The 10-Minute Digital Librarian #9: Think about how to respect privacy

The second set of posts in our 10-Minute Digital Librarian series has focused on helping users to stay safe online, through adopting good digital hygiene, as well as good cybersecurity in libraries themselves.

At the heart of cybersecurity in particular is the effort to avoid unauthorised access to – or use of – important information, including of course personal information.

In turn, a good way of reducing risk is by reducing the amount of such personal information that is gathered and stored in the first place – in short, the less you have, the less you can lose!

You may of course face calls to gather data in order to demonstrate, or improve performance. However, given the risk of a lack of privacy chilling people’s willingness to search for the information they need, or to express themselves, it is important to remember that privacy itself can be a driver of better results.

IFLA itself issued a statement on the subject in 2015, and there has been a lot of very good work done in institutions and associations around the world in order to promote good practices here.

These include, for example, guides produced by the Carnegie Trust in the United Kingdom, ALA’s guidelines on privacy and the Choose Privacy Every Day site. Please do share other great resources in the comments at bottom!

Key principles set out, which can already be a basis for reflection as part of this 10-Minute Digital Librarian exercise include:

  • Think about which activities you carry out that involve the collection of data about people. This includes both information about them (names, addresses etc) and/or about their behaviour
  • Think about whether you really need to collect and use this data (and of course if you have permission to)?
  • Think about how you are storing data – is it in a safe place (certainly not a GoogleDoc)? How soon can you delete it?
  • Think about where services are provided by a third party and could involve the collection of data – such as databases, other services, or even simply internet access. Do the terms under which you access these services maximise privacy? Are you ensuring that the most private settings are used by default, for example on browsers?
  • If you need to gather data to monitor and improve performance, think about how you can do this in a way that maximises anonymity, that gives users a meaningful choice about taking part, and that ensures that data is not retained for longer than needed.

Take a look at the examples given above, and as underlined, share your own in the comments box below.

Good luck!


If you are interested in issues around digital safety and privacy more broadly, you should take a look at the work of IFLA’s Libraries for Children and Young Adults Section, as well as our Advisory Committee on Freedom of Access to Information and Freedom of Expression.

Discover our series of 10-Minute Digital Librarian posts as it grows.