Protecting library user privacy and keeping confidential information that identifies individuals or associates individuals with their use of library books, materials, equipment, programs, services, facilities, and/or staff assistance is an important principle of the library. This policy affirms the library’s commitment to privacy, explains the information that the library collects, and alerts visitors to library facilities and users of remotely accessed library services of the privacy choices available to them.
Definition of terms
- Privacy is the right to seek information through library resources without having the subject of interest known or examined by others
- Confidentiality exists when the library possesses personally identifiable information and keeps that information private on the patron’s behalf
- Personally identifiable information is information such as name, library card number, email or mailing address, telephone number, or any financial information relating to a patron and his or her accounts
Legal protections and exceptions
Wisconsin law has strong protections in place to assist the library in keeping records confidential. In certain circumstances, library records may be subject to disclosure to law enforcement officials under provisions of state law or federal law under the provisions of the USA Patriot Act (Public Law 107-56). In accordance with the USA Patriot Act, public libraries must allow an immediate search and possible seizure of equipment or information if presented with a FBI National Security Letter or Foreign Intelligence Surveillance Act Warrant. Staff members are provided training in handling requests from law enforcement.
The relevant Wisconsin laws concerning the confidentiality of library records are Wisconsin Statutes Section 43.30 and the Wisconsin Personal Information Practices Act (Sections 19.62 to 19.80). Library records include any record of use of library materials, resources, or services.
Wis. State Statute 43.30 requires that library records may only be disclosed under the following circumstances:
- With the consent of the individual library user
- To a custodial parent or legal guardian of a juvenile under 16 years of age
- By court order
- Upon the request of a law enforcement officer who is investigating criminal conduct alleged to have occurred at the library. In this instance, the library shall disclose all records pertinent to the alleged criminal conduct that were produced by a surveillance device under the control of the library
- To persons acting within the scope of their duties in the administration of the library or library system
- To other libraries for interlibrary loan purposes in accordance with the standards set forth in Wisconsin Statute Sections 43.30(2) and (3)
- To a qualifying third party1 to assist with delinquent accounts. Under the provisions of the law, the library may only disclose the individual’s name, contact information and the quantity, types and value of unreturned materials, not the titles of the items
The library avoids creating unnecessary records and retaining records longer than needed for library business purposes. The library’s circulation module is executed by the Bridges Library System and the policies on retention are therefore set by the system rather than individual libraries.
- To receive a library card, library users are required to provide identifying information such as name, birth date, picture ID, and physical as well as mailing address (if different). The identifying information is retained, as long as the library user continues to use the library card. In most cases the information will be in the database for a maximum of three years after the person stops using the library card at which time the record is deleted.
- A library user’s circulation record includes current identifying information, items currently checked out2 or on hold, as well as overdue materials and fines.
- Ninety days after an item is returned, the Library System removes the information regarding the last patron to check it out which deletes the patron from the item history log. If the item had associated fines, the fine transactions are saved.
- The library may also gather information necessary to provide a requested service to a library user including but not limited to the following examples:
- Records for interlibrary loan requests or reference services
- Records needed to sign up for or participate in library classes and programs
- Records for use of meeting room
- Records for receiving emails and/or text messages about library services and programs
- Once there is no longer a need for the information, personally identifying records are destroyed. Emails sent to library staff may be subject to open records requirements.
- The library treats records as confidential in accordance with Wisconsin State Statute (43.30). The library will not collect or retain private and personally identifiable information without the person’s consent. If consent to provide personally identifiable information is given, the library will keep it confidential and will not sell, license or disclose it to any third party, except for purposes described by the law.
Protecting a patron account
It is the patron’s responsibility to notify the library immediately if a library card is lost or stolen or if he or she believes someone is using the card or card number without permission. The library recommends these precautions:
- Log off systems after use
- Don’t share the library card, user IDs, or passwords
- Select passwords which are easy to remember, but difficult for others to guess by including a mixture of numbers, symbols, and/or upper and lowercase letters
Keeping account information up-to-date
A patron may access his/her personally identifiable information held by the library and is responsible for keeping the information accurate and up-to-date. The purpose of accessing and updating personally identifiable information is to ensure that library operations can function properly. A patron may view or update his/her personal information in person. He or she may be asked to provide some sort of verification or identification card to ensure verification of identity.
Parents and children
For the protection of patrons, parents seeking records of their minor child, under age 16, may be asked to provide proof of their child’s age as well as evidence they are the custodial parent. According to Wisconsin State Statute 3.30(1b)(1a) “Custodial parent” includes any parent other than a parent who has been denied periods of physical placement with a child under s.767.41(4).
Items on hold
Items placed on hold for library patrons are shelved by the patron’s initials for pick-up in the public areas of the library. Patrons of any age may choose to have other people pick up their holds. Holds will be checked out on the library card presented at the time of check-out.
Public computer use and the library’s automation systems
The library routinely and regularly purges information that may be linked to library users, such as information from web servers, mail servers, computer time management software, interlibrary loan requests, and other library information gathered or stored in electronic format.
