Why are Privacy Audits Important?
Privacy is essential to the exercise of free speech, free thought, and free association. It is the responsibility of all libraries to ensure that their procedures and policies are designed with privacy in mind. If users lose their privacy, then they lose what makes a library so great: that freedom to seek information without fear of reprisal. It is the responsibility of all libraries to ensure that their procedures and policies are designed with privacy in mind.
In today’s society, there is almost no place a person can go to seek out information without being tracked. Libraries have an ethical and democratic duty to be that place. When people are being watched, they change their behavior. A library that monitors and shares a user’s information is no longer protecting intellectual freedom. Libraries should make every effort to provide a private place for people to exercise their information access rights by performing regular privacy audits.
Every library needs to perform audits to understand how they, their vendors, partners, and administrators are handling user data. Even if your library is one room with one person on staff you can ask the core set of audit questions. Understanding what current practices are is the first step in crafting privacy-minded procedures and policies. With an increased reliance on third-party vendors, libraries are not able to have full control over users’ data. However, a privacy audit will assist libraries in being transparent with users about how their data is handled by the library and its vendors.