As stated in the policy on Privacy and Confidentiality in the Cornell University Library, the Library believes strongly in protecting the privacy of all who use its services, in person and online. The sections below provide details about the Library’s collection, use, disclosure, maintenance, and protection of personally identifiable information that you provide to us. Note that these are general principles; individual sites may have their own specific privacy policies to which links are provided. In addition, the Library also employs third party services that may have their own privacy policies. Some of these are discussed below, but you are encouraged to read the description of their privacy practices on their own web sites.
When you use web sites under the control of the library, certain technical information from your web browser is captured in a web activity log. This information normally includes:
- IP address
- Type and version of operating system and browser used
- Date and time of access
- Pages visited
- Search queries and result sets
- Referring URL (the web address of the page from which you followed a link to our site)
The Library uses this information to diagnose and solve problems with its services and to identify and resolve problems with computer security. Raw log files are normally maintained for 90 days for security purposes. (Two exceptions are arXiv and Project Euclid, which retain complete log files permanently.) For some sites, an aggregated abstract of the data is prepared each night that anonymizes session data so that searches cannot be linked to specific IP addresses or network IDs. This data is then used to analyze and improve system features.
For more information on web privacy, see CIT’s Security and Policy Page.
Cookies and Google Analytics
When you search or browse Library web sites or databases, it is theoretically possible that someone else on the Cornell University network could “eavesdrop” on your activities (though this is a violation of Cornell University policy). This is because most data on the Internet is transmitted in clear text. One way to avoid this is to use an encrypted SSL connection using the “https” prefix. Both the Library Catalog and WorldCat Local catalog support HTTPS searches. If you are concerned that someone on the network system may be eavesdropping on your searches, use either one, but change the prefix to https:// before you start your search. You should be aware that even if you use an https connection, the Library cannot guarantee that submissions to our websites, any content residing on our servers, or any transmission from our servers will be completely secure.
The Library respects the privacy of all borrowers of library materials. The Library will not reveal the names of individual borrowers nor reveal what books are, or have been, charged to any individual except as required by law. Only staff members who have a functional need to view circulation data can view who has borrowed a book.
The Library seeks to protect user privacy by purging borrowing records as soon as possible. In general, the link connecting a patron with a borrowed item is broken once the item is returned. The exception is when a bill for the item is generated. In that case, the information on who borrowed the item is retained indefinitely in our system. For security reasons, records of who requested items from the Library’s special collections are also retained indefinitely.
Interlibrary Loan and Document Delivery
Interlibrary Loan lending and borrowing records have been retained since at least 2001. They are used in case there are billing problems and to comply with the record keeping requirements suggested by the CONTU (National Commission on New Technological Uses of Copyright Works) guidelines. All such records are treated confidentially. In some cases, information about requests (including the name of the requestor) is shared within the library staff for collection development purposes, but staff are instructed not to further disseminate such information. If you do not want your interlibrary loan request used for collection development purposes, you may so indicate in the “Notes” section of the request form.
The Library at times compiles aggregate data for internal business purposes and to improve Library services, but whenever this happens, all personally-identifiable information is first stripped from the requests.
Purchase requests and items on-order or in-process requested by patrons are linked in the catalog system to the names of users so that they can notified when the items are ready to circulate. Such information is deemed confidential reader information and is not shared outside the Library. As noted above, collection development staff may also receive copies of Interlibrary Loan requests. Such information is used purely for internal operational purposes and is not shared outside the library.
Some library services require you to provide personal information. If you are asked to provide, and do provide, personal information, the Library will explain why we ask for the information and will use such information for those specific and limited purposes. Information from other sources is not combined with that information. The Library will not sell, share, or otherwise distribute your personal data to third parties without your consent.
You may ask questions of library staff by phone, mail, text, email, IM, and in person. All such inquiries are treated as confidential. Depending on the library unit, paper records with patron identifications may be kept for a few months or indefinitely. Reference questions may be posted to the Ask a Librarian blog, but only with the permission of the person asking the questions and only with all personal information removed.
Licensed Resources and Services
More and more, the Library outsources systems and services to third-party vendors. Most of the digital resources that we offer, for example, come from outside suppliers, as does the current Library Catalog (see the case study below). The Library expects the information service providers with whom we contract to protect the identity of individual users and the information they use. We commonly require, for example that vendors agree not to sell or license information from library users to third parties. Many vendors provide additional personalized services that may require you to identify yourself with your name or a pseudonym. In general, this is done at your discretion; the Library seeks to avoid products that demand personalization.
