Privacy literacy instruction practices in academic libraries: Past,present,and possibilities

Abstract

This article explores the past, present, and possibilities of privacy and privacy literacy (PL) instruction in academic libraries. It surveys the scholarship on privacy and privacy literacy from the domains of philosophy, anthropology, history, law, education, and LIS. A privacy conceptual model is proposed demonstrating the zones of informational agency that privacy preserves, and a timeline of privacy and libraries documents key developments in privacy culture in the US. Findings from an original exploratory survey of privacy literacy instruction practices in academic libraries are discussed. The survey identifies the rationales, topics, contexts, methods, and assessments academic librarians use in delivering privacy literacy instruction, as well as barriers against privacy literacy that they encounter. The article concludes with a case study explicating the authors’ own privacy literacy instruction experiences, and specific recommendations for overcoming the barriers to delivering privacy literacy instruction in academic libraries identified in the survey findings.

Keywords

Academic libraries critical perspectives on LIS information literacy and instruction libraries and society/culture principles of library and information science privacy privacy literacy services to user populations types of libraries and information providers

Introduction

Recent polls find that, while technology use is nearly ubiquitous, many people attribute a decline in personal well-being, civility, trust, and social cohesion to the digitization of daily life (Anderson and Rainie, 2018; Birth, 2015; CAPS, 2017; Hoofnagle et al., 2010; Rainie, 2018; Shannon-Missal, 2015). Individuals are understandably anxious about loss of control over personal information, online bullying and doxing, manipulation of information, implications for political processes, and wear and tear on the social fabric. Taken together, these are symptoms of an underlying condition – a radical shift in privacy culture. Since the spread of computerization in the 1970s and accelerating with the advent of personal computing, mobile technologies, and machine learning, the values, behaviors, and social contracts compromising the claim of the individual to autonomy in her identity, reputation, and relationships are fundamentally disrupted. The disruption of privacy culture further implicates the foundational units of society, from personhood, to intimate partnerships and families, to civic organizations, faith-based communities, political and commercial activities, and more. To the extent that people can shape privacy culture, they should do so in full consideration of the impact and scope of the outcomes. This requires privacy literacy (PL) – but, tellingly, a 2014 Pew poll found that half of Americans do not understand the function of a privacy policy (Smith, 2014).

A suite of knowledge, behaviors, and critical dispositions regarding the information constructs of selfhood, expressive activities, and relationships, PL is related to information literacy, and addresses many of the metaphysical and social dynamics of information. Libraries are natural venues for the cultivation of PL, owing to the centrality of privacy to library practice, the agility of libraries in responding to pressing informational needs in society, the expertise librarians share as teachers, and the respect librarians demonstrate for a plurality of patron identities and values. Libraries can serve as sites for contesting privacy disruption because they are trusted social institutions, and because librarians are entrusted to act in their publics’ interests (Geiger, 2017).

This article serves as a roadmap to the past, present, and possibilities of privacy and PL instruction in academic libraries, placing theory and practice in conversation. The section Privacy in Context surveys the scholarship on privacy and PL from the domains of philosophy, anthropology, history, law, education, and library and information science (LIS). A privacy conceptual model is proposed to demonstrate the zones of informational agency that privacy preserves, and a timeline documents key developments in privacy culture in libraries and the US. Privacy literacy instruction in academic libraries: Current practices presents an original exploratory survey that asked academic librarians about the rationales, topics, contexts, methods, and assessments they use in delivering PL instruction, as well as the barriers against PL that they encounter. The article concludes with Privacy literacy possibilities: Case study and call to action, explicating the authors’ own PL instruction experiences, and offering specific recommendations for overcoming barriers identified in the survey findings. Librarians should work to deliver information, ethical reasoning strategies, discussion venues, and models for the renewal of privacy norms that underpin the individual and associational rights essential to free societies.

Privacy in context

Defining privacy

Privacy scholarship is a site of robust investigation, theorizing, and debate about the nature of privacy in the human experience. Far from settled science, clear themes nevertheless coalesce in the literature, which situates privacy in the self, personal information, intimate relationships, associational autonomy, and withdrawal into solitude. Benn (1971) and Reiman (1984) each claim that privacy is a precondition of personhood, providing what Cohen (2000: 1424) describes as a “zone of relative insulation” in which to exercise Warren and Brandeis’s (1890: 211) “right to an inviolate personality.” Schoeman (1984a: 413, 416) observes that privacy guards a “private sphere of moral valuation” where one creates meaning independent from social validation, allowing people the “freedom to define ourselves” (Fried, 1984: 212) and to experience an essential “incomputable self” (Hildebrandt, 2019: 84). Prosser (1984) articulates a mental interest in being free from unwarranted public attention, which Bloustein expands to a protection for “individuality and human dignity” (Bloustein, 1984: 163; Wasserstrom, 1984). Privacy further protects intellectual processes, including inquiry, skepticism, belief formation, creativity, and entrepreneurship, and confers ownership of intellectual property resulting from these activities (Cohen, 2000, 2013; Keizer, 2012; Richards, 2015; Solove, 2013; Westin, 1967). Integrity, both in a physical and metaphysical sense, is safeguarded by privacy, whereby one exerts a right to bodily integrity (Reiman, 1984; Warren and Brandeis, 1890) and engages the information norms that comprise Nissenbaum’s (2004: 124, 139–40) theory of “contextual integrity.” Individuals have an interest in controlling what is known about them; such contextual integrity is preventive of context collapse and provides the informational distance necessary to participate freely in a broad range of relationships (boyd, 2008; Cohen, 2000; Fried, 1984; Prosser, 1984; Keizer, 2012; Schoeman, 1984a; Solove, 2008).

Voluntary association and the freedom from relational coercion are established through privacy in social, civic, and commercial contexts (Karst, 1980; Mooradian, 2009; Rachels, 1975; Wasserstrom, 1984). The choice to relinquish individual privacy and to establish shared privacy underpins the “intimate associations” identified by Karst (1980: 629, 634). Extending Karst’s analysis, Reiman (1984) asserts that the willingness to share formative experiences are a precondition for intimate caring – a state which requires relational autonomy, and therefore privacy. Confidants, confidences, and candor all require confidentiality, or shared privacy (Fried, 1984; Karst, 1980; Keizer, 2012; Posner, 1984; Richards, 2015; Schoeman, 1984a). Privacy enables individuals to determine with whom they will interact, and under what conditions, as well as the right to withdraw into voluntary seclusion (Posner, 1984; Prosser, 1984; Reiman, 1984; Warren and Brandeis, 1890; Westin, 1967). Ultimately, the writer Keizer (2012: 20) asserts, privacy constitutes a “resistance to being used against one’s will.” Privacy must be purposeful, not merely circumstantial; it is instrumental to both individual wellbeing and to social cohesion (Cohen, 2000; Moore, 1984; Posner, 1984; Solove, 2008). Privacy can be imagined as concentric zones of agency over one’s presence in the world, emanating from the essential individual self, through the activities of the mind, to the ability to permit and prevent the access and influence of others in one’s lived experience, as depicted in the Six Private I’s Privacy Conceptual Model (Figure 1).

Figure 1.

The Six Private I’s Privacy Conceptual Model depicts concentric zones of agency over one’s presence in the world, from identity, to intellect, to bodily and contextual integrity, to intimacy, to autonomous interaction with and isolation from others.

