California Governor Signs Reader Privacy Act
California Governor Jerry Brown has signed the Reader Privacy Act, updating the state’s reader privacy law to cover ebooks and online book services. The law will take effect January 1.
The law will establish privacy protections for book purchases similar to long-established privacy laws for library records, according to the Electronic Frontier Foundation, which sponsored the bill along with the American Civil Liberties Union.
“California will have the strongest laws in the country protecting reader privacy in the digital era. That’s good for consumers and supports innovation. Legal protections must keep up with technological advances,” said Valerie Small Navarro, legislative advocate with the American Civil Liberties Union of Northern California. “California should be a leader in ensuring that upgraded technology does not mean downgraded privacy,” she said.
According to the ACLU of Northern California, the law “requires the government and civil litigants to demonstrate a compelling interest in obtaining reader records and show that the information contained in those records cannot be obtained by less intrusive means. It also requires providers of digital book services to record each request for reader records and to publish an annual report detailing the total number of requests received.”
“This is great news for Californians, updating their privacy for the 21st Century,” said EFF Legal Director Cindy Cohn in a statement. “The Reader Privacy Act will help Californians protect their personal information whether they use new digital book services or their corner bookstore.”
The bill was authored by California State Senator Leland Yee.
“California law was completely inadequate when it came to protecting one’s privacy for book purchases, especially for online shopping and electronic books,” said Yee in a statement.
Without strong privacy protections like the ones in the Reader Privacy Act, reading records can be too easily targeted by government scrutiny as well as exposed in legal proceedings like divorce cases and custody battles, the EFF said in a statement on its website.
Other supporters of the new law included Google, TechNet, the Consumer Federation of California, the Internet Archive, and City Lights Bookstore.
Related posts:
Kindle Library Lending: A Triumph of Practicality Over Principles
The lending of library ebooks through the Amazon Kindle will likely expose the growing hollowness of some core principles of librarianship.
Here are two extracts from September 22 draft documents that the ALA’s Office for Information Technology Policy E-book Task Force has begun circulating about ebooks:
ALA policies apply fully to e-books, including those that promote values such as intellectual freedom, commitment to access, respect for confidentiality and privacy, freedom of information, service for the public good, and ethics and professionalism. (From Ebook Principles for the Library Community)
[Library lending] (p)romotes privacy and free expression rights for individuals, as librarians would insist on them in the provision of e-book services. (From Talking Points on Library Lending of Ebooks)
Little of this applied in the Kindle deal, particularly regarding privacy and confidentiality. There was no significant effort by librarians or by ALA to insist on the promotion of privacy, which is a core principle of librarianship, according to ALA. If this major ebook program with a commercial behemoth involving 11,000 public and school libraries could be implemented without assurances of privacy, then how solid is the principle? Is reader privacy worth fighting for or isn’t it?
Throughout the Kindle rollout, librarians were in the dark, powerless. The most sought after piece of information since the initial Kindle announcement in April has been the purely practical consideration of how the checkout process would work, not whether Amazon would share and safeguard the longstanding and invaluable ethical concerns of librarians when it comes to the anonymity of reading.
The joy among front-line librarians about Kindle lending is more than understandable. They now can give thousands of unhappy patrons a resounding ‘yes’ when it comes to their Kindles. But their influence over the privacy policy of Amazon is nil. And it will likely remain at zero, even as Amazon becomes more deeply enmeshed in library operations and as librarians actively enable that role.
Unfortunately for libraries, this means abandoning principles about record retention that are spelled out in ALA’s policy manual (section 52.4.4), including the discomfiting ideas, in light of the Kindle deal, that libraries “assure that vendor agreements guarantee library control of all data and records” and that libraries “dispose of library usage records containing personally identifiable information unless they are needed for the efficient and lawful operation of the library.”
How do these principles reconcile with a patron having to sign into their Amazon account — which contains name, address, credit card information — before they can finish checking out a book to their Kindle? How do these principles reconcile with a partnership with a company that has amassed its wealth and power in large part through data aggregation and data mining?
OverDrive at least has gone on record to say that it does not retain any personal information about a patron. Amazon says nothing beyond what is posted on its website, whether pertinent or not. But that is what juggernauts do, they roll on without regard for the niceties of others, inexorably broadening their own footprint as Amazon did today with the introduction of the Amazon Fire and the cutting of Kindle prices.
Yet the decisions about a growing number of reading records, however detailed they may be, now rest with this juggernaut. Ceding control of any patron records is a long-term loss for libraries.
For example, Amazon does not promise to demand a warrant or even a court order if asked to turn over customers’ digital book records to the government. On its website, Amazon says it releases account and other personal information when it believes the release “is appropriate to comply with the law; enforce or apply our Conditions of Use and other agreements; or protect the rights, property, or safety of Amazon.com, our users, or others.”
If some day, for expedient reasons, Amazon disgorges information about library loans, to what degree will it harm a patron or the reputation of libraries? As a profession, can librarians say they have effectively dealt with this question? Can any librarian even say with confidence what Amazon’s record retention policy is?
The only real hope is that the numerous state privacy laws, with their regard for the library context, will be updated. The model for this is the California law passed in July, which updated circulation of records laws in order to keep confidential electronic as well as written patron use information and borrowing records. The information cannot be disclosed by a public library or a third party that stores information for the library, according to a summary by the California Library Association (CLA).
In the case of United States v. Rumely in 1953, Justice Douglas warned that unless the purchasers (or borrowers) of publications remain anonymous the “subtle, imponderable pressures of the orthodox” would lay hold and “fear of criticism [would go] with every person into the bookstall.” Douglas’s opinion remains highly relevant and reminds us why librarians in the past have zealously defended the privacy of reading and why it should always be, not a second thought, but a paramount, practical concern.
Related posts:
California Updates Library Privacy Laws to Include Electronic Records
California Governor Jerry Brown signed into law Tuesday a measure that will modernize the state’s library privacy laws.
The bill, SB445 sponsored by Senator Joe Simitian (D-Palo Alto), updates circulation of records laws in order to keep confidential electronic as well as written patron use information and borrowing records. The information cannot be disclosed by a public library or a third party that stores information for the library, according to a summary by the California Library Association (CLA).
The new law would protect online interactions that a patron has with the library, such as email communications with a librarian, online courses, computer research, and online records of checked out items.
“With every passing day, in so many ways, our personal privacy is being steadily eroded. This new law ensures that when we step into the library, virtually or otherwise, our privacy remains protected,” Simitian said in a press release. “The more than a million Californians who use our public libraries every day deserve to have their personal information protected,” he said. “People use libraries to research sensitive and personal topics; their privacy shouldn’t be compromised.”
CLA backed the measure, and Jane Light, the director of the San Jose Public Library, helped CLA to shepherd the bill through the legislature.
“It has become difficult to fit today’s online communications methods used by libraries and their patrons into the existing law. The new language will ensure library users that records of their communications and transactions with their library will remain private and confidential,” Light said according to the press release from Simitian’s office.
Related posts: