Protecting The Privacy of Library Users

Paul Pedley

Abstract


The purpose of this paper is to consider the best way of understanding the concept of informational privacy, including a discussion of what would be an appropriate theoretical framework and useful conceptual model; as well as how such a model can be used to investigate specific issues of library privacy.

Two methodologies were used for the research: a literature review, and a thematic analysis of three pieces of data protection legislation. The research project is still in its relatively early stages, and the intention is to use several other methodologies to test the initial findings.

Informational privacy is a derivative layer of other forms of privacy, and as such can only be properly understood in relation to each of the underlying privacy types. Where libraries rely for the delivery of their services on digital technologies provided by external vendors, they need to better understand whether and how those technologies impact upon each of the different types of privacy identified by (Koops et al. 2017).

Using three pieces of data protection legislation to identify key themes does not give a complete picture of informational privacy; nor does it fully address the wider privacy implications. A detailed review of relevant case law on privacy from the European Court of Human Rights was not undertaken as part of this project. The choice of words and phrases appearing in data protection legislation and the subsequent grouping of them into broad themes is subjective.

The observation that all library privacy scenarios have an informational privacy component alongside one or more privacy types has significant implications for information professionals intending to protect the privacy of their users; because, if correct, it means that simply complying with data protection laws does not fully address the protection of the underlying privacy types.


Full Text:

HTML PDF

References


Abrams, M. 2016. The Origins of Personal Data and Its Implications for Governance. Information Accountability Foundation.

Article 29 Data Protection, Working Party. 2017. Guidelines on Data Protection Impact Assessment and Determining Whether Processing is “Likely to Result in a High Risk” for the Purposes of Regulation 2016/679.

Barn, B.S., G. Primiero, and R. Barn. 2015. An Approach to Early Evaluation of Informational Privacy Requirements, Proceedings of the 30th Annual ACM Symposium on Applied Computing 2015, ACM, 1370-75.

Barron, S. and A. J. Preater. 2018. Critical Systems Librarianship. In The Politics of Theory and the Practice of Critical Librarianship. Edited by K. P. Nicholson and M. Seale. Library Juice Press.

Bates, J. 2018. The Politics of Data Friction. Journal of Documentation 74(2): 412.

BBC News Online. 2011 Snooping Devices Found in Cheshire Library Computers. BBC News Online.

Bishop, M., E. R. Butler, K. Butler, C. Gates, and S. Greenspan. 2013. Forgive and Forget: Return to Obscurity, Proceedings of the 2013 New Security Paradigms Workshop 2013, ACM, 1–10.

Blok, P. H. 2002. Het recht op privacy: een onderzoek naar de betekenis van het begrip’privacy’in het Nederlandse en Amerikaanse recht.

Branscomb, A. W. 1985. Property Rights in Information. InInformation Technologies and Social Transformation. Edited by B. Guile, National Academy Press, 81-120.

Braun, V., and V. Clarke. 2006. Using Thematic Analysis in Psychology. Qualitative Research in Psychology 3(2): 77-101.

British Library. 2016. British Library Annual Report 2015/2016.

Caldwell-Stone, D. 2012. A Digital Dilemma: Ebooks and Users’ Rights. American Libraries.

Casanovas, P. 2014. Meaningful Reality: Metalogue with Floridi’s Information Ethics. Philosophy and Computers 14(1): 20-25.

Centre for Information Policy Leadership. 2016. Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR CIPL GDPR Interpretation and Implementation.

Clarke, R., 1997. Introduction to Dataveillance and Information Privacy, and Definitions of Terms. Roger Clarke’s blog.

Council Of Europe, 1981. Convention for the Protection of Individuals with Wegard to Automatic Processing of Personal Data. Council of Europe treaty. Strasbourg, Germany. https://rm.coe.int/1680078b37.

Dinev, T., and Hart, P. 2006. An Extended Privacy Calculus Model for E-Commerce Transactions. Information Systems Research 17(1): 61–80.

EU Directive 95/46/EC. 1995. 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data. Official Journal of the EC 23(6).