Privacy and its discontents

Privacy is a universal human value, the expression of which is as diverse as the individuals, communities, and cultures comprising the totality of humankind. While theorist Westin (1967) observes privacy’s origins in the territorial behaviors of other animal species, privacy practices among homo sapiens are shaped by complex sociocultural dynamics (Keizer, 2012; Moore, 1984; Solove, 2008; Westin, 1967). Among these, class, power, roles, and social standing influence an individual’s claim to and practice of privacy in any given context. Combined with the capabilities of automation and data profiling, these factors also render some people more vulnerable to privacy intrusions, an effect called disparate impact (Barocas and Selbst, 2016; Gandy, 1993; Keizer, 2012; Nissenbaum, 2004; Solove, 2008; Strahilevitz, 2013). Criticisms of privacy commonly stem from these disproportionate harms (Cohen, 2000; Richards, 2015; Schoeman, 1984b; Solove, 2008; Wasserstrom, 1984). Historically, however, common law privacy doctrine in the US is shaped by an 1881 finding in favor of a woman plaintiff, and lack of privacy is cited as a contributing factor in the failure of many 19th-century utopian communities (Keizer, 2012; Prosser, 1984; Westin, 1967). Privacy further enables freedom from conformity to majoritarian social norms, favors transparency and accountability from powerful data holders, and preserves the possibility for individual transformation and social change (Bloustein, 1984; Cohen, 2000, 2013, 2019; Hildebrandt, 2019; Karst, 1980; Richards, 2013; Schoeman, 1984b; Solove, 2008; United Nations, 1948; Westin, 1967). Privacy is pluralistic – universally recognized and contextually realized.

Rapid developments in networked technologies pose an intellectual freedom conundrum: that as technology provides users with increasing access to ideas and affordances for extended cognition, it simultaneously renders their internal mental processes subject to observation and influence (Cohen, 1996; Gandy, 1993; Hildebrandt, 2019; Richards, 2015). A cascade of privacy regulations, prompted by concerns about government surveillance following the Watergate scandal and widening computerization of agencies in the 1970s, applies fair information practices to a broad range of services (Gorman, 2015). Solove (2008) asserts that surveillance is a more intrusive form of compelled information disclosure than interrogation or search by nature of the fact that surveillance is comparatively unlimited (see also Richards, 2013; Westin, 1967). Furthermore, the very possibility of surveillance exerts a chilling effect on the broad behavioral category of speech, which includes information seeking and idea formation as prerequisites to expression (Benn, 1984; Cohen, 1996, 2000; Richards, 2013; Schauer, 1978; Solove, 2008; Wasserstrom, 1984). Properties of web data implicate privacy at an unprecedented breadth and scale (boyd, 2008; Mooradian, 2009), but the disproportionate energy directed to securing personal data obscures privacy’s broader purpose. It is no benefit to the subject for her personal data to be secure if the very conditions of data collection distort her thoughts, decisions, or relationships (Cohen, 1996; Ho, 2015; Solove, 2008; Wasserstrom, 1984). Privacy means being free from potential or actual monitoring, not merely that access to the records resulting from such monitoring be controlled.

Despite privacy’s universality, skeptics rightfully observe that people’s actual behaviors often contradict their stated privacy values, a phenomenon called the privacy paradox. Privacy scholars attribute this value-behavior gap to cognitive, structural, and personal factors which affect individuals’ abilities to act in alignment with their privacy preferences (Buschman, 2016; Cohen, 2000; Gerber et al., 2018; Solove, 2013; Sovern, 1999). Cognitive factors include information asymmetries between system or service provider and the user, user knowledge of system design as it pertains to data flows, and the technical and legal literacy needed by the user to read and act on privacy-related terms of service (Cohen, 2000; Cohen, 2019; Solove, 2013; Sovern, 1999). System defaults which disfavor privacy, data aggregation and brokerage, increased transaction costs for opting into privacy protections, and the social salience of personal disclosure are examples of structural factors (Cohen, 2013; Gerber et al., 2018; Solove, 2013; Sovern, 1999). Personal factors comprise the ability to invest time and attention in privacy decision-making, and the ensuing opportunity costs (Sovern, 1999). The privacy paradox is one dimension of a broader autonomy paradox – that the exercise of autonomous choice is itself a learned behavior (Cohen, 2000). With a focus on behavioral consciousness rather than behavioral change, librarians can deliver learning opportunities that enable individuals to realize their autonomy, take informed action on privacy preferences, and advocate for privacy policies and design affordances.

Privacy and librarianship

Privacy is a central tenant of modern librarianship in the US. Early discussions feature in the 1886 volume of Library Journal, in which members of the New York Library Club Dewey, Poole, and Coe debate the merits of privacy and confidentiality for reporting book thieves and bibliomutilators (Nelson, 1886). In that same year, Woodruff of Cornell University Library published a paper in the American Library Association (ALA) proceedings admonishing excessive mechanization and scientific management in libraries, and extolling integrated library instruction and “private research” (Woodruff, 1886: 24) for cultivating “mental activity,” inquiry, and lifelong learning in undergraduate students (pp. 22–23). A half-century hence, the first Code of Ethics for Librarians adopted by the ALA in 1939 articulates the obligation to maintain the confidentiality of patrons’ private information (Ludington et al., 1939). The Library Bill of Rights was also adopted in 1939, and while intellectual freedom was always an organizing principle, it is not until 2001–2002 that the ALA recognized an official interpretation specifically regarding privacy (Magi and Garnar, 2015a).¹

Academic librarians likewise codified privacy values in the “Intellectual Freedom Principles for Academic Libraries: An Interpretation of the Library Bill of Rights,” adopted in 2000; however, privacy was not a consideration in the information literacy (IL) objectives and competency standards approved in 2001, and did not formally factor into academic library instruction practices until the adoption of the Framework in 2016 (ACRL, 2000; ACRL, 2001; ACRL, 2016a). Other notable initiatives include ALA’s Choose Privacy Every Day, an expansion of Choose Privacy Week which began in 2010, and the independent Library Freedom Project started in 2015 (Caldwell-Stone, 2018; Macrina, 2015; OIF Staff, 2010). These efforts culminated most recently in a 2019 amendment to the Library Bill of Rights – the new article VII recognizes a universal right to patron privacy and confidentiality, and calls on libraries to “advocate for, educate about, and protect people’s privacy” (ALA, 2019). It is for these and many other reasons that privacy scholar Richards (2015) celebrates librarians and the ALA Professional Code of Ethics as a model for preserving intellectual privacy and intellectual freedom.

Privacy in the LIS literature

With privacy as a core value of the library profession, it has been written about extensively in the LIS literature. Since the USA Patriot Act in 2001, the rise of social media in the early-2000s, and the release of NSA documents from Edward Snowden in 2013, among other societal developments as outlined in Figure 2, librarians have experienced renewed commitments to protect patron privacy in their capacity as information providers.

Figure 2.

A Brief History of Privacy & Libraries highlights key privacy developments in librarianship and civic affairs, with a primary focus on the US.

There is a surplus of literature serving as privacy primers and refresher pieces for library professionals. This is an obvious attempt to bring those in the profession up to date on current issues, obfuscation tools, privacy-friendly online practices, and to make the overarching case that librarians should remain committed to our values even as privacy is repeatedly declared dead. As Magi (2011: 188) states, “If librarians are to remain among society’s guardians of privacy, it will be valuable to have a broader and deeper understanding of what is at stake – of the many and varied ways in which privacy contributes to the well-being of both individuals and society.” Her excellent piece serves to educate librarians on the privacy scholarship from a wide variety of disciplinary perspectives and to make a case for why privacy still matters to society (Magi, 2011). Entire books have been written as guides to privacy fundamentals for information professionals (Connolly, 2018; Givens, 2015). Both titles include sections pertaining to PL and outreach, as well as practical information to supplement any knowledge gaps. Lambertson (2015) also contributed a curated bibliography for Library Journal to help librarians get up to date on surveillance technologies.

Critiques of professional practices based on core values and ethics make up a large component of the LIS literature coverage of privacy advocacy. Serious criticisms have been raised about many practices, including libraries’ enthusiastic adoption of social media (Lilburn, 2012); contracts with database vendors which conflict with core values and policies (Salo and Kharfen, 2016); academic libraries’ complicity and participation in the learning analytics practices of their home institutions (Hartman-Caverly, 2018; Jones and Salo, 2018; Prindle and Loos, 2017); and the adoption of personalization library systems, such as OCLC’s Wise (Fister, 2018) to name a few.

