Privacy Tool Kit

| Background | History of ALA's Efforts to Protect Privacy and Confidentiality | Recent ALA Actions to Protect Privacy | The Privacy Tool Kit | The Right to Privacy | What You, Your Library and Your Library Associations Should Do To Protect Privacy |


Background:  Privacy is essential to the exercise of free speech, free thought, and free association. Lack of privacy and confidentiality chills users' choices, thereby suppressing access to ideas. The possibility of surveillance, whether direct or through access to records of speech, research and exploration, undermines a democratic society.

Confidentiality of library records is a core value of librarianship. One cannot exercise the right to read if the possible consequences include damage to one's reputation, ostracism from the community or workplace, or criminal penalties. Choice requires both a varied selection and the assurance that one's choice is not monitored.

For libraries to flourish as centers for uninhibited access to information, librarians must stand behind their users' right to privacy and freedom of inquiry. Just as people who borrow murder mysteries are unlikely to be murderers, so those seeking information about terrorism are unlikely to be terrorists. Assuming a sinister motive based on library users' reading choices makes no sense and leads to fishing expeditions that both waste precious law enforcement resources and have the potential to chill Americans' inquiry into current events and public affairs.

The right to privacy is the right to open inquiry without having the subject of one's interest examined or scrutinized by others. Confidentiality relates to the possession of personally identifiable information, including such library-created records as closed-stack call slips, computer sign-up sheets, registration for equipment or facilities, circulation records, Web sites visited, reserve notices, or research notes.


History of ALA's efforts to protect privacy and confidentiality:  Historically, librarians have sought to protect users' confidentiality by scrupulously guarding library patrons' records from public scrutiny. ALA first officially recognized the right to privacy in 1939 in its Code of Ethics for Librarians. Today, the ALA professional ethics code continues to acknowledge the paramount importance of library patron privacy:

ALA Code of Ethics (first passed, 1939, rev. 1995)
"We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted."
ALA Library Bill of Rights (1948, amended 1961, 1980, reaffirmed 1996)
"The right to privacy in a library is implicit in ALA's Library Bill of Rights, which guarantees free access to library resources for all users and opposes any limitations on the right to an individual's exercise of free expression."

Through the Library Bill of Rights and the ALA Code of Ethics, librarians fight to protect patron privacy and preserve our democratic society by promoting a diversity of viewpoints and ideas to support an informed, literate, and educated public.

After World War II, government officials, law enforcement officers, journalists, and others sought to obtain information from librarians about reading habits and other library usage. The second half of the century saw an increasing number and frequency of challenges to the confidentiality concerns of librarians, including:

  • 1980s, the FBI and/or local law enforcement agencies seek information about library users.
  • 1990's–date, Internet use prompts investigations about users' electronic inquiries in libraries.
  • 2001-date, adoption of the USA PATRIOT Act and related actions authorizes law enforcement officials to seek library records without probable cause.
  • 2002-date, new federal data mining programs like the Total Information Awareness Program (TIA)—now called the  Terrorism Information Awareness Program—in the Defense Department, the CAPPS II no fly list database, and the proposed Terrorism Information and Prevention System (TIPS) alarm librarians about potential covert use of library records.


Recent ALA Actions to Protect Privacy:  ALA first adopted a statement specifically about confidentiality of library records in 1971. This statement was modified in the late 1980's to respond to concerns about visits from the FBI and other law enforcement officials. Most states either passed or modified their laws to protect the confidentiality of library records. But with the advent of new technologies, these guarantees were not enough.

In 1999, the ALA Council asked the Library and Information Technology Association (LITA) to examine the impact of new technologies on patron privacy and the confidentiality of electronic records. In July 2000, ALA Council approved the  LITA Final Report of the Task Force on Privacy and Confidentiality in the Electronic Environment and referred it to the Intellectual Freedom Committee (IFC) for review. LITA recommended that:

  1. ALA revise its policy statements related to Confidentiality of Library Records (rev. 1986), and Concerning Confidentiality of Personally Identifiable Information About Library Users (1991), in order to specifically and appropriately incorporate Internet privacy.
  2. ALA develop model privacy policies, instructional materials, and privacy "best practices" documents for libraries; and
  3. ALA urge that all libraries adopt a privacy statement on Web pages and post privacy policies in the library which cover the issues of privacy in Internet use as accessed through the library's services.

