Task Force members who attended the June 26th meeting reviewed some of the key points included in the overview of privacy presented by Nancy Kranich at the previous meeting and questions from TF members. Nancy pointed out that many discussions about privacy focus on security. While securing personally identifiable information is of major concern, privacy and security differ in their approaches. Privacy is "the claim of an individual to determine what information about himself or herself should be known to others."
The purpose of developing a policy is to communicate to users how their personally identifiable information (PII) is used and maintained at RUL. The process of developing the policy provides an opportunity to identify, review, and audit existing RUL policies and practices related to PII collection and retention, clarify and document procedures for dealing with requests for user information, and revise training materials and programs about privacy concerns and practices. The TF will draft a short statement about privacy that will link to the full statement and other relevant sources for staff and users.
A number of Task Force members have begun reviewing policies and practices in their units. Nancy Kranich has met with several of them to discuss current and future practices. Several topics were suggested for closer scrutiny: shared printing facilities for users and staff; staff computer maintenance and transfer to new appointees; MEEBO and use of digital video for real time reference; CALEA; anonymity; proxy server; Shibboleth; future open source applications like OLE; public computer use; media use; special collections and archives use; Ask a Librarian; PALCI and Iliad; Institute for Jazz Studies; RefWorks; cloud computing.
Several members identified policies developed by other academic libraries as good models to follow for the RUL document. Particularly useful are the American University and Indiana University library policies and the U. of Pennsylvania general policy.
A review of the draft document, from sections 1-3 allowed TF members to think through some of the practices underway and how the policy should reflect them. The TF agreed to develop a list of information gathered and retained and append it to the policy statement. A useful starting list is included in the document, "Conducting a Privacy Audit," sent to TF members prior to the first meeting. Good passages were cited from documents collected from other libraries. Nancy Kranich will review them and propose relevant text for discussion at the next meeting of the TF.
The TF has a Sakai Site where documents are loaded. The TF will also send out minutes to the RUL listserv and set up a public web site for posting the policy and related information.
TF members suggested that the group meet on Wednesday afternoons, depending on the schedule of other meetings that members are likely to attend.
Invite Grace Agnew to the next TF meeting to learn more about her work with such systems as: NJVid and RUcore, Shibboleth, and OLE.
Prepared and distributed by Nancy Kranich, 9/2/09