Zimmer’s (2013) review on patron privacy considerations in library literature serves as a seminal piece on how libraries have embraced and adopted Library 2.0 tools with insufficient attention paid to privacy-related concerns. He observes that there is negligible scrutiny of how pervasive implementation of these technologies will impact patron privacy and even less analysis of how to address potential privacy concerns; he cautions that this could lead to a policy vacuum and ends with a call for increased education and outreach to library professionals about privacy issues related to the proliferation of cutting-edge technology adoption (Zimmer, 2013).

While patron privacy is discussed in detail, practical applications of PL remain lacking. The need for PL has only increased with current events: the public’s erosion of trust in large tech companies – including Facebook, Amazon, and Google – and the increasingly pervasive presence of surveillance technologies in our everyday activities, both online and offline, have made the discussion of privacy all the more relevant. New and shocking examples of how individual citizens are being monitored are plentiful and increasing at a dizzyingly rapid rate ( New York Times, 2019).

Despite this, IL – particularly in higher education – has not answered the call for increased privacy awareness. An ALA survey on librarians’ attitudes regarding information and Internet privacy showed that “while over 75[%] of the respondents feel that libraries should play a role in educating the general public about privacy issues…only 13[%] indicate that their library has hosted or organized information sessions, lectures, or other public events related to privacy and surveillance over the past five years” (Zimmer, 2014: 138). A similar survey of academic librarians in Canada conducted by Tummon and McKinnon (2018) showed that while many respondents had attended professional development events related to privacy, 55%, not many worked at a library that hosted these opportunities for patrons, 19%.

Although the literature features abundant possibilities for librarians to educate their patrons about privacy, most of these papers are theoretical or opinion pieces. Few articles describe applied approaches to PL. Many pieces in the trade literature contain calls to action for the profession (Janes, 2014; Johnson, 2018; Kim, 2016). Several include specific recommendations for educating patrons (Cirella, 2012; Magnuson, 2011; Salo, 2013). It is worth note, that the focus of many of these articles is on patron privacy within the library context. This is an essential responsibility since the library, as an institution, cannot stand on any ethical ground without first upholding its core values and professional commitments. However, it seems that librarians are more comfortable with outreach that pertains to library-specific policies and actions, as opposed to the admittedly daunting task of PL and all that it entails. Furthermore, and of particular interest to the authors, many of these pieces are specific to public libraries (Maceli, 2018; Rundle, 2014) and K-12 institutions (Cirella, 2012; Maycock, 2010), rather than within higher education. In fact, several training and educational programs are available through public libraries (NYC Digital Safety, n.d.; San Jose Public Library, n.d.), and are documented in case studies within the K-12 context (Ballard, 2017; Seroff, 2017; Stephens, 2017).

Of articles that contain specific PL case studies, the majority focus on digital presence and online reputation management (Cirella, 2012; Magnuson, 2011; Maycock, 2010). This is understandable as it allows for concrete training of step-by-step tips people can follow to maintain a certain level of privacy. These workshops can even follow a model similar to the conventional point-and-click demonstration and have tangible outcomes for attendees. This approach, however, simply scratches the surface of PL by addressing only front-end features that people can easily control. It is the mechanisms on the back-end – algorithmic and artificial intelligence (AI)-based data modeling – that can have major, and often invisible, impact on individuals. This PL conundrum is highlighted by Hagendorff (2018: 137):

Even if media users’ level of literacy or knowledge about protective skills is very high or even professional, those skills are highly limited due to the fact that users cannot influence the internal rules of data analysis and data sharing of platforms, institutions, and services.

In the academic library context, PL topics seem to be addressed instructionally on a small scale as a part of a larger course or topic. Within a credit-bearing course, Witek and Grettano (2014) used the metaliteracy framework to discuss privacy topics in the context of social media. Tewell (2016) makes the call for related topics such as algorithmic bias to be covered under the lens of critical librarianship. IL initiatives specifically focused on PL as the main goal are shockingly absent with the notable exception of Wissinger’s (2017) work developing a PL framework in the healthcare science IL context.

Despite the deficiency of IL case studies, there are increased calls for PL to become a calculated responsibility of academic librarians’ instruction and educational outreach. Lowe (2016) builds the case for privacy/security to be integrated as a part of IL. She notes that privacy issues are often addressed by technology branches of the ALA as opposed to teaching sections, posing these concerns as “technology-based” and not “information-related” (Lowe, 2016: 6). Fortier and Burkell (2015: 60) endorse the view that librarians have the responsibility to raise the “privacy-related digital literacy of patrons.” Through their piece they promote an educational approach to PL and librarian continuing education on the topic (Fortier and Burkell, 2016). Wharton (2018) frames the issue of privacy around the ALA’s Core Values of Librarianship, specifically social responsibility. She draws the important distinction between academic librarians’ role in teaching digital literacy from their role in protecting patron data, making calls for purposeful outreach and education to students (Wharton, 2018: 42).

Privacy literacy instruction in academic libraries: Current practices

Recent publications propose theoretical frameworks for PL, present case studies of localized PL instruction efforts, and issue calls for librarians to include PL in their instruction programs, but no published data exists to systematically document and study current PL instruction practices across academic librarianship. This exploratory survey seeks to address this gap in current knowledge by analyzing current PL instruction practices in academic libraries.

Privacy literacy instruction survey methods

A survey instrument was developed to explore current practices of PL instruction in academic libraries (see Appendix A). Survey content and design was informed by similar work in the LIS and education literature (ALA, 2017; ACRL, 2016a; Campbell and Cowan, 2016; Cirella, 2012; Fisher et al., 2015; Guth et al., 2018; Harris et al., 2011; Hensley, 2015; Julien and Hoffman, 2008; Julien et al., 2018; Kaletski, 2017; Nathan et al., 2014; Pedley, 2016; Schulte and Knapp, 2017; Stockman et al., 2008). Designed in Qualtrics, the online survey was distributed via email listservs and accepted responses for six weeks from Thursday, 28 February through Thursday, 11 April 2019. Four listservs were selected for their reach and scope: ILI-L, infolit, acrlframe, and dss-dil_dg. Participation was sought from practicing academic librarians who have instructional duties as part of their professional roles. Participants were asked what privacy topics are taught, in what instructional contexts PL instruction occurs, what teaching and learning strategies are used in PL instruction, how PL instruction is assessed, and what factors influence PL instruction practices in academic libraries. The survey instrument was approved by Pennsylvania State University IRB as study number STUDY00011611; participants granted informed consent to participate.

Findings

The online survey generated 118 unique submissions, with 82 completed to the end. Survey design considerations, including multiple response questions, conditional logic, and skip permission, produce a different number of respondents and responses for each question as noted in the data tables.

Demographics

Most respondents, 71%, worked in public institutions, with the remaining 29% working in private colleges. Nearly half, 46%, worked at institutions with at least 10,000 full time enrollment (FTE) students, followed by 29% with 3000–9999 FTE. Almost half of respondents, 46%, work at a doctoral university, with another quarter, 26%, working at a Master’s college or university (Table 1).

Table 1.

Institutional demographics of survey respondents.

Institutional demographics
Institution Type	Public	Private	For-profit	Total
count	51	21	0	72
Student FTE	Fewer than 1000	1000–2999	3000–9999	At least 10,000	Total
count	4	16	24	37	81
Carnegie Classification	Doctoraluniversity	Master’s collegeor university	Baccalaureatecollege	Associate’s college	Special focusinstitution	Total
count	37	21	17	5	1	81

The vast majority of respondents, 81%, have library instruction as a primary job responsibility. In terms of academic library instruction experience, 36% of respondents have less than five years, an additional 36% have 5–10 years, 13% have 11–15, and 15% have more than 15 years. Lastly, the most common areas of instructional support of our respondents are general education, 16%, and first-year experience, 16%, with a wide distribution in other subject areas (Table 2). The overall demographic breakdowns of respondents are available in Table 1 (institutional demographics) and Table 2 (professional demographics).

Table 2.

Professional demographics of survey respondents.

