Strategic Communications and Marketing News Bureau

Study shows challenges to protecting privacy of library users

CHAMPAIGN, Ill. — Librarians have historically taken a strong stand on protecting the privacy of their patrons. But how well they accomplish this varies widely with the size of a library, and technology has made it more difficult, according to the first study of privacy practices and challenges in public libraries.

University of Illinois Urbana-Champaign information sciences professor and cybersecurity expert Masooda Bashir led the study, publishing the findings in The Library Quarterly.

Because no study on this topic had been done before, Bashir and her research group wanted to find out what the current practices and challenges were for public libraries, she said. The team conducted an online survey of public library employees across the country, asking questions about employee training, whether the library published information relating to privacy protections, the processing of law enforcement requests, the use of secure storage methods and responses to data breaches.

The survey was followed by virtual sessions with library information technology employees.

“Technology has really changed the landscape and libraries are becoming much more digitally focused,” Bashir said.

During the COVID-19 pandemic, libraries added online services and offered additional apps to patrons. But it is hard to know how well the patrons’ privacy is being protected when a library uses digital services offered through a vendor. “Data is shared without our knowledge and processed in ways we can’t comprehend sometimes,” Bashir said.

The library employees who participated in the survey said their biggest challenge in protecting patron privacy was lack of training and technical knowledge to identify privacy vulnerabilities and take steps to minimize them.

“They all valued privacy and they all wanted to protect patrons’ privacy. But sometimes with advances in technology, they’re not able to have that control over the kinds of data collected or shared or what happens when it leaves the library. Once someone leaves a library website and is on a vendor website, the protections might not carry over,” Bashir said.

More than 800 library employees completed the survey, and most of the respondents worked at small libraries. The size of the library, as measured by its number of cardholders, was the main factor in the level of privacy protections it provided. Larger libraries were more likely to have an information technology employee or someone dedicated to privacy protection. Rural libraries lacked those resources and often had to share such services with other small libraries.

Nearly all the libraries offered basic protections such as the secure disposal of sensitive data. While two-thirds of the respondents said their libraries provide privacy training to employees, 21% of those said the training was not mandatory and less than one-third had received training in the past year. Two-thirds of the participating libraries did not publish any information for patrons on how to protect their privacy, and more than two-thirds had no documented plan for handling data breaches.

Even more alarming to Bashir: For some libraries, particularly smaller ones, their only online presence is through social media rather than their own website.

“That is very troubling. Facebook collects a lot of data – everything that someone might be reading and looking at. That is not a good practice for public libraries,” she said.

Additionally, the U.S. doesn’t have a comprehensive law or set of privacy protections such as the European Union has, Bashir said.

Another challenge for libraries is that many patrons using a library computer often need help submitting a form or doing some other work online, so they are freely providing personal information, Bashir said.

“Public libraries are used by a lot of people in lower socio-economic groups. Privacy protections for these groups are even more important because they are vulnerable populations,” she said.

The American Library Association has guidelines available for helping libraries preserve privacy, but many librarians didn’t know about them, she said.

Bashir said a future project for her research group is to develop tools for librarians to be able to detect vulnerabilities in their libraries’ technology and to help develop privacy policies and best practices for libraries that don’t have the resources to do so themselves.

“Technology caused some of these challenges, and we can also use technology to solve some of them,” she said.

Editor’s notes: To contact Masooda Bashir, email mnb@illinois.edu.

The paper “Patron Privacy Protections in Public Libraries” is available online.

DOI: https://doi.org/10.1086/725069.

Read Next

Health and medicine Dr. Timothy Fan, left, sits in a consulting room with the pet owner. Between them stands the dog, who is looking off toward Fan.

How are veterinarians advancing cancer research in dogs, people?

CHAMPAIGN, Ill. — People are beginning to realize that dogs share a lot more with humans than just their homes and habits. Some spontaneously occurring cancers in dogs are genetically very similar to those in people and respond to treatment in similar ways. This means inventive new treatments in dogs, when effective, may also be […]

Honors From left, individuals awarded the 2025 Campus Awards for Excellence in Public Engagement are Antoinette Burton, director of the Humanities Research Institute; Ariana Mizan, undergraduate student in strategy, innovation and entrepreneurship; Lee Ragsdale, the reentry resource program director for the Education Justice Project; and Ananya Yammanuru, a graduate student in computer science. Photos provided.

Awards recognize excellence in public engagement

The 2025 Campus Awards for Excellence in Public Engagement were recently awarded to faculty, staff and community members who address critical societal issues.

Uncategorized Portrait of the researchers standing outside in front of a grove of trees.

Study links influenza A viral infection to microbiome, brain gene expression changes

CHAMPAIGN, Ill. — In a study of newborn piglets, infection with influenza A was associated with disruptions in the piglets’ nasal and gut microbiomes and with potentially detrimental changes in gene activity in the hippocampus, a brain structure that plays a central role in learning and memory. Maternal vaccination against the virus during pregnancy appeared […]

Strategic Communications and Marketing News Bureau

507 E. Green St
MC-426
Champaign, IL 61820

Email: stratcom@illinois.edu

Phone (217) 333-5010