From The Guardian:
The New York Public Library (NYPL) changed its privacy policy on Wednesday to emphasize its data-collection policies. Last week, the NYPL website stated that “any library record or other information collected by the Library as described herein is subject to disclosure pursuant to subpoena, court order, or as otherwise authorized by applicable law”.
Now, the page reads: “Sometimes the law requires us to share your information, such as if we receive a valid subpoena, warrant, or court order. We may share your information if our careful review leads us to believe that the law, including state privacy law applicable to Library Records, requires us to do so.”
Read the Complete Article
Comment by Gary Price, Founder/Editor of infoDOCKET.
Good to see what’s reported here. HOWEVER, what are libraries doing to make sure vendors also have strong (or strengthen) current privacy policies? What are libraries doing to CLEARLY disclose these issues to users?
In the Internet age libraries are not insular organizations. Our data and the data that users generate just doesn’t sit on our servers in our libraries.
One example? Sure. It’s one we’ve mentioned many times on infoDOCKET during the past several years.
Are libraries (in the U.S.) that provide ebooks to users (via OverDrive) CLEARLY disclosing that when a user borrows a book and places the book on their Kindle the borrow record is stored (along with any notes made in the ebook) in perpetuity on Amazon’s servers UNLESS the library user manually removes the record/data?
This issue could be solved with a simple disclaimer/explanation appearing every x months when a user selects a book to place on their Kindle device along with instructions on how to remove the material from the Amazon server if so desired.
If every EU website has to disclose use of cookies we can do something similar by alerting and educating our users on this and many other privacy issues.
Finally, when was the last time your library reviewed their privacy policy?
About Gary Price
