Article Note: On undergrads and library privacy issues

Citation for the article:

Johns, Steven and Karen Lawson, "University undergraduate students and library-related privacy issues." Library and Information Science Research 27 (2005): 485-495.

Read via ScienceDirect.


I have been reading about privacy and libraries recently; at least, it feels that way. This short piece provides an overview of things to consider in terms of protecting students' privacy in the academic library setting. For librarians, this can be challenging because students don't always think about their privacy issues and rights when it comes to the library. The article is a report on a survey conducted at Iowa State University between 2003 and 2004. The survey sought to learn how university students see issues and concerns about online privacy. The survey drew on students enrolled in a library orientation for-credit course. Some notes from the article:

• Why a study like this may be significant? "There is little available literature about undergraduate students' knowledge and perceptions of online privacy issues, their opinions regarding who should collect and retain information about them, for what purposes, and under what circumstances" (488).
  
• A quick finding: "having a good grasp of computer skills did not correspond to having detailed knowledge about privacy-related information" (490). This is not really surprising. Just because they can use a computer does not mean they know how to protect their online privacy. It does not mean they are information literate either in spite of assumptions some people may make.
• I found it interesting that the authors in the study considered the use and distribution of their campuses "Computer Code of Ethics." They mention that "it is not widely distributed to incoming students in any way" (490). I have been trying to find out here if there is some form or degree of distribution to the students of our computer ethics document, but the answers have not been forthcoming. This is certainly a concern since it is an important document that students, and people on campus using our computers, should be at least aware of. There is a Student IT Policy posted online in the university website. However it is buried somewhere in the Student Affairs VP part of the campus website and not readily evident. Only reason I found it is because the library links to it, but I do have to note we link to it from a policies' page which is under the section about the library. The library also has its own Computer Use Policy. In other words, you have to dig a bit. However, my real question is if students get to see this in print or some other way. When they get their log-in information for the first time, do they get a copy of it? I know in other campuses I have been in, that was the case. Just wondering since we do expect our students to know the policies, how accessible or widespread are the policies? By the way, the university does have a privacy statement regarding its website and information gathered on it. The link is at the bottom of the main page, in small print. So, it does exist, even if not easy to see.
  
• It seems that the students at Iowa State do place some value on their online privacy: "ISU students do no view enhancing the Library's collection and services as sufficient cause for using private information about them" (493). This is just one of the findings of the study. However, they may value their privacy, but they are not well informed. The authors write, "ISU students overwhelmingly value their online privacy and feel issues involving online privacy are important. ISU students are not well informed, however, about those issues or about the legislation and university regulations that might affect those issues" (494). And I get the feeling a lot of our students here are not that well informed about such issues either.
  
• What libraries need to do: "Libraries need a clearly defined policy for data collection, accompanied by information readily accessible to library users on how they can obtain, confirm, and challenge data that are collected about them. Users should also have the right to opt out of being included in data collection" (494). See my link above for the university's privacy statement. Our library, from what I can ascertain, does not have such a privacy statement for the library itself.
  
• In addition, "what is important is that privacy-related information maintained by the university or the library be readily accessible and proactively distributed to students" (494). Sure, having the information linked on the website makes it available and accessible. However, it is not too proactive in making it available if the links are small and not prominent. That's just enough for the administration to say, "yes, we make it available" in order to be covered.
  

The article's list of reference does provide a couple of works on information technology and ethics that may be of interest. I may end up looking one or two up myself at some point.