Library Privacy Guidelines for Assistive Technology

These guidelines provide libraries with information about appropriate data management and security practices with respect to library users' personally identifiable information and data about their use of assistive technology in the library or at home.

°ÄÃÅÁùºÏ²Ê¿ª½±app

Introduction

These guidelines provide libraries with information about appropriate data management and security practices with respect to library users' personally identifiable information and data about their use of assistive technology in the library or at home.

The terms assistive, adaptive, and access technologies may be used interchangeably and refer to mechanical or electronic solutions that enable individuals with disabilities to learn, work, and live independently.



Why Privacy Is Important

Protecting user privacy and confidentiality has long been an integral part of the intellectual freedom mission of libraries. The right to free inquiry as assured by the First Amendment depends upon the ability to read and access information free from scrutiny by the government or other third parties. In their provision of services to library users, librarians have an ethical responsibility, expressed in the Code of Ethics, to preserve users' right to privacy. Librarians and libraries may also have a legal obligation to protect library users' personally identifiable information and data from unauthorized disclosure and use.



Types of Assistive Technology

Libraries are more inclusive and inviting spaces when assistive technologies are available to grant users equitable access to library resources. These technologies are often categorized into low-tech and high-tech solutions. Low tech solutions, such as cardboard communication boards or hand-held magnifiers, generally have less user privacy implications. High-tech solutions include:

  • Screen reading technology allows people who have visual impairments or who are blind to navigate electronic resources using text-to-speech and refreshable Braille.
  • Screen magnification software and technology enables users with visual impairments to enlarge text and graphics for easier viewing.
  • Literacy software and hardware assists users with reading and writing tasks. Text-to-speech, adaptive switch, and other hardware and software tools assist users with reading, writing, and input tasks.
  • Speech recognition software helps users to navigate and document text through verbal input.
  • Peripheral devices, such as headsets, speakers, microphones, switches, touchpads, large and small keyboards, and multiple mouse options allow users easier physical access to computers as well as the tools necessary to interact with specific assistive technologies.

Individuals with dexterity challenges or who are unable to use a mouse are able to access library computing resources using alternative input devices including keyboards and switches. People who are unable to manipulate a mouse can enter data, and those who cannot physically hear a computer prompt can view prompts. There is also computer software that helps users with learning differences such as print disabilities to see and hear information displayed on a screen using computer generated speech and specialized fonts.



Current Assistive Technology Issues

As access to assistive technology becomes increasingly available in libraries, new issues arise in protecting the privacy of such users. Passive and active techniques should be employed by libraries to assure the privacy of all users. If the funding and resources are available, a separate room for assistive technology users not only provides privacy, but it allows lighting and other environmental factors to be adjusted based on user preferences. A wall with both a black dry-erase board and a white dry-erase board enables users the option of using either contrast option, depending on their visual needs. A private room would also benefit people using speech-to-text software and users creating braille documents, both of which create sound that might be distracting to other users.

If a separate room for assistive technology is not practical, libraries should take adequate steps to assure user privacy by design such as limiting line-of-sight to screens, providing headphones, and other designs to isolate users from being overheard in their assistive technology usage.

The several types of assistive technology equipment require different privacy considerations. Various software packages will affect recommendations for the design and layout of adaptive services. Some types of adaptive technology tools and the associated privacy issues include:

  • Screen reading technology and magnifying technology require line-of-sight considerations in design and layout of library facilities. Assistive technology screens, like any computer display, are often easily visible to nearby people. Libraries should make privacy screens or recessed displays available to users who desire to use them, while recognizing that no screen may render a user's display completely invisible to other people.
  • Literacy software and hardware, which assists users with reading and writing tasks, and speech recognition software, which enables users to navigate and document text through verbal input, may require sound isolation or sound deadening design or equipment considerations.

Currently, libraries may create records of assistive technology users' activities that can jeopardize their privacy. In addition libraries may collect personal information from users for a variety of reasons such as reserving equipment or checking out a device. Libraries must work to ensure that their procedures and practices for managing assistive devices reflect library ethics, legal obligations, and library policies, involving user privacy and confidentiality.



Clear Privacy Policies

Users should be notified about library privacy policies when accessing assistive technology in the library. The privacy policies should be made easily available and understandable to users. Safeguarding user privacy requires that individuals know what personally identifiable information is gathered about them, how long it is stored, who has access to it and under what conditions, and how it is used. A proactive process should be created to notify ongoing users of any changes to the library's privacy policies.

When libraries provide assistive technologies to their users, they must first make purchasing decisions that involves third-party vendors. The libraries’ assistive technology privacy policy should include a clause on accessibility and privacy as criteria for purchasing and procurement.



Access Control and Device Checkout

Libraries can use a variety of methods to manage access to assistive technology. These methods range from a clipboard with a sign-up sheet to sophisticated access control software that can include user authentication, reservations, time limits, and management of Internet content filters. The integrated library system may be used to grant access to assistive technology and other devices. In addition, libraries may require users to authenticate in order to access network resources when using their personal assistive devices.

Whatever methods are employed, libraries should develop appropriate policies and procedures to protect the privacy of users and their computer, network, and assistive technology activity in the library. Transactional logs generated by access control software and network authentication should be anonymized or destroyed when no longer needed. Sign-up sheets should be redacted or shredded. Checkout records should be purged or anonymized when the device is returned and any overdue fines paid.



Routine Maintenance

Assistive technology equipment like any library computer should be routinely maintained to ensure it is operating properly and that the software designed to protect the user’s privacy is activated and functioning. A security audit of the assistive technology could be routinely performed to attempt to locate deficiencies in the security of the systems. Security should include software-based and physical inspections to maintain the integrity of library systems and resources. A physical inspection should also include the identification of unknown devices, such as keyloggers, attached to the computer or device designed to steal personal information.



Personal Data on Computer or Device

Use of any computer or assistive device may create records of the user's activities that can jeopardize their privacy. Documents, emails, and other files that may contain private information could be left on the device. The library should use restoration software or other technological means to remove traces of individual use on public access equipment, including computers, and other devices provided by the library.



Computer Monitoring and Usage Tracking

Monitoring software may be installed to record activities or remotely view what a user is doing on a device. This type of security measure is often used for technical support or for compliance with an organization's computer use policy. To protect users' privacy, libraries should avoid using monitoring software on public access computers or other assistive technology devices provided by the library. If monitoring is employed, users should be informed of its purpose and scope in the library's privacy policies.

Many applications and operating systems are configured by default to automatically share activity data with the software publisher to identify errors, enhance usability, or provide personalization. When possible, the library should disable such usage tracking on public access computers or other assistive technology devices provided by the library.

Approved January 26, 2020 by the Intellectual Freedom Committee of the °ÄÃÅÁùºÏ²Ê¿ª½±app