Grounded in the American Library Association’s Code of Ethics, the University Library strives to include these principles into its policies and practices:
1. Privacy, confidentiality and data security are service priorities for the Library.
2. We will create and regularly review policies and procedures for all Library activities that impact our patrons’ privacy or the confidentiality and security of their personally identifiable data.
3. We will collect only the data necessary to provide, improve, and sustain excellent service.
4. We will retain data only as long as needed to provide, improve, and sustain excellent service.
5. We will inform users of Library resources and services about the Library’s personally identifiable data collection practices, including:
a. what types of data we collect;
b. what types of data we preserve;
c. how we use such data;
d. who has access to it;
e. how long we keep it;
f. mechanisms for opting out or opting in to personal data collection, when such exist;
g. the steps we take to assure the confidentiality and integrity of the data;
h. the distinction between services and data under the Library’s control and services and data controlled by third parties, such as database vendors;
i. links to third party policies, when available.
6. Whenever possible, we will give users a choice about whether their data is collected and/or which data are collected and the default approach will be “opt out.”
7. Whenever possible, we will provide alternative channels for users to receive information or help (e.g. chat reference, telephone reference, face-to-face reference, etc.) and will explain the privacy ramifications of different choices.
8. Whenever possible, we will allow individuals to view the personally identifiable data we have collected about them and to verify its accuracy and, if necessary, correct or update it.
9. We will take reasonable steps to assure that the data we collect is accurate and to preserve its integrity and security.
10. We do not sell personal data. We will not share it with third parties except when necessary to maintain or improve Library services, and with stated safeguards for privacy and data security.
11. We will educate our staff to understand and apply these principles and to follow Library policies and procedures to implement them.
12. We will strive to educate library users about privacy, confidentiality, and data security, not only about Library content and services, but also about related larger issues in the information landscape.
13. We will monitor trends in privacy standards and practices and will modify Library practices as appropriate. In addition, we will consider proactive unilateral and collaborative initiatives to foster privacy in library (local and global) digital environments.