PRIVACY AND CONFIDENTIALITY IN THE K-12 LIBRARY ENVIRONMENT
By: Muzzy ([email protected]) and Sharrett ([email protected])
Contents
What is Privacy and Confidentiality?
Position Statements, Guidance, and Resources
American Library Association (ALA)
American Association of School Librarians (AASL)
Applicable Laws and Policies
Federal Laws that Apply
Supreme Court Interpretation of Privacy Rights
State Laws that Apply
State/County/School District Policies: Virginia
State/County/School District Policies: South Carolina
Professional Experts on the Topic
Helen Adams
Mary Minow
Organizations with Interest in Privacy
What is Privacy and Confidentiality?
Privacy and confidentiality are related, but they are two separate issues. Privacy is about people. On the other hand, confidentiality is about information about a person.
In a school library, privacy allows students to seek information without being worried that others will know what they are reading, while confidentiality is about the library safeguarding the patrons' information. For example, privacy means a student should be free to search on the school library computer without other patrons or library staff questioning or commenting on the activity. Confidentiality means the school librarian will not divulge what students have researched with teachers, other students, or administrators.
- ALA Summary: The American Library Association (ALA - detailed below) offers a brief summary and other links regarding privacy and confidentiality.
Below is an interesting 13-minute video about privacy titled "Does Privacy Matter?". It was a TEDxSantaCruz event held September 15, 2012 and speaker was G Vachon.
21st Century Aspects
Privacy and confidentiality have been significantly affected by technological advancements. Information is readily available through the internet and individuals do not always have control over what personal information is revealed. Websites collect, store, and potentially share personal information about users. Additionally, search engines make it easy to collect data about individuals very easily. In the library, the technological changes as well as legal changes (such as the U.S.Patriot Act) have also impacted privacy and confidentiality.
Two additional videos that demonstrate the 21st Century privacy challenges are:
1. "Fighting for Online Privacy:" Speaker, Chrisopher Soghian, reveals how companies collect data and how they are asked to participate in surveillance of their customer. He states that free web services will always require a loss of personal privacy.
2. "Gary Kovacs: Tracking the Tracker:" A Ted Talk video filmed in February 2012. The video demonstrates the invasiveness of web tracking. Gary Kovacs is CEO of Mozilla Corporation and he is selling software through this video.
Position Statements, Guidance, and Resources
American Library Association (ALA)
The American Library Association (ALA) was established in 1876, making it the oldest and longest library association in the world. It is a U.S. based non-profit, and has 64,000 members worldwide. The primary purpose of the association is to promote library services and librarianship. The ALA has 11 divisions, with 3 of those directly related to children's services. Those divisions are American Association of School Librarians (AASL - detailed below), Association for Library Service to Children (ALSC), and the Young Adult Library Services Association (YALSA).
The ALA has affirmed a right to privacy since 1939, and existing ALA policies assert that confidentiality is a necessity for the freedom of inquiry. Rights to privacy and confidentiality also are implicit in the Library Bill of Rights. Their website has a variety of information, including information on privacy and confidentiality.
- ALA Concept Paper - Rallying Americans for the Right to Information Privacy: An 8-page paper outlining ALA's privacy agenda
- Background to the ALA Privacy Interpretation: An outline of the history of privacy and the ALA
- ALA Privacy Policies and Statements: Lists the policies, guidelines, and resources developed to protect privacy and confidentiality
- ALA's Q&A on Privacy and Confidentiality: Answers to frequently asked questions, developed by the Privacy Subcommittee of the American Library Association’s Intellectual Freedom Committee, to assist librarians with privacy issues
- ALA Office for Intellectual Freedom: ALA's Office of Intellectual Freedom purpose is to execute ALA policies on intellectual freedom as listed in the Library Bill of Rights - includes many of the issues surrounding privacy and confidentiality
American Association of School Librarians (AASL)
The American Association of School Librarians (AASL) is a division of the American Library Association, is a professional membership organization dedicated to serving the interests of school library media specialists. The following are privacy resources available through this organization:
- AASL Essential Links: Ethical Issues: Provides links to ALA’s Position statement on the Confidentiality of Library Records, the ALA code of ethics, ALA’s Choose Privacy initiative, IFLA’s World Code of Ethics by Country, AASL’s Intellectual Freedom Brochure and links to articles by Helen Adams.
