June 3, 2015 Meeting of Privacy Policies Implementation Team

The team discussed the charge, noting that the charge and membership have not yet been formally approved by the Executive Committee:

Charge

Building upon the work of the Privacy Policies Working Group, this team is charged with developing procedures for reviewing and maintaining the Library’s policies regarding personal privacy in the use of Library materials and related Library records, and providing an articulation of these policies to our users. In addition, the group will identify gaps in current policy and practice regarding privacy and engage in the development of new policies, guidelines and best practices. Finally, the Group will consider and make recommendations on the Library’s role in educating our users about the privacy and security of their library records.

Scope

The work of this group should include, but not be limited to, the following issues:
• Patron privacy regarding the use of materials
• Patron privacy regarding the use of electronic media
• Retention/disposal of records to support library services, research, security and related activities
• Investigation of other areas for development of training related to privacy awareness for staff and users
• Recommendations regarding implementation and dissemination of privacy policies and best practices

The previous Privacy Policies Working Group identified and reviewed existing policies, which are listed in an appendix to its report. The Implementation Team should not need to re-do this work, but rather determine a review cycle for each policy and determine how to organize ongoing, periodic reviews. The Team should discover/determine the “owner” of each policy. In addition, the Team should develop an overall, ongoing method for policy review. We discussed lodging the responsibility with a successor standing committee devoted to privacy matters; with a more broadly charged committee on Library policies; with EC or AC depending on the type and origin of the specific policies; with the existing User Services Advisory Committee; or with the AUL for User Services. The AUL for User Services must play a leading role; the role of committees will be discussed further. Our Team should develop a rubric for evaluating policies.

Prior to the meeting, Sue sent members a link to slides from a presentation that Lisa attended during the 2015 LACUNY Institute, “Library Privacy Policies in 2015: Strategies for Renewed Relevance” by Percy Wise, a librarian at Multnomah County Library. Sue noted the bibliographic references at the end of the slide set. She distributed MCL’s posted policy on “Privacy and Confidentiality of Library Records” as a model. Lynne reported that the previous Working Group examined a number of policies from other libraries and used the ALA Privacy Tool Kit (http://www.ala.org/advocacy/privacyconfidentiality/toolkitsprivacy/privacy) in drafting the “University Library Privacy Policy” that accompanied the Working Group’s report. This policy has not been formally approved by the Executive Committee and therefore is not currently linked from the Library website. The Privacy link at the bottom of the Library home page points to http://www.vpaa.uillinois.edu/policies/web_privacy.cfm.

The Team briefly brainstormed a list of “gaps in current policy and practice.” In addition to areas listed in the Working Group report (reference service/chat data; librarians’ research data; special collections user registration; web analytics and cookies; training on disposal of call slips; training on response to requests for information), we identified third-party practices, social media, RDS, and job applicant information as areas for further examination.

Because of the July 31 deadline to complete our charge, weekly meetings have been scheduled through the end of July, with the understanding that probably no member (including the chair) can attend all of them. We will use Box and email to communicate between meetings.

ACTION ITEMS:

• SUE will remind John Wilkin that the Executive Committee still needs to approve the charge and membership, as well as approve the “University Library Privacy Policy” that was submitted by the previous Privacy Policies Working Group and revised per EC’s suggestions.
• LYNNE will create a Box account for the team, and will transfer into it relevant documents created by the Working Group, including a matrix of existing policies, their last revision dates, and their audiences.
• SUE will inquire about the status of the RBML privacy notice, which was under development.