In 2001, the IFC established a standing Privacy Subcommittee to monitor ongoing privacy developments in technology, public policy, and legislation and to identify needs and resources for librarians and library users. In June, 2002, ALA Council adopted IFC's Privacy: An Interpretation of the Library Bill of Rights, affirming that, "Privacy is essential to the exercise of free speech, free thought, and free association" and "in a library (physical or virtual), the right to privacy is the right to open inquiry without having the subject of one's interest examined or scrutinized by others." The IFC then drafted "Questions and Answers about Privacy and Confidentiality," to help ALA members respond to the numerous challenges raised daily. Also in 2002, the ALA Council adopted a document drafted by the Office of Technology Policy entitled, "Principles for the Networked World", which defines and establishes principles about privacy as follows:

Privacy: The freedom to choose the degree to which personal information is monitored, collected, disclosed, and distributed.
  1. Privacy is a right of all people and must be protected in the networked world.
  2. The rights of anonymity and privacy while people retrieve and communicate information must be protected as an essential element of intellectual freedom.
  3. The long-established principles of Fair Information Practices that underlie U.S. and many other national privacy laws must be at the core of privacy policies in the networked world.
  4. Users have the right to be fully informed about privacy policies and principles in the networked world.
  5. Library patron confidentiality must be protected by law and policy.


The Privacy Tool Kit: This Privacy Tool Kit is designed to assist libraries and librarians in understanding privacy and its relationship to information access in libraries, and to provide action tools that apply to their local circumstances. It pulls together the statements, policies and other documentation previously prepared by ALA as well as several additional topics, including:

  • Background documents about the right to privacy and the need to preserve it;
  • Actions that you, your library, and your library association can take;
  • Guidance on developing a privacy policy;
  • A model privacy policy;
  • Conducting a privacy audit;
  • Federal privacy laws;
  • State laws protecting the confidentiality of library records;
  • Law enforcement warrants, subpoenas, and other orders for library records;
  • Guidelines for coping with law enforcement inquiries;
  • Procedures for implementing privacy policies;
  • Communications guidelines;
  • Legislative advocacy;
  • Privacy Guidelines for Library Users; and
  • Bibliography


The Right to Privacy

The right to privacy is an intrinsic American value. Although the Constitution does not explicitly reference the word "privacy," the Supreme Court has nonetheless inferred a right to privacy from various portions of the Bill of Rights and the common law.

The most obvious protection of privacy in the Bill of Rights is the Fourth Amendment, which protects individuals "in their persons, homes, papers, and effects from unreasonable searches and seizures" by the government. The First Amendment, which protects freedom of religion, speech, press, and assembly, also implicitly safeguards the right to privacy in the form of freedom of thought and intellect. In recent years, several federal courts have found that the First Amendment protects the right to receive information in a publicly funded library.

The Fourth Amendment and Privacy in Libraries:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Along with the First Amendment, the Fourth Amendment provides a Constitutional basis for protecting the privacy of library users. This amendment has mixed origins including British legal theory recognizing that a "man's house is his castle," British polices that authorized general searches, and colonial outrage concerning the Crown's use of general warrants to gain evidence to maximize royal revenues and for political purposes. Even after the Declaration of Independence, some states violated the privacy of individuals for political purposes. For example, in 1777 in Pennsylvania the homes of Quakers who had not taken an oath of allegiance to the United States were searched. Books and papers were seized; more than forty people were arrested and deported without trial to Virginia where they were held until the next year.

Modern Fourth Amendment law relies heavily on Katz v. United States, 389 U.S. 347 (1967) in which the Court held that the Fourth amendment "protects people, not places" and what a person "seeks to preserve as private, even in area accessible to the public, may be constitutionally protected". The two-part test most often used by the Court to determine whether a right to privacy exists was expressed by Justice Harlan in his concurrence to Katz: 1) a person has "exhibited an actual (subjective) expectation of privacy" and 2) that the expectation is "one that society is prepared to recognize as 'reasonable.'"

In the Katz decision the Court also reiterated that, "the person's general right to privacy—his right to be let alone by other people—is like the protection of his property and of his very life, left largely to the law of the individual states." Thus, it is important that librarians be aware of the legal standard for determining privacy rights under their state law. For instance, in Washington state a person's "right to privacy," "right of privacy," "privacy," or "personal privacy," ... is invaded or violated only if disclosure of information about the person: (1) would be highly offensive to a reasonable person, and (2) is not of legitimate concern to the public (RCW 42.17.255).

