Resources from the Folder IconResources Used for This Article

"Online Privacy for Nonprofits: How to Protect Members' Privacy and Personal Information." Privacy Rights Clearinghouse. 2005.

"Children's Privacy and Safety on the Internet: A Resource Guide for Parents." Privacy Rights Clearinghouse. 1998, revised 2005.

"Keeping Information Private." KDLA, Library Web Help. 2003, revised 2005.

The Accidental Webmaster. Julie M. Still. New Jersey: Information Today. 2003.

This publication is published by the Web Development Section of KDLA's Commissioner's Office.

A Web Design Guide for Kentucky's Public Libraries

 

Protect Your Content – Protect Your Patrons: An Editorial

I love to watch TV court shows, especially “Judge Judy.” Many times, when the disputes aren’t about back rent or credit card charges, you can catch cases that relate directly to your career. One episode, dealing with photo protection, comes to mind.

After an ugly love-triangle where two females’ friendship is broken over a man, Ex-Boyfriend found a photo of Girlfriend #1 on Girlfriend #2’s benign personal website. He copied the photo, added a few less-than-flattering embellishments to it (as well as a few textual profanities), then posted it on his own personal website and created a circular which he distributed to several bars in the area. Girlfriend #1 sued both Ex-Boyfriend and Girlfriend #2 for slander, liable, and any other charge she could think of. She won monetary damages from both Ex-Boyfriend and Girlfriend #2.

You might wonder why Girlfriend #2 had to pay when Ex-Boyfriend did all the damage - because Girlfriend #2’s website provided the photograph for Ex-Boyfriend to download.

Something we may never consider is - what does an end-user do with information once it is posted on a website?

As internet usage becomes more prevalent, even in the most remote areas of Kentucky, there is a greater chance that a website – your library’s website – may be used for purposes other than its original intent. We, as managers of the website, need to keep certain circumstances in mind before posting information about both the library and its patrons.

  • Some patrons or staff may be dealing with personal safety considerations, such as stalking or domestic violence, causing the necessity of keeping their location a secret.
  • Some patrons, such as doctors, teachers, or government leaders, may have an unlisted or unpublished phone number that they want to keep private.
  • Posting personal email addresses could cause any individual to receive unwanted email solicitations and spam. In addition, if individuals’ whole names are listed, this may enable others to access additional personal contact information from the telephone book.
  • Trustees may be contacted by local politicians looking for financial support or endorsements; conversely, they may be contacted by citizens with complaints.
  • Denoting the names and other personal information about donors can lead to unwanted donation requests from other charitable organizations in the area.
  • Posting pictures of minors could lure online predators or pedophiles into the library.
  • Friends of the Library or volunteers, though supportive of your efforts and active in the organization, may not want to be publicly-affiliated with the positions espoused by library, such as tax rate hikes or property disputes.

How do you protect your patron’s privacy, yet still provide pertinent information online? The Privacy Rights Clearinghouse, in their “Online Privacy for Nonprofits” fact sheet, recommends that organizations should first conduct a privacy assessment. A privacy assessment consists of these types of questions:

  • What personal information, if any, is posted on the website?
  • What kind of personal information is posted?
  • Is the organization’s newsletter posted on the website, and if so, does it include individuals’ names and other personal information?
  • Are names, telephone numbers, and email addresses included in announcements for upcoming events?
  • Does the website post information about those who signed in to attend a recent event or the minutes from meetings?
  • Do you list the names of patrons in captions of photos that your website posts?
  • Do you obtain consent from individuals before posting photos on the website, whether or not their name is included in the photo caption?
  • Do you post the names of those who have donated to your organization?

Remember, while reviewing your website, to consider *.PDF files and webpages no longer linked to but still accessible within the website’s file structure. Search engines, such as Google, have advanced search capabilities that can turn up even the most buried files within a website for the zealous researcher.

As of 2005, there are no federal laws regulating the types of information that may be posted and/or collected online from adults by non-profit organizations. However, it’s in your library’s best interest to come up with procedures for staff when creating marketing materials and/or webpages for the library. You’ll want to include instructions on how to post photos, as well as what type of contact information you allow staff to share with the public. You can integrate these procedures into a privacy policy for your website. (For help writing it, consult ALA's Guidelines for Developing a Library Privacy Policy; for examples, consult Nonprofit FAQs.)

You may also want to adopt for your volunteers, trustees, and friends of the library a “privacy preference” sheet to keep on file. This sheet can give them the option of choosing whether or not to post their photograph, contact information, donor acknowledgement, committee memberships, etc. online.

Once created, you should keep in mind that it is not a privacy policy that ensures security; it is the procedure. An understanding by you and your staff is something that will require commitment and the affirmation that everyone, internally and externally, will adhere to the policy. Make sure this is continually enforced throughout the library: one person’s mistake could become another’s person’s problem (or court case!).

Good Luck!

FYI –
Children (those under the age of 13) fall under different set of guidelines. If your library’s website collects personal information from children, or if you operate a general audience website and have actual knowledge that you are collecting personal information from children, you need to consult the Children’s Online Privacy Protection Act: http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm.

Frequently Asked Questions

What types of photographs require permission before posting?

For full frontal shots, always get documented permission. "Crowd" shots can go either way. If someone can be easily identified in a crowd shot, ask permission. If the crowd shot consists of the backs of people's heads or indistinguishable facial features, don't worry about it.

What's the best way to get permission?

Documented permission is best. There are different ways that you can approach getting documented permission.

  1. You can print out sample Photo Usage Permission Form (Adult) from KDLA's website and keep these on hand during photographic opportunities. This is probably the most time-consuming for large events, since each form must be filled out when a photo is taken.
  2. Incorporate phrasing in event registration that, by signing the form, the participant is also allowing permission to use his/her photo for the library's marketing materials/website. Although this is the most inclusive approach, there are inevitably those who do not read registration forms and may complain once they notice their photo being used.
  3. Incorporate phrasing in an event sign-in sheet that, by initialling the form, the participants may opt-out of being photographed.

*Never accept permission granted from teens or children; instead, get documented parental permission. You can download a sample Photo Usage Permission Form (Child) from KDLA's website.

What types of identifying information should I include in a photographic caption?

My personal preference, based on experience, is to give photos "generic" captions, leaving out as much identifying information as possible without the photograph losing meaning. For example, instead of "John, Suzy, and Jane - Winners of the Summer Reading Craft Contest," I would use "Winners of the Summer Reading Craft Contest." I use this for children and adults, alike. I've found that adults, especially senior citizens, are much more protective of their identities than children and young adults.

If you choose to include identifying information in a caption, make sure to include this in the permission form. Let the patron choose what they want displayed: first name, last name, etc.

 

For further discussion of this topic, consult "Keeping Information Private." KDLA, Library Web Help. 2003, revised 2005.

 

 

Privacy| Disclaimer| Individuals with Disabilities| Resources Copyright © 2004 Commonwealth of Kentucky.All rights reserved.