Libraries are supposed to be bastions of privacy. When one enters the library, it is customary for the content of their reading materials and accessed resources to remain undisclosed. Privacy has long been a fundamental value upheld by the American Library Association. Introducing the Patriot Act allowed the government to access library records, leading librarians to reduce the amount of data collected from patrons and challenge the government’s gag order. The presence of corporate intermediaries in digital libraries adds complexity for librarians, often making it challenging to discern the extent of information collected by content providers regarding the books accessed from the library’s digital collections. Libby by Overdrive, Boundless, and Hoopla are some of the major apps being used by libraries to meet patron demand for digital materials, yet the terms of service for these apps are often opaque or attached to non-disclosure agreements between libraries and content providers. However, there is a pressing need to further address the legal foundations of online privacy and the insufficient resources librarians have to safeguard their users.
Christine Dudley, an attorney, learned firsthand how must tracking may occur within her library apps when she began getting mobile ads for books in the niche subgenre she had been recently listening to on audiobook from her library. While the American Library Association codified avoiding surveillance as part of their ethical foundation in 1939, digital content has made this process more complicated. Libraries have limited control over privacy when there is a content provider involved. These content providers lack the same ethical obligations as libraries. This is also particularly problematic when combined with the fact that numerous libraries rely on social media and visitor tracking scripts on library websites might also contribute to a breach of the privacy ethic that libraries are attempting to uphold. Attorney Dudley believes after analyzing the terms of service from both OverDrive and Boundless that either Boundless violated their terms of service that says they do not sell user data, or the breach came from OverDrive, whose terms of service allow for the sharing of user data. She argues, “There is the inference that because I got those particular targeted ads, my data was sold. There is the inference that the organizations in question view my reading history correlated to my IP address as personal. There is the inference that the organizations are following their agreements. I do not believe any of these inferences are unreasonable” (Claburn). The method by which she started receiving these targeted ads remains uncertain. However, it is plausible, according to the ALA, that the data was disclosed due to Overdrive’s third-party sharing clause.
Librarians face multiple privacy concerns as they decide which companies to partner with for digital reading, as stated in the ALA’s comprehensive report “Digital Public Library Ecosystems 2023.” Digital reading and resource use went up quickly during the pandemic, nearly 1/3 of Americans read an eBook in 2022 and nearly ¼ read an audiobook in the same period (1). The most popular library reading program, Libby, has been instructed to not collect data attached to library card numbers, and Libby additionally offers privacy customization for the user (17). Libby; however, offers the ability to check out your eBooks from Amazon so they can go straight to the patron’s Kindle. While this is convenient for the user, Amazon does not protect individual privacy with their eBooks, and they keep track of how much of the book read, usage data, and which books you checked out. They then use this information to market books for sale (16). As the authors note, “OverDrive has a mandate to maintain the privacy of patron’s data, but Amazon does not have such a mandate” (12). To gain access to Libby, users are required to provide personal information, including their library card number. However, it is important to note that OverDrive, the company that owns the Libby app, does not receive from the library any personally identifiable information such as patrons’ names and addresses (12). OverDrive’s connection with Amazon and data sharing is unclear, but using the Libby app with a personal Amazon account links personal information to library book usage. This implies that although Libby and other eBook and audiobook distribution apps used by libraries may safeguard patron privacy within the app, it should be emphasized that once the patron shares information with a third-party vendor such as Amazon, it is highly probable that all their activities are being extensively monitored. It is crucial to acknowledge that despite data anonymization, identifying super users remains possible because of the sheer volume of their checkouts. Considering the foundational librarian value of intellectual freedom, librarians must conscientiously address privacy concerns as digital lending continues to gain traction.
Considering Bounds and Holland’s assertion that Amazon prioritizes user data over the eBook itself, this becomes critical. Kindle still holds 72% of the e-reader market as of 2022, and tech companies have been given free reign by major publishers to mine data. There are no federal laws to prevent them from surveilling people who read digital books across the internet. While there has been a movement to get the government to intervene, data brokers recently were sued for having passed on data to anti-abortion law makers on visitors to reproductive health centers, but there are no meaningful federal laws protecting data privacy. Hoopla, a library app similar to Libby, collects identity-linked data on readers, which gives publishers data on readers habits. Librarians have trouble knowing what kind of tracking is attached to eBooks because of the use of NDAs, even if libraries know their eBooks are being tracked, they are legally prevented from warning patrons. Consequently, staff frequently remains unaware of the extent of surveillance imposed on patrons (Bounds and Holland). Unfortunately, publishers sued to stop libraries from loaning out surveillance-free digital books in the Internet Archive case, in which California libraries argued for their right to Controlled Digital Lending.
