What is the difference between privacy, confidentiality, and anonymity?
Privacy refers to an individual’s right to control the extent, timing, and circumstances of sharing oneself (physically, behaviorally, or intellectually) with other, including personal information used in what may be presumed by the user to be a private setting (e.g., social media).
Confidentiality refers to the expectation that information an individual has disclosed in a pre-arranged agreement between parties (e.g., between researcher and participants) will not be divulged to others in ways that are inconsistent with the understanding of the original disclosure or that permission will be obtained for disclosures not previously authorized by the individual.
Anonymity refers to the concept that an individual is unidentifiable, unreachable, or untrackable. Anonymity means that your identity is unknown. Your actions cannot be attributed to you, neither can they even be attributed confidently to the same entity. (Pseudonymity is like anonymity, except that your actions can be attributed to the same person, but that person cannot necessarily be identified as you.)
In short, privacy is the right to control what others know about oneself. Confidentiality is the expectation that information disclosed to another party (like the library) will not be used in ways the person did not know of or approve. Anonymity means that no information can be gathered by others to identify someone. All three of these interact in how a library collects and uses data.
What is Personally Identifiable Information (PII) and How is It Relevant in this Context?
PII covers a greater range than “personal identification,” such as an individual’s name, address, telephone number, social security number, driver’s license number, email address, etc. These are things commonly collected during library card registration. You may take even more information if you allow the use of debit or credit cards to pay fines or donations.
In your library, this information connects a library user to what they’ve borrowed, if they owe fines or lost book charges, and can quickly develop a profile or an assessment of character about this person.
What does the law say about patron confidentiality?
Laws vary from state to state and are evolving consistently as legislatures respond to evolving information landscapes. For example, in the 2024 PA Legislative session, multiple bills were introduced covering what corporations could do with PII (eg. HB1201)
Title 24. PA. C.S. Education § 9375. Privacy of circulation records.
Records of the following institutions which relate to the circulation of library materials and contain the names or other personally identifying information of users of the materials shall be confidential and may not be made available to anyone except by a court order in a criminal proceeding:
- The State Library.
- A local library established or maintained under the provisions of this chapter.
- The library of a university, college or educational institution chartered by the Commonwealth.
- The library of a public school.
- A library established and maintained under a law of this Commonwealth.
- A branch reading room, deposit station or agency operated in connection with a library described in this section.
Additional layers of legal requirements come with the use of credit or debit cards in financial transactions. These are often known as PCI (Payment Card Industry) Data Security Standards. The main thing to check is for a statement from your credit card processor that they adhere to these regulations.
What does this mean about how I use patron records?
- Patron’s registration records should not ever be used to generate mailing lists for either the Library or a related organization such as a Friends group. This includes lists both for the purpose of fundraising and for informational purposes such as a monthly newsletter.
- Patrons should always be given the option to opt-in to any communication or use of their PII not required to administer their account. Account administration can include tasks such as calling about an arrived hold or sending an overdue notice. An example of a task requiring an opt-in: reminders about a program registration, sending a monthly newsletter, or sending a fund drive letter.
- The Library should have a policy detailing what information they collect, the purpose of collecting that data, and what information must be opted-in in order to use the library.
- The Library should examine contracts with all vendors to ensure that patron information is used appropriately and in alignment with your library policies, the profession’s ethics, and applicable laws.
What should my library consider regarding donor relationships and privacy?
- Do not assume that all donors want public acknowledgment or bypass requests for anonymity if the library thinks it will help their image. The Pennsylvania Association of Nonprofit Organizations (PANO) goes on to highlight:
- Be explicit with donor options to opt-in or opt-out of public acknowledgment.
Provide donors with the option to remain anonymous–including their name and/or amount–during solicitations or pledge cards, or offer the option for public acknowledgment if the library has plans for a listing or artistic display.
Example of a statement a nonprofit may include in solicitation materials to allow donors confidentiality in their giving:- I wish to keep my identity and gift anonymous.
- Please do not use my name on donor lists, annual reports, or similar publications.
- Be explicit with donor options to opt-in or opt-out of public acknowledgment.
- Be clear about how donor’s information will be used by the library, and allow donors to opt-out of non-essential uses. (For example, they could not opt out of receiving a donor acknowledgement letter per IRS regulations, but they would be able to opt out of an ordinary thank-you letter.)
- Donor lists should never be shared with any other organization, including Friends Groups.
What are some resources to help me develop good policies and practices?
- ALA has a variety of resources at ala.org/advocacy/privacy.
- For more detailed questions about privacy, check out Privacy and Confidentiality Q&A
- A “Privacy Policies” Field Guide helps you walk through different aspects of patron privacy.
- Guidelines and Checklists
- Anonymity by Alison Macrina and Talya Cooper
- Library Freedom Project
Last updated May 2024
This information is provided to the best of our knowledge as of the date provided. Information is subject to change without notice. While authoritative, it is not guaranteed for accuracy or legalities. If there are questions, please reach out to your district consultant, who may encourage your library to ask a local solicitor/lawyer for further guidance.