Privacy: An Interpretation of the Library Bill of Rights

Everyone has the right to privacy and confidentiality in their library use, no matter their origin, age, background, or views.¹ When users recognize or fear that their privacy is at risk, they lose the freedom to explore ideas.

Privacy is essential for free speech, free thought, and free association. Courts recognize the First Amendment right to access information in publicly funded libraries.² Courts have also upheld privacy rights under the U.S. Constitution. Many states guarantee privacy in their constitutions and laws.³ Many court decisions have defined and extended these rights to all.⁴

The right to privacy means being able to seek information in person or online without fear of judgment. Confidentiality is when a library has users’ personally identifiable information (PII) and keeps it private.⁵ Article III of the American Library Association’s (ALA) Code of Ethics states that confidentiality covers “information sought or received and resources consulted, borrowed, acquired or transmitted.” This includes, but is not limited to:

• reference questions and interviews;
• circulation records;
• digital interactions; and
• records about using library resources, services, programs, or facilities.

Protecting user privacy and confidentiality has long been central to libraries. ALA has recognized the right to privacy since 1939.⁶ Current ALA policies affirm that confidentiality is essential for free inquiry. Article VII of the Library Bill of Rights clearly states users’ have rights to privacy and confidentiality.

A lack of privacy and confidentiality has a chilling effect on users’ selecting, accessing, and using library resources. Everyone has the right to use the library without unjust surveillance or intrusion. Minors have the same rights to privacy as adults. Library users expect their data to be protected and kept private. In many states, they have legal rights to this protection.

Unless required by law (such as the Family Educational Rights and Privacy Act), libraries should never have policies or practices that limit users’ right to privacy based on:

• age;
• ability;
• housing status;
• immigration status;
• involvement with the criminal justice system;
• religion;
• ethnicity;
• sexual orientation;
• gender identity; or
• other forms of identity or status.

If required by law, libraries should consult with legal counsel before limiting privacy rights.

Libraries have a duty to inform users about how their PII and library-use data are collected, secured, and retained. Users should always have the choice to opt in to any nonessential data collection. They should also be able to opt out again at any time. All nonessential data collection should be turned off by default.

Libraries should give users control over as many privacy choices as possible. Privacy options should be clearly displayed, easy to find, and understandable for all.

Libraries have long had an ethical commitment to providing access to information without monitoring its use. They do this by following privacy laws and maintaining clear, updated, and publicly available privacy policies. These policies should state:

• what data is being collected;
• who it is shared with; and
• how long it is kept.

Everyone in the library, including volunteers, has a duty to respect and protect the privacy of users. Libraries should provide ongoing privacy training to library workers, governing bodies, and their users.

The National Information Standards Organization (NISO) Consensus Principles on Users’ Digital Privacy in Library, Publisher, and Software-Provider Systems recognizes that: [t]he effective management and delivery of library services may require the library user to opt into the provision of personal data in order to access a library resource or receive library services. Users’ personal data should only be used for purposes disclosed to them and to which they consent.⁷

Libraries should clearly define any collection of a person’s library use. Such data must be:

• transparently disclosed to users;
• retained for the minimum amount of time necessary; and
• anonymized when possible.

Any data collected for analysis should be anonymous or aggregated, it should never be linked to personal information. Biometric technologies, like facial recognition, do not align with the library’s mission of facilitating access without unjust surveillance.

No matter what technology is used, anyone who collects or accesses PII, in any format, has a legal and ethical duty to keep it confidential. Library security practices to safeguard personal information should be current and comply with state, local, and national standards. The NISO Consensus Principles on Users’ Digital Privacy in Library, Publisher, and Software-Provider Systems requires these practices include:

• encrypting personal data both at rest and in transit;
• promptly updating systems and software to fix vulnerabilities;
• establishing systems, procedures, and policies for controlling access to sensitive data;
• providing security training for those with data access;
• maintaining written procedures for breach reporting and incident response; and
• setting clear policies for system, software, and network security configuration and auditing.⁸

Libraries should follow the principles of purpose limitation, storage limitation, and data minimization when collecting and retaining library-use data.⁹ They should only collect and store the PII required for specific, clearly disclosed purposes.