One novel solution to protect patrons from surveillance might be Controlled Digital Lending. The theory put forth by Georgetown University professor and law librarian Michelle Wu argues that libraries have the authority to produce digital duplicates of their collections. This empowers each library to lend either the digital version or the hard copy of any material it owns, although not concurrently. Since libraries rarely retain ownership of the eBook files they borrow from publishers, their vital function as custodians of culture over the long term has been disconnected from their role as facilitators of democratic access. Publishers took the Internet Archive, which used this theory, to court and the judge sided with the publishers, arguing that this harms publishers and therefore is not acceptable use. The expenses incurred are such that libraries are unable to fulfill the digital needs of their users. However, publishers perceive every library lending as a missed opportunity for a sale and potential loss of data, which discourages them from assisting libraries with the associated expenses or privacy concerns. Libraries pay up to four times the individual license cost for either a two year or limited use license (Cohen). Public libraries, constrained by their budgets, often prioritize purchasing multiple copies of the same eBooks to minimize hold queues. This approach predominantly caters to high-demand genres, recently published books, and bestsellers, consequently limiting the library’s scope, and increasing users’ surveillance risk.
In “A Major Publishing Lawsuit Would Cement Surveillance into the Future of Libraries” publishers are fighting on multiple platforms to make libraries into a sort of streaming service platform for books, eroding the ability for readers to access digital materials without corporate surveillance. This enables them to gather data on readers’ interests and behaviors, which can be used for advertising or shared with law enforcement or bounty hunters in states where individuals are permitted to pursue those who have accessed reproductive or gender-affirming healthcare services. The absence of the Internet Archive impacts libraries as it deprives them of crucial access to digital books without surveillance. If libraries lack ownership or control over the systems used to access digital books or can only obtain digital books through a discounted arrangement that involves patron surveillance by corporations, individuals who rely on digital books from libraries face a significantly higher risk of being subjected to surveillance compared to those who have the privilege to visit a physical library and borrow paper books. While it has long been the position of the American Library Association that no one should be arrested for reading a book, it seems the courts siding with publishers and their surveillance ridden digital books are inclined to disagree.
Libraries play a crucial role in addressing the legal aspects of online privacy and the limited resources available to librarians to protect their users. The examination of surveillance within library digital collections emerges as a significant starting point. Unfortunately, the Internet Archive court case seems to have shot down one of options for an eBook lending system that would not be coupled with corporate surveillance. Libraries must continue to fight for these freedoms from surveillance by demanding content providers protect user data and be transparent with patrons and library staff about the associated risks with using Libby, Boundless, Hoopla, and other digital library resources.
Works Cited
Bounds, Jade Pfaefflin, and Lia Holland. “E-books are fast becoming tools of corporate surveillance.” Fast Company, Dec 12, 2023. https://www.fastcompany.com/90996547/e-books-are-fast-becoming-tools-of-corporate-surveillance
Claburn, Thomas. “An attorney says she saw her library reading habits reflected in mobile ads. That’s not supposed to happen. The Register, May 18, 2024. https://www.theregister.com/2024/05/18/mystery_of_the_targeted_mobile_ads/
Cohen, Dan. “Libraries Need More Freedom to Distribute Digital Books. The Atlantic, Mar 30, 2023. https://www.theatlantic.com/ideas/archive/2023/03/publishers-librarians-ebooks-hachette-v-internet-archive/673560/
Holland, Lia, and Jordyn Paul-Slater. “A Major Publishing Lawsuit Would Cement Surveillance into the Future of Libraries.” Fast Company, July 28, 2022. https://www.fastcompany.com/90773185/a-major-publishing-lawsuit-would-cement-surveillance-into-the-future-of-libraries
Noorda, Rachel, and Kathy Inmen Berens. “Digital Public Library Ecosystem 2023.” American Library Association, December 2023. https://www.ala.org/sites/default/files/advocacy/content/ebooks/Digital-PL-Ecosystem-Report%20%281%29.pdf