Creating a Privacy Policy Framework for Libraries With Librarians
Libraries have become an important point of online access for many low-income families who use library resources to perform a range of activities from online shopping to job applications (Powell et al., 2010). Many of these online transactions involve entering sensitive personal information like social security numbers. Because of this, protecting patrons’ personal information on public library computers is critical. Librarians, therefore, must have a strong understanding of the risks patrons face when sharing personal information and be able to communicate these risks to patrons.
In this study, we build on our previous findings of librarians as information intermediaries that identify privacy and security challenges library staff face when assisting patrons. In many cases, patrons may have unreasonable expectations regarding librarians’ knowledge of various types of online transactions and the devices, or assume that librarians are able to complete online forms on their behalf. Patrons are often more focused on completing the task at hand–and having the librarian help them complete it–than learning the skills to be able to complete similar future tasks on their own.
A primary goal of this larger project is to develop resources that help librarians and patrons navigate online privacy and security concerns at the library. Our previous research has revealed the need for library staff to have clear policies to refer to when assisting patrons with online activities that involve sensitive information. Therefore, we are developing a policy framework to guide libraries in creating or updating their own policies on how library staff should approach privacy and security issues.
To develop the privacy framework, we utilized a cooperative inquiry method to ideate and iterate the privacy framework with library staff through the use of participatory design (PD) techniques such as sticky noting and big paper approach (Druin, 1999, 2005; Guha et. al., 2005). The process of PD allowed us to develop this framework organically, taking into account the varied experiences and opinions of library staff, whose patrons come from a variety of demographics and have different information needs.
The resulting privacy policy framework was developed iteratively with library staff through participatory design sessions between March and June 2019. Our library policy framework provides high-level guidelines for what a public library policy should cover, while simultaneously allowing specific libraries the flexibility to adapt the policy to fit the specific needs of their patrons.
References
Druin, A. (1999). Cooperative inquiry: Developing new technologies for children with children. In CHI ’99: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 592-599.
Druin, A. (2005). What children can teach us: Developing digital libraries for children. Library Quarterly, 75(1), 20-41.
Guha M, Druin A, Chipman G, et al (2005).Working with young children as technology design partners. Communications of the ACM 48(1): 39-42.
Powell, A., Bryne, A., & Dailey, D. (2010). The Essential Internet: Digital Exclusion in Low-Income American Communities. Policy & Internet, 2(2), 159–190.
Back to Research Updates
Categories