Libraries should regularly review their data collection and retention policies to identify when collecting user data is no longer necessary. When developing data management policies, libraries must follow state, institutional, and other government retention requirements. To meet industry privacy and security standards, libraries should routinely update their procedures for collecting and maintaining user data.

Libraries should never share users’ PII with third parties or vendors unless:

1. they have explicit user permission; or
2. they are required by law or an existing contract.

Libraries or their governing institutions should ensure vendor agreements retain library ownership of user data. These agreements should allow audits of how vendors collect, retain, and access data. They should also state that user data is confidential and cannot be used or shared without the library’s permission. Vendors handling user data should have a publicly available privacy policy that follows the NISO Consensus Principles. As contracts near expiration, libraries should negotiate future contracts to include these privacy safeguards.

Records should only be shared in response to properly executed court orders or legal processes. Law enforcement may request library records and data they believe are relevant to an investigation. Libraries should have clear procedures for handling these requests. Staff should be regularly trained on following these procedures.

ALA affirms that privacy rights are essential for intellectual freedom and a core value of librarianship. Rapid advances in technology increase the risk of exposing users’ PII and library use data. The use of new technologies in libraries may conflict with the Library Bill of Rights and library workers’ ethics when they rely on:

• collecting;
• using;
• sharing;
• monitoring; and
• tracking user data.

Libraries should prioritize privacy when designing and delivering programs and services. They should carefully review their own policies and procedures and those of their vendors. Privacy is the foundation of libraries and the reason they remain trusted parts of every community.

1. Article VII, Library Bill of Rights, adopted June 19, 1939, by the ALA Council; amended October 14, 1944; June 18, 1948; February 2, 1961; June 27, 1967; January 23, 1980; and January 29, 2019; inclusion of “age” reaffirmed January 23, 1996.

2. Court opinions establishing a right to receive information in a public library include Bd. of Educ. v. Pico, 457 U.S. 853 (1982); Kreimer v. Bureau of Police for the Town of Morristown, 958 F.2d 1242 (3d Cir. 1992); and Reno v. Am. Civil Liberties Union, 117 S.Ct. 2329, 138 L.Ed.2d 874 (1997).

3. Ten state constitutions guarantee a right to privacy or bar unreasonable intrusions into citizens’ privacy. Forty-eight states protect the confidentiality of library users’ records by law, and the attorneys general in the remaining two states have issued opinions recognizing the privacy of users’ library records.

4. Cases recognizing a right to privacy include: NAACP v. Alabama, 357 U.S. 449 (1958); Griswold v. Connecticut, 381 U.S. 479 (1965); Lamont v. Postmaster Gen., 381 U.S. 301 (1965); Katz v. United States, 389 U.S. 347 (1967); and

Stanley v. Georgia, 394 U.S. 557 (1969).

5. The phrase “personally identifiable information” was adopted by the ALA in 1991. 6. Article XI of the Code of Ethics for Librarians (1939) asserted that “it is the librarian’s obligation to treat as confidential any private information obtained through contact with library patrons.” Article III of the current Code of Ethics of the American Library Association (2008) states: “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted.”

7. National Information Standards Organization, “NISO Consensus Principles on Users’ Digital Privacy in Library, Publisher, and Software-Provider Systems,” Baltimore, MD, December 10, 2015.

8. Ibid.

9. These principles, drawn from the European Union’s “General Data Protection Regulation” (GDPR; 2016) and reflected in other fair privacy practice principles such as the “NISO Consensus Principles” (see note 7) and “Guidelines on the Protection of Privacy and Transborder Flows of Personal Data” (Paris: Organisation for Economic Co-operation and Development, 2013), provide sound guidelines for libraries to follow in their data-privacy practices. Libraries in the United States are generally not subject to the GDPR, but should consult with legal counsel to determine whether the GDPR applies.

Adopted June 19, 2002, by the ALA Council; amended July 1, 2014; June 24, 2019; and June 29, 2025.