Professional demographics
Library Instruction as Primary Responsibility	Yes	No	Total
count	65	15	80
Years of Academic Library Instruction Experience	Less than 5	5–10 years	11–15 years	More than15 years	Total
count	29	29	10	12	80
Areas of Instructional Support	Humanities	SocialSciences	STEM	HealthSciences	Business	Generaleducation	First-yearexperience	Co-curricular	Other
count	48	51	31	26	29	46	47	8	6

Privacy literacy practices

Respondents reported addressing a wide variety of PL topics in their instruction, as seen in Table 3. The top three most frequently covered topics are (1) filter bubbles; echo chambers, (2) censorship, and (3) targeted advertising. Authors suspect that topics (1) and (3) are a result of the fake news phenomenon and subsequent coverage in IL instruction. Survey free-text responses soliciting learning outcomes and learning objects support this theory. Of particular note is the fourth highest response, 35%, for I do not include privacy topics in instruction. The overall breakdown of privacy topics that academic librarians include in PL instruction (as categorized by the authors in the survey instrument) is available in Table 3. Participants are covering topics primarily in the areas of Data profiling and Consumer privacy.

Table 3.

Privacy topics included in PL instruction.

Topic	Response count	% of respondents (n=80)
I do not include privacy topics in instruction.	28	35.00
Data Profiling – category total	155	n/a
Filter bubbles; echo chambers	37	46.25
Targeted advertising	33	41.25
Algorithmic/machine bias; data discrimination	26	32.50
Algorithms; modeled data	24	30.00
Recommender systems (ex. Facebook’s People You May Know)	17	21.25
Automatically monitored data (metadata)	11	13.75
Sentiment analysis/shaping	7	8.75
Consumer Privacy – category total	128	n/a
Account privacy; authentication	27	33.75
Social media; online identity management	25	31.25
Private web browsing	18	22.50
Reading Terms of Service/Use	15	18.75
Mobile devices; apps; location-based services	13	16.25
Streaming services; cloud computing	9	11.25
Educational privacy; FERPA; learning analytics	8	10.00
Health data; genetic analysis	7	8.75
Smart devices; Internet of Things	6	7.50
Intellectual Freedom – category total	88	n/a
Censorship	33	41.25
Right to privacy; civil liberties; social justice	28	35.00
Data ethics	17	21.25
Selfhood; identity formation; individual will	10	12.50
Surveillance – category total	54	n/a
Chilling effect; self-censorship	18	22.50
Corporate surveillance; surveillance capitalism	18	22.50
Government/law enforcement surveillance	13	16.25
Workplace monitoring	5	6.25
Professional Applications – category total	24	n/a
Privacy regulations (ex. HIPAA)	13	16.25
Privacy policymaking (data governance, privacy auditing, privacy impact assessment)	8	10.00
Data laundering	3	3.75
Other	2	2.50
Total	479	n/a

The primary methods of instruction reported by participants are (1) lecture or demonstration, (2) large group discussion, and (3) small group discussion or think-pair-share. A full breakdown of pedagogical methods academic librarians use for PL instruction is available in Table 4.

Table 4.

Pedagogical methods used for PL instruction.

Method	Response count	% of respondents (n=53)
Lecture or demonstration	34	64.15
Large group discussion	30	56.60
Small group discussion or think-pair-share	22	41.51
Personal reflection	21	39.62
Privacy topics used as examples in search demonstrations	18	33.96
Case study analysis	14	26.42
Hands-on/applied activities (ex. setting device privacy preferences)	12	22.64
Pro/Con debate	10	18.87
Other	3	5.66
Total	164	n/a

In terms of PL instruction contexts, respondents overwhelmingly cover these topics in the one-shot session, 91%; one-on-one consultations were the second most common context, 45%, with credit-bearing courses at 34%. Table 5 gives a full breakdown of contexts in which academic librarians deliver PL instruction.

Table 5.

Contexts in which PL instruction is delivered.

Context	Response count	% of respondents (n=53)
Mediated
One-shot session	48	90.57
One-on-one consultation	24	45.28
Credit-bearing course	18	33.96
Standalone workshop	11	20.75
Embedded librarianship	8	15.09
Team-taught course with subject faculty	2	3.77
Disintermediated
Resource guide (Ex.: LibGuides, list of sources)	16	30.19
Library displays or passive programming	14	26.42
Other	4	7.55
Independent learning activity (ex. handout or online module)	3	5.66
Social media	2	3.77
Total	150	n/a

Respondents cited (1) core values of librarianship; professional code of ethics, 68%, (2) ACRL Framework (Information has Value), 64%, and (3) Student interest, 42%, as the top bases for PL in instruction. The overall breakdown of the rationale for academic librarians engaged in PL instruction is available in Table 6.

Table 6.

Rationale for engagement in PL instruction.

Rationale	Response count	% of respondents (n=53)
Core values of librarianship; professional code of ethics	36	67.92
ACRL Framework (Information has Value)	34	64.15
Student interest	22	41.51
Information literacy program outcome	13	24.53
Subject faculty request/collaboration	13	24.53
Not addressed by other co-/curricular units	11	20.75
Subject-based learning outcome (ex. HIPAA in health science)	6	11.32
Other	6	11.32
Total	141	n/a

Respondents’ top PL instruction assessment² methods were (1) feedback from students, 62%, (2) do not assess, 48%, and (3) self-reflection, 38%. Based on additional survey options with formal student feedback methods, the authors believe that the top assessment method is informal student feedback. Table 7 provides a full breakdown of methods used by academic librarians to assess PL instruction.

Table 7.

Methods used to assess PL instruction.

Assessment	Response count	% of respondents (n=52)
Do not assess	25	48.08
Informal
Feedback from students	32	61.54
Self-reflection	20	38.46
Feedback from subject faculty	17	32.69
Feedback from librarian/peer	15	28.85
Formative assessment (ex. worksheets)	14	26.92
Formal
Self-evaluation	18	34.62
Student evaluation of instruction	13	25.00
Summative assessment (ex. graded assignment)	10	19.23
Subject faculty evaluation of instruction session	6	11.54
Pre- and post-session test results	5	9.62
Peer observation/evaluation	5	9.62
Transactional statistics (ex. number of visits to a library guide)	4	7.69
Other	1	1.92
Total	185	n/a

In response to professional satisfaction among academic librarians regarding PL instruction practices at their institution, 54% of participants reported being extremely dissatisfied or somewhat dissatisfied; 37% reported being neither satisfied nor dissatisfied; and only 9% reported being extremely satisfied or somewhat satisfied. A more granular breakdown of professional satisfaction based on librarians who do not include privacy topics and those who do include privacy topics in their instruction is included in Table 8.

Table 8.

Distribution of professional satisfaction among librarians regarding PL instruction practices at their institutions.

Satisfaction level	Response count for respondents who do not include privacy topics in instruction	% of respondents (n=81)	Response count for all other respondents	% of respondents (n=81)
Extremely satisfied	0	0.00	2	2.47
Somewhat satisfied	1	1.23	4	4.94
Neither satisfied nor dissatisfied	11	13.58	19	23.46
Somewhat dissatisfied	10	12.35	22	27.16
Extremely dissatisfied	6	7.41	6	7.41
Total	28	n/a	53	n/a

When asked about factors influencing the lack of delivery, or dissatisfaction with, PL instruction, respondents most frequently responded with (1) I do not have enough instructional time to address privacy, 80%, (2) Privacy is not a priority learning outcome for IL sessions, 62%, (3) I do not have the expertise to teach about privacy, 40%, (4) Lack of subject faculty support, 40%, and (5) I do not have time to develop privacy learning activities/lesson plans, 29%. Of significance to the authors was the time restriction cited by respondents, both in dedicated instructional time and in development of educational resources. Another interesting finding was that no respondent cited another campus department teaching privacy topics. A full breakdown of barriers to satisfactory delivery of PL instruction by academic librarians is available in Table 9.

Table 9.

Barriers to satisfactory delivery of PL instruction.

