David Lee King: Thinking about privacy
We've been thinking about privacy at my library. One of my projects for 2017 is to do a privacy review. What's that, you ask?
David Lee King
David Lee King is the Digital Services Director at Topeka & Shawnee County Public Library, where he plans, implements, and experiments with emerging technology trends.
He speaks internationally about emerging trends, website management, digital experience, and social media, and has been published in many library-related journals. David is a Library Journal Mover and Shaker.
His newest book is Face2Face: Using Facebook, Twitter, and Other Social Media Tools to Create Great Customer Connections.
David blogs at http://www.davidleeking.com.
Read David's other articles…
- The complete library lives online
- Digital inclusion at the library
- Work/Life balance, finding time, and priorities
- Active and passive technology
- Explainer Videos
A privacy review is just what it sounds like. My technology team will examine all the library's products that potentially gather information about customers. We will find out what data and information is collected, and if it gets deleted (and when).
What types of library products will we examine? Here's a starter list:
1. ILS systems
Our modern library catalogues collect name, address, phone number, email addresses of each card holder. We also collect what they check out, their fines and fees. We need to make sure we delete some of that (you might have library or government policies that dictate this).
2. Catalogue overlays
My library uses Bibliocommons. A Bibliocommons account has some information about customers. Most of that information is pulled from the ILS system. Bibliocommons has optional customer profile fields that include a customer's blog's URL and their Twitter account. Customers also have the option to turn on public sharing of checkouts, holds, comments, and ratings.
3. Databases and Ebook products
Some ebook services collect personally identifiable information. For example, Overdrive collects library card numbers and pins (that's how customers log in to Overdrive). Customers have the option to authenticate using their Facebook or Google accounts. Overdrive also keeps track of ebook checkouts, holds, recommendations and wish lists.
4. 3rd Party Databases
5. Tutorial sites
Sites like Treehouse and Lynda collect names, email addresses, usernames, passwords … and your class-viewing history.
6. Computer reservation systems
My library uses Comprise Technologies for computer management. This system connects to our ILS system for patron data (using a SIP connection). It also has access to a customer's daily computer use habits (i.e., David's here every Wednesday from 3-5pm).
7. Web Browsing history
Your library's data network probably has access (and potentially a history) of web browsing history for each computer in the library.
And that's just the start. Now to back up a bit. None of these vendors purposefully wants to gather and keep customer data - they're not selling your library customer's personal information in order to make a quick buck! They also probably have really strong encryption, solid privacy policies, and other back-end safeguards in place in order to protect customer data.
I think your library also needs to have a handle on privacy issues. Start out with a privacy review, and make sure your library privacy policies and procedures match up with what actually happens.
Some of this you can control, and some you can't (i.e., what other vendors do). The stuff you don't control? Start a conversation with those companies and see if they'll work with you to improve their privacy practices.
Why do all this? Most likely, you tell your customers that you protect their data and their privacy. Because of that, you should know exactly how you protect their privacy. And where there are holes, you should work on improving it.
Why do all this? Most likely, you've told your customers that you protect their data and privacy. Because of that, you should know exactly what's going on with privacy and data at your library. And you work to improve those privacy holes!