Privacy Toolkit

Home | Previous: Advocacy at the Local, State, & National Levels

Appendices to the Privacy Toolkit

American Library Association Privacy Policies and Statements

The American Library Association has developed policies, guidelines, and resources to assist librarians in preserving privacy and confidentiality for library users.
 

Basic Statements

 
Code of Ethics (rev. 2005) 
Freedom to Read Statement (1953; rev. 1972, 1991, 2000) 
Library Bill of Rights (1948, amended 1961, 1980, reaffirmed 1996) 
 

Privacy and Confidentiality Policies, Procedures and Statements

Guidelines for Developing a Library Privacy Policy (August 2003; rev. March 2005)  http://www.ala.org/offices/oif/iftoolkits/toolkitsprivacy/libraryprivacy
Policy on Confidentiality of Library Records (1971; rev.1975, 1986) (http://www.ala.org/Template.cfm?Section=otherpolicies&Template=/ContentM... ay.cfm&ContentID=13084)
Suggested Procedures for Implementing Policy on Confidentiality of Library Records (1983; rev. 1988 and March 18, 2005. http://www.ifmanual.org/implementconfidentialitypolicy
American Association of School Libraries. “Position Statement on the Confidentiality of Library Records” (Revised 02/06/12) 
Questions and Answers on Privacy and Confidentiality (June 19, 2002; rev. April 14, 2005; June 26, 2006; and October 30, 2006)
 

Policies and Statements about the Patriot Act and Law Enforcement Inquiries 

 
U.S.A. Patriot Act & Libraries 
   Including links to statements by other library and civil liberties organizations

Other ALA Privacy Related Resolutions

 
American Association  of School Librarians. Position Statement on the Confidentiality of Library Records, (2/6/2012). 
Loyalty Oaths, (July 1, 1992) 
 
 
                Types of Law Enforcement Requests and Court Orders
 
 
Sample Federal Search Warrants and Subpoenas 
 
 
Sample National Security Letters
Sample FISA (section 215) Order for Business Records
U.S. Congress. House Judiciary Subcommittee on Crime, Terrorism and Homeland Security 
“FISA provisions authorizing Roving Surveillance, Lone Wolf and Business Records”
 
Note:  FISA has approved the Department of Justice’s request to modify the telephony metadata program
 
Also check the laws and regulations governing court orders in your state courts 
  
Statements of Other Library and Professional Associations
 
ACM Privacy Policy (Association for Computing Machinery)  http://www.acm.org/about/privacy-policy
 
IFLA, "The IFLA Internet Manifesto” PDF  (The Hague, Netherlands: IFLA, August 23, 2002).
 
Federal Privacy Laws, Policies and Programs
 
     U.S. Dept. of Justice, Office of Privacy and Civil Liberties. Overview of the Privacy Act of 1974, 2012   http://www.justice.gov/opcl/1974privacyact-2012.pdf 
       This act, 5 U.S.C. § 552a (2006),  can generally be characterized as an omnibus “code of fair information practices” that attempts to regulate the collection, maintenance, use, and dissemination of personal information by federal executive branch agencies. However, the Act’s imprecise language, limited legislative history, and somewhat outdated regulatory guidelines have rendered it a difficult statute to decipher and apply. Moreover, even after more than thirty-five years of administrative and judicial analysis, numerous Privacy Act issues remain unresolved or unexplored. Adding to these interpretational difficulties is the fact that many earlier Privacy Act cases are unpublished district court decisions. A particular effort is made in this “Overview” to clarify the existing state of Privacy Act law while at the same time highlighting those controversial, unsettled areas where further litigation and case law development can be expected.
         History of the Privacy Act http://www.cavebear.com/archive/nsf-dns/pa_history.htm
 
Cable Communications Policy Act of 1984 http://www.law.cornell.edu/uscode/text/47/551
    This act, 47 U.S. Code §551, restricts access to cable television subscriber information.
   COPA, 15 U.S.C. § 6501; 16 CFR 312, requires commercial online content providers who either have actual knowledge that they are dealing with a child 12 or under or who aim their content at children to obtain verifiable parental consent before they can collect, archive, use, or resell any personal information pertaining to that child. In addition, the Act requires commercial Web sites and online services covered by COPPA to place their information collection, use and disclosure practices prominently on their Web site. The law also mandates that site operators allow parents to review and delete information about their children collected by the site.
 
Communications Assistance to Law Enforcement Act (CALEA) of 1994 http://www.law.cornell.edu/uscode/text/18/2522
      CALEA, 18 USC §2522, requires a "telecommunications carrier," as defined by the Act, to ensure that equipment, facilities, or services that allow a customer or subscriber to "originate, terminate, or direct communications," enable law enforcement officials to conduct electronic surveillance pursuant to court order or other lawful authorization.
            Legal Challenge 
American Council on Education v. Federal Communications Commission and United States of America, 451 F.3d 226 (D.C. Cir. 2006) http://law.justia.com/cases/federal/appellate-courts/F3/451/226/627290/
Critical Infrastructure Information Protection 
     This Program is an information-protection program that enhances voluntary information sharing between infrastructure owners and operators and the government. PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data.
 