Selected Sources:
  • Solove, Daniel J. and Marc Rotenberg (2003). Information Privacy Law. New York: Aspen Publishers.
  • Levy, Leonard E. "The Fourth Amendment: Search and Seizure," in Origin of the Bill of Rights, (New Haven: Yale University Press, 1999): 150 – 179.

Other Constitutional and International Agreements that Protect Privacy: Beyond the First and Fourth Amendments, the Fifth Amendment guarantees against self-incrimination, and the Ninth Amendment guarantees that "[t]he enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people." This right is also explicit in Article Twelve of the Universal Declaration of Human Rights: "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks." This right has further been explicitly codified as Article Seventeen of the International Covenant on Civil and Political Rights, a legally binding international human rights agreement ratified by the United States on June 8, 1992.

Ten state constitutions guarantee a right of privacy or bar unreasonable intrusions into citizens' privacy.  Forty-eight states protect the confidentiality of library users' records by law, and the attorneys general in the remaining two states have issued opinions recognizing the privacy of users' library records. Cases recognizing a right to privacy include: NAACP v. Alabama, 357 U.S. 449 (1958); Griswold v. Connecticut 381 U.S. 479 (1965); Katz v. United States, 389 U.S. 347 (1967); and  Stanley v. Georgia, 394 U.S. 557 (1969). Congress recognized the right to privacy in the Privacy Act of 1974 and Amendments (5 USC Sec. 552a), which addresses the potential for government's violation of privacy through its collection of personal information. The Privacy Act's "Congressional Findings and Statement of Purpose" state in part: "the right to privacy is a personal and fundamental right protected by the Constitution of the United States." See: Section 552a. Records maintained on individuals.


What You, Your Library and Your Library Associations Should Do to Protect Privacy

  • Limit the degree to which personally identifiable information is monitored, collected, disclosed, and distributed.
  • Avoid creating unnecessary records. Only record a user's personally identifiable information when necessary for the efficient operation of the library.
  • Avoid retaining records that are not needed for efficient operation of the library. Assure that all kinds and types of records are covered by the policy, including data-related logs, digital records, vendor-collected data, and system backups.
  • Avoid library practices and procedures that place information on public view (e.g., using postcards for overdue notices or requested materials; using patron names to identify self-pickup holds; placing staff terminals so the screens can be read by the public; using sign-in sheets to use computers or other devices; and providing titles of reserve requests or interlibrary loans over the telephone to users' family members or answering machines).

Actions to Take Within Local Libraries

  • Educate staff, trustees, volunteers, and contract workers on a continuous basis about library privacy principles, policies and procedures, and library staff's legal and ethical responsibilities as custodians of personally identifiable information.
  • Inform library staff about their responsibility to cooperate with other organizations that work to protect privacy and challenge intrusions.
  • Educate the public through a variety of learning methods that provide the information and tools individuals need to protect their privacy and the confidentiality of their own personally identifiable information.
  • Create and publicize a local privacy policy, using the recommendations and resources made available through the Privacy Tool Kit. Include all aspects of services, including protection of electronic data and dissemination of electronic records.
  • Implement a privacy audit process to assure that an organization's goals and promises of privacy and confidentiality are supported by its practices, thereby protecting confidential information from abuse and the organization from liability and public relations problems.
  • Ensure that contracts and licenses reflect library policies and legal obligations concerning user privacy and confidentiality; make sure the agreements address appropriate restrictions on the use, aggregation, dissemination, and sale of personally identifiable information, particularly information about minors.
  • Extend to minors the maximum allowable confidentiality and privacy protections.
  • Notify parents about the library's privacy and confidentiality policies when issuing library cards to minors.
  • Educate children, parents, students, teachers and school and college officials about the Children's Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA). COPPA requires commercial Web sites to obtain parental permission before collecting information from children under 13. FERPA requires educational institutions to protect students' privacy with regard to educational records.

Actions to Take Within States

  • Ensure that state privacy and confidentiality laws are up-to-date and readily available to library staff and users. Note: Privacy rights of minors differ from state to state.
  • Invite privacy specialists to speak and conduct workshops at local and state chapter conferences.
  • Publicize the need for libraries to adopt privacy policies in state chapter journals and other communications vehicles.
  • Develop alliances with other state-wide groups advocating for privacy rights.
  • Monitor and advocate for legislation that protects user privacy.

Actions to Take Within ALA

Privacy Policy revised March 15, 2007