Privacy is essential to the exercise of free speech, free thought, and free association. Drexel University Libraries defines the right to privacy as the right to open inquiry without having the subject of one's interest examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information about users and user activities, and keeps that information private on their behalf.
The courts have upheld the right to privacy based on the Bill of Rights of the U.S. Constitution. The Libraries’ privacy and confidentiality practices build upon applicable federal, state, and local laws, including the PA Public Library Code, 24 C.S. §9375, the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) and the www.drexel.edu website.
In accordance with the American Library Association's Code of Ethics, the Drexel University Libraries "protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted."
Libraries users have the right of “notice” - to be informed about the policies governing the amount and retention of personally identifiable information, and about why that information is necessary for the provision of library services. This disclosure statement explains your privacy and confidentiality rights, the steps the Libraries takes to respect and protect your privacy when you use library resources, and how the Libraries handles personally identifiable information that the Libraries may collect from library users.
Information Used for Libraries Transactions and Services
To provide borrowing privileges, the Libraries must obtain certain information about library users in order to provide them with a library account. If users are affiliated with Drexel University, the Libraries automatically receives personally identifiable information (name, address, e-mail address, university status, identification number, etc.) in order to create and update their library account from the university’s Banner system.
The Libraries avoids creating unnecessary records, the Libraries avoids retaining records not needed for the fulfillment of the mission of the Libraries or the University, and the Libraries does not engage in practices that might place information on public view. Personally identifiable information collected in the process of library operations - including but not limited to records of the borrowing and use of library information resources (such as books, eBooks, DVDs, streaming video, journals, journal articles) and equipment, reference interactions, computer use logs, logs of Internet sites consulted, etc., as well as records of transactions regarding fees and fines - is stored in a secure manner. Personally identifiable information collected in the course of library transactions is used solely for business purposes and is collected with the implied consent of library users. Such data are shared with other University entities only as necessary for the conduct of the Libraries’ operations, and is done so via secured means of communication, such as through encrypted email and via Drexel’s secured networks. Data collected for the express purposes of operational research and assessment are collected with the informed consent of library users, and are appropriately anonymized.
Please note that the Libraries may be obligated to release such information to federal law enforcement agents in response to a search warrant or subpoena issued in accordance with the Foreign Intelligence Surveillance Act, 50 U.S.C. 1861, as amended by the USA PATRIOT Act (Public Law 107-56). That law prohibits Libraries staff from informing you that such a request has been received.
Public Computers, Networks and Electronic Resources
When connecting to licensed resources from off-campus, the Libraries authenticates users as members of the Drexel University community and does not provide any personally identifiable information to vendors. For purposes of ensuring compliance with vendor usage policies, personally identifiable information is retained for each off-campus log-in to licensed resources. This information is purged on a scheduled basis unless there has been a notice of inappropriate use from a vendor.
Third Party Resources
The Libraries uses and links to resources owned and operated by third parties, including integrated library systems, offsite computer services, databases, and electronic journals. The Libraries licenses these resources for the use of Drexel authorized users. The Libraries makes every attempt to include user privacy protections in license agreements with third parties, such as vendors of digital information resources like electronic databases and journals, and software tools used in library services. Nevertheless, because the use of these websites and resources is not governed by the Drexel University Libraries, the Libraries strongly recommends that you review the privacy policies of the websites that you visit, particularly if you are requesting online help through email or chat or establishing your own account for specialized services like table of contents, email, saved search alerts, purchases, or other personalization features.
The Libraries will not share data on individuals with third parties unless required by law. Libraries users who have questions, concerns, or complaints about the Libraries’ handling of their privacy and confidentiality rights should file written comments with the Dean of Libraries. The Dean or the Dean’s designate will respond in a timely manner and may conduct a privacy investigation or review of policy and procedures.
Only the Dean and/or the Dean’s designate is authorized to receive or comply with requests from law enforcement officers; the Dean or the Dean’s designate will confer with University General Counsel whenever possible before determining the proper response. The Libraries will not make users’ records available to any agency of state, federal, or local government unless a subpoena, warrant, court order or other investigatory document is issued to the University by a court of competent jurisdiction that shows good cause and is in proper form.