Submission Date:
Question:
[Our library directors] group had a discussion about sharing information about patrons who have been barred from a library within the System using the notes field in the patron’s library record. It was suggested to put it in the non-blocking note field within the record. This will make the information available to all library staff within the library system. Are there privacy concerns?
Answer:
Before I answer, I want to share a story.
A few years ago, I worked with a museum as they addressed the criminal prosecution and sentencing of a man who--in the guise of a volunteer--violated the trust of the institution, and later, when called into account for his behavior, initiated a campaign of verbal/written intimidation against the museum's employees (and trustees, and lawyers, and even his own lawyers).
As part of the former volunteer's sentence, and then his parole, he was restricted from any place with an archive. During that time, I worked with the parole officer to make sure they had a good working understanding of what "with an archive" meant.
After the sentence and parole period expired, the person was returned to society, where state law requires that a past conviction can NOT be used to peremptorily deny a person certain opportunities (although after a careful analysis of precise factors, conviction can be considered before offering employment or a volunteer position[1]).
As the story and criminal conviction were widely reported in the news media, alerting other potentially vulnerable institutions to this cautionary tale was very easy; simply sending a link with "FYI" was enough to put an institution on notice of the past occurrence and position them to make a well-informed decision. Any person who wanted further information could dig right into the court record, rather than rely on a second-hand account.
This ability to refer to the public record reduced, but didn't eliminate, the legal risks created when one institution "warns" another about troublesome visitors/customers/patrons.
Those legal risks include:
- The risk of a defamation claim;
- The risk of a civil rights claim;
- The risk of a claim called "interference with contract."
But what about when problematic behavior does not come with any media coverage or court filings? What if it is confined to findings under a library code of conduct? Can libraries within a regional system share information about particular patrons?
Yes, they certainly can, but just like applying a code of conduct within a library, certainly ethical and legal considerations apply.
To bar a patron, a library must follow its Code of Conduct, ensure the patron accused of wrongdoing gets due process ("due process" will vary a bit from library to library), and ensure the process and decision are properly documented and communicated to the patron.
As library professionals throughout the state of New York know, library patron records (which include Code of Conduct findings and consequences) are confidential, both per the ethics of the profession, and the law.
The law provides:
Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute.
If a library determines that the "proper operation of such library" is served by including the fact of the bar or restriction, then, so long as it is consistent with System policy[2], the information may be included in the notes as described in the member's question.
Of course, a patron of the System who is so designated has several avenues to challenge an inaccurate or unfair entry, including the type of claims I list above.
To avoid that, individual libraries making such entries should take care that:
- Any ban or restriction is the result of a policy decision;
- The patron was accorded all due process throughout the decision-making process;
- The decision-making and due process were well-documented;
- The entry into the system is minimal (effective date, sanction, and end date), with no color commentary/personal details.
Libraries wishing to document such determinations in their System should limit the information to "Starting DATE, Patron barred from ABC library until DATE" or "Patron privileges suspended at ABC library until DATE."
If a patron's behavior results in a criminal report, conviction, or other legal documentation, reference to the documentation is also a good idea (for example, "See ABC Policy Department Report #XXXX).
For patrons whose behavior is threatening or abusive to such a degree it warrants pro-active action (access restriction) beyond one library, a cooperative library System may, through policy and due process, effect System-wide restrictions.
So, to answer the question:
...This will make the information available to all library staff within the library system. Are there privacy concerns?
...the answer is yes, but with care, those concerns are only priorities, not problems.
That is the benefit of being part of a cooperative system. By using policy to consider both the civil rights of patrons (including privacy concerns), and the safety of workers and operational needs of each member library, the right balance can be achieved, and documented.
[1] For more information on this important civil rights protection, see this guidance from the NYS Division of Human Rights: “Protections Under the Law for People With Arrest and Conviction Records” (https://dhr.ny.gov/system/files/documents/2022/05/arrest_conviction.pdf).
[2] This is important...a System may decide that such entries are not consistent with System operations. Individual libraries should take care that the upload of any information is consistent with their System's policies and standard operating procedures.
