CHAPTER 192.355 PUBLIC RECORDS EXEMPT FROM DISCLOSURE
The following public records are exempt from disclosure under ORS 192.311 to 192.487: (23) The records of a library, including:
- Circulation records, showing use of specific library material by a named person
- The name of a library patron together with the address or telephone number of the patron; and
- The electronic mail address of a patron.
ACCESS TO PATRON RECORDS
- Library employees have legal access to patron records, but that access exists only insofar as employees need patron information to perform their specific duties in the library. Computer records, paper copies, and other patron-related material are kept confidential, except as noted in ORS § 192.355.
- Volunteers are not employees and cannot legally access patron records.
- Holds are tied to patron records; an item on hold for a patron must be checked out on that patron’s card.
- Print and email notifications contain the patron name and the title(s) of item(s) concerned. Mentioning the title of any item on hold to any person or allowing another person to check out that material (without preexisting consent), constitutes the illegal release of patron information.
LIBRARY RECORDS RETENTION POLICY
The Coastline librarians have an ethical responsibility, based on state statute, to protect the confidentiality of library users, including information sought or received, and materials consulted, borrowed, or acquired, or transmitted, or any other personally identifiable uses of library materials, facilities, or services. As caretakers of library users’ personal information, Coastline librarians have the responsibility to prevent access to that information that will result in patron privacy violations. It is the policy of the Coastline librarians to guard against such violations through system security and appropriate data practices.
The libraries cannot guarantee absolute privacy for library users. Electronic data or activity can, and will, be secured internally, but network traffic and data external to library physical networks that passes through a public communications network is outside the control of the libraries to secure. However, library staff will ensure that privacy is taken into account whenever information about individuals is gathered and stored. The minimum information, whether electronic or print, necessary to meet legitimate library goals will be kept, and it will be kept only as long as truly needed for library purposes or as required by record retention laws.
- Borrower circulation information is automatically expunged by the Coastline computer system upon return of materials from circulation and is not retrievable, I.e., the link between borrower and material checked out is broken upon return.
- Users of library computers for internet access or any other purpose will be asked only for identifying information that is absolutely necessary for the operation of the library. Any such necessary information that is obtained will be eliminated at the end of each day.
- No search histories, bookmarks, word processing documents, files, or any other patron-created computer data are saved on any public terminals. Disk clean up is run on each public computer nightly.
- Cookies, browser cached files, recycle bin data, and all other “deleted” or “session-related” files are eliminated at the end of each day up to the ability of any available software to execute.
- The libraries do not allow use of email clients on public computers so patron email messages sent or received using their own web-based accounts are not housed on library servers.
- Paper applications for library cards will be kept no longer than one week after entry of the data into the Coastline system and verification of accuracy.
- Information relating to interlibrary loan transactions will be retained by local libraries no longer than sixty days following termination of a transaction. The ESO will retain such information in accordance with the records retention policy of the college.
- Information on use of library meeting rooms or other facilities will be kept no longer than is necessary for operation of the library, including application forms containing names, organizational affiliation, phone numbers, or other data, and calendars of usage.
Approved by Coos County Library Directors 04/17/2003
PRIVACY STATEMENT RELATING TO THE USA PATRIOT ACT
The USA PATRIOT ACT, or “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act,” was enacted October 26, 2001. The Act amends over 15 federal statutes including criminal procedures, computer fraud and abuse, foreign intelligence, wiretapping, immigration, and the privacy of student records. These amendments increase FBI and law enforcement authority to gain access to business records, medical records, educational records, and library records, including stored electronic data and communications. They also expand the laws governing wiretaps and “tap and trace” phone devices to internet and electronic communications.
As citizens, librarians understand the importance of maintaining national security and public safety, and recognize that law enforcement agencies and officers may occasionally believe that library records contain information which would be helpful to the investigation of acts of terrorism or threats to the security of our nation. If there is a reasonable basis to believe such records are necessary to the progress of an investigation or prosecution, the American judicial system provides the mechanism for seeking release of such confidential records, and librarians and committed to cooperating in such inquiries as required by law.
However, while intended to enhance the government’s ability to prevent and fight terrorism, certain provisions of the USA PATRIOT Act expand the authority of the federal government to engage in surveillance and investigative activities that threaten the privacy rights of library users and undermine the confidentiality that supports the free exchange of ideas so critical for democracy. These provisions of the Act do not protect us from terrorism. Rather, they cast a wide net of suspicion and surveillance over the community of readers, researchers, and information-seekers.
The Coastline librarians believe that it is especially crucial for a free society to remain vigilant against threats to its liberties, including threats to the privacy rights of library users, during periods of national stress and crisis, when those liberties are most at risk. It has long been the professional ethic of librarianship to protect the confidentiality of those who use library services, and that protection must especially continue in these trying times.
Approved by Coos County Library Directors 04/17/2003
Amended by Coos County Library Directors 05/22/2003