While the Library seeks to require third parties with which it works to follow accepted library policies regarding privacy and confidentiality, it is not responsible for the privacy practices of these third parties. We encourage users to familiarize themselves with third party privacy policies before using the resources.
Library Surveys/Assessment Projects
Information and data obtained by the Library or its units through surveys (group or individual interviews or other means) in support of assessment of services, collections, facilities, resources, etc., or in support of research related to library and information services, are considered confidential and will not be shared except in aggregations, to protect the privacy of individual participants. When required, surveys are conducted in accordance with the policies of Cornell’s Institutional Review Board for Human Participants.
Children Under 13
The Library does not knowingly request, collect, or share personally identifiable information from users under the age of 13.
If you have questions about the Library’s practices regarding privacy and confidentiality, please contact LIBGATEWAY-L@cornell.edu.
Licensed Service Case Study: The Library Catalog
Individual users are not connected to activities performed on the site. Therefore, searches conducted and records viewed cannot be tied back to individual users. IP addresses are collected but they are not tied to any data, including the searches performed.
OCLC also utilizes web beacons and cookies and the services of a third party firm to measure how visitors use our site. They collect the following information on users of the catalog:
- IP address of machine being used
- The domain of that machine
- The host of that machine
- Language set in browser
- Whether cookies are enabled or disabled
- Plug-ins being used (e.g. Flash, Acrobat, RealPlayer, etc.)
- What page the user entered the site on (e.g Detailed Record, Search Results), but not the specific record or search conducted
- Referring URL (where the user clicked from to arrive at WorldCat.org/WorldCat Local; includes whether the user clicked from a browser bookmark or whether the page was the home page set in the user's browser)
- Date and time of visits
- Java enabled or disabled
- Operating system
- Monitor resolution
- Monitor color depth
- "Monthly Unique Visitor" (i.e. first visit during the month)
Individual users are not connected to activities performed on the site. Therefore, searches conducted and records viewed cannot be tied back to individual users. OCLC’s contract with Omniture also stipulates that data collected from the OCLC web site is the confidential property of OCLC. Omniture therefore cannot disclose or share that information with any third party without OCLC’s authorization. Furthermore, it is possible to opt-out of Omniture’s cookie tracking.
Requests for Patron Information
Pursuant to the Library’s Privacy and Confidentiality in the Cornell University Library, to protect the privacy of all who use its services, in person and online, the library will deny all requests for patron information, with limited exceptions. The sections below detail what constitutes protected patron information, and the procedure for library staff for handling requests for patron information.
Patron information that is protected
Pursuant to NY CPLR § 4509 the following is protected patron information:
- Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records.
Library procedure for handling requests for patron information
If a request for patron information is made, regardless of who is making the request and for what purpose, the request must be denied unless it falls under one of the following exceptions, stated in NY CPLR § 4509:
Disclosure to the extent necessary for the proper operation of library activities.
- Procedure note: An example of where disclosure would be allowed under this exception is information sharing necessary for staff to determine library routing of patron-requested materials. An example of where disclosure is not allowed under this exception would be a faculty member or student patron request for identifying information of another patron who is in possession of library material that the requesting faculty member or student patron wishes to obtain.
Disclosure upon written consent of the user whose information is to be disclosed.
- Procedure note: If user is a minor or ward, the user’s parents or guardians must give written consent. Written consents must be collected by library staff prior to disclosure, and kept for review and record keeping by the administration in each library unit.
Disclosure upon court order or subpoena.
- Procedure note: University Policy 4.13 Acceptance of Legal Papers requires all university employees, including library staff, to direct anyone attempting to serve legal papers pertaining to the university to the Office of University Counsel. If approached by a law enforcement official who requests protected patron information from library records, or requests library cooperation to obtain protected patron information, library staff must inform the law enforcement officer that they are not authorized to accept legal papers on behalf of the university, and refer the individual to the Office of University Counsel. Staff should request the individual’s name and agency and then report this information to their immediate supervisor, who will in turn advise Library Administration. The University Librarian or any available AUL will communicate immediately with the Office of University Counsel that they should expect legal papers to be served upon them.
- If the law enforcement officer insists on leaving papers with library staff, they must immediately refer the officer to the staff member’s immediate supervisor. If the immediate supervisor is unavailable, staff will refer the law enforcement official to the Library Administration Office in Olin Library, Room 201 (607.255.3393). The University Librarian or any available AUL will respond to the request and immediately contact the Office of University Counsel.