Here are a dozen questions which relate to various ways in which privacy impacts upon the work of libraries and the services that they offer
- How much user information is displayed on self-collect items that users have requested, where you place these in an open access area
- How long do you retain loan history data, is it longer than is strictly necessary?
- Do staffless libraries pose a privacy risk if people enter the library using one another’s cards
- Do you use SIP2 for authenticating users accessing any library services, and if so is it encrypted?
- What data protection training is given to people running community managed/volunteer led libraries
- Does your library regularly undertake network penetration testing?
- If a parent asked for details of the books that their child had borrowed, would you divulge that information
- Are there cameras in the library toilets (see article about Iowa City Libraries https://t.co/rPXSBsx1qY)
- Do you use 9xx MARC fields, and include information about library patrons?
- Has your library ever experienced a data breach https://libraryprivacyblog.wordpress.com/data-breaches/
- Do any of your staff work from home, or on the move accessing work resources on personal devices (do you ensure that the same level of security that you have for the office is in place when data leaves the office)
- Do you beam to the world wide web in real time what people are searching on your library catalogue (see Toronto Public Library http://www.metronews.ca/news/toronto/2016/07/21/toronto-public-library-tool-lets-you-see-google-searches-.html)