IFLA Statement on Privacy in the Library Environment

Skrevet af

14. august, 2015

The rapid advancement of technology has resulted in increasing privacy implications for library and information services, their users, and society. Commercial Internet services, including those used to deliver library and information services, collect extensive data on users and their behaviour. They may also sell data about their users to third parties who then act on the data to deliver, monitor or withhold services. Using identification and location technology, governments and third parties can analyse a library user’s communication and activities for surveillance purposes or to control access to spaces, devices  and services.

Excessive data  collection and use threatens individual users’ privacy and  has other social and legal consequences. When Internet users are aware of large-­scale data collection and surveillance, they may self-­censor their behavior due to the fear of unexpected consequences. Excessive data collection can then have a chilling effect on society, narrowing an individual’s right to freedom of speech and freedom of expression as a result of this perceived threat. Limiting freedom of speech and expression has the potential to compromise democracy and civil engagement.

Privacy as a right
Freedom of access to  information and freedom of expression, as expressed in Article 19 of the Universal Declaration of Human Rights, are essential concepts for the library and information profession. Privacy is integral to ensuring these rights.

Privacy is defined as a human right in Article 12 of the Universal Declaration that states “No one shall be  subjected to arbitrary interference with his privacy, family,  home or correspondence, nor to attacks upon his honour and reputation.” Privacy is essential  to enable access and use  of information without fear of consequences. Electronic surveillance, interception of digital communications and mass collection of personal data negatively  impact on freedom of expression and  freedom of information. In recognition of this, the United Nations General Assembly in 2013 and 2014 adopted resolutions on the “Right to privacy in the digital age,” calling all countries  to “respect and protect  the right to privacy, including in the context of digital communication.”

Privacy in libraries
Individual library and information service policies traditionally value privacy and confidentiality for users. These principles are reflected in the IFLA Internet Manifesto as a specific statement: “Library and information services …have a responsibility to… strive to ensure the privacy of their users, and that the resources and services that they use remain confidential.” The IFLA Code of Ethics identifies respect for personal privacy, protection of personal data, and confidentiality in the relationship between the user and library or information service as core principles.

Users´ privacy in libraries has become widely challenged. Commercial content and service providers used by library and information services may collect data on users´ activities, communications, and transactions or require that  libraries collect data as a condition of providing their content or services. Cloud-­based library systems may transfer and store users’ data outside of the library or information service. When library and information services offer services on mobile devices, the services may collect identity and location data, track the use of the library or information service, and share the data with third parties.

Library and information services have the opportunity to make independent decisions about local system and data management. Library and information services can decide what kind of personal data they will collect on users and consider principles of data security, management, storage, sharing and retention. They can negotiate with commercial service providers to ensure the protection of users’ privacy, refuse to acquire services that collect excessive data, or limit the use of technologies that could compromise users’ privacy. However, library and information services’ opportunities to influence, regulate or gain reliable knowledge of the data collection practices of commercial vendors or government institutions may be limited.


  • Library and  information services should respect and advance privacy both at the level of practices and as a principle.
  • Library and information  services should support national, regional and international level advocacy  efforts (e.g. by  human rights and digital rights organisations) to protect individuals’ privacy and their digital rights and encourage library professionals to reflect on these issues.
  • Library and information services should reject electronic surveillance and any type of illegitimate monitoring or collection of users’ personal data or information behaviour that would compromise their privacy and affect  their rights to seek, receive and impart information. They should take measures to limit collection of personal information about their users and the services that they use.
  • While government access to users´ data and data surveillance cannot be completely avoided, library and information services should ensure that intrusion in users’ information or communications by government is based on legitimate principles for such practices and necessary and proportionate to legitimate aims (e.g. described in “International Principles on the Application of Human Rights to Communications Surveillance”).
  • When library and information services provide access to resources, services or technology that may compromise users’ privacy, libraries should encourage users to be aware of the implications and provide guidance in data protection and privacy protection.
  • Library and information services should support their users’ ability to make informed choices, take legitimate actions and weigh risks and benefits in their communications and use of services on the Internet.
  • Data protection and privacy protection should be included as a part of the media and information literacy training for library and information service users. This should include training on tools to use to protect their privacy.
  • The education of library and information  professionals should include data and privacy protection principles and practices in a networked environment.

Endorsed by the IFLA Governing Board  on 14  August 2015

300 mio. norske kroner skal understøtte de norske børns læsning

Den norske statsminister Jonas Gahr Støre bebuder, at der vil komme en investering i fysiske skolebøger på 300 mio. norske kroner.

Helping libraries help Europeans

Europæiske biblioteksforeninger udgiver manifest til EP-valget, bl.a. om at sikre lige adgang til kultur og uddannelse.


Den europæiske biblioteksorganisation EBLIDAs nomineringsfase er overstået, nu skal der vælges både EBLIDA præsident og medlemmer til Executiv Committee. Der kan stemmes ...

Amerikanske unge har genfundet biblioteket

Unge amerikanere, som over there gerne omtales som Gen Z, bruger bibliotekerne i højere grad end de ældre generationer. En rapport fra den Amerikanske Biblioteksforening, ALA, ...

Ny direktør for EBLIDA

Den 1. februar 2024 er første arbejdsdag for EBLIDAs nye direktør Mikkel Christoffersen. Han efterfølger Giuseppe Vitiello, som forlod EBLIDA i december 2023. Mikkel ...

IFLA 2024 i Dubai er aflyst

IFLA meddeler, at the Emirates Library and Information Association har trukket deres invitation om at afholde IFLA 2024 i Dubai tilbage. Planerne om at IFLA 2024 skulle afholdes i ...

Thailandske politikere i Danmark for at høre om demokrati og biblioteker

I slutningen af august 2023 var en gruppe politikere fra det thailandske parti ’Move Forward Party’ på besøg i Danmark for at høre mere om dansk demokrati, herunder om ...

Danmarks Biblioteksforening anbefaler at IFLAs verdenskongres ikke afholdes i Dubai

(English version below) IFLA offentliggjorde i juni, at man planlægger at afholde verdenskongressen WLIC 2024 i Dubai. Det har der været en del kritik af, derfor har man lavet ...