28 January marks the annual Data Privacy Day, dedicated to raising awareness and celebrating this crucial right in communities across the globe. The past year saw important shifts and developments in discourses around privacy – and now is a good time for libraries to reflect and consider next steps.
Where does privacy discourse stand at the beginning of 2021?
Data protection, privacy and security continue to be among the key elements of discussions around how we should govern and regulate the internet and other digital technologies. Over the past months, significant developments in this area include:
- The growing new generation of privacy laws and regulations around the world. The way in which the personal data of more and more of the world’s population is collected, stored and used is now subject to new privacy regimes which attempt to respond to a digital world. A recent report by Internet & Jurisdiction and ELAC, for example, points out that in Latin America and the Caribbean alone, there are several states reforming or modernising their data protection legislation or discussing bills at present. 2020 saw a new privacy act in New Zealand and the entry into force of the Californian Consumer Privacy Act, and more legislative measures can be expected around the world.
- Data privacy considerations of COVID responses. Of course, measures taken to try to slow the spread of the COVID-19 pandemic have also been at the heart of the discussion on data privacy.
Looking at this issue through a human rights lens, the UN Human Rights Council Special Rapporteur on the Right to Privacy recently examined two key privacy aspects of pandemic responses – data protection and surveillance. While the report clarifies that much more data is needed to assess the necessity and proportionality of various measures, it is nevertheless crucial to keep in mind the dangers of non-consensual methods and the danger of function creeps – including in technology-based responses.
- Privacy and the ‘leap to digital’. And of course, there is the broader reality of a rapid ‘leap to digital’ that many countries experienced during the pandemic, with the urgency of moving online risking coming at the expense of a full exploration of the implications of the choices made. From organisations and businesses grappling with the data privacy implications of remote work, schools and others needing to bear in mind what leaving cameras on during lessons could reveal about pupils and teachers alike; and to social, leisure or study activities that people carry out online – all these raise important considerations.
Libraires, of course, have fully felt the impacts of these trends. Librarians, just like the communities they serve, have faced the trends set out above, in particular as regards the need to shift to working from home – with all the staff data privacy implications this entails. For those remaining open, some have been asked or required to collect, store and process health and/or visitor data.
Many have broadened their offering of digital materials for users to lend, which emphasises the importance of longstanding discussions about third party vendor privacy policies – for example around the data that publishers and others collect about how readers use materials.
Already in the first half of the year, patron privacy considerations were particularly pressing for school and academic libraries, with urgent questions around student data and remote learning.
Similarly, other efforts – from online storytimes to homework help – all come with crucial choices on how to protect patron privacy.
The global library field responds. When faced with these questions, the library field has seen a vast array of active and vigilant responses. Libraries have spoken out about the importance of patron privacy – from the Japanese Library Association’s Intellectual Freedom Committee to CILIP’s Policy Statement on COVID-19 that highlights, inter alia, the importance of upholding the right to privacy when implementing measures to curb the spread of the pandemic.
Members of the global and national library fields – e.g. in Italy, the US and Czechia – collected and disseminated useful information, including suggestions and ideas on how to navigate privacy considerations during the pandemic. They also shared practical guidance, key questions and good practices around the new patron privacy considerations.
Standing by key library values. It is encouraging to see that libraries continue to be strong privacy champions and advocates even in these times, finding more ways to support the privacy and digital wellbeing of their communities.
From Singapore to the Netherlands, we have seen traditional online safety and security skills support programmes migrate online – for example, as published tip-sheets or courses, or live webinars. New ideas are being explored – from awareness-raising virtual exhibits to the potential of a library VPN for patrons.
Ensuring library capacity and resources – a key priority. These responses demonstrate the evolving application of twin library priorities – safeguarding patron data in library processes, and helping build their communities’ awareness and skills to defend their own privacy, outside of library environments. However, as the past year showed, the new circumstances – particularly the shift to digital – raise challenging new questions and demands.
News from Finland, for example, points out that many libraries need to address patron privacy in new ways – including questions which may require legal advice. Similarly, Public Libraries Victoria discusses libraries’ experiences with helping seniors navigate online services – a crucial part of their offering; however, the shift to digital here can also put increased pressure on library staff in navigating complex privacy questions when offering hands-on support.
This highlights the importance of making sure that libraries have the capacity and resources to carry out these tasks. This includes, inter alia, IT resources – since cybersecurity and data privacy and fundamentally linked. As libraries face new and increasing tasks and duties – to meet the demand and expand digital offerings while maintaining data privacy and security – it is crucial that they have the resources to do so.
Many key challenges and developments of 2020 continue to impact the work of libraries around the world. As they continue to face these, libraries maintain their support and ethical commitment to privacy – and we look forward to another year of active dialogue and exchange of good practices in support of data privacy!