At its 14 August 2015 meeting in Cape Town, South Africa, the IFLA Governing Board endorsed an IFLA Statement on Privacy in the Library Environment. The FAIFE Committee oversaw preparation of the Statement and benefitted from consultation with IFLA units and various Internet civil liberties advocacy organisations.
This new Statement on Privacy in the Library Environment is intended to give guidance to libraries and information services in an environment that includes mass surveillance by governments and routine user data collection by commercial interests that provide content or services through the Internet. Risks to library users’ privacy might arise through their use of search or social media applications on the Web or their use of library platforms and content that collect data on end users.
The statement describes current challenges to the protection of user privacy for libraries and information services, outlines relevant international statements of privacy as a right and identifies related IFLA policies. Finally, the Statement on Privacy in the Library Environment offers recommendations to libraries and information services around both advocacy for privacy protection and practical measures to protect user privacy in libraries. It recognises that libraries and information services have little ability to affect some kinds of data collection about their users, and encourages appropriately adjusting local library data collection practices, considering privacy concerns in procuring platforms and services, informing and educating users of risks and best practices, and participating in community efforts to promote the protection of privacy.
Recommendations From the IFLA Privacy Statement
- Library and information services should respect and advance privacy both at the level of practices and as a principle.
- Library and information services should support national, regional and international level advocacy efforts (e.g. by human rights and digital rights organisations) to protect individuals’ privacy and their digital rights and encourage library professionals to reflect on these issues.
- Library and information services should reject electronic surveillance and any type of illegitimate monitoring or collection of users’ personal data or information behaviour that would compromise their privacy and affect their rights to seek, receive and impart information. They should take measures to limit collection of personal information about their users and the services that they use.
- While government access to users ́ data and data surveillance cannot be completely avoided, library and information services should ensure that intrusion in users’ information or communications by government is based on legitimate principles for such practices and necessary and proportionate to legitimate aims (e.g. described in “International Principles on the Application of Human Rights to Communications Surveillance”).
- When library and information services provide access to resources, services or technology that may compromise users’ privacy, libraries should encourage users to be aware of the implications and provide guidance in data protection and privacy protection.
- Library and information services should support their users’ ability to make informed choices, take legitimate actions and weigh risks and benefits in their communications and use of services on the Internet.
- Data protection and privacy protection should be included as a part of the media and information literacy training for library and information service users. This should include training on tools to use to protect their privacy.
- The education of library and information professionals should include data and privacy protection principles and practices in a networked environment.