Public libraries have a long tradition of protecting patron privacy. For example, they’re ethically bound to withhold the titles of books loaned to individuals unless law enforcement authorities present a warrant. As libraries increasingly share data with third-party cloud services, the risk of unintended information disclosures rises.
Public libraries must refine and update their privacy policies for the cloud age, concludes Michael Zimmer, director of the Center for Information Policy Research at the University of Wisconsin–Milwaukee, who just completed a two-year study that assesses this risk.
“Libraries need to make sure that patrons know what outside services may potentially receive their information, and they need to give people the opportunity to say yes or no to that,” Zimmer advises, while offering four other recommendations:
- Adjust privacy policies to explain the use of third-party cloud service providers and the internal steps the library is taking to protect patron privacy.
- Make privacy policies easily accessible on the library home page.
- Publish links to the privacy policies of outside partners.
- Ensure patrons know that data sharing might occur if they opt in to third-party platforms.