European Data Protection Supervisor. 2017. The History of the General Data Protection Regulation.

European Union. 2016. Regulation (EU) 2016/679 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union, L119 (May 4).

Finn, R. L., D. Wright and M. Friedewald. 2013. Seven Types of Privacy. In European Data Protection: Coming of Age. Edited by S. Gutwerth et al. Springer Netherlands, 3.

Floridi, L., 2005. The Ontological Interpretation of Informational Privacy. Ethics and Information Technology 7: 185-200.

Floridi, L. 2006a. Informational Privacy and Its Ontological Interpretation. ACM SIGCAS Computers and Society 36(1): 1.

Floridi, L. 2006b. Four Challenges for a Theory of Informational Privacy. Ethics and Information Technology 8: 109-119.

Floridi, L. 2008. Information Ethics. Ethics and Onformation Technology 10(2-3): 189-204.

Floridi, L. 2013. The Ethics of Information. Oxford: Oxford University Press.

Floridi, L. 2014. The 4th Revolution: How the Infosphere is Reshaping Human Reality. Oxford: Oxford University Press.

Floridi, L. 2016. On Human Dignity as a Foundation for the Right to Privacy. Philosophy & Technology 29(4): 307-312.

Floridi, L. 2017a. Group Privacy: A Defence and an Interpretation. In Group Privacy: New Challenges of Data Technologies. Edited by L. Taylor, L. Floridi, and B. Van Der Sloot. Springer, 83-100.

Floridi, L. 2017b. Group Privacy: A Defence and an Interpretation. In Group Privacy: New Challenges of Data Technologies. Edited by L. Taylor, L. Floridi, and B. Van Der Sloot. Cham, Switzerland: Springer International, 83-100.

Floridi, L., and M. Taddeo. 2016. What is Data Ethics? Philosophical Transactions. Series A, Mathematical, Physical, and Engineering Sciences 374(2083): 1-5.

Gellert, R., and S. Gutwirth. 2013. The Legal Construction of Privacy and Data Protection. Computer Law & Security Review 29(5): 522–30.

Gorman, M. 2000. Our Enduring Values: Librarianship in the 21st Century. Chicago; London: American Library Association.

Gutwirth, S., R. Gellert, R. Bellanova, M. Friedewald, P. Schutz, D. Wright, E. Mordini, and S. Venier. 2011. Deliverable D1: Legal, Social, Economic and Ethical Conceptualisations of Privacy and Data Protection (Prescient project: privacy and emerging fields of science and technology: towards a common framework for privacy and ethical assessment).

Gutwirth, S., R. Leenes, P. De Hert, and Springerlink Ebook Collection. 2014. Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges. Dordrecht: Springer Netherlands.

Halpin, H. 2018. Library Records of 20 People in Dublin Edited to Include Sexually Explicit Information. thejournal.ie, February 27. https://www.thejournal.ie/data-protection-commissioner-annual-report-3-3874234-Feb2018/.

Hartzog, W., and E. Selinger. 2013. Obscurity: A Better Way to Think about Your Data than “Privacy.” The Atlantic, January 17.

Hartzog, W., and F. Stutzman. 2013. The Case for Online Obscurity. California Law Review 101(1): 1-49.

Hildebrandt, M. 2011. Who Needs Stories If You Can Get the Data? ISPs in the Era of Big Number Crunching. Philosophy & Technology 24(4): 371-90.

Kim, D., and Y. Noh. 2014. A Study of Public Library Patron’s Understanding of Library Records and Data Privacy. International Journal of Knowledge Content Development & Technology, 4(1): 53-78.

Kokott, J., and C. Sobotta. 2013. The Distinction Between Privacy and Data Protection in the Jurisprudence of the CJEU and the ECtHR. International Data Privacy Law 3(4): 222–28.

Koops, B., B. C. Newell, T. Timan, I. Skorvanek, T. Chokrevski, and M. Galic. 2017. A Typology of Privacy. University of Pennsylvania Journal of International Law 38(2): 483–575.

Martin, K. E. 2011. TMI (Too Much Information): The Role of Friction and Familiarity in Disclosing Information. Business & Professional Ethics Journal 30(1/2): 1-32.

