Protecting library user privacy and keeping confidential information that identifies individuals or associates individuals with their use of library books, materials, equipment, programs, services, facilities, and/or staff assistance is an important principle of the Library. This policy affirms the Library’s commitment to privacy, explains the information that the Library collects, and alerts visitors to Library facilities and users of remotely accessed Library services of the privacy choices available to them.
Definition of Terms
- Privacy is the right to seek information through Library resources without having the subject of interest known or examined by others.
- Confidentiality exists when the Library possesses personally identifiable information and keeps that information private on the patron’s behalf.
- Personally identifiable information is information such as name, library card number, e-mail or mailing address, telephone number, or any financial information relating to a patron and his or her accounts.
Legal Protections and Exceptions
Wisconsin law has strong protections in place to assist the library in keeping records confidential. In certain circumstances, Library records may be subject to disclosure to law enforcement officials under provisions of state law or federal law under the provisions of the USA Patriot Act (Public Law 107-56). In accordance with the USA Patriot Act, public libraries must allow an immediate search and possible seizure of equipment or information if presented with a FBI National Security Letter or Foreign Intelligence Surveillance Act Warrant.
The relevant Wisconsin laws concerning the confidentiality of library records are Wisconsin Statutes Section 43.30 and the Wisconsin Personal Information Practices Act (Sections 19.62 to 19.80). Library records include any record of use of library materials, resources, or services. Wis. State Statute 43.30 requires that library records may only be disclosed under the following circumstances:
- With the consent of the individual library user.
- To a custodial parent or legal guardian of a juvenile under 16 years of age.
- By court order.
- Upon the request of a law enforcement officer who is investigating criminal conduct alleged to have occurred at the library. In this instance, the library shall disclose all records pertinent to the alleged criminal conduct that were produced by a surveillance device under the control of the library.
- To persons acting within the scope of their duties in the administration of the library or library system.
- To other libraries for interlibrary loan purposes in accordance with the standards set forth in Wisconsin Statute Sections 43.30(2) and (3).
The Library avoids creating unnecessary records and retaining records longer than needed for library business purposes.
- To receive a library card, library users are required to provide identifying information such as name, birth date, picture ID, and physical as well as mailing address (if different). The identifying information is retained, as long as the library user continues to use the library card. In most cases the information will be in the database for a maximum of three years after the person stops using the library card at which time the record is deleted.
- A library user’s circulation record includes current identifying information, items currently checked out* or on hold, as well as overdue materials and fines.
- The Library may also gather information necessary to provide a requested service to a library user including but not limited to the following examples:
- Records of electronic access information such as the library card or guest pass number used to log onto library public computers or search a library database
- Records for interlibrary loan requests or reference services
- Records needed to sign up for or participate in library classes and programs
- Records for use of meeting rooms
- Records for receiving emails and/or text messages about library services and programs
Once there is no longer a need for the information, personally identifying records are destroyed. Emails sent to Library staff may be subject to open records requirements.
5. The Library treats records as confidential in accordance with Wisconsin State Statute (43.30). The Library will not collect or retain private and personally identifiable information without the person’s consent. If consent to provide personally identifiable information is given, the Library will keep it confidential and will not sell, license or disclose it to any third party, except for purposes described by the law.
Access to Accounts and Patron Responsibility
Protecting a Patron Account
It is the patron’s responsibility to notify the Library immediately if a library card is lost or stolen or if he or she believes someone is using the card or card number without permission. The Library recommends these precautions:
- Log off systems after use
- Do not share your library card, user IDs, or passwords
- Select passwords which are easy to remember, but difficult for others to guess by including a mixture of numbers, symbols, and/or upper and lowercase letters
Keeping Account Information Up-To-Date
A patron may access his/her personally identifiable information held by the Library and is responsible for keeping the information accurate and up-to-date. The purpose of accessing and updating personally identifiable information is to ensure that library operations can function properly. A patron may view or update his/her personal information in person. He or she may be asked to provide some sort of verification or identification card to ensure verification of identity.
Parents and Children
For the protection of patrons, parents seeking records of their minor child, under age 16, may be asked to provide proof of their child’s age as well as evidence they are the custodial parent. According to Wisconsin State Statute 3.30(1b)(1a) “Custodial parent” includes any parent other than a parent who has been denied periods of physical placement with a child under s.767.41(4).
