Berkeley Public Library Privacy Policy
(Click here to download acrobat 
version of this policy)
I. PURPOSE
The purpose of this policy is to explain the privacy and confidentiality rights of all users of the Berkeley Public Library, the steps the Library takes to respect and protect users’ privacy when using library resources, and how the Library manages personally identifiable information that it may collect from users.
Although often referred to as "privacy," the more appropriate term for steps taken by the Library is "records confidentiality." This means that most information held by Berkeley Public Library about a person's use of the Library is not available for scrutiny by others.
II. POLICY
The Basis of this Policy
Berkeley Public Library provides confidentiality of data regarding use of the Library's materials and services in accordance with California state law(i).
Scope
The Library strives to protect the patron confidentiality in relation to items used in the Library or checked out, and to information sought through library systems or the Library’s reference services. In accordance with California state law, registration and circulation records are confidential, and disclosure of these records is limited to the patron him/herself or to that person’s designee as indicated in writing, and to Library staff in the performance of their duties(ii). All other disclosure of these records is permitted only by court order.
Protection of confidentiality does not extend to records of outstanding fines or fees; payments for the use of Library premises or equipment; or communications directed to the Library regarding Library services.
Responsible Data Practices
The Library is committed to responsible data practices. This means that no user data is retained that is not essential to the functioning of a Library service; that information is available only to those Library staff who must use it in the course of their duties; and that data is kept secure while in the Library's possession and discarded when it is not longer used.
The Data
The following is a brief list of areas and functions where patron data is utilized in Library services:
Library Card and Circulation Information
Library cards are issued after a patron fills out one of the registration forms, either online or in hard copy. The forms are destroyed once the data has been entered into the Library's computer system.
The user record shows which items are currently checked out, but does not show previous items checked out and returned. Records of fines owed on items are kept until paid, and the data is then stored for one year after payment is made.
Computer and Internet Use
Patrons may reserve time on Library computers by logging on at a Library catalog terminal and entering their Library card number and four-digit PIN. The reservation data for each day is routinely deleted. Library computers are configured to prohibit the saving of files to the hard drive, and to keep the amount of cached data and browsing history stored by Web browsers to the minimum required by each program. Additionally, while using public Internet computers, users may opt to clear their browsing history, cache and other personally identifying information at any time during their session. Otherwise, that data is deleted from the computer upon a computer reboot.
Users are strongly encouraged to log out of all computer programs they utilize at the Library before leaving the computer station so that others do not have access to their personal information. As an additional measure, the Library has implemented an automated system which routinely removes temporarily stored information on Library computers. However, users should not rely on this measure alone to remove or safeguard their session data.
Patrons should also consult the Library’s Internet Use Policy
The Library’s Internet Use Policy
Meetings, Groups and Events
Reservation of a meeting room requires contact information of one representative of the group holding the meeting. This information is not considered confidential and is stored according to the City of Berkeley records management requirements.
Members of the public who attend Library-sponsored meetings or participate in group activities organized by the Library may be asked to provide contact information for notification of future events. Doing so is voluntary, and at any time the user may ask to be removed from any such list.
Reference Services
If a reference question cannot be answered immediately, it may be necessary for the reference librarian to telephone or email the requester at a later time. The contact information provided by the patron is retained only as long as is necessary to reply to the request, after which it is destroyed.
Online Subscription Resource Access
In addition to all the resources a user may choose to access on the Internet, the Library also subscribes to and provides the public with access to online resources and services that are managed by third parties, such as article databases, online newspapers, and reference works. When Library patrons are asked to identify themselves using their Library card number to access these subscription resources, the card number is checked against the Library database to verify that the user is a legitimate member of the Berkeley Public Library community. The online service receives the information that the user is authenticated but is not provided with the user's Library card number or with any other information identifying the user.
Library Web Site Statistics
The Berkeley Public Library uses web server log analysis tools to create periodic summary reports of our Web sites’ usage. Starting in September 2008, the Library began providing a summary of these usage statistics to the California State Library as part of the annual “California Library Statistics” published by the State Library (http://www.library.ca.gov/lds/librarystats.html ). These statistics are counted as “virtual visits” to the Library.
The statistics collected provide summaries such as: general access (number of hits received), resources accessed (the most and least popular pages), visitors and demographics (IP addresses and domains), activity statistics (most/least active days), technical statistics (client errors), referrers and keywords (search engines and sites that point to our site), and browsers and platforms. The statistics collected are used to improve the Library’s Web services, to help us understand how people are using our services and to continually improve the value of the materials available. The Library does not use this data to identify individual users.
Online Fine Payment System
The Library offers users the ability to pay their fines online via an online form on the Library’s integrated Library system. During the fine payment process the user enters her/his name, address, email address, credit card number, expiration-date and card security number into the online form. The data in this form is encrypted before being sent to the processing vendor, PayPal, which conducts the financial transaction. Credit card data is not retained by the Library. The Library records the amount paid in the Library system and immediately credit’s the user’s Library account with the payment.
