This checklist is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in the Library Privacy Guidelines for E-book Lending and Digital Content Vendors.
Priority 1 are actions that hopefully all libraries can take to improve privacy practices. Priority 2 and Priority 3 actions may be more difficult for libraries to implement depending on their technical expertise, available resources, and organizational structure.
Priority 1 Actions
- Work with vendors to configure services to use the opt-in method whenever possible for features that involve the collection of personal information.
- Develop a strategy to assist patrons in managing their privacy when using vendor products and services. The strategy could include in-person reference, handouts, web guides, classes, or other programming. Topics covered could include:
- Settings for personal accounts on vendor websites.
- Vendor applications on personal devices including any privacy settings and how to remove the application and any associated stored data.
- Notify staff and patrons of any data breaches and assist patrons in mitigating the impact (changing passwords, uninstalling applications, etc).
Priority 2 Actions
- Add privacy considerations to the library’s selection criteria for new purchases or the renewal of existing purchases. These considerations should include the vendor:
- Notifying users of their privacy policies at the point of access and restricting the collection of patron data to clearly stated operational purposes.
- Seeking patron consent for data collection by using the opt-in method whenever possible for features that involve the collection of personal information.
- Providing a method for patrons to access, review, correct and delete their personal data.
- Encrypting connections using SSL/HTTPS to provide secure access to digital content.
- Allowing users to uninstall vendor applications and delete associated stored data from personal devices.
- Review all new license agreements regarding the use, aggregation, retention, security, and dissemination of patron data. Before purchasing a new product or service the library should ensure that the license agreement:
- Complies with all applicable local, state, and federal laws regarding the confidentiality of library records.
- Conforms to the library’s privacy, data retention, and data security policies.
- Stipulates that the library retains ownership of all patron data.
- Includes a protocol for responding to government and law enforcement requests for patron data.
- States the vendor’s responsibilities to notify the library and affected patrons in the event of a data breach.
Priority 3 Actions
- Review existing licence agreements using the privacy concerns outlined above for new agreements.
- Work with vendors to change language of license agreements when possible to address concerns.
- Consider not renewing contracts with vendors that are unable to provide these assurances in the license agreement.
- Review vendors’ data governance plan that addresses patron consent, data security, encryption, anonymization, retention, dissemination/data sharing, and destruction. If the vendor does not have a plan, ask them to create one.
- Request that vendors conduct regular privacy audits and make audit results available to the library for review. Make the results of the review one of the criteria for renewal.
- ALA. “Encryption And Patron Privacy.” American Library Association, 2016,
- Cavoukian, Ann. “Privacy By Design: The 7 Foundational Principles; Implementation And Mapping Of Fair Information Practices.” Internet Architecture Board, 2011.
- Department of Computer Engineering, Boğaziçi University. “Guide to Data Protection Auditing.” Data Protection.
- Hoffman-Andrews, Jacob. “What Every Librarian Needs To Know About HTTPS.” Electronic Frontier Foundation, 6 May 2015.
- International Association of Privacy Professionals. “Security Breach Response Plan Toolkit.” IAPP Resource Center, 2016.
- Internet Security Research Group. Let’s Encrypt [https certificate registry].
- Perera, Charith, McCormick, Ciaran, Bandara, Arosha K., Price, Blaine A., and Bashar Nuseibeh. “Privacy-By-Design Framework For Assessing Internet Of Things Applications And Platforms.” IoT 2016, 7-9 Nov. 2016, Stuttgart, Germany.
- Riffat, Muzamil. “Privacy Audit – Methodology and Related Considerations.” ISACA Journal, vol. 1, 2014.
- Chmara, T. (2012). Privacy and E-Books. Knowledge Quest, 40(3), 62-65.
Additional Questions to Consider
- What are the local statutes regarding patron/user information use?
- User’s browsing, borrowing, downloads, notations, group affiliations shall not be shared with any other parties without the specific written consent of the individual user.
- Does the language in the policy/contract/license specifically address other devices and do the terms extend to other devices as well (smartphone apps, tablet, etc.)?
- What is the retention policy of the institution/library, including proxy server collection of IP address access, and what is the retention policy of the vendor?
- Is the language of the policy consistent with the age of the product’s intended audience, can the minor user for instance understand the policy?
- Does the language of the policy/contract/license specify that harvested user data should be destroyed and not retained in perpetuity by the vendor?
- In case of data breach, does the language specify that the vendor inform the library as soon as it is aware of the breach?
- Vendor must give libraries advance notice of any changes to the user privacy policies, at least 30 days to respond.
- Agreements and contracts should be reviewed annually per their individual renewal/ purchase date.