I feel like everyone I know is at least a little concerned about their right to privacy these days. We all know that we’re in the “digital age” , and it can be hard to pin down exactly what that means for our privacy rights. I find it useful to turn to history in times of uncertainty, and maybe you do, too! The following timeline is a series of important moments in the history of your right to privacy today.
Let’s start way back in Ancient Greece. You might have guessed that privacy isn’t a new idea, but did you know that it wasn’t always desirable? In Ancient Greece, public life and private life were very separate. Public life, or polis, was for free men. It was the sphere of freedom, ideas, and action. Meanwhile, private life was for women and slaves. Private life existed only to fulfil the needs of a human body, like food and rest. In Ancient Greece, if you lived a life in private, you weren’t fully human. To be human was to be publicly involved and publicly perceived.
For more information:
Keigo Komamura, “Privacy’s Past: The Ancient Concept and Its Implications for the Current Law of Privacy”
Hannah Arendt, “The Human Condition”
Okay, so privacy was a thing, even if it wasn’t always something you wanted. But what about human rights? While we won’t get to the concept of “human” rights for a while, we should make a pitstop in 1140s Italy, when a monk named Gratian completed a compilation of 4,000 texts called the “Decretum Gratiani.” The Decretum was made up of texts that described judicial relationships within the Catholic Church, giving historians a huge insight into how rights were perceived during this time period. The Decretum Gratiani proves to us today that medieval people understood and supported the idea of natural rights (rights that everyone is born with and that cannot be taken away) and agreed that those natural rights could and should be protected.
For More Information:
Antonio Padoa-Schioppa, “A History of Law in Europe: From the Early Middle Ages to the Twentieth Century”
The concepts of privacy and natural rights continued to circle each other for centuries as thinkers and lawmakers mulled them over. In 1689, John Locke published his seminal treatise on property, writing that “every man has a property in his own person... The labour of his body, and the work of his hands, we may say, are properly his.” Some scholars today think that Locke’s definition of property was so broad that it might help us think about protecting our privacy from technological intrusions and invasions of data privacy. It is certainly true that Locke’s thoughts on property and other natural rights are important cornerstones of American and international law, and have shaped privacy law.
How do we know that Locke’s thoughts on natural rights shaped privacy law? Because they shaped the Bill of Rights! A century after Locke published his treatise on property, the United States of America adopted the Bill of Rights. This document protects the natural rights of American citizens and is a foundational text for American law, as it accompanies the Constitution. It is also a foundational text for privacy law, specifically. The Bill of Rights contains what we may consider “nods” to privacy rights – it never explicitly expresses a citizen’s right to privacy, but it does come close! We often refer to the first amendment as the freedom of religion, but it may also be interpreted as the right to religious privacy. Usually when we think of privacy and the Bill of Rights, we think about the fourth amendment, which doesn’t say “you have a right to privacy” but comes pretty close, expressing “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.”
The first time that privacy rights are formally introduced to the American legal sphere was in 1890, with Samuel D. Warren and Louis Brandeis’ seminal work, “The Right to Privacy.” While “The Right to Privacy” was not legislation, it did lay the foundation for torte law regarding privacy. Warren and Brandeis were worried about recent technological advancements and how people using those technologies might be able to invade a persons’ privacy if that privacy were not explicitly protected (sound familiar?). They wrote that these recent inventions, like “instantaneous photographs,” made it important to be able to protect private and domestic life from invasion.
Reading “The Right to Privacy” today is almost spooky; Warren and Brandeis were right on the money when they wrote that “numerous mechanical devices threaten to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the house-tops.’” If not spooky, it’s at least relatable. Is Alexa listening to what we whisper in our closet, and shouting it from the housetop of Amazon’s headquarters? And “instantaneous photographs” have taken on a whole new meaning in the era of social media – never mind newspapers.
Warren and Brandeis did more than express worry, though. They argued that there should be protections for a person’s right to be “let alone.” This was the first time that people argued that a person’s right to privacy should be legally protected in America.
