Digital Privacy & Technology Guide: ILS Data & Vendors
This guide provides an overview of digital privacy and the tools needed to protect libraries and its users, and thwart surveillance of our communities. This guide was developed by Library Freedom Project and Massachusetts Library Association.
Any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual‘s identity and any other information that is linked or linkable to an individual.
Two learning modules designed to strengthen librarian's understanding of what happens to patrons’ data and best practices for patron privacy. Learners will review data flows for common tasks at the library - writing an email, web searching, borrowing eBooks - and learn common influences on data flows - state/federal law, library data privacy policies, and company policies.
January 2021 article from the Journal of Business Research that provides an overview of methods to reconcile the competing needs to secure patron privacy and to gather actionable analytics about their activity.
ALA's Privacy Guidelines are intended to provide libraries using LMS with information about appropriate data management and security practices in respect to library users' personally identifiable information and data about their reading habits and use of library resources.
ALA's checklist is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in the Library Privacy Guidelines for Library Management Systems (LMS) / Integrated Library Systems (ILS).
Provide libraries with information about appropriate data management and security practices in respect to library users' personally identifiable information and data about their reading habits and use of library resources.
ALA's checklist is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in the Library Privacy Guidelines for Library Websites, OPACs, and Discovery Services.
Digital Library Federation's guide to a Data Risk Assessment, which they describe as a process of identifying data the library collects about users, understanding how it manages that data, identifying the risks associated with that data, and then selecting an appropriate risk mitigation strategy.
This project seeks to use the power of library licensing agreements to effect change in third-party platform practices in order to bring them into alignment with library values of privacy, confidentiality, and respect for user control over their own data.
This rubric evaluates data privacy criteria in content platform vendor contracts and privacy policies and aims to assist libraries in identifying potential data privacy risks so that libraries can determine how to address these risks with vendors.