Barrier	Response count	% of respondents (n=55)
I do not have enough instructional time to address privacy	44	80.00
Privacy is not a priority learning outcome for IL sessions	34	61.82
I do not have the expertise to teach about privacy	22	40.00
Lack of subject faculty support	22	40.00
I do not have time to develop privacy learning activities/lesson plans	16	29.09
Lack of library administration support	10	18.18
Other	6	10.91
I don’t know	4	7.27
Lack of student interest	3	5.45
Privacy literacy falls outside of information literacy	2	3.64
Another campus department teaches about privacy	0	0.00
Total	163	n/a

Discussion

From the survey results, it is evident that academic librarians are addressing PL-related topics using a variety of methods and in numerous contexts. The rate of dissatisfaction (Table 8), however, suggests that there is interest and motivation to cover these topics, but the barriers of time – both time to prepare educational opportunities and dedicated instructional time – professional expertise, and support from administration (Table 9) hinder librarians’ ability to execute PL initiatives. This might also explain librarians’ reliance on didactic pedagogies, lecture and large group discussion (Table 4), which typically require less preparation and class time than more active learning modalities. The lack of reported campus departments covering these important issues (Table 9) makes it even more vital that academic librarians take on the responsibility to introduce PL to the curricula at their home institutions.

Under closer inspection, the authors suspect that many of the PL topics being addressed in IL contexts are not motivated from a privacy education or advocacy focus. Survey free-text responses soliciting learning outcomes and learning objects reveal that many of these topics are borne of fake news, critical librarianship, and diversity initiatives.³ While these are valuable and vital contributions to IL instruction, the authors here are advocating for privacy-centric initiatives and programs that place the focus of instruction on PL.

Contrary to common critiques of privacy advocacy, students do care about privacy (Richards, 2014). Public polling data refutes this myth (Rainie, 2018), as does data from this survey. Not only did 42% of respondents cite student interest as a basis for PL (Table 6) but student feedback, 62%, was cited as the primary assessment method of instruction (Table 7). This validates the rationale that students do express care about privacy. The data from the authors’ formal assessment of their privacy workshop, as discussed in the following section, also confirm this theory (Figure 3).

Figure 3.

Distribution of student responses from Privacy Workshop feedback form.

Limitations

This survey aimed to establish a baseline of academic librarian interest and practice in the area of PL. The authors also hoped to advance scholarship on PL instruction in academic libraries by identifying avenues for further study and plan to develop a qualitative follow-up study of PL practices among academic librarians. This data includes only a small sample size, a total of 82 finished surveys, of academic librarians with teaching responsibilities; findings are exploratory and not assumed to be generalizable. Due to the email listserv recruitment method, self-selection bias and convenience/snowball sampling biases are limitations to the study design. Because no prior published data exists on the subject of PL instruction practices in academic libraries, this study aimed to establish a baseline of librarian interest and practice in this area, and even a low response rate is itself an indicator of the status of PL instruction in academic libraries.

Privacy literacy possibilities: Case study and call to action

At Penn State Berks, the first-year experience (FYE) program and the library have a close relationship which includes open house events, as well as a topical IL workshop series. The authors, having a shared view that PL is a neglected topic within IL instruction, embarked on a collaboration to leverage the library’s FYE connections into a way to engage the campus community in this vital and emerging literacy.

Once it was decided that a digital privacy workshop was to be developed for a first-year student audience, the authors set out to find a theoretical framework to ground their pedagogy. Identifying one of the few case study examples in the academic library literature, Wissinger’s (2017) article expands upon Rotman’s (2009) PL theoretical framework, which posits that PL is a cognitive experience and aligns it with critical thinking. The authors used backward design to develop their Privacy Workshop (Chisholm and Hartman-Caverly, 2018) applying Wissinger’s (2017) critical thinking alignment to the Framework; specifically, two knowledge practices in the Information has Value frame:

understand how the commodification of their personal information and online interactions affects the information they receive and the information they produce or disseminate online;

and

make informed choices regarding their online actions in full awareness of issues related to privacy and the commodification of personal information (ACRL, 2016a).

Also relevant is the Information has Value disposition of students “examin[ing] their own information privilege” – or, as is often the case with respect to privacy, the potential lack thereof (ACRL, 2016a).

The authors sought to illuminate the invisible forces behind online data collection and facilitate a shift in students’ conceptual understanding of privacy. Recognizing that PL practices archetypally only comprise knowledge practices to enact protection through privacy enhancing tools without addressing the complex, systematic surveillance practices of corporations and government which can lead to a detrimental sense of control (Hagendorff, 2018: 139), the authors aimed to dig deeper. As a result of these aspirations, the following learning outcomes were developed:

Students will be able to:

recognize how their personal data and metadata are collected, along with the potential implications of such data collection;

assess how their data is shared and make informed, intentional choices to safeguard their privacy;

identify privacy issues facing our society;

describe the positive case for privacy as a human right fundamental to individual well-being.

In lieu of a prescriptive approach, a variety of active learning activities are implemented with ample opportunity for formal and informal assessment (Hartman-Caverly and Chisholm, 2018). The workshop is sequenced based on the three types of data – consciously given, automatically monitored, and modeled – laid out by Ip (2018). Students warm up by visiting stations to reflect on their privacy practices and values. They are then asked to independently use a list of interactive websites to explore data tracking and their personal advertisement behavioral profiling in real time, to unveil backend algorithmic processes that are typically invisible to users. To connect these processes beyond narrow individual experiences, small groups analyze case studies to observe how online behaviors impact real-world opportunities for individuals and society. Each activity is followed by large group discussion where students have the option to share thoughts and librarians can contextualize issues and answer questions. The workshop culminates in a personal reflection on the benefits and risks of technology use to develop purposeful online behaviors and habits that align with their individual values in the form of a personal data plan. Activities and examples of student responses can be viewed on the Privacy Workshop guide (Chisholm and Hartman-Caverly, 2019).

Overall, the workshop espouses a proactive rather than reactive approach and presents a spectrum of privacy preferences across a range of contexts. The authors seek to respect students’ autonomy and agency in personal technology use by developing their knowledge practices regarding privacy and the commodification of personal information while also embodying the core library value of intellectual freedom.

Assessing privacy literacy instruction

The authors developed a webform assessment instrument comprised of four statements with Likert-scale responses and a free text response field to measure the impact of the Privacy Workshop (see Appendix B). In the academic library context, the Information has Value frame can serve as a guide to PL instruction and assessment. Three statements assess the impact of PL instruction on students’ privacy-related knowledge practices. The first statement evaluates whether students learned something new about the real-world impacts of personal data, while the second statement assesses whether students feel equipped with new strategies to develop and act on individual privacy preferences. The third statement asks whether students developed “a new way to think about privacy” generally, and is intended to bridge between privacy literate knowledge practices and dispositions. The final statement addresses the disposition of information privilege that comes with greater PL by asking whether students are motivated to share something they learned about privacy with a loved one.

The Privacy Workshop Feedback form was completed by 200 participants between 26 September 2018 and 5 November 2019. Of these, 185 respondents agreed or strongly agreed that they learned something new about the real-world impact of personal data (93%), 181 respondents agreed or strongly agreed that they developed new strategies to evaluate privacy preferences and to manage personal data accordingly (91%), 171 respondents agreed or strongly agreed that they learned a new way to think about privacy (86%), and 168 agreed or strongly agreed that they would share something they learned with a friend or family member (84%) (Figure 3). A purposive sample from the 64 free-text comments further illustrates what first-year college students valued about the Privacy Workshop learning experience:

People collect more about me online than I thought, and use the information in different ways than I thought.

Browsers collect information without you even knowing. They can even sell it to other companies if you give them permission without even realizing it. I mean, no one reads the terms and conditions but maybe we should start.

I really appreciated the resources provided at the end that help interpret the legal jargon that comes with privacy protection.

The Data Privacy Check-List that I should look towards whenever I get an app or make a profile can be very useful.

Making me be aware of the importance of protecting my privacy, which i [sic] never thought before. I did not know there are so many ways to steal my data and i [sic] will pay attention in the future.

Interactive activities helped much in understanding how and why me as a person can be effected [sic] by technology and why these companies and people collect it.

Privacy in the modern world is not what I thought it was.

