Confidentiality of Library Records
One of the public library’s most cherished and valuable assets is the fact that anyone may use the library’s resources in privacy, without fear of censorship, repression, or intimidation. In accordance with Maryland law (Maryland Code, Ed 23-108), circulation and other records identifying personal information with the use of specific library materials, services or facilities are confidential. Such records shall not be disclosed except to:
(a) persons acting within the scope of their duties within the administration of the library and only for the purpose for which the record was created.
(b) persons authorized by the individual to inspect the individual’s record.
The Information St. Mary’s County Library Collects
The following applies to all information submitted to the St. Mary’s County Library via any communication mechanism. The personal information collected is as follows and will be kept until your account is deleted, unless otherwise indicated:
- Email address
- Phone number
- Library card number
- Date/year of birth
- Materials currently checked out (until returned, unless you activate your reading history using the My Account function in the catalog)
- Overdue material (until returned, unless you activate your reading history using the My Account function in the catalog)
- Log of fines, paid or waived
- Log of account communication history (emails or phone calls about holds or overdue materials)
The Way We Use This Information
- The Library conducts promotional campaigns to inform the community of our services. The Library uses customer e-mail addresses for the Library’s internal mailing lists. If you do not wish to receive these emails from the Library, you may unsubscribe by clicking “unsubscribe” at the bottom of the email.
- Email addresses are used to send notification of reserved materials, overdue materials, and for the purpose of renewing your library card.
- Mailing addresses are used for overdue and billing notices.
- Personally identifiable or account information may be shared with trusted third-party vendors for recovery of Library materials, or for statistical purposes, so long as those parties agree to keep this information confidential.
Personally identifiable information may be released only to a law enforcement agency after presentation of an order by a court of competent jurisdiction issued in proper form (a court issued subpoena or search warrant) and/or under the provisions of the USA Patriot Act.
The following requests will immediately be referred to the Library Director:
- An agency of state, federal, or local government or any individual pursuant to a valid court order, search warrant or subpoena authorized under the authority of federal, state or local law relating to civil, criminal or administrative discovery procedures or legislative investigative power.
- A government official with a FISA (Foreign Intelligence Surveillance Act) Request.
If the Library Director is not immediately available, the requestor will be given the Director’s contact information and their name and contact information will be taken so the Director may contact them.
Library personnel shall not disclose to any other individual, corporation, institution, governmental agent or agency, except as provided in the above paragraph, information that includes but is not limited to the following:
- the library’s circulation records and their contents as pertains to individual customers
- the library’s registration records and their contents
- the number or character of questions asked by a customer
- the frequency of a customer’s visits to the library
- a customer’s name, address, or telephone number
- a customer’s interlibrary loan records
- a customer’s record of computer and database usage
- computer contents that could be used to identify material or sources a customer consults
- the contents of a customer’s information transaction: titles requested, information requests, personal documents being created using library’s software, etc.
If a request for information is denied, the Library Director shall inform the individual, corporation, institution, governmental agent or agency making the request within ten (10) days of receipt of the request.
Customer Access to Account Information
Customers have the right to receive information about their own records, but must first provide personal identification. Acceptable identification includes library card or driver’s license or validation of personal information in the customer’s record such as birthdate, address, phone number or email address.
The laws of Maryland prohibit the access of a child’s record by the library without the presentation of the library card. Parents and legal guardians have the right to receive information about their minor children’s records only with the presentation of their child’s library card.
Parents/guardians who sign for a minor child’s card are authorized to use that card for the child’s materials but use of their own card is preferred for their own materials.
Library cards are non-transferable and are intended for use by the cardholder only. Cardholders are responsible for all materials checked out on a library card. Lost or stolen cards should be reported promptly. Customers who wish to pay fines for other family members other than minors may be told only the amount owed if they do not have the library card. If the solicitor has given name and library card number for a family member, information provided shall be limited to the number of items charged to the customer and the amount owed.
Information provided by staff over the telephone or left on a voicemail shall be limited to notification that an item or information is available. Email communications about holds and overdues include titles.