Digital Millennium Copyright Act of 1998 
      Section 512 contains a provision to ensure that service providers are not
placed in the position of choosing between limitations on liability on the one hand and
preserving the privacy of their subscribers, on the other. Subsection (m) explicitly
states that nothing in section 512 requires a service provider to monitor its service or
access material in violation of law (such as the Electronic Communications Privacy Act) in order to be eligible for any of the liability limitations
 
Do-Not-Call Implementation Act of 2003  
   Pursuant to its authority under the Telephone Consumer Protection Act (TCPA), 47 US Code  §227, the FCC established, together with the Federal Trade Commission (FTC), a national Do-Not-Call Registry. The registry is nationwide in scope, applies to all telemarketers (with the exception of certain non-profit organizations), and covers both interstate and intrastate telemarketing calls. Commercial telemarketers are not allowed to call you if your number is on the registry, subject to certain exceptions. As a result, consumers can, if they choose, reduce the number of unwanted phone calls to their homes. The Do-Not-Call Implementation Act, 15 U.S.Code 87A §6151, authorized the Federal Trade Commission to implement and enforce the national do-not-call registry
 
Driver License Privacy Act [Prohibition on release and use of certain personal information from State motor vehicle records] 
   This act, 18 U.S. Code §2721, prohibits the release and use of certain personal information from State motor vehicle records.
the Supreme Court ruled that solicitation is not a permissible use of state motor vehicle records under the Driver's Privacy Protection Act.
E-Government Act of 2002 
    This act, U.S. Code § 3601-3606, requires Federal Agencies to conduct privacy impact assessments.
     Office of Management and Budget. OMB Guidance for Implementing the Privacy  
     Provisions of the E-Government Act of 2002. M-03-22 Sept. 26, 3003 
 
Electronic Communications Privacy Act of 1986 (ECPA), https://it.ojp.gov/default.aspx?area=privacy&page=1285
     History and Analysis: https://www.cdt.org/issue/wiretap-ecpa
   ECPA, Public Law 99-508; 18 U.S.Code § 2510-22, includes provisions for access, use, disclosure, interception and privacy protections of electronic communications. The law, which covers various forms of wire and electronic communications, prohibits unlawful access and certain disclosures of communication contents and prevents government entities from requiring disclosure of electronic communications from a provider without proper procedure. ECPA was amended by Sections 209- 212 and 216 of the USA PATRIOT ACT.
 
The Enhanced Border Security and Visa Entry Reform Act of 2002 http://www.gpo.gov/fdsys/pkg/PLAW-107publ173/pdf/PLAW-107publ173.pdf
 restricts the use of the information in the system so as to protect privacy, and it creates criminal penalties for the misuse of the information.
 
The Fair Credit Reporting Act (1970) 
    FCRA, 15 U.S. Code §1681, promotes the accuracy, fairness, and privacy of    information in the files of consumer reporting agencies.
 
Family Educational Rights and Privacy Act (FERPA) http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html
   FERPA, 20 U.S.Code §1232g; 34 CFR Part 99, protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. The main focus of FERPA is to define who can access student records. FERPA grants parents the rights until the child turns 18 years old or attends a school beyond the high school level. The Act spells out the conditions that allow schools to release records without consent to certain designated parties. Title V, section 507 of the USA PATRIOT Act amended FERPA by creating a new exception to the privacy protections.
 
Federal Trade Commission's Consumer Protection, Privacy Oversight
    The Federal Trade Commission Consumer Protection Division, under Section 5 of the FTC Act, administers a privacy program in order to make sure that companies keep the promises they make to consumers about privacy and take precautions to secure consumers' personal information. The Commission has brought a number of cases to enforce the promises in privacy statements, including promises about the security of consumers' personal information.
 
The Financial Modernization Act of 1999, Title V, Subtitle A (Gramm-Leach-Bliley Act) 
  This act, 12 U.S. Code §1811, also known as the "Gramm-Leach-Bliley Act" or GLB Act, includes provisions to protect consumers' personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions. The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions -- such as credit reporting agencies -- that receive customer information from other financial institutions.
 
Foreign Intelligence Surveillance Act (FISA) (1978)
     FISA, 18 U.S. Code §1801, prescribes procedures for requesting judicial authorization for electronic surveillance and physical search of persons engaged in espionage or international terrorism against the United States on behalf of a foreign power.
 
