I was delighted to find the following email in my inbox the other day. From ALA’s president Barbara Stripling:
ALA is saddened by recent news that the government has obtained vast amounts of personal information and electronic communications of millions of innocent people. The extent of the personal information received by the government is very troubling. Those of you who have been long-time members of ALA know that we have always argued that provisions in the USA PATRIOT Act encroach on the privacy expectations of library users. Worse, the surveillance law erodes our basic First Amendment rights, all while undermining the very fabric of our democracy [...]
We need to restore the balance between individual rights and terrorism prevention, and libraries are one of the few trusted American institutions that can lead true public engagement on our nation’s surveillance laws and procedures. Libraries have the tools, resources and leaders that can teach Americans about their First Amendment privacy rights and help our communities discuss ways to improve the balance between First Amendment rights and government surveillance activities. And patrons are ready to learn about their privacy rights from their libraries.
How academic libraries can join the fight for privacy has been buzzing around my head of late. Thankfully, Stripling’s email also links to some helpful resources: the Choose Privacy Week website and a Moderator’s Guide [pdf]. I haven’t given this enough thought to craft a decent post, but three things immediately come to mind as actions academic librarians can take (in addition to hosting discussion forums):
1) Prominently display a link to your library’s privacy statement and data retention policies on the homepage. Wait, you don’t have one? Well, now is a better time than any to get started!
2) Know your university’s policies on user data and find out what third parties (esp. email platform providers) have access to it.
3) Start talking to electronic resources vendors about how they use your patrons’ data. What do they collect? What is their retention policy? What other third-parties have access to that data?
I don’t imagine I’ll have many discussions at the reference desk about protecting user privacy and data, but that doesn’t mean I can’t fight for it. More thoughts on this later. Happy Friday!