Privacy,libraries and the era of big data

This special issue of IFLA Journal concerns itself with one of the key ethical and legal concerns of our time, namely that of privacy. In addition to playing an important role in political and social thought more broadly (Tavani, 2008), privacy has particular significance to the role and operation of the library and information sector. However, it is a value that is currently facing significant threats. Scott McNealy, co-founder and former CEO of Sun Microsystems, is often quoted as having commented in 1999 that ‘You have zero privacy anyway. Get over it!’ (Sprenger, 1999). Although much challenged at the time (and since), this statement bears resonance in an era of big data, social media and the rapid growth of many technologies that afford high levels of surveillance and data storage and manipulation. To most of us, both within and beyond the library and information science (LIS) community, privacy is still seen as a vital human right, enshrined as it is within the Universal Declaration of Human Rights (United Nations, 1948) and subsequent human rights conventions. However, social values, norms and perspectives change over time, cultures and geographical locales and now seems the right time to take stock of what is happening with regard to privacy in the LIS domain and beyond. This is the purpose of this special issue.

Privacy has been described by Moor (2006) as an evolving concept that is shaped by the political and technological characteristics of the society in which we live. Multiple definitions of the concept exist, but it is typically understood as concerning itself with notions such as secrecy, solitude, security and confidentiality (Tavani, 2008). In a classic, influential articulation of the right to privacy back in the 19th century, Warren and Brandeis (1890) described privacy as the condition of ‘being free from intrusion’ and having ‘the right to be let alone’. This aligns with more recent definitions from Alfino (2001) who considers it as being concerned with the right to personal space and to being able to lead a rational, autonomous life. Increasingly, however, it is seen primarily to be concerned with the ability to control the extent to which others have access to personal information about ourselves – our ‘informational privacy’ (Floridi, 2005). This is, in part at least, an outcome of the increasing ease with which personal information can be stored, transmitted and manipulated using modern information and communication technologies.

For libraries and librarians the concept of privacy holds special importance. As Witt (2017) shows us, the idea of privacy developed within LIS along with the growing concerns about technology-driven intrusion, described by Warren and Brandeis. Defining privacy (somewhat narrowly) in the context of librarianship as ‘The freedom to access whatever materials an individual wishes, without the knowledge or interference of others’, Gorman (2000) included it as one of his eight ‘core values’ and recognised the importance of the (private) bond of trust between librarians and their clients. Clarke (2006) recognises the need to balance the right to privacy against the competing interests of other individuals and groups in society: this is particularly pertinent in a library context, as privacy can either work in the interests of freedom of access to information (i.e. confidence in the ability to read or access information in private promotes a willingness to explore more controversial sources) or against such interests (e.g. the ability of government to keep certain sources private acts against open access to information).

Professional bodies in the LIS sector usually act to defend the importance of privacy within their professional codes of practice and codes of ethics. The IFLA Code of Ethics for Librarians and Other Information Workers (IFLA FAIFE, 2012) highlights the confidential nature of the relationship between library and information personnel and their users, and the importance of not sharing data beyond the needs of the immediate transaction. At the same time, it advocates for transparency in government and declares that ‘it is in the public interest that misconduct, corruption and crime be exposed by what constitute breaches of confidentiality by so-called “whistleblowers’’’ (IFLA FAIFE, 2012: Clause 3), thus recognising that in some contexts privacy can work against the public interest.

The complex – and sometimes, contentious – issues that privacy concerns raise for library and information personnel form the backbone of the content of the papers in this Special Issue. To begin with, Affonso and Sant’Ana highlight the importance of privacy policies in the digital era, drawing on the context of collection of data from the National Digital Libraries of South America. Their research used a data-mining tool, Wireshark, to demonstrate that data from interactions between users and digital libraries can be collected without the users’ awareness, and that there is a need to make this possibility more explicit through well-crafted and transparent privacy policies available to all users. This is a good example of how new technologies enable collection, aggregation, and dissemination of information in ways that were not previously possible, and are possibly still not understood, thereby highlighting a need for stronger normative protection of privacy rights.

From a somewhat different perspective, Kritikos calls for librarians and information professionals to engage openly in the debate and discussion around issues of the Right To Be Forgotten (RTBF) and delisting of web content, arguing that these, alongside the use of Internet filtering software are disrupting the information ecosystem and ethical norms around freedom of access to information. This is a good example of the clash of values between two competing rights, both worthy in their own intentions but sometimes misguided in their implementation.

Maceli’s paper reviews the literature around the role of public libraries and librarians in educating patrons about the importance of privacy, the existence of many, diverse threats to their own privacy in the new technological era, and the availability of tools and techniques to enhance and protect this privacy. She recognises the complexity of this role when, despite the long-standing commitment of the library profession to the privacy of their users, it has not generally been seen as the role of the librarian to educate users about privacy protection. Education regarding privacy protection is also relevant to the paper by McGuinness and Simon, in this case in the context of students’ use of social networking sites (SNS). Their mixed-methods study indicated that young people are concerned about privacy, and they do modify their online behaviour and use privacy settings to protect themselves according to the context in which they are posting content; however, the protective measures taken are fallible as a result of both human and system errors.

Context is also key to the next paper, in which Inoue discusses privacy and libraries in Japan. She describes how privacy with regard to reading matter is highly prized in the country, and then goes on to discuss specific relevant legislative attempts to protect the privacy of personal information. The relevance of this legislation to libraries is highlighted, and then illustrated via two case studies.

And finally, ending on a provocative note, Doyle picks up on McNealy’s declaration of the death of privacy. His argument focuses on the use of big data analytics and the ways in which even aggregated and anonymised data can be used to detect patterns, and subsequent predictions of our own behaviour and lifestyles may be (often erroneously) inferred, in ways that can be damaging to our own interest. The paper argues that two of what he describes as ‘the most promising means’ of protecting ourselves from this misuse of data, obfuscation and the propertisation of personal information, are both doomed to failure. Thus he concludes that privacy is indeed a lost cause and trying to defend it from a moral point of view is no longer a viable cause. Whether this is a viewpoint that is palatable to a library profession long committed to the defence of patrons’ privacy is a matter of contention: certainly, it is not a battle that IFLA is yet ready to regard as lost. It is, however, a critical matter for debate and we hope that all the papers in this Special Issue provoke similar food for thought around this important topic.