 
Health Insurance Portability and Accountability  Act of 1996 (HIPAA) 
     HIPAA, Public Law 104-191, required the Secretary to issue privacy regulations governing individually identifiable health information. The HIPPA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes. http://www.hhs.gov/ocr/privacy/hipaa/administrative/combined/hipaa-simpl...
 
Homeland Security Act of 2002 
     6 U.S. Code §101, adopted after the Sept. 11, 2001 terrorist attacks with the intention of improving U.S. domestic security.
 
Privacy Protection Act of 1980 
    42 U.S.Code § 2000aa et seq., protects journalists from being required to turn over to law enforcement any work product and documentary materials, including sources, before it is disseminated to the public.
Right to Financial Privacy Act (1978) 
 12 U.S. Code § 3401 -3422, enacted to provide the financial records of financial institution customers a reasonable amount of privacy from federal government scrutiny.
Student and Exchange Visitors Information System (SEVIS) http://www.ice.gov/sevis/
The Student and Exchange Visitors Information System (SEVIS), administered by the Department of Homeland Security in partnership with the Department of State and the Department of Education, maintains updated information on approximately one million non-immigrant foreign students and exchange visitors during the course of their stay in the United States each year. Schools are now required to report a foreign student's failure to enroll or if students drop out of their programs. Certain requirements imposed by the Family Educational Rights and Privacy Act (FERPA) are waived and conditions for employment specified.
Telecommunications Act of 1996 
       7 U.S.C. § 222 was enacted as part of the Telecommunications Act of 1996 and is 
      entitled "Privacy of Customer Information." It states generally that "[e]very 
      telecommunications carrier has a duty to protect the confidentiality of proprietary 
       information of, and relating to . . . customers." To effectuate that duty, § 222 places 
       restrictions on the use, disclosure of, and access to certain customer information
Video Privacy Protection Act of 1988 
The Video Privacy Protection Act of 1988, 18 U.S.C. § 2710, was passed in reaction to the disclosure of Supreme Court nominee Robert Bork's video rental records in a newspaper. The Act is not often invoked, but stands as one of the strongest protections of consumer privacy against a specific form of data collection. Generally, it prevents disclosure of personally identifiable rental records of "prerecorded video cassette tapes or similar audio visual material. http://epic.org/privacy/vppa/
 
 
For current information on privacy-related legislation, see:
 
 
 
 

Appendix B:  Privacy Bibliography

 
Books
 
Adams, Helen R., Robert F. Bocher, Carol A. Gordon, and Elizabeth Barry-Kessler. Privacy in the 21st Century; Issues for Public, School, and Academic Libraries, Westport, CT: Libraries Unlimited, 2005.
         Includes information about the laws affecting personal privacy and privacy in library
         as well as the impact on accessibility of online information in these settings. 
 
Allen, Anita. Unpopular Privacy: What Must We Hide? (Studies in Feminist Philosophy). N.Y.: Oxford University Press, 2011. 
   A discussion of when government should mandate privacy and when privacy should be a matter of personal choice. 
 
Andrews, Lori. I Know Who You Are and I Saw What You Did:  Social Networks and the Death of Privacy. Florence, MA: Free Press, 2012. 
Andrews gives concrete examples of misuse of personal information gleaned from the internet, and provides the information we need to protect ourselves from these abuses, including how to remove personal date from aggregator site.  
 
Bennett, Colin.  The Privacy Advocates: Resisting the Spread of Surveillance.  Cambridge, MA: MIT Press, 2008.
Bennett analyzes the people and groups around the world who have risen to challenge the most intrusive surveillance practices by both government and corporations.
 
Boghosian, Heidi. Spying on Democracy: Government Surveillance, Corporate Power, and Public Resistance. San Francisco, CA: City Lights Publishing, 2013
Boghosian provides the answer to the question ‘If you’re not doing anything wrong, why should you care if someone’s watching you?’  She discusses how technology is being used to categorize and monitor people based on their associations, their movements, their purchases, and their perceived political beliefs.    
 
Brin, David. The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? Jackson, TN: Perseus Press, 1998.
Cassel, Elaine. (2004). The war on civil liberties: How Bush and Ashcroft have dismantled the Bill of Rights. Chicago, IL: Lawrence Hill Books, 2004.
Cassell provides a series of examples based on national and international media coverage illustrating the extent to which our individual rights have been curtailed.
 
Cate, Fred H.  Privacy in the Information Age.  Washington D.C.: Brookings, 1997.
Includes four sets of principles for protecting information privacy that recognize the significance of individual and collective nongovernmental action, the limited role for privacy laws and government enforcement of those laws, and the ultimate goal of establishing multinational principles for protecting information privacy
Chmara, Theresa. Privacy and Confidentiality Issues; a Guide for Libraries and their Lawyers. 
Chicago, IL: American Library Association, 2009.
Chmara has represented ALA, the Freedom to Read Foundation and the American Booksellers Association on free speech issues. This is a collection of frequently asked questions based on her experiences. 
Etzioni, Amitai. How patriotic is the Patriot Act? Freedom versus security in the age of terrorism. NY: Routledge, 2004.
 
