Introduction
The University Library at the University of Illinois at Urbana-Champaign is committed to the protection of privacy for users in compliance with all federal and state laws and professional standards related to the personal information of our users. These include the:
- Illinois General Assembly, (75 ILCS 70/) Library Records Confidentiality Act
- U.S. Departments of Health and Human Services HIPAA Privacy Rule
- U.S. Department of Education’s FERPA
- American Library Association’s (ALA) Professional Code of Ethics
We firmly ascribe to Item 3 of the ALA Code of Ethics which states, “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” A complete list of links to the various policies in effect can be found in the appendix to this document.
Library servers are administered by the Library, as part of the Urbana campus network. Servers on the campus network are governed by several University and campus policies and standards, including Appropriate Use. The campus requires that any unit with servers keep log files of user activity, which is detailed in the Campus Administrative Manual. Technology Services uses security and network monitoring tools, and retains log files of network activity that may record the user ids (for remote access users), timestamps and commands issued. Log files are stored on secure, restricted access servers, and may be retained by the Library or Technology Services for a minimum of 90 days or upwards, depending on whether there is a specific business need to retain the information. See the pages of the Office of the Chief Information Officer for the campus for more information on these policies.
Information collected regarding the use of resources at the University Library
It is necessary to collect certain kinds of information from you, the user, for the regular functioning of the University Library. We receive personally identifiable information from the campus administration indicating that you are a member of our academic community and, if you are a community user, essential information will be collected about you related to your library account. This information is necessary for the legitimate purposes of locating or recalling library materials, processing overdue notices and fines, adding or deleting names to the database, making collection development decisions, resolving billing matters, or investigating violations of Library circulation policies. These policies on privacy are currently in place as well for the use of digital tools that have been developed by the Library including various applications for mobile access.
Specific guidelines are in place for Library Staff regarding requests for library patron information. Any request for confidential information from patron records coming from a law enforcement officer or investigative agent of the state or federal governments, MUST be referred to the University Librarian.
Interlibrary Loan confidentiality policy
The Interlibrary Loan Department of the University Library strictly adheres to the Interlibrary Loan Code for these transactions articulated by the Reference and User Services Association (RUSA) of the ALA. The only purpose for which identifying personal information is retained is for the legitimate purposes of locating or recalling library materials received from other institutions. Personal identifying information used to notify you of the availability of your loan is destroyed when you pick your loan up, leaving only the electronic circulation record of the transaction.
Use of Local Online Resources
The advent of electronic resources for library users has complicated privacy matters. Policies relating to the use of network resources at the University of Illinois include the Policy on Appropriate Use of Computers and Network Systems at the University of Illinois at Urbana-Champaign and the Web Privacy Notice issued by the Office of the Vice President for Academic Affairs. When you are accessing information through the use of a library computer or network, we track the following information:
- Browser type
- Internet address (IP)
- Operating system type
- Web address of the page from which you linked to our site
- Date and time of the session.
We also employ web analytics to record the information listed immediately above. This software uses “cookies” to help us track this information and often these are necessary to maintain your session and preference settings in various electronic databases.
Except as mentioned for circulation purposes, the Library does not collect personally identifiable information such as your age, address, gender, ID numbers, name, or phone number. When you use our reference and/or chat services, we use the identifying information that you provide for the purpose of delivering the requested services to you and for the purpose of the Library’s research to improve library services and information retrieval systems. This information is not retained longer than necessary to provide specified services to you or as specified in any Library research project proposal where it is required to be anonymized. We do not make it available outside of the Library or for other purposes, except as required by law or appropriate law enforcement procedures. Please see more about Data Retention for Research Use below.
Specialized Resources and Policies
Some of the units associated with the University Library maintain slightly different policies related to the use of their resources. The University of Illinois Archives has a separate Website Privacy Notice and the Rare Books and Manuscripts Library provides information on their policies for first-time users in addition to adhering to the ACRL Code of Ethics for Special Collections Librarians and the ACRL/SAA Joint Statement on Access to Research Materials in Archives and Special Collections Libraries.
The IDEALS Institutional Repository has a separate policy related to privacy which indicates:
“While IDEALS does track the number of times an item in IDEALS is downloaded as well as search queries (from both search engines as well as those entered into IDEALS itself), we do this in the aggregate and do not release the individual IP address of the machines that visit IDEALS as specified in the Privacy Policy of the University of Illinois…Any IP addresses collected are purged after three months.”
Other aspects of Library privacy
It is the policy of the University of Illinois to require permission to video/audio tape, film or take photographs within campus units. For more information about this policy and the forms that are required please go to Photographic, Video, and Audio Recording in Library Facilities and the Campus Policy on Photography/Talent Release Forms. These policies exist to protect your privacy while you are using the Library and its materials.
The University Library participates in a system of Campus security cameras. Specific policies apply to the use of these cameras and the retention of the images which they collect. These can be found in the Security Camera Policy that is part of the Campus Administrative Manual and are supplemented by state law that prohibits the recording of identifying information related to the specific material you might be using in the Library.
The University Library has security cameras installed at the exterior entries of the Main Library, Undergraduate Library, Grainger Engineering Library, ACES Funk Library, and the Oak Street Library Facility along with interior entry cameras in the Undergraduate Library, ACES Funk Library and Rare Book and Manuscript Library. The recorded image resolution does not allow legibility of patron material being read or checked out. Security camera recordings are kept for a minimum of 30 days and no longer than 120 days per the Campus Security Camera Policy.
Date Retention for Research Use
Research on user behavior in the Library is conducted under the rules and regulations of the Institutional Research Board for the protection of human subject at the University of Illinois at Urbana-Champaign. You can learn more about this process at the Office for the Protection of Research Subjects or by contacting that office at (217) 333-2670 with your questions and concerns. It is common for any data used in research to improve our library services to be anonymized in the collection and assessment of usage data.
Policies related to the use of social media
Blogs, Twitter accounts and other social media tools are used by various units of the University Library to communicate with our users and our departments. See the Technology Services page on Social Media Safety for more information.
Information collected by third-party tools in the University Library
The University Library subscribes to a large number of databases and contains links to a wide range of websites. We strongly urge you to carefully read the policies associated with these resources when you use them, because personal information that you provide could be mined for marketing or other purposes. The policies of these entities are not within our ability to control although the Library negotiates with these parties to assure the respect for the confidentiality of the information they gather. These policies are usually available at the website of the publisher or provider. Some examples include EBSCO’s EIS Products and Services Privacy Policy, ProQuest Congressional Privacy Policy, Elsevier’s Scopus Privacy Policy and you can usually find a link to others at the bottom of their main entry page. We would note that you should carefully consider setting up personal accounts on third party resources such as “My Research”, “My Folders”, or other accounts with publishers that require you to provide personally identifying information. The University Library does not have control over access to these accounts or the use of the information you provide there.
If you have further concerns related to the protection of your private information when you are using the University Library, please contact the Office of the University Librarian at (217) 333-0790.
Approved By: University Library Administrative Council (AC); University Library Executive Committee (EC)
Original Date of Approval: May 18, 2015 (AC); June 8, 2015 (EC)
Review cycle: Every 2 years, including related University Library policies.
Change History: Approval history added May 5, 2016