A little over half a century later, in the aftermath of World War II, the global community recognized the need to protect fundamental human rights. So, in 1948, the United Nations General Assembly adopted the Universal Declaration of Human Rights. Article XII of the Declaration states that “no one shall be subjected to arbitrary interference with his privacy, family, home or correspondence... Everyone has the right to the protection of the law against such interference.” This was a foundational moment for how we understand privacy today, as a human right, and laid the groundwork for future legal protections of privacy all over the globe.
For more information:
Universal Declaration of Human Rights
A couple of decades later, Americans were beginning to put two and two together. Privacy was now a human right, and one might argue that the Bill of Rights protected it, even if indirectly. In the 1965 Supreme Court case Griswold v. Connecticut, the Court ruled that a Connecticut law forbidding the use of contraceptives violated the right of marital privacy. Justice William O. Douglas famously wrote that the Constitution implicitly guarantees a citizens’ right to privacy, referring to it as a right within the “penumbra” of specific guarantees of the Bill of Rights. This case stated that even though the Bill of Rights doesn’t use the word privacy, it’s still a big part of how Americans’ right to privacy is granted and protected.
In 1974, the United States federal government passed the Privacy Act (Public Law 93–579, 88 Stat. 1896, enacted December 31, 1974, 5 U.S.C. § 552a). Sounds promising, doesn’t it? Well, it wasn’t terribly far reaching. In fact, it only applied to federal agencies. But it did change a lot about how the federal government respected and protected the privacy rights of American citizens. The Privacy Act recognized the responsibility that the government itself has in protecting individuals’ information, and was designed to safeguard individual privacy from the misuse of federal records. When it became law, it granted individuals the right to request their records from federal agencies, request amendments to records that were inaccurate, untimely, or incomplete, and protected people against “unwarranted invasion of their privacy through the maintenance, use, and disclosure of personal information.”
In 1986, American law started to protect privacy on a grander scale than federal agencies. The Electronic Communications Privacy Act of 1986 (Public Law 99-508, 100 Stat 1848) took a stab at protecting what we might today consider “data privacy.” This law protects communications from interception while they are being made, while they’re on their way, and when they are stored on computers, and applies to emails, telephone conversations, and electronically stored data. This law has since been updated several times to keep up with new technologies. It was also updated by the Patriot Act, in 2001, which brings us to another chapter in privacy rights.
In the aftermath of the September 11th terrorist attacks in 2001, the United States began to grapple with how to protect both privacy and national security. The Patriot Act (Public Law 107-56, 115 Stat 272), introduced less than a week after the attacks, explicitly allowed more surveillance of the American public than ever before. It allowed for both domestic and international wiretapping and walked back protections on electronic communications. For more information about how libraries approached the Patriot Act and its threats to patron privacy, see my first blog post in this series on libraries and privacy. While the Patriot Act did expire in March, 2020, federal law enforcement agencies still retain most of the authorities granted by the original act.
In 2019, the United Nations returned to the issue of privacy full force after half a century. A resolution was adopted by the Human Rights Council (HRC) in September 2019. The Council expressed concern that “individuals often do not and/or cannot provide their free, explicit, and informed consent to the collection, processing, and storage of their data.” Just think of all the terms of service you have agreed to throughout your life just to use the internet, and you’ll understand this concern! The HRC also affirmed that “the same rights that people have offline must also be protected online, including the right to privacy,” calling back to their initial Universal Declaration of Human Rights. Finally, the Council expressed that while new and emerging technologies, such as Artificial Intelligence, have the potential to infringe on one’s right to privacy, such risks should be minimized through regulation that ensures “a safe, secure, and high-quality data infrastructure and by developing human-centered auditing mechanisms, as well as redress mechanisms.”
In 2020, the United Nations General Assembly responded to the Human Rights Council, affirming the need to discuss the right to privacy once again now that we are in the digital age, and affirming that “the right to privacy is important for the enjoyment of other rights,” as it affects political, economic, social, and cultural spheres.
