July 12, 2020

Omaha, Nebraska: Mayor’s Office Proposes Letting Police Check Out Library Patron Information

More privacy issues in the library world.

From the Omaha World-Herald:

The Omaha Mayor’s Office would like law enforcement officials to be able to access personal information from Omahans’ library cards in emergencies, setting off a debate over patrons’ privacy.

Mayor Jean Stothert’s chief of staff, Marty Bilek, appeared before the Omaha Public Library’s board Thursday to ask for a change in the library’s policy.

The request stemmed from an incident in which Metropolitan Community College police spent hours trying to identify a belli­gerent, drunk man at the South Omaha Library.

He refused to give his name, and the only form of identification he had was a library card. But under current policy, library staff couldn’t tell officers his name.

[Clip]

Library Director Gary Wasdin, in response to a board member’s question, said libraries have traditionally protected their patrons’ privacy.

“It’s a fundamental trust issue with the library,” he said. “We don’t question who you are, your background.”

Bilek argued that names, addresses and phone numbers of patrons aren’t too much to provide. He didn’t ask for information on what patrons are checking out, just identifying information.

Read the Complete Article

A Comment from infoDOCKET Founder/Editor Gary Price

The following comments are not directly related to the story above but I think are worth mentioning again.

While info about what the person was checking out would not be requested in Omaha it’s worth pointing out something I mentioned a few days ago regarding data coming from the library and moving accross the Internet.

The Omaha Public Library’s OPAC (and from many other libraries) “transmit” search queries over the Internet in an unencrypted manner. While placing a book on hold, renewing, etc. is encrypted the search queries that can provide what someone might want to read, interested in, etc. are not encrypted by many libraries.

Additionally, if the OPAC search is conducted on a public network (either in or outside of the library building) any person with a very basic knowledge (and I mean basic) of a couple of pieces of software (free) and also on the same network can easily see what the person is searching for. Furthermore, the specific MAC address of the computer doing the search is also provided and it’s quite possible that other data that could identify the person as they browse the web could be determined using other data and/or over time.

This is one of many privacy issues that I believe the library world not only needs to disclose to users and provide info about what can be done to make this and other unencrypted data sent over the Internet and wi-fi more secure. If nothing else it’s a great education opportunity for libraries.

Again, as I’ve said on many other privacy matters it’s not about simply about eliminating a service and all will be ok.

That would be both silly and unrealistic.

What it’s about is awareness, disclosure, education (of users and staff) and in this case working together to come up with a better way to handle the situation.

Gary Price About Gary Price

Gary Price (gprice@mediasourceinc.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. Before launching INFOdocket, Price and Shirl Kennedy were the founders and senior editors at ResourceShelf and DocuTicker for 10 years. From 2006-2009 he was Director of Online Information Services at Ask.com, and is currently a contributing editor at Search Engine Land.

Share