privacy against the advantages of free access to information. The criterion they use is a rational one: an evaluation of which option provides the individual with the most benefit. The protection of privacy is no longer an unconditional good. For state organisations to champion privacy at any cost is, therefore, out of step with this development. A new balance has to be established between the citizen's right to privacy and their right to know, taking into account this shift in values. In order to prevent on the one hand overzealous protection and, on the other, the abuse of information, it is necessary to set up the monitoring function in a new way.”
Klinefelter. Anne, “Library Standards for Privacy: A Model for the Digital World?” North Carolina Journal of Law & Technology 11, no 3; Special (2010): 553.
Kranich, Nancy. (2004). “Another Hysteric Librarian for Freedom,” In Censored: 2005, edited by Peter Phillips and Project Censored, 9-13. New York: Seven Stories Press, 2004.
…. “Librarians and Teen Privacy in the Age of Social Networking,” Knowledge Quest, 6, no 2, (November/December 2007): 34-37. Available from EBSCO
Lamdan, Sarah Shik. “Why Library Cards Offer More Privacy Rights than Proof of Citizenship: Librarian Ethics and Freedom of Information Act Requestor Policies.” Government Information Quarterly 30, no. 2 (April 2013): 131-140.
This paper demonstrates the divergent requestor privacy policies of professional librarians and the administration of the Freedom of Information Act (FOIA), and urges the federal government to adhere to librarian ethics in order to protect FOIA requestors.
Our lives are composed of small details. Any one detail, standing alone, may provide little insight into one’s identity, but the aggregation of details can paint a surprisingly accurate and revealing picture.
Magi, Trina J. “A Content Analysis of Library Vendor Privacy Policies: Do They Meet Our
…. “Fourteen Reasons Privacy Matters: A Multidisciplinary Review of Scholarly Literature,” The Library Quarterly 81, no. 2 (April 2011): 187-209. (Available from JSOR)
This article attempts to expand librarians’ understanding by reviewing scholarly literature on privacy from a wide variety of disciplines outside the field of library science, including anthropology, law, philosophy, political science, psychology, and sociologyAfter discussing the challenges of defining privacy and addressing the question of whether privacy is a value that spans cultures, the article traces a number of major themes in the literature, enumerating a host of individual, interpersonal, and societal goods that are made possible by privacy.
Minow, Mary. “The USA PATRIOT Act and Patron Privacy on Library Internet Terminals”
Molz, R. Kathleen, “Intellectual Freedom and Privacy: Comments on a National Program for Library and Information Services.” National Commission on Libraries and Information Science. National Program for Library and Information Services. Related Paper Number 10, December, 1974. ED 100 395. http://files.eric.ed.gov/fulltext/ED100395.pdf
The civil libertarian aspects of the National Program for Library and Information Science, including the right of privacy, are analyzed. Includes a chronology of events relating to intellectual freedom and privacy from 1950 – 1974.
Oregon State Public Interest Research Group. “Resource Guide to Online Privacy; How to Keep Your Personal Information Safe Online” Last updated 11/7/2013 http://ospirg.org/onlineprivacy
A report based on telephone interviews conducted by Princeton Survey Research Associates International from July 11-14, among a sample of 1,002 adults ages 18 and older.
Privacy International is a registered UK charity and the first organization to campaign at an international level on privacy issues. They publish a report on the state of privacy in the world each year.
Privacy Rights Clearinghouse. “Privacy Survival Guide; Take Control of Your Personal Information. (Revised March 2014)
Reidenberg, Joel R.; N. Cameron Russell; Jordan Kovnot; Thomas B. Norton; Ryan Cloutier, and Daniela. "Privacy and Cloud Computing in Public Schools". (2013). Center on Law and Information Policy. Book 2. http://ir.lawnet.fordham.edu/clip/2
Rubel, Alan. (2007). “Privacy and the USA Patriot Act: Rights, the Value of Rights, and Autonomy,” Law and Philosophy 26, n2, (March 2007): 119-159. papers.ssrn.com/sol3/papers.cfm?abstract_id=881130
Sales, Nathan. “Mending Walls: Information Sharing After the USA PATRIOT Act,” Texas Law Review. 88, no.7 (June 2010) : 1795-1854. Available from Academic Search Premier.
This Article attempts to fill that gap in the literature. It has three goals: to weigh the advantages and disadvantages of information sharing; to identify some of the remaining legal restrictions on data exchange, as well as their policy justifications; and to consider whether these laws' underlying
values can coexist with expanded sharing.
Schwartz, Paul M. and Daniel J. Solove. “The PII Problem: Privacy and a New Concept of Personally Identifiable Information”. New York University Law Review, 86, no.6, (December 2011): 1815 – 1894. http://ssrn.com/abstract=1909366
Solove. Daniel J. “The Future of Privacy,” American Libraries 39, no. 8, (September 2008): 56-59. Available from Ebscohost
Solove argues that Privacy helps to protect us from being judged ''out of context'' -- that is, from having an isolated bit of personal information exposed to the world, so that it becomes our defining characteristic in other people's eyes. Privacy, moreover, helps us to develop close personal relationships and to be creative without fear that our confidential disclosures will be held against us. In a culture of transparency and fleeting attention spans, Rosen observes, ''privacy is a form of opacity, and opacity has its values. We need more shades and more blinds and more virtual curtains.”