Were you worried that American privacy protections were gone with the Patriot Act? Not so! The United States is keenly aware of the privacy rights issues we face in the present day, and as we look to the future of privacy rights, we might consider the American Privacy Rights Act of 2024, which was introduced on April 7th of this year (but has not been made law). This proposed act “would establish national consumer data privacy rights and set standards for data security.” Basically, if you’ve ever consumed anything online (whether that means you’ve gone online shopping, signed up for Facebook, or trained your TikTok algorithm), this bill is meant to protect you. If passed, it would give you the right to access data collected about you, as well as correct, delete, and export it. Plus, it would give you the right to opt out of targeted advertising, a process that looks at your personal data to try to discern what you might like to buy. All of which is to say, if you’re worried about your privacy in this digital age, not to worry: there are government representatives who are, too!
For that matter, your local libraries are also concerned with your right to privacy. It is part of our professional best practices and professional ethics to protect your privacy in the library, and to help you protect it yourself. That’s a big part of why you’re reading this blog post on a library system’s blog.
Keep an eye out for more blog posts here as we continue our series on privacy.
American Public Libraries and Data Privacy: Past and Present
In recent years, concerns about data privacy have escalated as technology infiltrates every aspect of our lives. I often worry about the extent to which companies gather and utilize our data—whether it's Alexa listening in, Facebook's insights about me, or TikTok crafting a startlingly accurate image of my preferences to enhance my user experience.
Our modern landscape is saturated with data-intensive technologies—applications, websites, and programs reliant on copious amounts of personal data. Consequently, we've come to associate data privacy inseparably with technology. And rightfully so. Our devices gather so much data, which can feel daunting in and of itself. Then there’s the seemingly impossible matter of tracking where that data ends up. So, how do we safeguard our data privacy?
The good news? Libraries are increasingly recognizing their role in safeguarding patrons' data privacy. Throughout history, libraries have collected data from patrons, such as names and addresses, in exchange for access to resources. The digital age has brought with it more opportunities for libraries to collect patron data, and a surge in the risk of recommending applications and websites that compromise patrons' data security. Consequently, the library profession has established norms, best practices, and a code of ethics to navigate these challenges and prioritize patrons' data privacy.
But it wasn't always this way.
Henry Melnek and the Evolution of Privacy as a Library Ethic
The concept of privacy and its status as a human right and library ethic have evolved significantly over time, shaped by societal shifts and evolving opinions within the field of library science. In a notable case in June 1906, Henry Melnek was arrested for book theft from the Astor Library, a precursor to the New York Public Library in the East Village. Melnek’s case serves as a compelling example of early librarianship's treatment of privacy.
During that era, most public libraries didn't allow browsing. Patrons made specific requests, and librarians retrieved items from closed stacks. At the Astor Library, librarians were familiar with Melnek's frequent visits and his interest in anarchism and socialism, and when two books went missing, one of which was in German, librarians suspected Melnek. Rather than collaborating with local authorities, the Chief Librarian worked with two Russian agents of the czar stationed in New York who were looking for agents working against the Russian state.5
Melnek’s arrest stands as one of the earliest examples of a data privacy breach in library practices. Notably, the Astor librarians’ cooperation with Russian agents to identify an American citizen for arrest did not cause public furor – rather, the library was critiqued for providing materials about anarchism and socialism.
Although Melnek’s case suggests otherwise, privacy was gradually becoming a professional concern for librarians. By the late 1800s and early 1900s, some librarians began viewing themselves as ethically obligated to provide confidential services akin to doctors and lawyers. This sentiment was reflected in former American Library Association President Arthur Bostwick's 1909 statement at the ALA’s 33rd annual meeting, emphasizing the library's obligation to protect patron privacy, especially concerning their whereabouts or address.
The American Library Association, founded in 1876, officially recognized a patron's right to privacy in its 1939 Library Bill of Rights. This aspirational document marked a significant step towards prioritizing privacy in library services.
Where the ALA led, others followed. In 1961, Pennsylvania passed Privacy of Circulation Records, which states that information identifying library users and their use of materials shall be confidential, unless in the case of a court order or criminal proceeding. If you’ve ever stopped by the Belmont Hills Library and I’ve told you that your reading history is between “you, library staff, and anyone with a warrant,” this is what I was talking about! This statute is still in effect today.