Items on hold
Items placed on hold for library patrons are shelved by the patron’s last name for pick-up at the circulation desk of the Library. Patrons of any age may choose to have other people pick up their holds, but the person picking up must have the patron’s card.
Public Computer Use and the Library’s Automation Systems
The Library routinely and regularly purges information that may be linked to library users, such as information from web servers, mail servers, computer time management software, interlibrary loan requests, and other library information gathered or stored in electronic format.
The Library System maintains the online catalog and a number of databases. The Library System automatically collects and maintains statistical information about library users’ visits to the library catalog and databases. If a library user chooses to pay fines and fees via credit card, the credit card number is not stored in the user’s library account; it is simply passed through to the payment processor.
The Library’s website contains links to other sites including third party vendor sites.
The Library is not responsible for the privacy practices of other sites which may be different from the privacy practices described in this policy. The Library encourages library users to become familiar with privacy policies of other sites visited, including linked sites.
The Library website does not collect personally identifying information from visitors to the website. There is no link to personally identifiable information in computer communications, unless a patron has provided that information in the content of a transaction, for example, filling out an online form to request a service.
The Library uses temporary “cookies” to maintain authentication when a patron is logged in to the online catalog. A “cookie” is a small text file that is sent to a user’s browser from a website. The cookie itself does not contain any personally identifiable information. Other electronic services offered by the Library through third party vendors may use “cookies” to help control browser sessions. Websites may use the record of “cookies” to see how the website is being accessed and when, but not by whom.
Library database users are asked for their library card number to ensure that only authorized users have access. Database vendors do not have access to any user records or information.
The Library offers free wireless access (Wi-Fi) for library patrons to use with their own personal notebooks, laptops and other mobile devices. These access points are unsecured. A patron’s use of this service is governed by the Library’s internet policy (https://www.wfblibrary.org/about/policies/internet_policy.php).
Due to the proliferation of Wi-Fi networks, library users may also be able to access other Wi-Fi networks within the building that are not provided by the Library. Use of these non-Library wireless networks within the Library’s facilities is also governed by the Library’s internet policy.
As with most public wireless “hotspots,” the Library’s wireless connection is not secure. Any information being transmitted could potentially be intercepted by another wireless user. Cautious and informed wireless users should choose not to transmit personal information (credit card numbers, passwords and any other sensitive information) while using any wireless “hotspot.” Use of the Library’s wireless network is entirely at the risk of the user. The Library disclaims all liability for loss of confidential information or damages resulting from that loss.
Some patrons may choose to take advantage of RSS feeds from the Library’s website, hold and overdue notices via e-mail or text message, and similar services that send personally identifiable information related to library use via public communication networks. Patrons should also be aware that the Library has limited ability to protect the privacy of this information once it is outside the Library’s control.
Illegal activity prohibited and not protected
Patrons may conduct only legal activity while using library resources and services. Nothing in this policy prevents the Library from exercising its right to enforce its Library Rules of Conduct, protect its facilities, network and equipment from harm, or prevent the use of library facilities and equipment for illegal purposes. The Library can electronically log activity to monitor its public computers and external access to its network and reserves the right to review such logs when a violation of law or library policy is suspected. Staff is authorized to take immediate action to protect the security of library patrons, staff, facilities, computers and the network. This includes contacting law enforcement authorities and providing information that may identify the individual(s) suspected of a violation.
Enforcement and redress
Patrons with questions, concerns, or complaints about the handling of his/her personally identifiable information or this policy may file written comments with the Director. A response will be sent in a timely manner (i.e. 14 days) and the Library may conduct an investigation or review of practices and procedures. The Library conducts such reviews as necessary to ensure compliance with the principles outlined in this policy.
The Director is custodian of library records and is authorized to receive or comply with public records requests or inquiries from law enforcement officers. The Director may delegate this authority to designated members of the library’s management team. The Director confers with the Village Manager before determining the proper response to any request for records. The Library will not make library records available to any agency of state, federal, or local government unless a subpoena, warrant, court order or other investigatory document is issued by a court of competent jurisdiction, showing good cause and in proper form. All library staff are trained to refer any law enforcement inquiries to the Director.
*Patron records show current checkouts. When an item is returned, it is removed from the patron’s checkout list. However, patrons who sign up for the reading history service will have their checkout history saved instead of purged. The user has the option to turn off the service and delete his/her reading history at any time.