Patron Privacy Policy and The Library Bill of Rights
Privacy is essential to the exercise of free speech, free thought, and free association. The courts have established a First Amendment right to receive information in a publicly funded library.
In a library (physical or virtual), the right to privacy is the right to open inquiry without having the subject of one’s interest examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information about users and keeps that information private on their behalf.
Protecting user privacy and confidentiality has long been an integral part of the mission of libraries. The ALA has affirmed a right to privacy since 1939.Existing ALA policies affirm that confidentiality is crucial to freedom of inquiry. Rights to privacy and confidentiality also are implicit in the Library Bill of Rights guarantee of free access to library resources for all users.
The Library Bill of Rights affirms the ethical imperative to provide unrestricted access to information and to guard against impediments to open inquiry. Article IV states: “Libraries should cooperate with all persons and groups concerned with resisting abridgement of free expression and free access to ideas.” When users recognize or fear that their privacy or confidentiality is compromised, true freedom of inquiry no longer exists.
In all areas of librarianship, best practice leaves the user in control of as many choices as possible. These include decisions about the selection of, access to, and use of information. Lack of privacy and confidentiality has a chilling effect on users’ choices. All users have a right to be free from any unreasonable intrusion into or surveillance of their lawful library use.
Users have the right to be informed what policies and procedures govern the amount and retention of personally identifiable information, why that information is necessary for the library, and what the user can do to maintain his or her privacy. Library users expect and in many places have a legal right to have their information protected and kept private and confidential by anyone with direct or indirect access to that information. In addition, Article V of the Library Bill of Rights states: “A person’s right to use a library should not be denied or abridged because of origin, age, background, or views.” This article precludes the use of profiling as a basis for any breach of privacy rights. Users have the right to use a library without any abridgement of privacy that may result from equating the subject of their inquiry with behavior.
The library profession has a long-standing commitment to an ethic of facilitating, not monitoring, access to information. This commitment is implemented locally through development, adoption, and adherence to privacy policies that are consistent with applicable federal, state, and local law. Everyone (paid or unpaid) who provides governance, administration, or service in libraries has a responsibility to maintain an environment respectful and protective of the privacy of all users.
For administrative purposes, librarians may establish appropriate time, place, and manner restrictions on the use of library resources. In keeping with this principle, the collection of personally identifiable information should only be a matter of routine or policy when necessary for the fulfillment of the mission of the library. Regardless of the technology used, everyone who collects or accesses personally identifiable information in any format has a legal and ethical obligation to protect confidentiality.
The American Library Association affirms that rights of privacy are necessary for intellectual freedom and are fundamental to the ethics and practice of librarianship.