For the Sake of One Child: Privacy, Anonymity, and Confidentiality in Libraries

Abstract

What are the ethical considerations of providing anonymous access to the Internet in an age when child pornographers are using this technology to share illegal materials? The perennial dilemma of an open society is striking a balance between liberty and safety. Too much liberty, and people are free to commit horrible acts. Too much safety, and people are constrained in what they can think, say, and do. The balance tilts toward safety in times of war, or when fears (real or perceived) take hold in the popular imagination. When threats to children are involved, safety almost always wins out over liberty, as the concept of protecting even one child from harm, regardless of the cost, is a powerful rhetorical tool. As a 2007 case in Colorado will demonstrate, this balance poses a challenge for libraries offering public access to the Internet, especially if that access may facilitate criminal activity.While librarians often talk about protecting user privacy, it is user ano - nymity and confidentiality that are ultimately at stake. Distinctions among the three terms are necessary before continuing. A private act is not known to anyone except the person committing the act. Others can know about an anonymous act, but the actor's identity is unknown. Confidential acts are known by those, and only those, who need to know the actor's identity. A truly private act in a library is to take a book offthe shelf, read it in the library, and replace it without being observed by anyone. Even if an item is checked out using a self- check system and is never handled by a library employee, the library creates and keeps a confidential record for as long as the item is in use. Anonymous uses of the library include reading materials in view of others, whether staffor other users, and using computers that do not require a personally identifiable login.Colorado and ConfidentialityLibrary users in Colorado have good reason to expect protection of their confidentiality. As noted in its own annotations, the Colorado Constitution provides stronger privacy protections than the Constitution of the United States: "The Colorado proscription against unreasonable searches and seizures protects a greater range of privacy interests than does its federal counterpart" (Colo. Const. art. II, § 7). Additionally, an expectation of confidentiality in libraries is explicitly spelled out in the Colorado Revised Statutes: "[A] publiclysupported library shall not disclose any record or other information that identifies a person as having requested or obtained specific materials or service or as otherwise having used the library" (emphasis added) (Privacy of User Records, 2010; see Appendix A for the complete statute). The law provides the usual exceptions for responding to court orders and for "reasonable" administration of the library, but it is important to note the sweeping scope of what is protected. This legislation was adopted following John Hinckley Jr.'s attempted assassination of President Ronald Reagan. When Hinckley was arrested in 1981, one of the pieces of identification found in his wallet was his Jefferson County (Colorado) library card (Falsone, 1987). The library was then inundated with requests from journalists for Hinckley's records to see what he had checked out. Though the library initially refused to release this information, the county attorney advised that the requests had to be filled under the Colorado Open Records Act (2010). In response , the Colorado library community studied the confidentiality laws of other states and worked toward the eventual adoption of the Colorado Privacy of User Records legislation in 1983 (Falsone, 1987).A subsequent court case further strengthened expectations of confidentiality in Colorado libraries. In Tattered Cover, Inc. v. City of Thornton (2002), the Colorado Supreme Court found that bookstores could not be compelled to release information about a criminal suspect's purchases because the law enforcement agency had not demonstrated sufficient need for the records. …