Reserved materials may be picked up by the person placing the reserve or by someone who has permission from the person who placed the reserve. The materials will be checked out on the card of the person placing the reserve.
Digital Branch Privacy
The Library does not collect any personal information about you when you visit the Library’s web site unless you choose to provide that information. The Library does not track or permanently record information about individuals and their visits. However, the Library’s web site uses standard server software that logs use by each visitor. We collect and store only information to measure use of our site using Google Analytics. This data is collected in aggregate. We do not examine or record individual users’ use of the website. The aggregate information is kept indefinitely. The information collected includes:
- the address (IP) of your computer, device, or internet provider
- the date and time of site access
- the address of any website that linked to our site
- web browser type
- operating system type
- which pages were accessed
- how long each page access lasted
The log of activity on the Library web servers is used for Library purposes only. The Library uses this information to help make its site more functional for visitors — to learn about the number of visitors to its site and the kinds of information they seek.
Browser and operating information can also be used to take you to the version of the site that best conforms to the capabilities of your tools and offers the Library a ready list of browsers to test for compatibility with pages created on the Library web site. Learn more about and opt-out of making your site activity visible to Google Analytics.
Communication with the Library via the Website
If you choose to send the Library an email message or otherwise communicate with the Library via a website form, the Library will use that information only to respond to your message and to help get you the information you have requested. General suggestions and comments about library services are shared among library staff members responsible for ordering materials or providing services to customers. If you choose to renew your Library card using the Renew form on the Library’s website, Library staff will use that information only to update your Library account information.
Third-Party Digital Services
In order to use our third-party digital services (the Library catalog and online resources, including eBooks, digital audiobooks, and other resources listed on our Online Resources page) you log in to validate yourself as a St. Mary’s County Library customer. Different services handle authentication different ways, but the following information may be transmitted to these service providers solely for the purpose of authentication. This data is usually collected in aggregate and/or anonymously. Data is kept for different periods of time by different companies. Information collected might include:
- Address (or only zip code)
- Library card number
- The address (IP) of your computer, device, or internet provider
- The date and time of site access
- Search terms
- Which pages/resources were accessed and/or downloaded
Privacy practices are notably different for the Kindle-format eBooks offered through the Library’s subscription to OverDrive. Downloading these titles requires you to have an account with Amazon, and any eBooks borrowed through the library are therefore tracked through your Amazon account, as are any notes or highlights you make in these library eBooks.
Cookies are small text files placed on user computers by a website to enable customization of individual visits. Some Library electronic services, such as sessions on the Library catalog using the My Account option and remote online resources, place temporary cookies for current sessions. These cookies do not capture personal information or compromise visitor privacy. You may delete them from your home browser when the sessions are ended. Visitors can refuse the cookie by using instructions provided in their browser. This refusal may result in the inability to access many Library services from computers outside the Library.
St. Mary’s County Library maintains several social media accounts which allow users to share opinions and information about library related materials and activities. Social networking can include, but is not limited to, blogging, instant messaging, social media sites, and wikis.
The Library does not collect, maintain or otherwise use the personal information stored on any third party site in any way other than to communicate with users on that site, unless granted permission by users for Library contact outside the site. The purpose for contact outside the site may include program promotion, volunteer opportunities, reference help, or other similar activities. Users may remove themselves at any time from the Library’s lists, or request that the Library remove them. Users should be aware that third-party websites have their own privacy policies and should proceed accordingly.
The Library reserves the right to edit or modify any postings or comments for space or content while retaining the intent of the original post. The Library shall also be granted the right to reproduce comments, posts, and messages in other public venues (i.e., a posting on Facebook may be quoted in a newspaper or on the library website). Identifying information, other than first name, will be removed unless prior approval is granted by the user.
The Library is not responsible for someone being seen or recognized in the library or for passersby seeing what materials or websites are being used in the library.
Use of Publicly Accessible Computers Provided by the Library
The Library makes computer systems available to the public for access to the Internet, word processing, and other information services and productivity software programs.