- AASL Blog: Resources for Choose Privacy Week: A link to AASL's 9 April 2012 Blog bout Choose Privacy Week. Article provides multiple links including Privacy Revolution, Pew Internet and American Life Project, Demand your rights, and Stay Safe Online.
Applicable Laws and Policies
Federal Laws that Apply
There are multiple federal laws that apply to privacy and confidentiality. Those are:
Children's Internet Protection Act (CIPA)
CIPA was passed to protect children from being exposed to internet images that are "(a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors)." It applies only to public schools and organization that takes federal funds under the E-rate program (punishment is limited to the loss of federal funds under this same program).
Websites that have information about CIPA include:
- Federal Communications Commission (FCC) Summary: FCC information about CIPA
- ALA and CIPA: ALA's position statement on CIPA
Children's Online Privacy Protection Act (COPPA)
Act intended to protect privacy of children under the age of 13. Requires commercial websites and online services to gain parental consent of any personal information collected on children under the age of 13. Goal of the Act was to increase parental involvement ensure children's safety, and protect children's personal information.
Websites of interest include:
- Federal Trade Commission (FTC) FAQs: Frequently Asked Questions about the Children's Online Privacy Protection Rule
- The Child Online Privacy Protection Act: 15 U.S.C. §§ 6501-6506, P.L. No. 105-277, 112 Stat. 2681-728
Family Education Rights and Privacy Act (FERPA)
FERPA is intended to protect the confidentiality of student records and give students the right to review their own records. The act applies to schools that received federal funds.
Websites of interest include:
- U.S. Department of Education (ED) Summary: Department of Education Information on FERPA
- Family Educational Rights and Privacy Act: 20 U.S.C.S. § 1232g (Law. Co-op. 2002)
- U.S. Department of Education Final FERPA Regulations: Advisory and Overview (December 2011): Highlights changes to FERPA that went into effect January 2012.
Protection of Pupil Rights Amendment (PPRA)
This act is intended to protect the rights of parents of students that are minors and require parental permission before information of a personal nature is collected on a minor student.
- PPRA Summary: U.S. Department of Education summary of PPRA
U.S. Patriot Act
Act was passed after 9-11 and significantly increased the surveillance and investigative powers of law enforcement agencies in the United States in an attempt to detect and prevent terrorism. The act amended over 15 federal statutes and permits the Federal Bureau of Investigation (FBI) to gain access to records, including medical, educational, and library, without the requirement of a court order.
Information about the U.S. Patriot Act can be found at the following websites:
- U.S. Patriot Act:Department of Justice: Information about the act including the legal text of the act
- ALA's Position on the U.S. Patriot Act: Concise summary of ALA concerns of U.S. Patriot Act
- ALA's Analysis of U.S. Patriot Act Impact on Libraries: Summarizes provisions of the U.S. Patriot Act with detail on those provisions that affect libraries
Video Privacy Protect Act
Act prohibits the release of information related to videos. What videos one rents or checks-out from a library is confidential information.
Supreme Court Interpretation of Privacy Rights
The Right of Privacy: Is it Protected by the Constitution?: There is no "specific" rights to privacy in the U.S. Constitution, however, there are some privacy rights addressed in the "Bill of Rights." This controversial area, along with a list of supreme court decisions on the matter are addressed in this on-line article.
State Laws that Apply
The confidentiality of library records is specifically protected to some degree in 48 of the 50 states. (The two states that lack specific protections are Hawaii and Kentucky.) However, the language varies between the states. In general, these laws protect circulation and registration records. Also, many of the laws protect information on any personally identifiable information kept by libraries.
For information regarding the confidentilaity of library records and state laws consider:
- State Privacy Laws Regarding Library Records: ALA page that provides links to the state privacy laws regarding library records.
- State Laws on the Confidentiality of Library Records: Wiki that provides access to state laws, state attorney generals’ opinions, and state law tables.
- State and Territorial Library Privacy Laws: Website created by The Law of Libraries and Archives, which provides resources related to library law including state library privacy laws.
- National Conference of State Legislators (CIPA): Site that provides information regarding CIPA including U.S. Supreme Court Ruling, Articles, State filtering/blocking laws, and other related CIPA laws.
- Data Quality Campaign (DCQ) Legal Guide: DQC resources on issues of privacy, security and confidentiality including federal laws, state laws-by issue, and state laws by-state.
- DCQ Resource Library: DCQ database to help find topics of interest.
