My last column addressed some of the tensions that underlie the idea of "not letting the perfect be the enemy of the good" in library leadership, and at the end I promised that my next would deal in a similar way with trying to balance the occasional tension between problems that are truly important and those that are merely "noisy."

However, an issue has come up in the meantime that is more timely and urgent, so I'm putting off the "noisy vs. important" column until next time. This month I want to address the issue of patron privacy in the context of the recent revelations about privacy incursions in the latest version of Adobe Digital Editions (ADE)—specifically, the fact that version 4 of the e-reader software gathers highly specific data about individual users' reading behavior and transmits it, unencrypted and with all identifying information included as well as other data culled from the user's machine, back to Adobe. (A very useful running summary of the issue and details about how the situation is quickly evolving can be found at the Digital Reader blog.)

Understandably and rightly, the fact that this is happening has ignited something of a firestorm in the library world and elsewhere. Also understandably and also rightly, it has led to hand-wringing and soul-searching within the library profession, as well as some intramural vituperation, particularly from those who have never been comfortable with the information ecology's marked drift in a digital and networked direction over the past couple of decades.

For what it's worth, I'd like to provide another perspective on this issue and its implications for library services, one based on two interlocking propositions.

PROPOSITION #1: OUR PATRONS' PRIVACY IS NOT OURS TO MESS WITH

This proposition is pretty uncontroversial, I think, and it means that when we're entrusted with information about our patrons and their use of library resources and service, we have to be absolutely scrupulous about safeguarding it for as long as it's retained.

However, the obvious and easily-acceptable proposition that our patrons' privacy is not ours to mess with addresses only one dimension of the patron-privacy issue: the fact that we have no right to breach patrons' privacy ourselves. It also raises a more complex and difficult question: to what degree will we leave privacy decisions in the hands of our patrons themselves, and to what degree will we take those decisions out of their hands? In other words, this is the access-vs.-privacy question, and it's difficult because it forces us (as Andromeda Yelton has eloquently written) to choose between several fundamental library values. Or, more accurately in this case, it forces us to grapple with two different expressions of a single fundamental library value, which is the freedom to read. We express that value, on the one hand, by giving our patrons access to books and letting them read whatever they want, without restriction; we also express it, on the other hand, by ensuring to the best of our ability that they will be able to read whatever they wish without being surveilled. So what do we do when we can't give them access to what they want to read in a way that completely prevents surveillance?

For the moment, let's set aside the important question of whether things can be fixed so that the choice between access and privacy is obviated. Fixing the system may well be possible in the future, and librarians are uniquely well positioned to be major contributors to the process of making that happen. But for the sake of argument, let's assume that for right now we do have to make that choice for at least some of the books that our patrons want to read, and that we'll keep having to make that choice for some time to come. If this is the reality, then for now we really do have to choose, to some degree, between providing access and protecting privacy. Let's look at some of the issues that bear on that choice, and let's start by looking at the second of the two interlocking propositions I alluded to earlier:

PROPOSITION #2: OUR PATRONS' PRIVACY IS THEIRS TO MESS WITH

The fact that our patrons' privacy isn't ours to mess with begs the question: whose is it? And the answer, I believe, is that our patrons' privacy is theirs to mess with. I think this means that, just as we need to treat as sacrosanct the confidentiality of patron data that we hold, we also have to treat as sacrosanct our patrons' right to make decisions about their own privacy. To say that this right is sacrosanct isn't to say that our patrons can be counted on always to make wise privacy decisions. It's only to say that we shouldn't take upon ourselves the role of decider when it comes to other people's privacy any more than we should do so when it comes to other people's decisions about reading—we don't tell them what to read, we don't tell them what to think, we don't tell them how to use the information we provide them, and I certainly don't see how we can decide for them what constitutes an acceptable or unacceptable use of their private information.

What does this mean in real life? In the case of the ADE issue, for example, let's suppose that my library is offering ebooks on that platform and that, for the moment, there is no way to fix the problem of ADE sending personal information about readers and their behavior to its parent company. In that situation, if my library is using that platform, then I don't believe I have the right simply to continue with business as usual, giving my patrons access to ebooks in that way and disregarding their privacy rights. So in the absence of a short-term fix to the problem itself, it seems to me that I have two options: either stop providing access to the ebooks, or inform my patrons of what's happening and let them decide for themselves whether access to those books is worth the loss of privacy that using them requires.

VALUES IN CONFLICT

Neither of these options is a comfortable one, because each of them simultaneously supports and conflicts with my patrons' freedom to read.

The first option supports the basic library value of freedom to read by ensuring that patrons' reading behavior won't be monitored by third parties. The problem, of course, is that it ensures that privacy by making the books inaccessible. That strikes me as problematic—kind of like preventing burglary by burning your house down. (Simply providing the same books in print format will in many cases be impossible, because my library could never afford to provide access to as many print books as it can ebooks.)

But the second option, informing patrons about the privacy issue and letting them choose for themselves to read under surveillance, is also problematic because it assumes that my patrons will a) pay attention to the notifications we put in place about the risks inherent in using these ebooks, and then will b) make good privacy decisions based on that information. As we all know, people are by no means always good judges of what's in their best interest and they don't always pay attention to urgently relevant information or make good decisions based on it. So what do we do?

WHAT DO YOU MEAN WHEN YOU SAY "PRIVACY IS SACRED"?

As one approach to untangling this problem, consider this: we librarians recently observed Banned Books Week, during which we celebrated "the freedom to seek and to express ideas, even those some consider unorthodox or unpopular"—or, in other words, our determination not to let other people tell our patrons what they can do with their minds. Surely this isn't because we believe all books are equally worthy of our patrons' attention, or even that books are only capable of doing good in the world. If we believe that ideas are powerful, then we have to acknowledge that the power of ideas can be destructive as well as constructive—and yet our stance, as a profession, is (and I believe has to be) that we are going to let our patrons select for themselves the ideas they will invite into their minds. In other words, we know that some of our patrons' reading decisions will be bad—some of them will seek out, absorb, and eventually subscribe to ideas and principles that might lead them down paths that are destructive both to themselves and others—but nevertheless, we see the freedom to choose what one reads as too sacred to take away from them.

So here's the question for us in regard to ebooks and patron privacy: how sacred is our patrons' right to privacy? Is it so sacred that only we, the library profession, can be entrusted with its care, since we very often have a better understanding of the implications of privacy decisions and can always be counted on to have the best interests of our patrons at heart? Or is it so sacred that we would never consider arrogating to ourselves the right to make our patrons' privacy decisions for them?

Now would be a very good time for each of us to decide where we stand on this question. And no matter which stance we choose, we'd better be ready to defend it—because either one is going to make some people angry.