Libraries' Confrontations with the Federal Government on Privacy
In the latter half of the 20th century, libraries faced more concrete challenges regarding patron privacy, this time from government agencies. In 1970, the IRS sought library circulation records in Milwaukee and Atlanta to identify potential domestic terrorists. This prompted the American Library Association to issue the Policy on Confidentiality of Library Records in 1971, reinforcing the confidentiality of patron records and advising resistance against government inquiries without proper authorization.
Similarly, in the 1970s and 80s, the FBI's Library Awareness Program aimed to gather patron data from libraries to identify potential threats. Librarians, relying on established ethics and legislation, resisted government intrusions into patron privacy, viewing them as threats to intellectual freedom and free inquiry.
These encounters set the stage for libraries' response to the Patriot Act of 2001, which also infringed on patron privacy rights. Sections 215 and 205 allowed for the seizure of borrowing records and imposed gag orders on librarians, which prohibited them from telling patrons if their data had been accessed. Despite constraints, librarians mobilized to protect patron privacy through patron education, legal challenges, and organizational support. It was during this era that librarian Jessamyn West’s famous sign hung from circulation desks across the country, reading: “The FBI has not been here. Watch very closely for the removal of this sign.”
Contemporary Approaches to Data Privacy in Libraries
Today, libraries remain committed to safeguarding patron privacy amidst technological advancements. Libraries acknowledge the delicate balance between data collection for essential services and protecting patron privacy. Robust privacy policies outline the data collected, its purpose, and measures to limit tracking and ensure anonymous browsing. Lower Merion Libraries has a very informative privacy policy, which library users can use to see what information we collect and how we protect it.
Libraries also prioritize staff education on data privacy best practices and offer patrons guidance on safeguarding their digital privacy beyond library premises. As technologies increasingly rely on user data, librarians vet websites and applications to ensure they meet privacy standards.
Finally, many libraries also offer education to our users about how to protect their data privacy even when they are not at the library, confirming that our commitment to privacy as a human right extends beyond the walls of our buildings and into the community at large.
Conclusion
While societal attitudes towards privacy evolve, libraries continue to uphold their commitment to patron data privacy. As guardians of information access, libraries strive to protect patrons' privacy both within and beyond their premises. As we navigate an ever-changing landscape of technology and privacy concerns, libraries remain steadfast in our role as advocates for intellectual freedom and data privacy.
Stay tuned for future blog posts on current data privacy issues, the history of privacy as a human right, and how libraries empower patrons to protect their data in the digital age.
Bibliography
American Library Association. 1939. “Library Bill of Rights.” Advocacy, Legislation & Issues. September 7, 2022.
https://www.ala.org/advocacy/intfreedom/librarybill.
American Library Association. 1971. “Policy on Confidentiality of Library Records.” Advocacy, Legislation & Issues.
https://www.ala.org/advocacy/intfreedom/statementspols/otherpolicies/policyconfidentiality.
American Library Association. 2017. “History.” About ALA. July 18, 2017.
https://www.ala.org/aboutala/history#:~:text=At%20the%20end%20of%20the,of%20the%20American%20Library%20Association.
American Library Association. 2019. “Privacy: An Interpretation of the Library Bill of Rights.” Advocacy, Legislation & Issues.
https://www.ala.org/advocacy/intfreedom/librarybill/interpretations/privacy.
Aycock, Anthony. “Before book-banning wave, the FBI spied on people’s library activity.” The Washington Post. January 23, 2023.
https://www.washingtonpost.com/history/2023/01/23/library-awareness-program-fbi-surveillance/ (accessed January 31, 2024).
Bostwick, Arthur E. “[Exploitation of the Public Library].” Bulletin of the American Library Association 5, no. 4 (1911): 60–65.
http://www.jstor.org/stable/25684991.
“Digital Data Collection and Information Privacy Law by Mark Burdon (Review).” 2021. Information & Culture 56 (1).
https://research.ebsco.com/linkprocessor/plink?id=2116094d-4f7f-302a-af99-855ed2414f3b.