- DCQ State Primer: DCQ article on how states can collect data to improve education while still protecting student's privacy, security, and confidentiality.
State/County/School District Policies: Virginia
Virginia library records are “governed” by Virginia Code § 2.2-3705(A)(10). The Attorney general has interpreted this code as follows:
Virginia library records at issue are excluded from the mandatory disclosure requirements of the Act by the precise language of § 2.2-3705(A)(10). (4) Records excluded from the mandatory disclosure provisions of the Act, however, may be disclosed unless "such disclosure is prohibited by law."(5) I am aware of no other law which prohibits the release of library records. Therefore, pursuant to § 2.2-3705(A), it is within the discretion of the records’ custodian whether to release the library records at issue to the minor’s parent (see http://library-privacy.wikispaces.com/Virginia+-+Attorney+General).
For more information consider the following links:
Virigina Department of Education (VDOE)
- VDOE Division of Technology & Career Education’s Guidelines and Resources for Internet Safety in Schools: Content includes information for students, parents, teachers, administrators, and school board members.
- VDOE's FERPA Guidelines: Information on FERPA includes Virginia code, Board of Education Regulations, parent guide and more.
- VDOE's Management of Student Records Slides: VDOE Powerpoint Briefing on FERPA
Fairfax County Public School District (FCPS) Regulations and Policies
- FCPS Link to Privacy Regulations: Access to all FCPS regulations regarding privacy (and other regulations)
- FCPS Regulation 1475.2 regarding Research data collection: Guidelines on what data can be collected for research
- FCPS School Board Policy 2701 regarding Student Records; Guidelines on how to treat student records
- FCPS Students Rights and Responsibilities Handbook: Handbook given to students to inform them of their rights and responsibilities
- FCPS webpage Internet Safety: What Parents, Grandparents, and Caregivers Need to Know Need to Know: Guidelines and tips for internet safety (includes privacy information)
- FCPS website privacy disclaimer: Guidelines on what data is collected when visiting FCPS websites
- FCPS internet content filtering: Explains the school district's internet filter policies
- South County High School Internet Safety Guide for Parents and Students: Guidelines for internet safety found on school website
State/County/School District Policies: South Carolina
In South Carolina library registration and circulation records are confidential under Title 60, Chapter 4 of the Code of Laws, 1976:
SECTION 60-4-10. Records identifying library patrons as confidential information; disclosure.
Records which by themselves or when examined with other public records would reveal the identity of the library patron checking out or requesting an item from the library or using other library services are confidential information.Records related to registration and circulation of library materials which contain names or other personally identifying details regarding the users of public, private, school, college, technical college, university, and state institutional libraries and library systems, supported in whole or in part by public funds or expending public funds, are confidential information.
Records which by themselves or when examined with other public records would reveal the identity of the library patron checking out or requesting an item from the library or using other library services are confidential information.
The confidential records do not include non-identifying administrative and statistical reports of registration and circulation.
The confidential records may not be disclosed except to persons acting within the scope of their duties in the administration of the library or library system or persons authorized by the library patron to inspect his records, or in accordance with proper judicial order upon a finding that the disclosure of the records is necessary to protect public safety, to prosecute a crime, or upon showing of good cause before the presiding Judge in a civil matter.
SECTION 60-4-20. Definitions.
As used in this chapter, the term "registration records" includes any information which a library requires a patron to provide in order to become eligible to borrow books and other materials, and the term "circulation records" includes all information which identifies the patrons borrowing particular books and other materials.
SECTION 60-4-30. Penalties.
Any person violating the provisions of Section 60-4-10 must upon conviction be fined not more than five hundred dollars or imprisoned for not more than thirty days for the first offense, must be fined not more than one thousand dollars or imprisoned for not more than sixty days for the second offense, and must be fined not more than two thousand dollars or imprisoned for not more than ninety days for the third or subsequent offense (see http://www.scstatehouse.gov/code/t60c004.php).
For more information consider the following links:
South Carolina Department of Education (SCDE)
- Selected South Carolina Student and School Safety Laws and Regulations: Lists laws and regulations applicable to students within South Carolina schools. Note page 37, Confidentiality and exceptions.
- SCDE's FERPA Guidelines: Site has information from the SC Department of Education on FERPA. Department contact is Wanda Davis, phone 803-734-8485.
- South Carolina K-12 Internet Safety Standards: Provides South Carolina state standards as it pertains to internet safety.
