[Editor’s note: Aude Charillon (Library and Information Officer, Newcastle Libraries) and Jenny Peachey (Senior Policy and Development Officer, Carnegie UK Trust) write about a new guide to privacy for public library staff]
Data privacy concerns
Research by the Carnegie UK Trust has found that concern around data privacy is significant: around 75% of the UK respondents were at least fairly concerned about the privacy and security of their personal data online. Whilst personal confidence in managing access to personal data online is also high (72% saying they are fairly or very confident), this statistic is self-reported confidence - and the genuine ability to protect oneself online is uncertain. Indeed, there is evidence that suggests the public’s level of concern regarding online data privacy is often not reflected in the steps they take to secure their personal information and that the behaviour they consider to be secure is not always so.
Public library staff have a critical role to play when it comes to both supporting the privacy (including online privacy) of library users when they access the library service, and in enabling users to make informed decisions about the privacy trade-offs involved in navigating the online world. In a digital age, when more and more of us are concerned about how our personal data is used, there is an opportunity for public libraries to be at the forefront of tackling this emerging challenge through supporting people to manage their privacy.
What should libraries be doing about this?
To this end, the Carnegie UK Trust, CILIP and Newcastle libraries have published a new guide to privacy for public library staff. The guide is designed to help library staff consider the data their library service collates, holds and shares, and how privacy-friendly their systems and resources should be. It also outlines steps that can be taken by library staff seeking to enhance the approach to privacy across different aspects of their service.
Many library staff will find that they have already taken some of those steps. Leading the way explains the context to each step and what the next action should be. Some steps will need to be agreed at a senior level while some can be championed by all staff.
For example, one chapter is dedicated to library systems. It explains how data privacy is related to data security - from the importance of keeping systems up-to-date to using HTTPS for library web pages and being careful with internet cookies.
When it comes to systems used by library staff and citizens, steps towards better privacy include:
- checking that the library service is running the latest updated versions of its systems
- teaching colleagues how to create strong passwords (or even better: passphrases) so they can use these for logging into library systems and when supporting library users
- ensuring transaction logs from systems are anonymised and/or deleted when it is not necessary for that information to be retained any longer
There is obviously more to library systems and a lot more in the guide in general - but you’ll just have to read it to find out the detail!
Do read and use the guide and share your good practice in supporting library users.
Please note, this is a guest blog. Views expressed here do not necessarily represent the views of DCMS or the Libraries Taskforce.