Libraries and Diminished Patron Privacy During the COVID-19 Health Crisis

ABSTRACT

The COVID-19 health crisis has ushered in an era of great change in the way individuals and institutions function. With the contagious and deadly nature of COVID-19, libraries geared their efforts to increase access to and use of digital collections. With the introduction of stay-home orders, the option of adopting full virtual services became the go-to solution as a way of protecting library staff and users. Collaboration with third-party vendors that provide online library services heightened like never before. As libraries reopened at a later point in the global pandemic, library staff were asked to conduct health screenings for patrons entering the library and actively monitor whether patrons were socially distanced in the library. The drastic change to library operations due to the pandemic resulted in the increased collection of patrons' personal information ranging from health information to location data coupled with library records. Much as librarians are traditionally and professionally committed to protecting their patrons' privacy, undertaking activities like health screening in the absence of data transparency practices can potentially impact library users' privacy. In this study, we investigated whether the 25 Association of Research Libraries (ARL) members with the largest number of titles held developed or modified their privacy policies in response to the increase in data collection during the COVID-19 health crisis. Privacy policies are living documents that should evolve with the times and thus should be updated or modified to reflect the current realities. We also examined whether pre-pandemic privacy policies, if any, of the surveyed 25 ARL member libraries are aligned with the privacy requirements outlined in the American Library Association (ALA) Privacy Toolkit (ALA 2014). Our results show that of the surveyed 25 ARL libraries, none of them developed a new library privacy policy or modified an existing one to reflect their data practices with specific regard to the new realities presented by the COVID-19 pandemic. The disregard for such adjustments to their privacy policies violated the principle of data transparency. Our results also show that, at the time of the survey, 4 of the surveyed 25 ARL members did not have library privacy policies.