BC Ministry of Education BC Government
Public Library Services




Home
1. Introduction
2. Registration
3. Circulation
4. On-line Services
5. Internet/Computer Access
6. Reference Questions
7. Employee & Volunteer Personal Information
8. Personal Information Access & Correction
9. Disclosure of Personal Information
10. Records Retention & Disposal
11. Outside Service Providers
12. Security
13. Miscellaneous
14. Policies & Procedures
Appendix I - Additional Resources
Appendix II - Sample Privacy Clauses
Appendix III - Sample Website Privacy Policy
Appendix IV - Sample General Privacy Policy
Index

Privacy Guidelines for
British Columbia Public Libraries

5. Internet/Computer Access

a) Notice

Libraries must provide a notice to individuals with access to library computers if any personal information is collected (even if only web-browsing information is stored, as long as it could be somehow associated with the individual). At minimum, the notice must state the purpose for collecting the information, the library’s legal authority for collecting it, and information about how to contact the library’s FOI/Privacy Officer (Act, s. 27). It should be placed where it can be easily noticed and where the individual can read it before using the computer.

 Box 5.1

Examples of things to consider when writing a notice:

·    Are the URLs of websites that are visited stored in the computer’s cache or history folder? If so,

o         is the cache or history purged when the person logs out? (Do they have to ensure they log-off themselves?)

o         is an electronic or paper log kept of individuals who have used a particular computer that can be cross-referenced with the cache or history folder?

o         is there surveillance of the computer area allowing the video record to be cross-referenced with the cache or history folder?

·    If personal information is collected by means of a log of individuals using a computer, or surveillance records, the library must provide the following information:

o         the purpose for its collection,

o         the library’s legal authority for collecting it (see "Appendix II: Sample Privacy Clauses")

o         the contact information for the library’s FOI/Privacy Officer (Act, s. 27)

·    How long is the personal information kept (e.g. minimum of one year if used to make a decision affecting the individual) (Act, s. 31)?

·    Are internet transactions secured so that individuals may feel confident about using the internet for confidential communications?

·    Where the library provides wireless internet access, is the connection secure so that individuals may feel confident about confidential communications?

·    Does the computer allow individuals to save preferences (including usernames and passwords) that could later be accessed by someone else?

·    Are there rules for using the computer/internet that encourage respect for the privacy of others (e.g. not looking at other’s monitor)?

·    How can individuals contact the person responsible for the library’s compliance with FOIPPA if they have any questions?

b) Logs, sign-up sheets & registration forms

Personal information may only be collected where it is necessary for a library’s programs or services (or another purpose authorized by FOIPPA, see Act, s. 26). Libraries often keep track of computer use in some way. Some libraries create logs to enforce library computer use policies. Others only use sign-up sheets to allow individuals to book computer space .

i) Log of users

Libraries that keep track of computer use to enforce library computer policies, such as maximum time and appropriate use, must keep the logs for a minimum of one year so that an individual can access her personal information (Act., s. 31(b)).   

ii) Sign-up sheets

Libraries using sign-up sheets merely to allow individuals to book computer time (not to enforce library policies) should destroy the sign-up sheets as soon as possible. For example, some libraries keep statistical records of computer access; the sign-up sheets should only be kept until the statistical data has been collected.

Box 5.2

TIPS for privacy friendly sign-up sheets:

  • Let individuals know what authorizes the library to collect personal information, what any personal information on the sign-up sheet is used for, and how they can contact the library’s FOI/Privacy Officer (Act, s. 27).

  • Include recording statistical data and shredding the sign-up sheets in the library’s daily closing procedures.

  • Keep in mind that any information that is about an identifiable person is personal information. So even if the sign-up sheet is full of common first names and pseudonyms, treat it as personal information.

iii) Computer use registration forms

Some libraries require individuals to sign a registration form prior to being allowed access to computers. These must be kept for a minimum of one year, to allow the individual the opportunity to access the personal information on the form (Act., s. 31(b)).

iv) Destroying logs, sign-up sheets and registration forms

When destroying logs, sign-up sheets or registration forms containing personal information, a method should be used that is appropriate for the media. For example, paper logs should be shredded and data in computer drives should dealt with in a way that does not allow its recovery (do not merely delete files).

See "Records retention and disposal" for more information.

c) History log

Libraries should purge the cache and history folders in computers that are used by individuals as often as is practicable.

Box 5.3

Examples of when to purge personal information from computers:

  • If individuals must log-on to use the system ŕ purge personal information (including cache/history) upon log-off. Arrange for automatic log-off after a certain period if an individual does not log-off herself.

  • If the computer may be used without logging on ŕ set up a routine to purge personal information (including cache/history) each night, or when the computer is turned off (ideally, at the end of each day).

d) Back-ups

When destroying computer data, libraries should consider whether the information is retained elsewhere as a result of a backup procedure. If so, the data on the backup  should be destroyed also.

See "Records retention & disposal" for more information.

e) Surveillance of computer area

Surveillance (Close Circuit TV or any other audio/visual recording device) should be used only as a last resort.

Personal information is being collected if there is recorded surveillance of individuals using computers (e.g. their image and actions). If a recording of an individual is used to make a decision that affects her, such as suspending her privileges, the library must keep the recording of that personal information for at least one year, so she can access it (Act., s. 31(b)).

See "Security: Surveillance" for more information.

 

Please send any questions or comments to PLSB@gov.bc.ca
 

Top of page Copyright Disclaimer Privacy Feedback