Privacy and Confidentiality in Digital Reference

Article excerpt

In a library, the right to privacy is the right to open inquiry without having the subject of one's interest examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information ... about users and keeps that information private on their behalf.--American Library Association, "Questions and Answers on Privacy and Confidentiality." (1)

The library community possesses a decades-long history of trying to protect the privacy and confidentiality of library users. The American Library Association (ALA) incorporated this sense of privacy into the ALA Code of Ethics in the early 1960s. This dedication to privacy has faced, and continues to face, challenges from private citizens, the law enforcement community, and numerous technological developments. Among these technological developments can be included the introduction of digital reference services to library users. An important by-product of these services are digital reference records that challenge users' expectation of privacy. This article will attempt to show the relationships between privacy and digital reference records, how privacy can be compromised in the digital reference environment, and what actions librarians can take to maintain the privacy of these records.

The need to protect library patrons' privacy appears to be self-evident, but is not necessarily so. Libraries are public spaces so it is not uncommon for other patrons to overhear a user's reference question, notice what someone is viewing on-screen, or see what books a user is checking out. If users are willing to make their research interests known in such a public space, then why should librarians worry about protecting users' privacy? That question has many possible responses. There is a significant difference between learning one piece of information about a person's research and being able to uncover that person's entire research agenda. Patrons may be comfortable with a librarian knowing their research agenda, but do they want their boss, next-door neighbor, or insurance company to know? Secondly, users routinely divulge their names, e-mail addresses, telephone numbers, and other personally identifiable information (PII) to obtain access to library services. This information must be protected from hackers and others seeking to utilize the data for nonlibrary-related purposes. These examples are pretty obvious. Most privacy challenges arise when privacy rights conflict with other social values. Should parents or guardians be allowed to find out what their children read or what questions the children ask a librarian? Should a librarian notify police if someone requests information about modifying semiautomatic weapons? Can anyone obtain a public library's chat reference transcripts to use for research? After all, the library is a public institution supported by tax dollars. Should libraries routinely destroy records in the name of protecting privacy when the records might prove invaluable to future historians studying the importance of libraries in society? The answers to these questions are not so readily apparent. For this reason, it is important that librarians have guidelines to follow, whether they be laws, codes of ethics, policies, or procedures. This is as true in the digital reference realm as in other aspects of library activity.

Certainly some of the issues discussed in this article are time sensitive. Technological developments will render the privacy features of some chat reference products moot within a year. Chat reference as we know it today may be superseded by more advanced technologies within five years. Other privacy influences, such as the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act, may wax or wane in succeeding years.

Patrons' concern for the privacy of their library records will probably increase rather than diminish. …