Based on this quantitative and qualitative data, the Privacy Workshop is both impactful and meaningful for undergraduate students, and the authors recognize PL instruction and programming as a growth area for our library and campus community.

Future possibilities in privacy literacy instruction

Disruptive technology has, among other things, disrupted privacy culture. The disruption of privacy culture has broad implications for individuals, information, and society. PL enables individuals and groups to recognize, analyze, and act on shifts in privacy culture in intentional and considered ways. This article introduces the history of PL in a broad survey of privacy theory and practice, situates PL in the domain of library instruction, and documents the present state of PL initiatives in academic libraries, demonstrating a gap between the delivery of PL learning opportunities and the needs of the communities we serve.

PL needs to be about more than social networking site privacy preferences and online reputation management. To flatten this emerging literacy into these types of simplistic solutions does real harm by imbuing students with a false sense of security and control (Brandimarte et al., 2012) and unintentionally normalizing the growing social justice issues related to algorithmic bias (O’Neil, 2016). Privacy is a value system before it is a technology, and academic librarians work with students who are the future of these technologies. They will be both the consumers and adopters, as well as designers, programmers, marketers, investors, and administrators who make decisions on how and whether to execute these systems. Why would academic librarians not equip them with the knowledge and ethical framework to engage with these complex issues? Librarians are well placed as information professionals with solid ethical values to take on this responsibility and lead the effort in higher education toward an intentional integration of PL into curricula. Realistically, however, surveillance technologies are evolving at a pace that is daunting to maintain, and academic librarians often lack time, knowledge, resources, and support to develop new initiatives like a PL program.

The survey presented here, which identified barriers to PL practices, showed that academic librarian colleagues are already doing amazing and impressive work in this area. Despite this evidence, when the authors deposited their Privacy Workshop into the ACRL Sandbox (ACRL, 2016b) and Project CORA (Loyola Marymount University Library, 2019), they were the first to create and use the “privacy” and “digital privacy” tags. At the time of writing, only one other activity has been indexed with one of these tags. Librarians must begin developing, assessing, and sharing their PL work, if for no other reason than to help colleagues who are less equipped – as the survey revealed – to develop these lesson plans and initiatives. The authors invite academic librarians to make available open educational resources for PL, publish and present on PL initiatives, and host workshops and training sessions to cultivate self-efficacy in fellow librarians to undertake this work. Current events show that this very well may be the moral imperative of our time. And in higher education, the authors wonder, “If not now, when? If not us [librarians], who?” (George Romney as quoted in Nathan et al., 2014: 112).

The authors appreciate the very real constraints on academic librarians’ time, both within and outside the classroom, which preempts investment in professional education, developing instructional materials, and delivering PL learning experiences. First, the authors encourage librarians to prioritize professional development on privacy as it intersects with their professional activities, be it in direct service to patrons, administration of library services or technology, resource description or preservation, or delivery of information services. Volumes of trade literature, webinars, workshops, and more are available on these subjects, and many are free or low-cost. Then, the authors advocate for librarians to share what they know, in what ways they can. In the context of academic library instruction, survey findings point to low-hanging fruit learning opportunities that pose few or flexible demands on time and effort, including selecting privacy topics for search demonstrations, developing library displays or other passive programming, or sharing content on library-branded social media. Committing to these activities has a multiplier effect in that the librarian learns more about privacy while developing these learning opportunities for others, thus cultivating professional self-efficacy to pursue more time- and resource-intensive PL initiatives. Finally, the authors encourage critical self-reflection on the convictions that students and faculty do not value privacy or PL. The privacy paradox notwithstanding, these claims are not supported by public polling data, civic sentiment, or the survey findings and workshop assessment data presented here. Librarians’ special obligation to intellectual freedom includes not only the stewardship and delivery of information, but also promoting a robust privacy culture (ALA, 2008; 2019). Privacy is always “a collective work in progress” (Keizer, 2002: 65), and given the current state of privacy culture, we need all hands on deck – including, and especially, librarians.

Footnotes

Declaration of conflicting interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

ORCID iD

Sarah Hartman-Caverly

Notes

Appendix A

Appendix B

References

American Library Association (ALA) (2008) Professional ethics. Available at: www.ala.org/tools/ethics (accessed 26 June 2019).

American Library Association (ALA) (2017) Privacy. Available at: www.ala.org/advocacy/privacy (accessed 25 June 2019).

American Library Association (ALA) (2019) Library Bill of Rights. Available at: www.ala.org/advocacy/intfreedom/librarybill (accessed 21 June 2019).

Anderson

Rainie

(2018) The future of well-being in a tech-saturated world. Available at: www.pewinternet.org/2018/04/17/the-future-of-well-being-in-a-tech-saturated-world/ (accessed 26 June 2019).

Association of College & Research Libraries (ACRL) (2000) Intellectual freedom principles for academic libraries: An interpretation of the Library Bill of Rights. Available at: www.ala.org/acrl/publications/whitepapers/intellectual (accessed 21 June 2019).

Association of College & Research Libraries (ACRL) (2001) Objectives for information literacy instruction: A model statement for academic librarians. Available at: www.ala.org/acrl/standards/objectivesinformation (accessed 21 June 2019).

Association of College & Research Libraries (ACRL) (2016a) Framework for Information Literacy for Higher Education. Available at: www.ala.org/acrl/standards/ilframework (accessed 21 June 2019).

Association of College & Research Libraries (ACRL) (2016b) ACRL Framework for Information Literacy sandbox. Available at: sandbox.acrl.org (accessed 26 June 2019).

Ballard

(2017) The right to obscurity vs. the digital Eye of Sauron. In: Fontichiaro

Lennex

Hoff

, et al. (eds) Data Literacy in the Real World: Conversations & Case Studies, 20–21 July 2017. Ann Arbor, MI: Michigan Publishing, pp. 62–64. Available at: http://datalit.sites.uofmhosting.net/wp-content/uploads/2017/08/data_literacy_in_the_real_world.pdf (accessed 11 December 2019).

10.

Barocas

Selbst

(2016) Big data’s disparate impact. California Law Review 104(3): 671–732.

11.

Benn

(1984) Privacy, freedom, and respect for persons. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 223–244.

12.

Birth

(2015) Increasing percentages of Americans have had positive outcomes from social media. Available at: theharrispoll.com/in-todays-world-social-media-usage-appears-to-run-rampant-at-times-aside-from-just-keeping-in-touch-with-friends-and-family-social-media-has-a-plethora-of-other-uses-but-while-more-americans-are/ (accessed 26 June 2019).

13.

Bloustein

(1984) Privacy as an aspect of human dignity: An answer to Dean Prosser. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 156–202.

14.

boyd dm (2008) Taken out of context: American teen sociality in networked publics. PhD Thesis, University of California Berkeley, USA. Available at: www.danah.org/papers/TakenOutOfContext.pdf (accessed 21 June 2019).

15.

Brandimarte

Acquisti

Loewenstein

(2012) Misplaced confidences: Privacy and the control paradox. Social Psychological and Personality Science 4(3): 340–347.

16.

Buschman

(2016) The structural irrelevance of privacy: A provocation. Library Quarterly: Information, Community, Policy 86(4): 419–433.

17.

Caldwell-Stone

(2018) More than a week – ‘Choose Privacy’ is now an everyday choice. In: ALA Member News. Available from: www.ala.org/news/member-news/2018/06/more-week-choose-privacy-now-everyday-choice (accessed 21 June 2019).

18.

Campbell

Cowan

(2016) The paradox of privacy: Revisiting a core library value in an age of big data and linked data. Library Trends 64(3):492–511.

19.

Center for American Politics (CAPS), Harvard University (2017) CAPS-Harris poll on technology and science. Available at: caps.gov.harvard.edu/news/caps-harris-poll-technology-and-science (accessed 26 June 2019).

20.

Chisholm

Hartman-Caverly

(2018) Privacy workshop. In: ACRL Framework for Information Literacy Sandbox. Available at: sandbox.acrl.org/ (accessed 24 June 2019).

21.

