Consensus Framework to Support
Patron Privacy in Digital Library and Information Systems
NEW! NISO Consensus Principles on Users’ Digital Privacy in Library, Publisher, and Software-Provider Systems (NISO Privacy Principles) now available!
The Andrew W. Mellon Foundation has awarded the National Information Standards Organization a grant to develop a Consensus Framework to Support Patron Privacy in Digital Library and Information Systems. The grant will support a series of community discussions on how libraries, publishers and information systems providers can build better privacy protection into their operations and the subsequent formulation of a framework document on the privacy of patron data in these systems.
Further background is described below. During summer 2015, the NISO project completed all four virtual meetings which helped provide input to an in-person meeting held in late June in San Francisco; further conference calls were held into the fall to finalize the Principles.
In-Person Meeting
Consensus Framework to Support Patron Privacy in Digital Library and Information Systems - In-Person Meeting
Live Stream Recordings: NISO recorded the day and a half in-person meeting at the conclusion of the American Library Association meeting in San Francisco, CA on Monday and Tuesday, June 29-30, 2015. Please click on the links below to view any of the discussion from the two day event.
Monday, June 29:
- Recording #1: Welcome and Introductions; Overview of meeting (94:24)
- Recording #2: Morning Table Discussions - agreeing on broad topics for draft Consensus document (52:10)
- Recording #3: Afternoon Table Discussion (10:17)
- Recording #4: Afternoon Group Discussion - Transparency, Security, Data Collection and Use, User Experience, Education, etc. (41:17)
- Recording #5: Afternoon Table Discussion - Legal Frameworks (37:04)
Tuesday, June 30:
- Recording #1: Welcome and Introductions; recap of Day 1 (68:23)
- Recording #2: Morning Table Discussions - reporting out (117:05)
- Recording #3: Afternoon Group Discussion and Editing Process of Principles (78:39)
- Recording #4: Afternoon Group Discussion and Editing Process of Principles (cont'd) (118:40)
Background
The digital infrastructure through which content is provided via libraries to patrons involves a number of suppliers, including publishers and library systems providers. These systems generate a tremendous amount of activity and usage data, much of which can be tied back to a particular user. The complex web of systems interactions, of necessary data exchange to provide services, and the myriad providers of information necessitates a community effort and agreement on principles around patron data protection. Real benefit can be achieved through the application of usage data as a tool for improving library services. But how does one balance the opportunity to improve services or build new functionality that might improve patrons’ experiences against the need to protect privacy?
The library community has been a very vocal and ardent supporter of library patron privacy and has been very active in supporting privacy-related issues in the information community. This commitment is at the core of the American Library Association’s Code of Conduct, which stipulates: “III. We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” As institutions that provide their communities with intellectual resources, libraries consider respecting patrons’ privacy about the content they receive a core service. No patron would want to be in the position of having his or her reading behavior monitored and shared without his or her consent. As the digital environment continues to grow, we do not expect that this commitment to privacy will diminish, but rather to expand as libraries join with other privacy organizations in advocating for legal protections.. Such political activities by the library community are an important part of the landscape of information policy.
This project will consist of three phases. The first will be a pre-meeting discussion phase, which will consist of four virtual forums to discuss privacy of internal library systems, privacy of publisher systems, privacy of provider systems, and legal aspects influencing data sharing and policies. Each of the discussion sessions will be a three-hour web-based session designed to lay the groundwork for a productive in-person meeting at the conclusion of the American Library Association meeting in San Francisco, CA in June 2015. Following the in-person meeting, a Framework document will be completed detailing the privacy principles and recommendations agreed to by the participants, and then circulated for public comment and finalization. The final version will be advanced for approval as a NISO Recommended Practice.
Virtual Meetings
- Patron privacy in internal library systems: Thursday, May 7, 10:00 am-1:00 pm ET (now completed; meeting materials below)
- Patron privacy in vendor systems: Thursday, May 21, 10:00 am-1:00 pm ET (now completed; meeting materials below)
- Patron privacy in publisher systems: Friday, May 22, 9:00 am-12 noon ET (now completed; meeting materials below)
- Legal frameworks influencing data sharing and policies: Friday, June 19, 1:00-4:00 pm ET (now completed; meeting materials below)
Materials from the May 7 virtual meeting on patron privacy in internal library systems
- WebEx recording (3:19)
- Comments and links from WebEx chat
- Twitter archive
- Todd Carpenter's Introduction
- Ken Varnum, University of Michigan: Thinking about Data Collection and Analysis: Issues being considered at the University of Michigan as we consider a learning analytics project for use of library resources
- Micah Altman, MIT: Managing confidential data: deidentification/anonymization
Materials from the May 21 virtual meeting on patron privacy in vendor systems
- WebEx recording (3:05)
- Comments and links from WebEx chat
- Twitter archive
- Todd Carpenter's Introduction
- Richard Entlich, Cornell University: anonymization of Voyager circulation transaction records
- Kathryn Harnish, ProQuest: the value of personalization services
- Peter Murray, LYRASIS: Advancing Patron privacy on Vendor Systems with a Shared Understanding
Materials from the May 22 virtual meeting on patron privacy in publisher systems
- WebEx recording (3:06)
- Comments and links from WebEx chat
- Twitter archive
- Todd Carpenter's Introduction
- Richard Entlich, Cornell University: user-based information offered by publishers
- Abigail Wickes, Oxford University Press: use of usage data in marketing
- Alan Rubel; Mei Zhang, University of Wisconsin at Madison: what language on privacy could or should be in e-journal licenses
- Roger Schonfeld, ITHAKA: A User-Centric Approach to Privacy
Materials from the June 19 virtual meeting on legal frameworks for patron privacy
- WebEx recording (2:56)
- Comments and links from WebEx chat
- Twitter archive
- Todd Carpenter's Introduction
- Deborah Caldwell-Stone, ALA: Amending State Library Confidentiality Laws to Extend Privacy Protections to User Data Held or Managed by Vendors
- Laura Quilter, University of Massachusetts Amherst: Frameworks & Current Issues in Library Privacy
- Alison Macrina, Library Freedom Project - see Comments and Links page for Alison's shared links
- Micah Altman, MIT: NISO Lightning Overview: Privacy Law and Libraries