Charleston County School District (CCSD) Regulations and Policies
- CCSD Acceptable Use of Technology Policy: In this policy it states, "Persons using [Charleston County School] district technology and electronic communications shall have no expectation of privacy in such use. Usage of district technology and electronic communications may be monitored, logged, disclosed, deleted, or terminated by the district. Online activities of minors will be monitored for appropriate use."
- CCSD Confidentiality of Records Policy: While this policy mainly refers to special education records, it pertains to the districtwide record access policy.
- CCSD Video Camera Policy: This policy outlines CCSD's policy on video recorded material, and states that it will treat all video recorded as student records entitled to confidentiality pursuant to the Family Educational Rights and Privacy Act and other applicable federal and South Carolina laws.
Professional Experts on the Topic
Helen Adams
Helen Adams is a former school librarian and has taught Access and Legal Issues for Mansfield University (Pennsylvania). She is a past president of the American Association of School Librarian, she serves on the ALA Intellectual Freedom Committee, chaired the AASL Intellectual Freedom Committee for two years, and was recently appointed to be the AASL liaison to the Freedom to Read Foundation.
Helen Adams has written several articles about privacy and school libraries to include:
- The Privacy Problem: Although school librarians seldom discuss it, students’ privacy rights are under attack School Library Journal, on-line 2011.
- "The Age of the Patron: Privacy for Middle and High School Students", School Library Media Activities Monthly, April 2007.
- "The Age of the Patron and Privacy", School Library Media Activities Monthly, March 2007.
- "Confidentiality", School Library Media Activities Monthly, September 2006.
She has also co-written the following book on privacy and libraries:
- Adams,Helen, Robert Bocher, Carol Gordon, and Elizabeth Barry-Kessler. Privacy in the 21st Century: Issues for Public, School, and Academic Libraries. Westport, Connecticut: Libraries Unlimited, 2005.
Mary Minow
Mary Minow earned her JD degree from Stanford University and her A.M.L.S from University of Michigan. She is the editor of the Stanford Copyright and Fair Use site (fairuse.stanford.edu). She taught digital copyright at San Jose State School of Library Science and at Simmons Graduate School of Library and Information Science. She was the President of the California Association of Library Trustees and Commissioners. She is the first recipient of the California Library Association's Zoia Horn Intellectual Freedom Award, given in 2004. She started the LibraryLaw.com website and her blog is at blog.librarylaw.com. Minow was nominated by President Obama to the National Museum and Library Services Board (senate confirmed her position). She is a co-author of The Library's Legal Answer Book (ALA Editions: 2003).
Organizations with Interest in Privacy
The ACLU organization advocates for individual rights and liberties to include privacy. |
|
The Office of Intellectual Freedom site has considerable information related to privacy issues in libraries and schools, including information on the impact of the USA Patriot Act. |
|
C|Net is a provider of technology news. When you access the site type privacy into the search box to find out latest developments. |
|
EFF is one of the best organizations on privacy and first-amendment issues related to Internet use. |
|
EPIC is a public interest research center established to educate public on privacy and civil liberty issues. |
|
Information on how to use the internet safely, developed by internet industry corporations and public interest organizations. |
|
Focused on consumer privacy, commerce, and data protection. The site is managed by The Center for Social & Legal Research, a not-for-profit research and educational foundation. |
|
Site managed by Electronic Privacy Information Center (EPIC) and Privacy International, which provides daily news on developments in privacy. |
|
This site, led by American Library Association, is an advocacy site to educate individuals about the risks of privacy due to the internet and to get people engaged and talking about privacy issues. |
|
PRC is a nonprofit organization that focuses on consumer education, research, and advocacy as it relates to privacy. |
|
TRUSTe is an independent, nonprofit privacy initiative dedicated to building users' trust and confidence when using the Internet. |
Credits
Clipart retrieved from: Microsoft Corporation. (2010). Microsoft Office PowerPoint 2010 [computer software]. Seattle, WA: Microsoft.
ALA Logo: ALA. (n.d.). Using the ALA Logo. Retrieved from http://www.ala.org/aboutala/contactus/rights/logo-rules
AASL Logo: Public Broadcasting System. (n.d.). Articles by AASL. Retrieved from http://www.pbs.org/teachers/librarymedia/aasl/
Image of Helen Adams retrieved from http://eduscapes.com/sms/overview/adams.html
Image of Mary Minow retrieved from http://blog.librarylaw.com/about.html