INTRODUCTION

The Santa Clara City Library’s commitment to privacy and confidentiality has deep roots not only in law, but also in the ethics and practices of the library profession. In accordance with the American Library Association’s Code of Ethics:

“We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted.”

At the state level, Section 6267 of the California Government Code provides as follows:

All registration and circulation records of any library which is in whole or in part supported by public funds shall remain confidential and shall not be disclosed to any person, local agency, or state agency except as follows:

• By a person acting within the scope of his or her duties within the administration of the library
• By a person authorized, in writing, by the individual to whom the records pertain, to inspect the records
• By order of the appropriate superior court.

The privacy and confidentiality policies of the Santa Clara City Library shall comply with the applicable federal, state and local laws. Records will be made available in the event that a duly authorized request is received from a law enforcement agency.

Rights of Library Patrons

Outlined below are the rights of library patrons, as well as the responsibilities of this institution, which are based in part on what are known in the United States as the five "Fair Information Practice Principles." These five principles outline the rights of Notice, Choice, Access, Security, and Enforcement:

SANTA CLARA CITY LIBRARY'S COMMITMENT TO PATRONS' RIGHTS OF PRIVACY AND CONFIDENTIALITY

This policy describes patron privacy and confidentiality rights, the steps this Library takes to respect and protect patron privacy when using library resources, and how the Library deals with personally identifiable information that may be collected from library users.

1. Notice & Openness

The Library does not create unnecessary records, only retains records required to fulfill the mission of the Library, and does not engage in practices that would place information on public view.

Radio Frequency Identification (RFID) technology is used to circulate library materials, maintain an inventory of the library collection and secure the collection from theft. RFID tags affixed to items contain only the barcode number of the item; no personal patron information or transaction information is included on the RFID tag

While the Library must maintain records of information such as overdue and lost items, outstanding fines, and payments to patron accounts, these records are kept secure and are purged from the Library’s computer system when no longer needed for library business purposes.

2. Choice & Consent

This Policy explains the Library’s information practices and the choices patrons may make regarding the manner in which personal information is collected and used. The Library will not collect or retain any private or personally identifiable information other than that information required to open an account.

If library users wish to receive borrowing and other privileges, the Library must obtain certain information about them in order to establish an account (e.g., name, phone number, and address). When visiting the Library’s Web site, patrons may be required to provide name and library card barcode number in order to access some subscription databases or their own account information.

Personally identifiable information provided will be kept confidential and will not be disclosed to any third party unless the Library is compelled to do so under the law. Personally identifiable information is not recorded on RFID tags affixed to library materials.

3. Access by Users

Individuals wishing to update or verify the accuracy of personal information may do so at the Library’s Circulation Desk. To ensure security of personal data, verification of identity will be required in the form of a photo I.D. (e.g., driver’s license, passport, etc.).

The purpose of accessing and updating personally identifiable information is to ensure that library operations function properly. Such functions may include: notification of the availability of reserved or Interlibrary Loan items, reminders of overdue materials, etc.

4. Data Integrity & Security

The data collected and maintained by the Library must be accurate and secure. Reasonable steps are taken to assure data integrity and security. Personally identifiable information is protected from unauthorized disclosure.

Tracking Users

Library visitors or Web site users are not asked to identify themselves or reveal any personal information unless they are:

• borrowing materials
• requesting special services
• accessing the Internet in the Library
• registering for programs or classes, or
• making remote use from outside the Library of those portions of the Library's Web site restricted to registered borrowers under license agreements or other special arrangements.

Third Party Security

When connecting to resources outside the Library’s direct control, the only information released is that which authenticates users as "members of the library community." The Library is not responsible for protecting personal information gathered by outside websites.

Staff access to personal data

Only authorized library staff with assigned, confidential passwords shall have access to personal data stored in the Library’s computer system for the sole purpose of performing library work. Except when required by law or to fulfill an individual user's service request, the Library will not disclose any personal data collected from patrons. The Library does not sell or lease patrons' personal information to any individual or entity.

5. Compliance

Santa Clara City Library will not share data on individuals with third parties unless required by law. Regular privacy audits are conducted in order to ensure that all library programs and services comply with this Privacy Policy. Patrons who have questions, concerns, or complaints regarding the Library’s handling of their privacy and confidentiality rights should file written comments with the City Librarian.

Only the City Librarian or designee is authorized to receive or comply with requests from law enforcement officers. Library records will not be made available to any agency of the state, federal, or local government unless the Library is served with a subpoena, warrant, court order, or other authorized request that legally requires compliance. All library staff and volunteers have been trained to refer any law enforcement inquiries to library administrators. 

Questions

Questions related to this policy should be directed to the City Librarian or designee, Monday – Friday during regular business hours, 1-408-615-2930 

Approved by the Board of Library Trustees,
April 5, 2004
Revised & approved by the Board of Library Trustees,
June 6, 2005, August 1, 2011