Fisher, Louis. The Constitution and 9/11: Recurring threats to America’s freedoms.  Lawrence, KS: University Press of Kansas, 2008.
 
Foerstel, Herbert N. Refuge of a Scoundrel; The Patriot Act in Libraries. Westport, CT: Libraries Unlimited, 2004. 
History of the origins of library surveillance and the implications of the Patriot Act for libraries and booksellers
 
… Surveillance in the Stacks, The FBI’s Library Awareness Programs. Westport, CT: Greenwood Publishing, 1999. 
Relying on previously classified FBI reports, Foerstel traces the history of federal library surveillance, documents the media and congressional response to the Library Awareness Program, and discusses the professional and legislative moves that were taken to safeguard library confidentiality. 
 
Herman, Susan N. Taking Liberty: The War on Terror and the Erosion of American Democracy
N.Y.: Oxford University Press, 2011.
Includes several chapters on the impact on libraries and librarians. 
 
Lane, Frederick S. American Privacy: the 400-Year History of Our Most Contested Right. Boston, MA: Beacon Press, 2009.
A sweeping story of the right to privacy from colonial postal routes to today's fiber-optic cables on a collision course with programmers, librarians and letter-writers.
 
Levmore, Saul and Martha Nussbaum, eds,, The Offensive Internet: Speech, Privacy, and Reputation. Cambridge, MA: Harvard University Press, 2001. 
   A Collection of essays about the clash between free speech and privacy online. 
Magi, Trina J. Protecting our precious liberties: What every educator needs to know about libraries, privacy and freedom of inquiry. Bloomington, IN: Phi Delta Kappa International,    2005.
 
Nissenbaum, Helen. Privacy in Context: Technology, Policy, and the Integrity of Social Life, Standford, CA: Stanford University, 2010.
     Nissenbaum persuasively argues that privacy must be understood in its social context, and she provides an insightful and illuminating account of how to do so. For anyone considering the burgeoning problems of information privacy, Privacy in Context is essential reading." —Daniel J. Solove, George Washington University Law School and author of Understanding Privacy
 
O’Harrow, Robert, Jr. No Place to Hide.  NY: Free Press, 2002.
    O’Harrow, an award-winning Washington Post reporter, describes the emergence of a data-driven surveillance society intent on giving individuals the conveniences and services they crave, like cell phones, discount cards, and electronic toll passes, while watching them more closely than ever before. He shows that since the September 11, 2001, terror attacks, the information industry giants have been enlisted as private intelligence services for homeland security;  revealing how people can lose control of their privacy and identities at any moment. 
 
Raul, Alan Charles. Privacy and the Digital State: Balancing Public Information and Personal Privacy. Norwell, MA: Kluwer, 2002. http://getebook.org/?p=268106
   Raul argues that "privacy" is inherently relative, and is always balanced alongside of various social exigencies, such as other compelling rights guaranteed by the Constitution, the interest of the public in broad disclosure of and access to government records, and the desire to foster an efficient, productive economy. He examines the recurring conflict between "open government" and "privacy of personal information" and attempts to provide a perspective on striking a balance.
 
Rosen, Jeffrey. The Unwanted Gaze: The Destruction of Privacy in America. N.Y.: Random House, 2000.
     Rosen argues that privacy helps to protect us from being judged ''out of context'' -- that is, from having an isolated bit of personal information exposed to the world, so that it becomes our defining characteristic in other people's eyes. Privacy, moreover, helps us to develop close personal relationships and to be creative without fear that our confidential disclosures will be held against us. He suggests that ''privacy is a form of opacity, and opacity has its values. We need more shades and more blinds and more virtual curtains.''
 
Solove, Daniel J. The Digital Person: Technology and Privacy in the Information Age. New York: New York University Press, 2004. http://docs.law.gwu.edu/facweb/dsolove/Digital-Person/text.htm
 
…  The Future of Reputation: Gossip, Rumor, and Privacy on the Internet, New Haven, CT: Yale University Press, 2007.
 
…. Nothing to Hide: The False Tradeoff between Privacy and Security. New Haven, CT: Yale University Press, 2011
        
 …. Privacy Law Fundamentals, International Association of Privacy Professionals. (IAPP). 2d Ed., Portsmouth, NH, 2013
                  
  …. Understanding Privacy. Harvard University Press, 2008. 
              A comprehensive, conceptual and clear analysis of privacy.  
 
