• Subcribe to Our RSS Feed

Privacy and Cloud Computing in Public Libraries – Frequently Asked Questions

The Center for Information Policy Research recently launched a new project studying privacy and cloud computing in public libraries. We’ve provided answers to some frequently asked questions about the initial phase of the project, focusing on libraries who are implementing the BiblioCommons cloud-computing platform:

What is the purpose of the project?

The research study will help us understand how libraries are implementing third-party cloud computing services, how these implementations might impact patron privacy, and how libraries are responding to these concerns. The first phase of this project is to investigate and compare how public libraries are implementing the BiblioCommons cloud-computing platform, which delivers an enhanced and interactive online catalog for their patrons. Our goal is to understand what is happening, try to identify trends, good practices, and yes, perhaps some gaps. But all in the service of helping libraries deal with these complex issues. The best result would be having better information to help guide best practices, help libraries identify where they could take more steps, and share others’ successful strategies for addressing patron privacy.

What will the outcomes be?

The results of the research will include a summary report of findings, and the development of a set of best practices to guide future implementations of cloud computing in public library settings, with the goal of finding a suitable balance between the need to provide innovative technology-based services while also protecting patron privacy.

What documents have been requested from libraries?

To support this research, we have asked participating libraries to provide the following information:

  1. All contracts, agreements, or related legal/vendor documents the Library might have with BiblioCommons, its partners, or representatives.
  2. All internal policies, documented procedures, or other materials related to the initial installation and continued implementation of BiblioCommons products and services.
  3. All notices provided to patrons related to the Library’s collection and use of patron data, including the Library’s privacy policy (if one exists), user/patron agreements, or related materials.

Why are we using open record requests?

We are using open records laws to request this information from public libraries because we want to assemble data that is as complete as possible. While we considered asking libraries to voluntarily send us the requested information, we could not guarantee suitable response rates or timely compliance. Nearly all libraries — as public institutions — are subject to open records laws in their state. We understand the burden public record requests place on libraries and their staff, and we’ve made arrangements to provide extensions beyond the timing required by law, and have expressed willingness to pay for reasonable copying and processing expenses.

What will we do with the information gathered?

The documents gathered will be processed, analyzed, and compared by members of the CIPR project team. We will be looking for any differences in materials, approaches, and implementations across different participating libraries. We will try to identify best practices and areas where additional focus on patron privacy could be warranted. Our summary findings will be published in a publicly-available white paper, and will be used to inform the creation of best practices in collaboration with the broader library and advocacy community.

Will the results be shared with the participating libraries and the public?

Yes, all results of the project will be shared and made publicly available.