Upon rebooting of library computer systems, all documents created, Internet search histories, temporary files, cache, and certificates are purged. Customers are encouraged to participate in securing the privacy of their computer sessions by exiting the browser software and closing their session (which forces a reboot) after they have finished using a Library computer.
The Library cannot be responsible for user’s privacy when the user discloses information to outside web sites. It is the user’s responsibility to protect their personal information.
Wireless Internet Access
The Library cannot assure the safety of customers’ data when using wireless internet access. Connecting a computer to the internet via the Library’s wireless network exposes it to the same viruses and other security risks as any internet connection does. The customer is responsible for ensuring that their computer is protected against such threats. Customers use the Library’s wireless network at their own risk. Virus and security protection is the customer’s responsibility.
The Library has installed surveillance cameras, using digital storage, to enhance the safety and security of Library customers and staff by discouraging violations of the Library’s Behavior Rules, to assist Library staff in preventing the occurrence of any violations, and when necessary, to provide law enforcement assistance in prosecuting criminal activity. Video footage is stored on Library servers for 30 days.
Camera placement shall be determined by the Library Director or a designee. Cameras shall not be placed in areas where there is a reasonable expectation of privacy, such as within restrooms. Conversations or other audible communication are not monitored or recorded by the security cameras.
Video records and still photographs may be used by authorized individuals to identify those responsible for Library policy violations, criminal activity on Library property, or actions considered disruptive to normal Library operations as delineated in the Library Behavior Rules. In situations involving banned customers, stored still images may be shared with staff system-wide. Shared images may remain posted in restricted staff areas for the duration of the banning period.
Access to the archived footage in pursuit of documented incidents of injury, criminal activity, or violation of the Library’s Behavior Rules is restricted to designated staff: Security personnel, Technology personnel, Library managers, and Library administration. These designated staff also have access to real-time images, viewable on desktop monitors.
All requests for viewing of real-time or recorded imagery by law enforcement officials must be presented to the Library Director. If the Library Director is unavailable, such requests shall be presented to the administrative or supervisory staff designated by the Library Director to hold such authority. Law enforcement may view recorded images unless such images include records protected by Maryland Code, Ed 23-108, in which case such records would be released only pursuant to valid court order. Images (but not video footage itself) may be provided to law enforcement if staff are able to remove parts of images that include records protected by Maryland Code, Ed 23-108.
In the event of a search warrant, which is executable immediately, Library administration will comply with the search warrant and consult with legal counsel.
Upon receipt of a subpoena or other court order, Library administration shall consult with legal counsel to determine if the document is in proper form and that good cause for its issuance in a court of proper jurisdiction is demonstrated. If not, Library administration shall insist any defect be remedied before releasing videos or images which contain customer information.
Exception: if someone’s life or safety is at risk, video or images containing customer information may be released to appropriate officials without a court order.
Confidentiality and privacy issues prohibit the general public from viewing security camera footage. If the Library receives a request from the general public to inspect security camera footage, the requester will be advised to file a police complaint.
The library is a limited public forum, like a courtroom, and restrictions on the use of photography or videoing apply. Photographic or video recording in the library may not include any other person or their library use per Maryland Code, Ed 23-108, unless those being photographed or videoed have given expressed consent. Parents and legal guardians may give permission for their children to be photographed and may take photos of their own children. Library-sponsored events in meeting rooms are treated as limited public forums, and the same rules apply that pertain to library spaces. In a meeting room event reserved by outside groups under the library’s policies, photography or videoing is not allowed without the permission of those reserving the room, and even then not without the expressed permission of the people being photographed or videoed.
Participation at Library events constitutes implied consent to be photographed and to have those photos sent to news outlets and published on the Library’s website as well as Library social media pages. Photos, images and videos taken within the Library or at Library sponsored events may be used with verbal consent from the subject (or parent/guardian). Photos, images, and videos submitted by users for galleries or contests may also be used by the Library for promotional purposes. We do not sell these photos or use them for purposes unrelated to the Library. Requests to have photos removed from Library websites or social media sites may be submitted in writing to the Library’s Marketing and Communications Coordinator.