Chisholm

Hartman-Caverly

(2019) Privacy workshop. Available at: guides.libraries.psu.edu/berks/privacy (accessed 4 November 2019).

22.

Cirella

(2012) Beyond traditional literacy instruction: Toward an account-based literacy training curriculum in libraries. Computers in Libraries 32(10): 5–8.

23.

Cohen

(1996) A right to read anonymously: A closer look at ‘copyright management’ in cyberspace. Georgetown Law Faculty Publications and Other Works 814: 1–77.

24.

Cohen

(2000) Examined lives: Informational privacy and the subject as object. Stanford Law Review 52(5): 1373–1438.

25.

Cohen

(2013) What privacy is for. Harvard Law Review 126(7): 1904–1933.

26.

Cohen

(2019) Turning privacy inside out. Theoretical Inquiries into Law 20(1): 1–31.

27.

de Jager

(2017) Approaches to impact evaluation in academic libraries: A review of a new ISO standard. IFLA Journal 43(3): 282–287.

28.

Connolly

(2018) User Privacy: A practical Guide for Librarians. New York: Roman & Littlefield.

29.

Fisher

Price

Telljohann

, et al. (2015) A national assessment of colleges and university school health education methods courses. Journal of School Health 85(4): 223–230.

30.

Fister

(2018) Lessons from the Facebook fiasco. In: Library Babel Fish. Available at: www.insidehighered.com/blogs/library-babel-fish/ (accessed 20 April 2019).

31.

Fortier

Burkell

(2015) Hidden online surveillance: What librarians should know to protect their privacy and that of their patrons. Information Technology and Libraries 32(3): 59–72.

32.

Fried

(1984) Privacy [a moral analysis]. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 203–222.

33.

Gandy

(1993) The Panoptic Sort: A Political Economy of Personal Information. Boulder, CO: Westview.

34.

Geiger

(2017) Most Americans – especially Millennials – say libraries can help them find reliable, trustworthy information. Available at: www.pewresearch.org/fact-tank/2017/08/30/most-americans-especially-millennials-say-libraries-can-help-them-find-reliable-trustworthy-information/ (accessed 26 June 2019).

35.

Gerber

Volkamer

(2018) Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior. Computers & Security 77: 226–261.

36.

Givens

(2015) Information Privacy Fundamentals for Librarians and Information Professionals. New York: Roman & Littlefield.

37.

Gorman

(2015) Privacy. In: Our Enduring Values Revisited: Librarianship in an Ever-Changing World. Chicago: American Library Association, pp. 175–93. Available from: ProQuest Ebook Central.

38.

Guth

Arnold

Bielat

, et al. (2018) Faculty voices on the Framework: Implications for instruction and dialogue. portal: Libraries and the Academy 18(4): 693–718.

39.

Hagendorff

(2018) Privacy literacy and its problems. Journal of Information 27(2): 127–145.

40.

Harris

Lang

Yates

, et al. (2011) Incorporating ethics and social responsibility in IS education. Journal of Information Systems Education 22(3): 183–189.

41.

Hartman-Caverly

(2018) Our ‘special obligation’: Library assessment, learning analytics, and intellectual freedom. In: Britto

Kinsley

(eds) Academic Libraries and the Academy: Strategies and Approaches to Demonstrate Your Value, Impact, and Return on Investment. Vol. 1. Chicago, IL: Association of College and Research Libraries, pp. 47–73.

42.

Hartman-Caverly

Chisholm

(2018) Privacy instruction from theory to practice. In: Session reports for the fall 2018 program: Librarians as advocates: Leading activism on your campus and beyond (M Donnelly), Philadelphia, USA, 26 October 2018. Philadelphia: Association of College & Research Libraries, Delaware Valley Chapter. Available at: http://www.acrldvc.org/news/2018/11/09/session-reports-for-the-fall-2018-program/ (accessed 27 June 2019).

43.

Hensley

(2015) A survey of instructional support for undergraduate research programs. portal: Libraries and the Academy 15(4): 719–762.

44.

Hildebrandt

(2019) Privacy as protection of the incomputable self: From agnostic to agonistic machine learning. Theoretical Inquiries in Law 20(1): 83–121.

45.

(2015) Privacy vs. privacy. EDUCAUSE Review, 25 February. Available at: er.educause.edu/blogs/2015/2/privacy-vs-privacy (accessed 21 June 2019).

46.

Hoofnagle

King

, et al. (2010) How Different are Young Adults from Older Adults when it Comes to Information Privacy Attitudes & Policies? Rochester, NY: SSRN.

47.

International Organization for Standardization (ISO) (2014) Information and documentation – Methods and procedures for assessing the impact of libraries (ISO standard no. 16439:2014). Available at: https://www.iso.org/standard/56756.html (accessed 3 November 2019).

48.

(2018) Who controls your data? Engadget, 4 September. Available at: www.engadget.com/2018/09/04/who-controls-your-data/ (accessed 27 June 2019).

49.

Janes

(2014) None of your beeswax. American Libraries 45(5): 18.

50.

Johnson

(2018) Libraries in the age of artificial intelligence. Computers in Libraries 38(1): 14–16.

51.

Jones

KML

Salo

(2018) Learning analytics and the academic library: Professional ethics commitments at a crossroads. College & Research Libraries 79(3): 304–323.

52.

Julien

Hoffman

(2008) Information literacy training in Canada’s public libraries. Library Quarterly 78(1): 19–41.

53.

Julien

Gross

Latham

(2018) Survey of information literacy instructional practices in US academic libraries. College & Research Libraries 79(2): 179–199.

54.

Kaletski

(2017) Faculty perceptions of the Framework for Information Literacy for Higher Education. Endnotes: Journal of the New Members Round Table 8(1): 26–35.

55.

Karst

(1980) The freedom of intimate association. Yale Law Journal 89(4): 624–92.

56.

Keizer

(2012) Privacy. New York: Picador.

57.

Kim

(2016) Cybersecurity and digital surveillance versus usability and privacy: Why libraries need to advocate for online privacy. College & Research Libraries News 77(9): 442–451.

58.

Lambertson

(2015) Careful you’re being watched. Library Journal 140(13): 41.

59.

Lilburn

(2012) Commercial social media and the erosion of the commons: Implications for academic libraries. portal: Libraries and the Academy 12(2): 139–153.

60.

Lowe

(2016) Editor’s column: Information literacy & privacy/security. Codex: The Journal of the Louisiana Chapter of the ACRL 4(4): 1–8.

61.

Loyola Marymount University Library (2019) Community of Online Research Assignments. Available at: www.projectcora.org (accessed 26 June 2019).

62.

Ludington

Cleavinger

Coolidge

, et al. (1939) Midwinter council minutes: Code of ethics for librarians. American Library Association Bulletin 33(2): 128–130.

63.

Maceli

(2018) Encouraging patron adoption of privacy-protection technologies: Challenges for public libraries. IFLA Journal 44(3): 195–202.

64.

Macrina

(2015) An introduction. Available at: libraryfreedomproject.org/favorite/ (accessed 23 June 2019).

65.

Magi

Garnar

(2015a) Library Bill of Rights. In: History of ALA Policy on Intellectual Freedom: A Supplement to the Intellectual Freedom Manual. Chicago, IL: American Library Association, pp. 43–57.

66.

Magi

(2011) Fourteen reasons privacy maters: A multidisciplinary review of scholarly literature. Library Quarterly: Information, Community, Policy 81(2): 187–209.

67.

Magnuson

(2011) Promoting privacy: Online and reputation management as an information literacy skill. College & Research Libraries News 72(3): 137–140.

68.

Maycock

(2010) Choose privacy week and school libraries. Knowledge Quest 39(1): 69–72.

69.

Mooradian

(2009) The importance of privacy revisited. Ethics and Information Technology 11(3): 163–174.

70.

Moore

(1984) Privacy: Studies in Social and Cultural History. New York: ME Sharpe.

71.

Nathan

MacGougan

Shaffer

(2014) If not us, who? Social media policy and the iSchool classroom. Journal of Education for Library & Information Science 55(2): 112–132.

72.