Optional Services
The Library may provide services that allow users to store personalized reading lists on the Library’s integrated library system. These services will be provided on an "opt-in" basis and will be under the control of the user in terms of initiating the service, modifying the data stored, or opting out and deleting any stored data if the service is no longer desired. The Library will inform users of the privacy implications of these services as part of their online documentation.
Additionally, the Library may establish a presence on third party Web sites or “social networking” sites in order to communicate in more direct ways with users of those sites. Many “social networking” sites allow users of those sites to become a “friend”, “fan” or otherwise associate their own “profiles” or virtual presences with the Library’s profile on these sites. The Library does not collect, maintain or otherwise use the personal information stored on any third party site in any way other than to communicate with users on that specific site, using the communication methods available on that site. Users may remove themselves at any time from the Library’s “friends” or “fan” lists, or request that the Library’s technical contact remove them.
User Rights & Responsibilities
Users have a right to view their own patron record and record of items currently checked out or requested. They can update contact phone numbers and email addresses by signing into their user account online.
It is the responsibility of users to make sure that their information in the Library's patron database is current and accurate. Users can have their information updated at the circulation desk of any branch.
The Library card is the user's access to Library services. Lost or misplaced cards must be reported to the Library as soon as possible. Cards can be misused by others and so should be kept secure by the Library user.
Users have a right to opt-in or opt-out of any electronic communications and/or personalization systems that the Library offers.
Users should read and understand the privacy policies of any third party sites to which they provide any personally identifiable information. The Library is not responsible for the data users submit to third party sites.
Users must take responsibility for removing any storage media or other devices that they have attached to the computer they are using. The Library cannot reveal the identities of subsequent users for any reason.
It is the responsibility of users to understand and adhere to the Berkeley Public Library Rules of Conduct(iv) (BOLT Resolution #: R07-126) while in the Library. Violation of these rules while in the Library may lead to the suspension of Library privileges, and appropriate legal action.
RFID Tags
RFID tags are affixed to Library materials and used to automate check-out and check-in of materials and for general inventory control. The only information stored on the RFID tag is the item’s inventory number, the same as a barcode. The inventory number cannot be associated with the item through the public interface to the Library database. Library cards do not have RFID tags in them.
Video Monitoring Equipment in the Library
As stated in the Use of Video Monitoring Equipment (v) policy (BOLT Resolution #: 08-14), the Library utilizes video cameras and video recording equipment on Library property as a tool to address specific security related problems and as a deterrent to criminal activity. Library security cameras are limited to locations and uses that do not violate the reasonable expectation of privacy. Such areas may include those of public usage, including the grounds, parking lots, entrances and interior hallways. Video surveillance will be conducted in a professional manner and in a manner consistent with existing Library and city policies, and within applicable laws and ordinances.
Law Enforcement and Library Records
There are times when law enforcement officials may request Library registration and circulation records. As specified in California state law, the Library may disclose these records only upon the presentation of a signed order from the appropriate superior court (vi).
Additionally, certain federal laws, including the Patriot Act, may allow federal law enforcement officials to access records, including those of libraries, through means outside of those defined by state law.
Should any law enforcement requests be made to the Library, the Library will strive to provide only the specific information requested and will exercise its best effort to protect the privacy of patrons whose information has not been requested in the legal documentation.
Reviewed by: Director of Library Services
Approved by: Chair, Board of Library Trustees
i There is an exemption under the Public Records Act for library circulation records kept for the purpose of identifying borrowers of library materials, meaning that they are not subject to normal disclosure as public records. However, records of fines imposed on the borrowers are not exempt. (Gov’t Code § 6254(j).)
ii California Gov’t Code § 6267:
All registration and circulation records of any library which is in whole or in part supported by public funds shall remain confidential and shall not be disclosed to any person, local agency, or state agency except as follows:
(a) By a person acting within the scope of his or her duties within the administration of the library.
(b) By a person authorized, in writing, by the individual to whom the records pertain, to inspect the records.
(c) By order of the appropriate superior court.
As used in this section, the term "registration records" includes any information which a library requires a patron to provide in order to become eligible to borrow books and other materials, and the term "circulation records" includes any information which identifies the patrons borrowing particular books and other material.
Any written record or electronic transaction that identifies a patron's borrowing information or use of library information resources, including, but not limited to, database search records, borrowing records, class records, and any other personally identifiable uses of library resources information requests, or inquiries.
This section shall not apply to statistical reports of registration and circulation nor to records of fines collected by the library.
iii http://www.berkeleypubliclibrary.org/about_the_library/documents/Internet_Use.pdf
iv http://www.berkeleypubliclibrary.org/about_the_library/documents/Rules_of_Conduct_12_07.pdf
v http://www.berkeleypubliclibrary.org/about_the_library/documents/Video_Monitoring_Policy.pdf
vi Ibid Gov’t Code § 6267(c).