Working Privacy into Practice

As a practitioner, I think alot about how to embed new ideas into existing workflows. Much of my work is centered around digital content creation, most often highlighting special or unique collections at my institution. In the last four years, this work has included the addition of a privacy review workflow on certain digital projects, after working with a modern archival collection, mainly unpublished documents with many individuals represented in the collection who are living. The necessity of a privacy review became apparent in the first weeks of the project, when one of the grant team members flagged some content for redaction of sensitive information. In this case, it was the inclusion of a student identification number, which after further review and research was discovered that our institution used social security numbers for student identification numbers until 2006(!).

What was more interesting to me, were the ensuing conversations around privacy within our small project group, and how different we each individually thought about privacy and private information. The outcome of these conversations however was the creation of an internal document to review privacy in archival content before publication online. We knew this additional step was one that added substantial staff time to implement, however we all felt very strongly that the work to review, identify and redact private information before publication was the right thing to do. At our institution, we added the privacy review in after copyright assessment, and adapted the digital platform (More on the systems adaptation in this article “Updating production workflows and adapting systems: Scaling Omeka to meet the needs of a larger-scale archival digital project”)

Since I work at an academic institution, we most often encounter student records that have privacy protections under FERPA. In conversations with our General Counsel office as we created the privacy review, I learned alot about FERPA that I had not known before; like how protection around certain information is not just for the students’ time at the university, but for their lifetime (and in the case of a minor who passes away, the lifetime of their parents). At the time, we were working on a large, grant-funded project that did not allow the time to research every student name to see if the person was living or not, so our team erred on the side of cautious and redacted any information protected under FERPA on the digital surrogate. 

We also talked about the context of private information. For example, we normally allow access to basic directory information without the consent of a student, though we realized in some circumstances it becomes really tricky. One example was a collection of handwritten letters between students and faculty after the closure of campus in the spring of 1970 at Kent State University after the National Guard shootings. The letters are interesting, rich documents, outlining the student’s experience on that May morning, but also in some cases discussing grades since the university shut down mid term. (A book of these letters was published in 2012, Kent Letters by Barbara Agte, and an example of a digitized collection is in the Murray I. Fishal papers). Normally, we would redact grade information and provide the directory (name) information, but we found a few issues that we thought problematic in this scenario. We wanted to provide digital surrogates of these letters as complete as we could without identifying the author of the letter. After consulting with General Counsel, they agreed with this approach was the best option to protect the identity of the individual.

Recently, University of California at Berkeley released a set of four responsible access workflows that address copyright, privacy, contracts and ethics. These are adaptable workflows that can be used at any institution. The privacy workflow addresses private information, and also delves into privacy protections of “Intrusion upon seclusion, Public disclosure of private facts, Painting someone in a false light, Appropriation of name, voice or likeness”, the four elements protected under modern tort law. These are also elements that would require a closure review by the practitioner to identify and discern, however as we found in our internal working group, I feel this is time and effort very well spent.


AuthorVirginia Dressler

Virginia Dressler is the Digital Projects Librarian at Kent State University. Her specialty areas are project management and digitization, working primarily with the university’s unique collections. She holds a Master's of Library and Information Science from Kent State University (2007), a Master's of the Arts in Art Gallery and Museum Studies from the University of Leeds (2003) and a certificate in advanced librarianship (digital libraries) from Kent State University (2014). Her research areas include privacy in digital collections and the Right to be Forgotten. She is author of Framing Privacy in Digital Collections with Ethical Decision Making (Morgan & Claypool, 2018).