Nelson

(1886) New York Library Club. Library Journal 11: 24–27.

73.

New York Times (2019) The privacy project. Available at: www.nytimes.com/interactive/2019/opinion/internet-privacy-project.html (accessed 25 June 2019).

74.

Nissenbaum

(2004) Symposium: Technology, values, and the justice system: Privacy as contextual integrity. Washington Law Review 79: 119–157.

75.

NYC Digital Safety (n.d.) Digital privacy & security in the library. Available at: nycdigitalsafety.org (accessed 24 June 2019).

76.

Office of Intellectual Freedom (OIF) Staff (2010) Privacy at ALA 2010 annual conference. In: Choose privacy every day blog. Available at: chooseprivacyeveryday.org/privacy-at-ala-2010-annual-conference/ (accessed 23 June 2019).

77.

O’Neil

(2016) Weapons of Math Destruction. New York: Broadway Books.

78.

Pedley

(2016) Privacy and the library user. In: CILIP Update . Available at: archive.cilip.org.uk/blog/privacy-library-user (accessed 25 June 2019).

79.

Posner

(1984) An economic theory of privacy. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 333–345.

80.

Prindle

Loos

(2017) Information ethics and academic libraries: Data privacy in the era of Big Data. Journal of Information Ethics 26(2): 22–33.

81.

Prosser

(1984) Privacy [a legal analysis]. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 104–155.

82.

Rachels

(1975) Why privacy is important. Philosophy & Public Affairs 4(4): 323–333.

83.

Rainie

(2018) Americans’ complicated feelings about social media in an era of privacy concerns. Available at: www.pewresearch.org/fact-tank/2018/03/27/americans-complicated-feelings-about-social-media-in-an-era-of-privacy-concerns/ (accessed 26 June 2019).

84.

Reiman

(1984) Privacy, intimacy, and personhood. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 300–316.

85.

Richards

(2015) Intellectual Privacy: Rethinking Civil Liberties in the Digital Age. Oxford: Oxford University Press.

86.

Richards

(2014) Four privacy myths. In: Sarat

(ed.) A World Without Privacy: What Law Can and Should Do? Cambridge: Cambridge University Press.

87.

Richards

(2013) The dangers of surveillance. Harvard Law Review 126(7): 1934–1965.

88.

Rotman

(2009) Are you looking at me? Social media and privacy literacy. In: iConference, Chapel Hill, NC, USA, 8–11 February 2009.

89.

Rundle

(2014) Who are you empowering? In the Library with the Lead Pipe. Available at: www.inthelibrarywiththeleadpipe.org/2014/who-are-you-empowering/?format=pdf.

90.

Salo

(2013) Breaking the panopticon. Library Journal 138(9): 14.

91.

Salo

Kharfen

(2016) Ain’t nobody’s business if I do (read serials). The Serials Librarian 70(1/4): 55–61.

92.

San Jose Public Library (n.d.) Virtual privacy lab. Available at: www.sjpl.org/privacy (accessed 24 June 2019).

93.

Schauer

(1978) Fear, risk and the First Amendment: Unraveling the chilling effect. Boston University Law Review 58: 685–782.

94.

Schoeman

(1984a) Privacy and intimate information. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 403–418.

95.

Schoeman

(1984b) Privacy: Philosophical dimensions of the literature. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 1–33.

96.

Schulte

Knapp

(2017) Awareness, adoption, and application of the Association of College & Research Libraries (ACRL) Framework for Information Literacy in health sciences libraries. Journal of the Medical Library Association 105(4): 347–354.

97.

Seroff

(2017) Big Data and you: Normalizing the practices of privacy. In: Fontichiaro

Lennex

Hoff

, et al. (eds) Data Literacy in the Real World: Conversations & Case Studies, 20–21 July 2017. Ann Arbor, MI: Michigan Publishing, pp. 58–61. Available at: http://datalit.sites.uofmhosting.net/wp-content/uploads/2017/08/data_literacy_in_the_real_world.pdf (accessed 11 December 2019).

98.

Shannon-Missal

(2015) Wearable tech familiarity and consideration on the rise. Available at: theharrispoll.com/in-comparison-to-two-years-ago-americans-are-increasingly-likely-to-have-at-least-heard-of-wearable-tech-83-vs-63-in-2013-and-to-say-theyre-either-very-or-somewhat-familiar-with-the-cate/ (accessed 26 June 2019).

99.

Smith

(2014) Half of online Americans don’t understand what a privacy policy is. Available at: www.pewresearch.org/fact-tank/2014/12/04/half-of-americans-dont-know-what-a-privacy-policy-is/ (accessed 26 June 2019).

100.

Solove

(2008) Understanding Privacy. Cambridge, MA: Harvard University Press.

101.

Solove

(2013) Introduction: Privacy self-management and the consent dilemma. Harvard Law Review 136(7): 1880–1903.

102.

Sovern

(1999) Opting in, opting out, or no options at all: The fight for control of personal information. Washington Law Review 74(4): 1033–1118.

103.

Stephens

(2017) Tools for preserving your personal and intellectual privacy. In: Fontichiaro

Lennex

Hoff

, et al. (eds) Data Literacy in the Real World: Conversations & Case Studies, 20–21 July 2017. Ann Arbor, MI: Michigan Publishing, pp. 55–57. Available at: http://datalit.sites.uofmhosting.net/wp-content/uploads/2017/08/data_literacy_in_the_real_world.pdf (accessed 11 December 2019).

104.

Stockman

Boult

Robinson

(2008) Multicultural/multilingual instruction in educational programs: A survey of perceived faculty practices and outcomes. American Journal of Speech-Language Pathology 17(3): 241–64.

105.

Strahilevitz

(2013) Toward a positive theory of privacy law. Harvard Law Review 126(7): 2010–2042.

106.

Tewell

(2016) Toward the resistant reading of information: Google, resistant spectatorship, and critical information literacy. portal: Libraries and the Academy 16(2): 289–310.

107.

Tummon

McKinnon

(2018) Attitudes and practices of Canadian academic librarians regarding library and online privacy: A national study. Library and Information Science Research 40(2): 86–97.

108.

United Nations (1948) Universal Declaration of Human Rights. Available at: www.un.org/en/universal-declaration-human-rights/ (accessed 26 June 2019).

109.

Warren

Brandeis

(1890) The right to privacy. Harvard Law Review 4(5): 193–220.

110.

Wasserstrom

(1984) Privacy: Some arguments and assumptions. In: Schoeman

(ed.) Philosophical Dimensions of Privacy: An Anthology. New York: Cambridge University Press, pp. 317–332.

111.

Westin

(1967) Privacy and Freedom. New York: Atheneum.

112.

Wharton

(2018) Ethical implications of digital tools and emerging roles for academic librarians. In: Fernandez

Tilton

(eds) Applying Library Values to Decision-Making in the Age of Open Access, Maker Spaces, and the Ever-Changing Library. Chicago, IL: American Library Association, pp. 35–54.

113.

Wiegand

(2016) ‘Baseless hysteria?’ ALA’s opposition to Section 215 of the USA Patriot Act. American Libraries, 31 May. Available at: americanlibrariesmagazine.org/2016/05/31/baseless-hysteria-patriot-act/ (accessed 23 June 2019).

114.

Wissinger

(2017) Privacy literacy: From theory to practice. Communications in Information Literacy 11(2): 378–389.

115.

Witek

Grettano

(2014) Teaching metaliteracy: A new paradigm in action. Reference Services Review 42(2): 188–208.

116.

Woodruff

(1886) University libraries and seminary methods of instruction. In: Papers and Proceedings of the eighth general meeting of the American Library Association, Milwaukee, WI, USA, 7–10 July 1886, pp. 21–26. Boston, MA: Rockwell and Churchill.

117.

Zimmer

(2013) Assessing the treatment of patron privacy in library 2.0 literature. Information Technology and Libraries 32(2): 29–41.

118.

Zimmer

(2014) Librarians’ attitudes regarding information and internet privacy. Library Quarterly: Information, Community, Policy 84(2): 123–151.