The Library System maintains the online catalog and a number of databases. The Library System automatically collects and maintains statistical information about library users’ visits to the library catalog and databases. This information includes the IP address of the visitor, the computer and web browser type, the pages used, the time and date, and any errors that occurred. This information is used for internal reporting purposes and individual users are not identified. Network traffic is monitored to identify unauthorized attempts to upload or otherwise damage the web service. If a library user chooses to pay fines and fees via credit card, the credit card number is not stored in the user’s library account; it is simply passed through to the payment processor.
The library’s website contains links to other sites including third party vendor sites. The library is not responsible for the privacy practices of other sites which may be different from the privacy practices described in this policy. The library encourages library users to become familiar with privacy policies of other sites visited, including linked sites.
The library website does not collect personally identifying information from visitors to the website unless the patron requests a service via the library website. The library may collect non-personal information from visitors to the website for statistical analysis, site assessment, server performance, authentication, troubleshooting and other management purposes. Examples of non-personal information collected include Internet Protocol (IP) address of the computer, the type and version of browser and operating system the computer uses, geographical location of the network used to link to the library’s site, and time and date of the access. There is no link to personally identifiable information in computer communications, unless a patron has provided that information in the content of a transaction, for example, filling out an online form to request a service.
The library uses temporary “cookies” to maintain authentication when a patron is logged in to the online catalog. A “cookie” is a small text file that is sent to a user’s browser from a website. The cookie itself does not contain any personally identifiable information. Other electronic services offered by the library through third party vendors may use “cookies” to help control browser sessions. Websites may use the record of “cookies” to see how the website is being accessed and when, but not by whom.
Library database users are asked for their library card number to ensure that only authorized users have access. Database vendors do not have access to any user records or information.
The library offers free wireless access (Wi-Fi) for library patrons to use with their own personal notebooks, laptops and other mobile devices. These access points are unsecured. A patron’s use of this service is governed by the library’s internet policy.
Due to the proliferation of Wi-Fi networks, library users may also be able to access other Wi-Fi networks within the building that are not provided by the library. Use of these non-library wireless networks within the library’s facilities is also governed by the library’s Internet Policy.
As with most public wireless “hotspots,” the library’s wireless connection is not secure. Any information being transmitted could potentially be intercepted by another wireless user. Cautious and informed wireless users should choose not to transmit personal information (credit card numbers, passwords and any other sensitive information) while using any wireless “hotspot.” Use of the library’s wireless network is entirely at the risk of the user. The library disclaims all liability for loss of confidential information or damages resulting from that loss.
Some patrons may choose to take advantage of hold and overdue notices via e-mail or text message, and similar services that send personally identifiable information related to library use via public communication networks. Patrons should also be aware that the library has limited ability to protect the privacy of this information once it is outside the library’s control.
The library takes photos at library programs and they may be posted to the website or used in promotions. Patrons are advised to step to the side or notify library staff members if they do not wish to be in photographs.
In order to maintain a safe and secure library, selected public areas of the library premises are under continuous video surveillance and recording.
Images from the library surveillance system are stored digitally. It is the intent of the City of Delafield to retain all recorded images for a minimum of thirty days, or until image capacity of the system is reached. Then, the oldest stored images will be automatically deleted to make room for new images. Typically, images will not be routinely monitored in real-time, nor reviewed by city personnel, except when specifically requested to by Library Director.
Illegal activity prohibited and not protected
Patrons may conduct only legal activity while using library resources and services. Nothing in this policy prevents the library from exercising its right to enforce its Code of Conduct, protect its facilities, network and equipment from harm, or prevent the use of library facilities and equipment for illegal purposes. The library can electronically log activity to monitor its public computers and external access to its network and reserves the right to review such logs when a violation of law or library policy is suspected. Staff is authorized to take immediate action to protect the security of library patrons, staff, facilities, computers and the network. This includes contacting law enforcement authorities and providing information that may identify the individual(s) suspected of a violation.
Enforcement and redress
Patrons with questions, concerns, or complaints about the handling of his/her personally identifiable information or this policy may file written comments with the Director. A response will be sent in a timely manner and the library may conduct an investigation or review of practices and procedures. The library conducts such reviews as necessary to ensure compliance with the principles outlined in this policy.
The Director is custodian of library records and is authorized to receive or comply with public records requests or inquiries from law enforcement officers. The Director may delegate this authority to designated members of the library’s management team. The Director confers with the Municipal Attorney before determining the proper response to any request for records. The library will not make library records available to any agency of state, federal, or local government unless a subpoena, warrant, court order or other investigatory document is issued by a court of competent jurisdiction, showing good cause and in proper form. All library staff are trained to refer any law enforcement inquiries to the Director.
This policy may be revised to reflect changes in the library’s policies and practices or to reflect new services and content provided by the library. Patrons are encouraged to check this document periodically to stay informed of the library’s current privacy guidelines
Adopted by the Delafield Public Library Board of Trustees on February 15, 2017
1Qualifying third parties are:
- a collection agency
- a law enforcement agency, but only if the dollar value of the individual’s delinquent account is at least $50
2Patron records show current checkouts. When an item is returned, it is removed from the patron’s checkout list. However, patrons who sign up for the reading history service will have their checkout history saved instead of purged. The user has the option to turn off the service and delete his/her reading history at any time.