Every library has (or should have) one. Ironically, in an institution devoted to reading and intellectual inquiry, it is probably the most seldom-read document in its collections. I am referring to library privacy policies, which have become increasingly important in an era when the broad gathering of information and data is exponentially increasing.
The New York Public Library (NYPL) has aimed to change that with its new privacy policy, publicly released in November 2016. The journey to revise the Library’s privacy had begun before I arrived in November 2015 and became the first full-time director of privacy and compliance at NYPL; and, though I am not an attorney, my position is situated in the Library’s legal department which, as a group, is responsible for the review, if not the actual writing, of most of the NYPL’s legal policies and notices.
As with any almost institution going through a policy-writing process, we began with what we already had. In its 120-year history, NYPL has evolved its data -collection practices from the age of paper call slips to complex digital circulation systems. In the normal course of its operations, NYPL checks out books and materials to patrons (23 million per year), provides classes and programs to both adults and children, and—in the age of the internet—provides access to online information and databases that span the globe.
NYPL’s board of trustees, which has a committee devoted to reviewing the Library’s policies and programs, has consistently expressed the need for library operations to (a) know what information and data we were collecting from patrons; (b) know what we were doing with that information once collected (including who could access it and where); (c) articulate how patrons could opt in and out of our the data that they provide in the course of using the Library; and (d) determine how we respond to legal requests for information (such as subpoenas, warrants, etc.).
Answering the first question—what do we collect—involved a thorough inventory of the Library’s systems, databases, and paper-based information gathering. For instance, besides using our main integrated library system (ILS) to track the borrowing of materials in the branch libraries, we also use an age-old call-slip method in our four major research collections. The attempt to track the myriad data-collection methods began before I arrived and concluded shortly after I started. Finding the sources of data streams, be it analog or digital, involved speaking with every department in the Library to better understand (a) their reasons for collecting the data, (b) where they kept it and for how long, (c) if and when they shared it within or outside the Library and with whom, and (d) how they ultimately disposed of it when it was no longer needed.
These became the key elements of determining NYPL’s current state and how to move forward.
While the inventory was happening, we also talked to other nonprofit institutions to learn how they had developed and maintained their privacy policies. Among the models we reviewed were those from San Francisco Public Library (partly because California’s library privacy statutes are among the strictest in the nation), the American Civil Liberties Union, as well as our fellow New York City library systems at Brooklyn Public Library and Queens Library. The Smithsonian Institution, another organization that recently had hired a full-time privacy officer, was also a great source of information about best practices for both privacy policies and their underlying practices.
The American Library Assocation (ALA), of course, has long been a bedrock of advocacy for library patron privacy and user rights. For our purposes, the most valuable tools were the ALA’s Intellectual Freedom Committee’s guidelines, including its “Privacy Toolkit,” which outlines the five “Standard Privacy Principles,” which are based on the Electronic Privacy Information Center’s Fair Information Practice Principles. These five principles are
In short, these can be defined as the rights of “notice,” “choice,” “access,” “security,” and “enforcement,” and were at the heart of both our internal discussions as well as the drafting of NYPL’s new privacy policy
During the spring and summer of 2016, we held discussions with management throughout NYPL, ensuring that we gathered input and feedback from such departments as library services, research, digital, legal, marketing/communications, IT, facilities, and security. Each group has a stake in our privacy policy to the extent that they are engaged in at least some part of the data lifecycle (i.e., collection, storage, use, transmission, etc.). Additionally, we engaged a subgroup of our board of trustees who reviewed the early stages of the drafts and gave their valuable input.
The legal department was at the center of this process, in particular our associate general counsel, who wrote each draft as well as the final document, and NYPL’s general counsel, who was a key player in the shepherding of the new policy from inception through completion.
After four months of solid drafting, the new policy was ready for presentation to the NYPL board of trustees’ Program and Policy (P&P) Committee. The discussion centered on such topics as how long we retain data (minimally), how we respond to subpoenas and warrants (we are creating internal procedures), how to further strengthen public awareness and education about our practices, and how patrons can opt in and out of information gathering.
The newly revised policy approved by the P&P Committee at its September 2016 meeting now provided the public with clear explanations of the following:
With official approval of the policy now complete, we had the further work of ensuring that it was adequately rolled out and publicized, both internally and externally. To that end, I worked with our human resources department to create a five-minute online training video that we required all NYPL employees to view. In the video, our general counsel and I explained what changes were represented in the new privacy policy as well as how to answer potential questions from patrons. This was all accomplished in the three weeks before the “go live” date of November 30.
On the morning of November 30, 2016, we launched three simultaneous events to ensure the new policy received maximum attention:
Shortly after the rollout, we used a professional translating service to create versions of the full privacy policy in Spanish, Chinese, and Russian (the three most common non-English languages spoken by New York City residents). These non-English language versions are prominently linked to from the main English-language privacy policy page on NYPL’s website.
In the months and years ahead, we plan to further educate both our staff and the public on best practices for understanding and protecting privacy and information security. One key way to accomplish that is with an internal group that I created early in 2016. The NYPL Privacy Advisory Committee brings together representatives from every division of the Library to get updates on privacy initiatives and news as well as work to work on specific projects. Additionally, we expect the policy will evolve to keep pace with the ever-changing world of technology.
Come visit NYPL’s new privacy policy today at https://www.nypl.org/help/about-nypl/legal-notices/privacy-policy.