1. Personally identifiable information about Library patrons and their use of the Library is private. The Library shall not disclose such information to anyone except in the following cases:
a) If required by law, pursuant to a valid subpoena, warrant, court order or other investigatory document;
b) On written consent of the patron; or
c) When absolutely necessary for the effective operation of the library, and then to the narrowest extent possible.
2. All requests for information must be addressed to the Director, who shall consult with the Trustees and legal counsel when appropriate.
3. Patrons who use library services requiring personally identifiable information are entitled to view their own records.
4. Patrons who fail to return materials in a timely manner will be deemed to have waived their right to confidentiality insofar as is necessary for the Library to retrieve the missing material or secure appropriate compensation for its loss.
5. The Library will make a good-faith effort to notify patrons of any changes in the law or policies pertaining to Library use that may affect patrons’ privacy or intellectual freedom.
6. Patrons who have questions, concerns, or complaints about the Library's handing of their privacy and confidentiality rights should file written comments with the Director. All such comments will be investigated, and responded to when appropriate.
Policy rationale. The Library’s commitment to patrons’ privacy and confidentiality is rooted not only in the law but in the ethics and practices of librarianship as defined by the American Library Association and affirmed by the Board of Trustees.
The possibility of surveillance, whether direct or through access to records of speech, research and exploration, undermines a democratic society. Therefore, the Library will not share data on any individual with third parties unless required by law, directed by that patron, or compelled by circumstances relating to the Library’s effective function.
Patrons should be aware that the USA PATRIOT Act and other recently enacted laws, regulations, and guidelines increase the likelihood that their activities, including their use of computers to browse the Web or access e-mail, may be under government surveillance without their knowledge or consent. Under the Act, the FBI may obtain access to all personally identifiable information, including books and other materials checked out; searches done on Library computers, including places visited on the Internet; books and other materials borrowed through interlibrary loan; when and where patrons have signed up to use library computers, study rooms, and the like; and notes taken by librarians when helping patrons with questions. The Act also prohibits Library personnel from notifying a patron under suspicion, the press, or anyone else that an investigation is underway.
Information needed for core services. The Library avoids creating unnecessary records and retaining records unnecessary to the fulfillment of its mission. It does not engage in practices that might place private information on public view. It must, however, gather and retain certain information about current patrons in order to provide services, including information pertaining to registration, circulation, and electronic access. (Examples of such information would include name, e-mail address, library card barcode, phone number or home address.) All personally identifiable information is kept confidential and will not be sold, licensed or disclosed under any circumstances except those enumerated in the Statement of Policy.
Records of use. Links between patron records and materials borrowed are deleted when items are returned, and other records are deleted as soon as the original purpose for data collection has been satisfied. In-house access to information in all formats is available without creating a data trail. The Library has invested in appropriate technology to protect the security of any personally identifiable information while it is in the Library's custody, and aggregate, summary data is stripped of personally identifiable information.
Third Party Security. All contracts, licenses, and offsite computer service arrangements reflect the Library’s policies and legal obligations concerning patron privacy and confidentiality. Should a third party require access to our users' personally identifiable information, our agreements address appropriate restrictions on the use, aggregation, dissemination, and sale of that information, particularly information about minors.
Internet use. When connecting to licensed databases outside the Library, patrons are identified only as members of the Library community. Nevertheless, users of networked computers will sometimes need to enable “cookies” in order to access a number of resources available through the Library. (A cookie is a small file sent to the browser by a Web site each time that site is visited.) Library servers use cookies solely to verify that a person is an authorized user in order to allow access to licensed library resources and to customize Web pages to that user's specification. Cookies sent by Library servers disappear when the user's computer browser is closed, and the Library does not share cookies information with third parties.
Staff Access to Personal Data. Only authorized Library staff members with assigned confidential passwords may access personal data stored in the Library's computer system for the purpose of performing library work.