 
Articles and Reports
American Library Association. Office for Intellectual Freedom, Jason Griffey, Sarah Houghton-Jan, and Eli Neiburger. “Privacy and Freedom of Information in 21st-Century Libraries”. Library Technology Reports, 46, no. 8 (November/December 2010)
 
…. Task Force on Privacy and Confidentiality in the Electronic Environment. “Final Report” July 7, 2000. http://www.ala.org/lita/about/taskforces/dissolved/privacys
Armen, Keteyian, “Digital Photocopiers Loaded With Secrets” CBS April 2010. http://www.cbsnews.com/news/digital-photocopiers-loaded-with-secrets/
Bernstein, Joen E. “Train Employees and Officials to Be Ready for Privacy Challenges.”
Computers in Libraries 27, no. (June 6, 2007): 6 – 9. 
Brandt, Allen. On Making Privacy Policies More Simple and User-Friendly,
 
California Digital Library, SOPAG Privacy Audit and Guidelines
 
Chmara, Theresa. “Minors' Rights to Receive Information Under the First Amendment” (Februry 2, 2004).
 
Coyle, Karen. “Make Sure You Are Privacy Literate." Library Journal 127, no. 16 (October 1, 2002): 55 - 57.  (Preprint available at http://www.kcoyle.net/privacy_lj2.html).
 
Doyle, Charles.  Libraries and the USA PATRIOT Act: CRS Report to Congress. Washington, DC: Library of Congress, 2005.  http://www.fas.org/sgp/crs/intel/RS21441.pdf
David H. Flaherty, David H. “How to Do a Privacy and Freedom of Information Act Site Visit.” (2001)
 
 
Fordham Law School. Center on Law and Information Policy. Curriculum for privacy education geared to middle school students. http://law.fordham.edu/assets/CLIP/2013_CLIP_VPE_Complete.pdf
Slides
 
Gellman, Robert.  Fair Information Practices: A Basic History. Version 1.89, April 25, 2012 http://bobgellman.com/rg-docs/rg-FIPShistory.pdf
 
Greenleaf, Graham, (2013). “Sherezade and the 101 Data Privacy Laws: Origins, Significance 
and Global Trajectories”, Journal of Law, Information & Science, (2013)
       The Global Tables of Data Privacy Laws and Bills (3rd Ed, June 2013) analyzed in this article are at http://ssrn.com/abstract=228
 
Holley, Robert P., “Are Libraries Compromising Reader Privacy with Circulation Reminders?” Indiana Libraries 32, no. 1 (2013): 37 – 41 http://journals.iupui.edu/index.php/IndianaLibraries/issue/view/211
 
Jaeger, Paul T., John Carlo Bertot, Charles R. McClure. “The Impact of the USA Patriot Act on Collection and Analysis of Personal Information under the Foreign Intelligence Surveillance Act.” Government Information Quarterly, 20, no. 3 (July 2003): 295-314. 
 
Johnston, Scott D. “Rethinking Privacy in the Public Library” International Information & Library Review 32, no. 3-4 (September 2000): 509 – 517.
 
Kleve, Pieter and Richard V. De Mulder. “Privacy Protection and the Right to Information: In Search of a New Symbiosis in the Information Age.” Cyberlaw, Security & Privacy (2007): 201-212. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1138287 
     “The dichotomy between personal privacy and free access to information, which has come increasingly to the fore with the advance of information technology, justifies a reconsideration of these traditional values and interests. In this article, it is contended that privacy, as a constitutional right, is subject to changing norms as a result of the advent of the information society. In today's information society, citizens weigh the importance of protecting privacy against the advantages of free access to information. The criterion they use is a rational one: an evaluation of which option provides the individual with the most benefit. The protection of privacy is no longer an unconditional good. For state organisations to champion privacy at any cost is, therefore, out of step with this development. A new balance has to be established between the citizen's right to privacy and their right to know, taking into account this shift in values. In order to prevent on the one hand overzealous protection and, on the other, the abuse of information, it is necessary to set up the monitoring function in a new way.”
 
Klinefelter. Anne, “Library Standards for Privacy: A Model for the Digital World?” North Carolina Journal of Law & Technology 11, no 3; Special (2010): 553. http://jolt.unc.edu/sites/default/files/Gibbons_Llewellyn_v11i3_531_552.pdf
 
Kranich, Nancy. (2004). “Another Hysteric Librarian for Freedom,” In Censored: 2005, edited by Peter Phillips and Project Censored, 9-13. New York: Seven Stories Press, 2004.
…. “The Impact of the USA PATRIOT Act on Free Expression,” New York: Free Expression Policy Project, (May 2003)  http://www.fepproject.org/commentaries/patriotact.html; “Update,” (August 27, 2003) http://www.fepproject.org/commentaries/patriotactupdate.html
…. “Librarians and Teen Privacy in the Age of Social Networking,” Knowledge Quest, 6, no 2, (November/December 2007): 34-37. Available from EBSCO
Lamdan, Sarah Shik. “Why Library Cards Offer More Privacy Rights than Proof of Citizenship: Librarian Ethics and Freedom of Information Act Requestor Policies.” Government Information Quarterly 30, no. 2 (April 2013): 131-140.
   This paper demonstrates the divergent requestor privacy policies of professional librarians and the administration of the Freedom of Information Act (FOIA), and urges the federal government to adhere to librarian ethics in order to protect FOIA requestors. 
 
