Privacy Audit of Public Access Computers and Networks at a Public College Library

Authors

  • Katelyn Angell CUNY School of Medicine

DOI:

https://doi.org/10.5860/ital.v42i3.16233

Keywords:

privacy audit, academic libraries, public computers, confidentiality

Abstract

In 2021, the assessment-data management librarian at Lehman College Library decided to conduct a privacy audit of the Library’s public computers and networks. This audit comprised one of the Library’s two annual formal assessments of resources and services. The American Library Association’s (ALA) Library Privacy Checklist for Public Access Computers and Networks was selected to review 17 key items related to protecting user privacy and confidentiality. Faculty and staff from Circulation, Library Technology, and Online Learning identified 10 indicators needing work. Suggestions are provided for collaboratively resolving these issues and future steps are described to continuously maximize the online security of the campus community.

References

American Library Association, “Library Privacy Checklist for Public Access Computers and Networks,” January 2020, https://www.ala.org/advocacy/privacy/checklists/public-access-computer.

American Library Association, “Library Privacy Guidelines for Public Access Computers and Networks,” January 2020, https://www.ala.org/advocacy/privacy/guidelines/public-access-computer.

American Library Association, “Library Privacy Guidelines for Vendors,” January 2020, https://www.ala.org/advocacy/privacy/guidelines/vendors.

American Library Association, “Privacy Audits,” October 2021, https://www.ala.org/advocacy/privacy/audits#:~:text=Privacy%20audits%20are%20procedures%20to,liability%20and%20public%20relations%20problems.

Chris Matz, “Libraries and the USA Patriot Act: Values in Conflict,” Journal of Library Administration 47, no. 3/4 (2008): 69–87, https://doi.org/10.1080/01930820802186399.

Christina L. Wissinger, “Privacy Literacy: From Theory to Practice,” Communications in Information Literacy 11, no. 2 (2017): 378–89, https://files.eric.ed.gov/fulltext/EJ1166461.pdf.

CUNY Libraries, “CUNY Libraries’ Privacy Statement,” January 2019, https://www.cuny.edu/about/administration/offices/library-services/policies/patron-privacy/.

Donna Riehl, “Students’ Privacy Rights in School Libraries: Balancing Principles, Ethics and Practices,” School Libraries in Canada 26, no. 2 (2006), http://accessola2.com/SLIC-Site/slic/262studentsprivacyrights.html.

Erin Berman and Julie Oborny, “A Practical Guide to Privacy Audits,” YouTube video, 2018, 55:55, https://www.youtube.com/watch?v=aq5upxSSkOk.

James Temperton, “I Ditched Google for DuckDuckGo. Here’s Why You Should Too,” Wired (November 2019), https://www.wired.co.uk/article/duckduckgo-google-alternative-search-privacy.

Jason Vaughan, “Library Privacy Policies,” Library Technology Reports 56, no. 6 (2020): 1–53, https://journals.ala.org/index.php/ltr/issue/viewFile/771/537.

Joyce Chapman and Angela Zoss, “Duke Libraries Data Privacy and Retention Audit Report,” January 2020, https://dukespace.lib.duke.edu/dspace/bitstream/handle/10161/20061/DUL%20Data%20Privacy%20and%20Retention%20Audit%202020%20-%20PUBLIC.pdf?sequence=1&isAllowed=y.

Karen Coyle, “Make Sure You Are Privacy Literate,” Library Journal 127, no. 16 (October 2002): 55–57, http://www.kcoyle.net/privacy_lj2.html.

Kayla Matthews, “6 Examples of Online Privacy Violation,” Cybernews (September 2021), https://cybernews.com/privacy/6-examples-of-online-privacy-violation/.

Library Freedom Project, “Privacy Toolkit for Librarians,” May 2017, https://libraryfreedom.org/privacy-toolkit-for-librarians/.

Margaret Heller, “Creating a Privacy Policy from the Ground Up,” ACRL Tech Connect (February 2018), https://acrl.ala.org/techconnect/post/creating-a-privacy-policy-from-the-ground-up/

Mike Robinson, “Let’s Encrypt on an API Server,” Choose Privacy Everyday, 2018, https://chooseprivacyeveryday.org/resources/https-lets-encrypt/recipe-for-lets-encrypt-on-an-api-server/.

MIT Libraries, “MIT Libraries Patron Data Privacy Policy,” November 2020, https://libraries.mit.edu/about/policies/privacy-policy/.

Patrick O’Brien et al., “Protecting Privacy on the Web: A Study of HTTPS and Google Analytics Implementation in Academic Library Websites,” Online Information Review 42, no. 6 (2018): 734–51, https://doi.org/10.1108/OIR-02-2018-0056.

Rachel Gordon, “Privacy Audits in the Law Library,” July 2014, https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2461235.

San Francisco Public Library (SFPL), “SFPL Data Privacy Audit,” accessed February 2, 2023, https://sfpl.org/about-us/sfpl-data-privacy-audit

San Jose Public Library (SJPL), “Privacy Audit,” accessed February 1, 2023, https://www.sjpl.org/privacy/privacy-audit.

Shandra Morehouse et al., “Creating a Library Privacy Policy by Focusing on Patron Interactions,” in Sustainable Digital Communities, eds. Anneli Sundqvist et al. (Cham: Springer, 2020).

Trina J. Magi, “Protecting Library Patron Confidentiality: Checklist of Best Practices,” Illinois Library Association (Fall 2006), https://www.ila.org/advocacy/making-your-case/privacy/confidentiality-best-practices.

Tucker Taylor, “Library Privacy 101,” November 2018, https://www.scla.org/assets/docs/2018_Conference/Library%20Privacy%20101.pptx.

William Marden, “Choose Privacy Week 2018: Big Data is Watching You,” Journal of Intellectual Freedom & Privacy 4, no. 1 (2019): 3–4, https://doi.org/10.5860/jifp.v4i1.6885.

Downloads

Published

2023-09-18

How to Cite

Angell, K. (2023). Privacy Audit of Public Access Computers and Networks at a Public College Library. Information Technology and Libraries, 42(3). https://doi.org/10.5860/ital.v42i3.16233

Issue

Section

Articles