A recent keynote given at the virtual security summit of The Scholarly Networks Security Initiative (SNSI) caused concern among library workers and other privacy and intellectual freedom advocates. Prompted by the article “Proposal to install spyware in university libraries to protect copyrights shocks academics,” the Intellectual Freedom Committee's Privacy Subcommittee created a working group that included Privacy Subcommittee members, those working in academia (including representation from the ACRL Professional Values Committee), and members from the Library Freedom Institute and Digital Library Federation. The working group acknowledged that the issue of behavioral data surveillance was larger than academic libraries and wrote a resolution to address the core issues that impact libraries of all types.
“Resolution on the Misuse of Behavioral Data Surveillance in Libraries” is listed below. The resolved clauses were adopted by ALA Council on January 26, 2021.The resolution was endorsed in principle by the Intellectual Freedom Round Table.
Whereas the Library Bill of Rights states, “All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information.”;
Whereas the American Library Association’s (ALA) “Privacy: An Interpretation of the Library Bill of Rights” states, “All users have a right to be free from any unreasonable intrusion into or surveillance of their lawful library use.”;
Whereas the ALA’s “Privacy: An Interpretation of the Library Bill of Rights” states, “Libraries should not monitor, track, or profile an individual’s library use beyond operational needs. Data collected for analytical use should be limited to anonymous or aggregated data and not tied to individuals’ personal data.”;
Whereas ALA Policy Manual B1.2 (Code of Professional Ethics for Librarians) states, “We do not advance private interests at the expense of library users, colleagues, or our employing institutions.”;
Whereas ALA has long affirmed that the protection of library users’ privacy and confidentiality rights is necessary for intellectual freedom and is fundamental to the ethical practice of librarianship;
Whereas behavioral data surveillance is defined as the collection of data about an individual's engagement with the library that, alone or with other data, can identify the user, for purposes of monitoring, tracking, or profiling an individual's library use beyond operational needs;
Whereas some vendor products require behavioral data surveillance as a condition of use;
Whereas libraries face financial pressure to monetize user data to secure discounts from vendors;
Whereas inequities exist within libraries that may limit those with less scale, money, or power to resist the monetization of user data;
Whereas behavioral data surveillance disproportionately impacts minority and marginalized populations who may be identified or misidentified when utilizing these technologies;
Whereas it is now technologically feasible to use behavioral data surveillance as a mechanism to deny access to library resources; now, therefore, be it
Resolved, that the American Library Association, on behalf of its members
- stands firmly against behavioral data surveillance of library use and users;
- urges libraries and vendors to never exchange user data for financial discounts, payments, or incentives;
- calls on libraries and vendors to apply the strictest privacy settings by default, without any manual input from the end-user;
- urges libraries, vendors, and institutions to not implement behavioral data surveillance or use that data to deny services;
- calls on libraries to employ contract language that does not allow for vendors to implement behavioral data surveillance or use that data to deny access to services;
- calls on libraries to oversee vendor compliance with contractual obligations;
- calls on library workers to advocate for and educate themselves about library users’ privacy and confidentiality rights; and
- strongly urges libraries to act as information ﬁduciaries1, assuring that in every circumstance the library user’s information is protected from misuse and unauthorized disclosure, and ensuring that the library itself does not misuse or exploit the library user’s information.
1. Martin Garnar and Trina Magi, eds., Intellectual Freedom Manual, 10th ed. (Chicago: ALA Editions, 2021), 217.
Resolved clauses adopted January 26, 2021 by ALA Council.