Levinson-Waldman, Rachel. “What the Government Does with American’s Data”. NY: Brennan Center, 2013 http://www.brennancenter.org/sites/default/files/publications/What%20Gov...
    Our lives are composed of small details. Any one detail, standing alone, may provide little insight into one’s identity, but the aggregation of details can paint a surprisingly accurate and revealing picture.
Magi, Trina J. “A Content Analysis of Library Vendor Privacy Policies: Do They Meet Our
Standards? College and Research Libraries 71, no.3 (May 2010): 254 – 272. http://crl.acrl.org/content/71/3/254.full.pdf
 
….  “Fourteen Reasons Privacy Matters: A Multidisciplinary Review of Scholarly Literature,” The Library Quarterly 81, no. 2 (April 2011): 187-209. (Available from JSOR)
      This article attempts to expand librarians’ understanding by reviewing scholarly literature on privacy from a wide variety of disciplines outside the field of library science, including anthropology, law, philosophy, political science, psychology, and sociologyAfter discussing the challenges of defining privacy and addressing the question of whether privacy is a value that spans cultures, the article traces a number of major themes in the literature, enumerating a host of individual, interpersonal, and societal goods that are made possible by privacy.
 
… “A Fresh Look at Privacy-Why Does It Matter, Who Cares, and What Should Librarians Do about It?” Indiana Libraries, Vol. 32, no. 1 (2013): 34 – 36 http://journals.iupui.edu/index.php/IndianaLibraries/issue/view/211
 
 
Meyer, David. “Without the Option of Privacy We Are Lost.”  (July 10, 2013). http://gigaom.com/2013/07/10/without-the-option-of-privacy-we-are-lost/
 
Minow, Mary. “The USA PATRIOT Act and Patron Privacy on Library Internet Terminals”
Library and Technology Resources for Legal Professionals (February 15, 2002). http://www.llrx.com/features/usapatriotact.htm
 Molz, R. Kathleen, “Intellectual Freedom and Privacy: Comments on a National Program for Library and Information Services.” National Commission on Libraries and Information Science. National Program for Library and Information Services. Related Paper Number 10, December, 1974. ED 100 395. http://files.eric.ed.gov/fulltext/ED100395.pdf
    The civil libertarian aspects of the National Program for Library and Information Science, including the right of privacy, are analyzed. Includes a chronology of events relating to intellectual freedom and privacy from 1950 – 1974.  
 
OCLC. “Sharing, Privacy and Trust in Our Networked World: a Report to the OCLC Membership”.  2007 http://www.oclc.org/reports/sharing.en.html
 
Organization for Economic and Cultural Development (OECD). “Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data” (July 11, 2013) http://www.oecd.org/sti/ieconomy/2013-oecd-privacy-guidelines.pdf
O’Neill, Ben. “Edward Snowden, the NSA, and the US Courts.”  Ludwig von Mises Institute, February 12, 2014. http://mises.org/daily/6662/Edward-Snowden-the-NSA-and-the-US-Courts
 
…. “FISA, the NSA, and America's Secret Court System”  Right Side News, February 24, 2014. http://www.rightsidenews.com/2014022433911/us/homeland-security/fisa-the...
 
Oregon State Public Interest Research Group. “Resource Guide to Online Privacy; How to Keep Your Personal Information Safe Online” Last updated 11/7/2013 http://ospirg.org/onlineprivacy
Pew Research Center. Internet & American Life Project. “Anonymity, Privacy and Security Online.” (September 5, 2013). http://pewinternet.org/Reports/2013/Anonymity-online.aspx    
    A report based on telephone interviews conducted by Princeton Survey Research Associates International from July 11-14, among a sample of 1,002 adults ages 18 and older.
Privacy International. “The State of Privacy 2014.” https://www.privacyinternational.org/blog/the-state-of-privacy-2014
    Privacy International is a registered UK charity and the first organization to campaign at an international level on privacy issues. They publish a report on the state of privacy in the world each year. 
 