Drabinski, Emily. "Librarians and the Patriot Act." Radical Teacher, Winter 2006, 12+. Gale Academic OneFile (accessed January 31, 2024).
https://link.gale.com/apps/doc/A158526546/AONE?u=tel_k_cedgrv&sid=bookmark-AONE&xid=e526038b.
Foerstel Herbert N. 1991. Surveillance in the Stacks : The FBI’s Library Awareness Program. New York: Greenwood Press.
Fontichiaro, Kristin. 2019. “Data Literacy: Negotiating Convenience and Data Privacy.” Teacher Librarian 47 (1): 51–54.
https://research.ebsco.com/linkprocessor/plink?id=e909a3d6-f3d7-336e-8cbf-4badc6a6574a.
Fortier, Alexandre, and Jacquelyn Burkell. 2015. “Hidden Online Surveillance: What Librarians Should Know to Protect Their Own
Privacy and That of Their Patrons.” Information Technology & Libraries 34 (3): 59–72. https://doi.org/10.6017/ital.v34i3.5495.
Gilens, Naomi. “The NSA has not been here: Warrant canaries as tools for transparency in the wake of the Snowden disclosures.”
Harvard Journal of Law & Technology 28, no. 2 (Spring 2015).
“The Known Citizen: A History of Privacy in Modern America by Sarah E. Igo (Review).” 2021. Information & Culture 56 (2).
https://research.ebsco.com/linkprocessor/plink?id=b68d7c04-0285-38df-9dbd-75b95c5411dc.
Krug, Judith F. 2010. Intellectual Freedom and the American Library Association (ALA): Historical Overview [ELIS Classic].
Encyclopedia of Library and Information Sciences. 3rd ed. Taylor & Francis. https://doi.org/10.1081/e-elis3-120008776.
Lamanna, Thomas. “On Educating Patrons on Privacy and Maximizing Library Resources.”
Information Technology and Libraries 38, no. 3 (September 15, 2019): 4–7. https://doi.org/10.6017/ital.v38i3.11571.
Lund, Brady. 2022. “Policy Before Technology: Don’t Outkick the Coverage.” Information
Technology & Libraries 41 (1): 1–3. https://doi.org/10.6017/ital.v41i1.14773
McAndrew, Chuck. 2020. “LibraryVPN: A New Tool to Protect Patron Privacy.” Information Technology & Libraries 39 (2): 1–3.
doi:10.6017/ital.v39i2.12391.
Pennsylvania Statutes Title 24 Pa.C.S.A. Education § 9375. Privacy of circulation records.
https://www.legis.state.pa.us/WU01/LI/LI/CT/HTM/24/00.093.075.000..HTM
"Privacy: An Interpretation of the Library Bill of Rights", American Library Association, July 7, 2006.
http://www.ala.org/advocacy/intfreedom/librarybill/interpretations/privacy (Accessed January 31, 2024).
Document ID: 5c653c23-920b-b254-d94c-6dcf4ccd86c6.
San Nicolas-Rocca, Tonia, and Richard J Burkhard. “Information Security in Libraries: Examining the Effects of Knowledge Transfer.”
Information Technology and Libraries 38, no. 2 (June 17, 2019): 58–71. https://doi.org/10.6017/ital.v38i2.10973.
Sarabia-Sánchez, Francisco-José, Juan-Miguel Aguado, and Inmaculada J. Martínez-Martínez “Privacy Paradox in the Mobile Environment: The Influence
of the Emotions.” El Profesional de la Información 28, no. 2 (March 25, 2019). https://doi.org/10.3145/epi.2019.mar.12.
Witt, Steve. “The Evolution of Privacy within the American Library Association, 1906-2002.” Library Trends 65, no. 4 (Spring 2017): 639-658.
https://doi.org/10.1353/lib.2017.0022
Zimmer, Michael. 2013. “Assessing the Treatment of Patron Privacy in Library 2.0 Literature.”Information Technology & Libraries 32 (2): 29–41.
doi:10.6017/ital.v32i2.3420.