…. "I've Got Nothing to Hide' and Other Misunderstandings of Privacy.” San Diego Law Review, Vol. 44 no. 4 (Fall 2007): 745-772. Available from LexisNexis Academic
Strickland, L.S., & Hunt, L.E. (2005) “Technology, Security, and Individual Privacy: New Tools, New Threats, and New Public Perceptions.” Journal of the American Society for Information Science & Technology, 56, no.3. (February 2005): 221-234.
“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.” said Commerce Secretary Gary Locke. “Today’s report is a road map for considering a new framework that is good for consumers and businesses. And while our primary goal is to update the domestic approach to online privacy, we are optimistic that we can take steps to bridge the different privacy approaches among countries, which can help us increase the export of U.S. services and strengthen the American economy.”
U.S. Department of Education. Family Policy Compliance Office Web Site
U.S. Department of Education. Privacy Technical Assistance Center
Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices. Center:
This document addresses privacy and security considerations relating to computer software, mobile applications (apps), and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. Examples include online services that students use to access class readings, to view their learning progression, to watch video demonstrations, to comment on class activities, or to complete their homework.
U.S. Department of Education. Secretary's Advisory Committee on Automated Personal Data Systems. “Records, Computers and the Rights of Citizens” (July 19973). Includes “Fair Information Practice Principles.” http://epic.org/privacy/hew1973report/
U.S. Federal Trade Commission, “FTC Strengthens Kid’s Privacy, Gives Parents Greater Control Over Their Information By Amending Children’s Online Protection Rule.” December 19, 2012. http://www.ftc.gov/opa/2012/12/coppa.shtm
…. “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policy Makers.” (March 2012)
U.S. Federal Trade Commission. Bureau of Consumer Protection. Business Center. “Complying with COPPA: Frequently Asked Questions : A Guide for Business and Parents and Small Entity Compliance Guide.” (July 2013).
These FAQs “are intended to supplement the compliance materials available on the FTC website. In addition, you may send questions or comments to the FTC staff’s COPPA mailbox, CoppaHotLine@ftc.gov
. This document represents the views of FTC staff and is not binding on the Commission. To view the Rule and compliance materials, go to the FTC's COPPA page for businesses. This document serves as a small entity compliance guide pursuant to the Small Business Regulatory Enforcement Fairness Act.
Some FAQs refer to a type of document called a Statement of Basis and Purpose. A Statement of Basis and Purpose is a document an agency issues when it promulgates or amends a rule, explaining the rule’s provisions and addressing comments received in the rulemaking process. A Statement of Basis and Purpose was issued when the COPPA Rule was proposed.
Analyses issues and makes recommendations for updating privacy law and policy in light of technological change.
U.S. White House. Consumer Data Privacy in a Networked World: A Framework of Protecting Privacy and Promoting Innovation in the Global Digital Economy. (February, 2012)
Source of "the right to be let alone," this foundational document has been called one of the most influential essays in the history of American law. Reflecting the upper class concerns of its day, it addresses commercial exploitation of gossip and technological aids to an invasive press, rather than Big Brother government surveillance.
Wheeler, Maurice. “The Politics of Access: Libraries and the Fight for Civil Liberties in Post-9/11 America,” Radical History Review, 93, (Fall 2005): 79-95.
Zimmer, Michael. “Assessing the Treatment of Patron Privacy in Library 2.0 Literature”. Information Technology and Libraries, 32, no. 2 (June 2013): 29–41.
An ethical examination of the emergence of new Library 2.0 tools and technologies in relation to existing ethical norms of information flow within the library context. Available from Ebscohost.
…. “Librarian attitudes regarding information and Internet privacy”. Library Quarterly, 84, no.2 (April 2014):123-151. Available from JSTOR and Chicago Journals.
A report of findings from a new survey measuring librarians’ views on privacy rights and protecting library users’ privacy. The study, which builds on a 2008 ALA survey assessing librarians’ attitudes about privacy, provides important data that will help privacy advocates evaluate the state of privacy in the United States and libraries’ role in protecting library users’ privacy. Overall, the results indicate a high level of concern among respondents over information privacy and a desire to control access and use of personal information, but they also reflect some shifts in privacy attitudes compared to the 2008 study. Implications are discussed for future advocacy and outreach by the American Library Association and related advocacy and educational groups
…. “Patron Privacy in the ‘2.0’ Era: Avoiding the Faustian Bargain of Library 2.0.” Journal of Information Ethics, 22, no.1 (Spring 2013): 44–59 Available from Metapress.
An ethical examination of the emergence of new Library 2.0 tools and technologies in relation to existing ethical norms of information flow within the library context.
Revised by the IFC Privacy Subcommittee and approved by the Intellectual Freedom Committee January 2014