 
 
Privacy Rights Clearinghouse. “Privacy Survival Guide; Take Control of Your Personal Information. (Revised March 2014)
 
Reidenberg, Joel R.; N. Cameron Russell; Jordan Kovnot; Thomas B. Norton; Ryan Cloutier, and Daniela. "Privacy and Cloud Computing in Public Schools". (2013). Center on Law and Information Policy. Book 2. http://ir.lawnet.fordham.edu/clip/2
 
Rubel, Alan. (2007). “Privacy and the USA Patriot Act: Rights, the Value of Rights, and Autonomy,” Law and Philosophy 26, n2, (March 2007): 119-159. papers.ssrn.com/sol3/papers.cfm?abstract_id=881130
Sales, Nathan. “Mending Walls: Information Sharing After the USA PATRIOT Act,” Texas Law Review. 88, no.7 (June 2010) : 1795-1854. Available from Academic Search Premier.
   This Article attempts to fill that gap in the literature. It has three goals: to weigh the advantages and disadvantages of information sharing; to identify some of the remaining legal restrictions on data exchange, as well as their policy justifications; and to consider whether these laws' underlying
values can coexist with expanded sharing.
Schwartz, Paul M. and Daniel J. Solove. “The PII Problem: Privacy and a New Concept of Personally Identifiable Information”. New York University Law Review, 86, no.6, (December 2011): 1815 – 1894. http://ssrn.com/abstract=1909366
Schneier, Bruce. “The Eternal Value of Privacy.” Wired, May 18, 2006 http://www.wired.com/politics/security/commentary/securitymatters/2006/0...
 
Solove. Daniel J. “The Future of Privacy,” American Libraries 39, no. 8, (September 2008): 56-59. Available from Ebscohost
   Solove argues that Privacy helps to protect us from being judged ''out of context'' -- that is, from having an isolated bit of personal information exposed to the world, so that it becomes our defining characteristic in other people's eyes. Privacy, moreover, helps us to develop close personal relationships and to be creative without fear that our confidential disclosures will be held against us. In a culture of transparency and fleeting attention spans, Rosen observes, ''privacy is a form of opacity, and opacity has its values. We need more shades and more blinds and more virtual curtains.”
…. "I've Got Nothing to Hide' and Other Misunderstandings of Privacy.” San Diego Law Review, Vol. 44 no. 4 (Fall 2007): 745-772. Available from LexisNexis Academic
Starr, Joan. “Libraries and National Security: An Historical Review.” First Monday 9, no. 12 (December 2004) http://journals.uic.edu/ojs/index.php/fm/article/view/1198/1118
 
 
 
 
 
Strickland, L.S., & Hunt, L.E. (2005) “Technology, Security, and Individual Privacy: New Tools, New Threats, and New Public Perceptions.” Journal of the American Society for Information Science & Technology, 56,  no.3. (February 2005): 221-234. 
   Radio frequency identification (RFID) tags and smart cards are becoming ubiquitous in government and business. Directly or indirectly, in many of these applications, individuals and their activities are tracked. Based on a survey of individuals the authors conclude that a primary objective for any organization using these technologies should be to develop a comprehensive Technology Privacy Policy.  The article includes detailed specifications for such a policy.
 
Texas Department of Information Resources, “Privacy Issues Involved in Electronic Government.” http://tinyurl.com/mv8rym5  (2000)
 
Thierer, Adam. (2011). “Kids, Privacy, Free Speech & the Internet: Finding the Right Balance.” Working Paper, Mercatus Center, George Mason University, http://mercatus.org/publication/kids-privacy-free-speech-internet
U.S. Department of Commerce. Commercial Data Privacy and Innovation in the Internet Economy. Internet Policy Task Force Green Paper (December 16, 2010)  http://www.ntia.doc.gov/report/2010/commercial-data-privacy-and-innovati...
   “America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.” said Commerce Secretary Gary Locke. “Today’s report is a road map for considering a new framework that is good for consumers and businesses.  And while our primary goal is to update the domestic approach to online privacy, we are optimistic that we can take steps to bridge the different privacy approaches among countries, which can help us increase the export of U.S. services and strengthen the American economy.”
 
U.S. Department of Education. Family Policy Compliance Office Web Site 
 
U.S. Department of Education. Privacy Technical Assistance Center 
 Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices. Center: 
     This document addresses privacy and security considerations relating to computer software, mobile applications (apps), and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. Examples include online services that students use to access class readings, to view their learning progression, to watch video demonstrations, to comment on class activities, or to complete their homework. 
 