McGeveran, W., 2013. The Law of Friction. University of Chicago Legal Forum 1: 15–68.

McLysaght, E. 2011. Data Breach at Trinity College Dublin. The Journal.ie, April 29.

Newman, B. L., and B. Tijerna, eds. 2017. Protecting Patron Privacy: A LITA Guide. Lanham, MD. Rowman & Littlefield.

Nissenbaum, H. F. 2010. Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford, CA: Stanford Law.

Noh, Y. 2014. Digital Library User Privacy: Changing Librarian Viewpoints through Education. Library Hi Tech 32(2): 300–317.

Pagallo, U. 2010. A New “Ring of Gyges” and the Meaning of Invisibility in the Information Revolution. Journal of Information, Communication and Ethics in Society 8(4): 364–76.

Pedersen, D. M. 1979. Dimensions of Privacy. Perceptual and Motor Skills 48(3_suppl): 1291–97.

Pedersen, D. M. 1997. Psychological Functions of Privacy. Journal of Environmental Psychology 17(2): 147–56.

PEN America. 2013. Chilling Effects: NSA Surveillance Drives US Writers to Self-Censor. New York: PEN American Center.

Penney, J. 2016. Chilling Effects: Online Surveillance and Wikipedia Use. Berkeley Technology Law Journal 31(1): 117–82.

Petronio, S., and I. Altman. 2002. Boundaries of Privacy. Albany: State University of New York Press.

Primiero, G. 2016. Designing Systems with Privacy: Formal and Experimental Methods (Powerpoint presentation, Department of Computer Science, Middlesex University, London, May 5). https://schiaffonati.faculty.polimi.it/TFI/lecture%202%20primiero.pdf.

Primiero, G., L. Athiappan, F. Raimondi, and B. S. Barn. 2017. A Tool for Assessing Privacy Awareness in Social Networks. 1–17.

Richards, N. M., and W. Hartzog. 2015. Taking Trust Seriously in Privacy Law. Stanford Technology Law Review 19(3): 431–72.

Richards, N. 2015. Intellectual Privacy: Rethinking Civil Liberties in the Digital Age. Oxford: Oxford University Press.

Roessler, B., and D. Mokrosinska. 2015. Social Dimensions of Privacy: Interdisciplinary Perspectives. Cambridge: Cambridge University Press.

Selinger, E., and W. Hartzog. 2014. Obscurity and Privacy. In Routledge Companion to the Philosophy of Technology. Edited by J. Pitt and A. Shew (Milton Park, UK: Routledge), 1–20.

Sigmund, T. 2017. Ambiguous Character of Information Privacy and Its Possible Solution. Journal of Information Ethics 26(2): 34–53.

Solove, D. 2017. The GDPR Summarized in Whiteboard Form. Teach Privacy. https://teachprivacy.com/gdpr-whiteboard/.

Strikwerda, L. 2010. Information Privacy, the Right to Receive Information and (Mobile) ICTs. Etikk i Praksis: Nordic Journal of Applied Ethics 4(2): 27–40.

Taddeo, M., and A. Vaccaro. 2011. Analyzing Peer-to-Peer Technology using Information Ethics. The Information Society 27(2): 105–12.

Tavani, H. T. 2008. Floridi’s Ontological Theory of Informational Privacy: Some Implications and Challenges. Ethics and Information Technology 10(2-3): 155.

Vedder, A. H. 2004. KDD Privacy Individuality and Fairness. In Readings in Cyberethics. Edited by R. A. Spinello and H. T. Tavani, 462–70. Burlington, MA: Jones & Bartlett Learning.

Westin, A. F. 1967. Privacy and Freedom, 1st ed. New York: Atheneum.

Wright, D., and C. Raab. 2014. Privacy Principles, Risks and Harms. International Review of Law, Computers & Technology 28(3): 277–98.




DOI: https://doi.org/10.5860/jifp.v7i1.6881

Refbacks

  • There are currently no refbacks.




ALA Privacy Policy

© 2024 OIF