 
U.S. Department of Education. Secretary's Advisory Committee on Automated Personal Data Systems. “Records, Computers and the Rights of Citizens” (July 19973). Includes “Fair Information Practice Principles.” http://epic.org/privacy/hew1973report/
 
 
U.S. Federal Trade Commission, “FTC Strengthens Kid’s Privacy, Gives Parents Greater Control Over Their Information By Amending Children’s Online Protection Rule.” December 19, 2012. http://www.ftc.gov/opa/2012/12/coppa.shtm 
 
…. “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policy Makers.” (March 2012)
 
U.S. Federal Trade Commission. Bureau of Consumer Protection. Business Center.   “Complying with COPPA: Frequently Asked Questions : A Guide for Business and Parents and Small Entity Compliance Guide.” (July 2013). 
   These FAQs “are intended to supplement the compliance materials available on the FTC website.  In addition, you may send questions or comments to the FTC staff’s COPPA mailbox, CoppaHotLine@ftc.gov.  This document represents the views of FTC staff and is not binding on the Commission.  To view the Rule and compliance materials, go to the FTC's COPPA page for businesses.  This document serves as a small entity compliance guide pursuant to the Small Business Regulatory Enforcement Fairness Act.
    Some FAQs refer to a type of document called a Statement of Basis and Purpose.  A Statement of Basis and Purpose is a document an agency issues when it promulgates or amends a rule, explaining the rule’s provisions and addressing comments received in the rulemaking process.  A Statement of Basis and Purpose was issued when the COPPA Rule was proposed.
 
 
U.S. National Institute of Standards and Technology. Information Security and Privacy Advisory Board. “Toward A 21st Century Framework for Federal Government Privacy Policy” (May 2009). http://csrc.nist.gov/groups/SMA/ispab/documents/correspondence/ispab-rep...
  Analyses issues and makes recommendations for updating privacy law and policy in light of technological change.
 
U.S. White House.  Consumer Data Privacy in a Networked World: A Framework of Protecting Privacy and Promoting Innovation in the Global Digital Economy. (February, 2012)
 
 
 
 
 
Warren, Samuel & Brandeis, Louis. "The Right to Privacy." Harvard Law Review 4, no.5 (December 1890): 193-220. http://groups.csail.mit.edu/mac/classes/6.805/articles/privacy/Privacy_b...
    Source of "the right to be let alone," this foundational document has been called one of the most influential essays in the history of American law. Reflecting the upper class concerns of its day, it addresses commercial exploitation of gossip and technological aids to an invasive press, rather than Big Brother government surveillance.
 
Wheeler, Maurice. “The Politics of Access: Libraries and the Fight for Civil Liberties in Post-9/11 America,” Radical History Review, 93, (Fall 2005): 79-95. 
Wolf, Christopher and Jules. “An Updated Privacy Paradigm for the “Internet of Things”’ November 19, 2013 http://www.futureofprivacy.org/wp-content/uploads/Wolf-and-Polonetsky-An...
 
Zimmer, Michael. “Assessing the Treatment of Patron Privacy in Library 2.0 Literature”. Information Technology and Libraries, 32, no. 2 (June 2013): 29–41. 
      An ethical examination of the emergence of new Library 2.0 tools and technologies in relation to existing ethical norms of information flow within the library context. Available from Ebscohost.
 
…. “Librarian attitudes regarding information and Internet privacy”. Library Quarterly, 84, no.2 (April 2014):123-151. Available from JSTOR and Chicago Journals. 
       A report of findings from a new survey measuring librarians’ views on privacy rights and protecting library users’ privacy. The study, which builds on a 2008 ALA survey assessing librarians’ attitudes about privacy, provides important data that will help privacy advocates evaluate the state of privacy in the United States and libraries’ role in protecting library users’ privacy. Overall, the results indicate a high level of concern among respondents over information privacy and a desire to control access and use of personal information, but they also reflect some shifts in privacy attitudes compared to the 2008 study. Implications are discussed for future advocacy and outreach by the American Library Association and related advocacy and educational groups
 
…. “Patron Privacy in the ‘2.0’ Era: Avoiding the Faustian Bargain of Library 2.0.” Journal of Information Ethics, 22, no.1 (Spring 2013): 44–59 Available from Metapress.
     An ethical examination of the emergence of new Library 2.0 tools and technologies in relation to existing ethical norms of information flow within the library context.
 
 
Privacy Websites
 
American Civil Liberties Association https://www.aclu.org/time-rein-surveillance-state-0
Center for Democracy and Technology https://www.cdt.org/; http://consumerprivacyguide.org/
Choose Privacy Week http://chooseprivacyweek.org/    
CNET News: Security & Privacy http://news.cnet.com/security/
Electronic Frontier Foundation https://www.eff.org/issues/privacy
Electronic Privacy Information Center (EPIC) Privacy Blog http://epic.org/blog/
The Future of Privacy Forum www.futureofprivacy.org
International Association of Privacy Professionals https://www.privacyassociation.org/
The Privacy Coalition http://privacycoalition.org/
Privacy.org  http://privacy.org/
Privacy Rights Clearinghouse https://www.privacyrights.org/