Editorial Board Thoughts:  
Library Analytics and  
Patron Privacy Ken Varnum 

 

INFORMATION TECHNOLOGY AND LIBRARIES | DECEMBER 2015  

    

2 

Two significant trends are sweeping across the library landscape: assessment (and the 
corresponding collection and analysis of data) and privacy (of records of user interactions 
with our services). Libraries, perhaps more than any other public service organization, are 
strongly motivated to assess their offerings with dual aims. The first might be thought of as 
an altruistic goal: understanding the needs of their particular clientele and improving library 
services to meet those needs. The second is perhaps more existential: helping justify the 
value libraries create to whatever sources of funding are necessary to impress. Both are valid 
and important. It is hard to argue that improving services, focusing on actual needs, and 
maintaining funding are in any way improper goals. However, this desire is often seen as 
being in conflict with exploring too deeply the actions or needs of individual constituents, 
despite librarians’ historical and deeply-held belief that each constituent’s precise 
information needs should be explored and provided for through personalized, tailored 
services.  

Solid assessment cannot happen without solid data. Libraries have historically relied on 
qualitative surveys of their users, asking users to evaluate the quality of the services they 
receive. Being able to know more details and ask directed questions of individuals who used 
services is possible in the traditional library setting through invitations to complete surveys 
after individual interactions such as a reference or circulation desk interaction, library 
program, visit to a physical location, or even a community-wide survey invitation. Focus 
groups can be assembled as well, of course, once a library has identified a real-world group 
to study. However, those samples are more often convenience samples or—unless a library is 
able to successfully contact and receive responses from across the entire community—
somewhat self-selected. Assessment that leads to new or improved services relies much 
more heavily on broad-based understanding of the users of a system.  

Libraries have been able to do limited quantitative studies of library usage—at its simplest, 
counting how many of this were checked out, how many of that was accessed, and how many 
users were involved. These metrics are useful, but also limited, particularly at the scale of a 
single library. Knowing that a pool of resources is heavily used is helpful; even knowing that 
a suite of resources is frequently used collectively is beneficial. However, tying use of 
resources to specific information needs or information seekers, whether this is defined as 

 

Ken Varnum (varnum@umich.edu), a member of the ITAL Editorial Board, is Senior 
Program Manager for Discovery, Delivery, and Learning Analytics at the University of 
Michigan Library, Ann Arbor, Michigan. 

mailto:varnum@umich.edu


 
 

EDITORIAL BOARD THOUGHTS: LIBRARY ANALYTICS AND PATRON PRIVACY | VARNUM  
doi: 10.6017/ital.v34i4.9151 
 

3 

individuals or ad hoc collections of users based on situational factors such as academic level, 
course enrollments, etc. These more specific grouping rely on granular data that for many 
libraries—especially academic ones—are increasingly electronic.  

We are at a point in time when we have the potential to leverage wide swathes of user data. 
And this is where the second trend, privacy, comes to bear. Protecting user privacy has been 
a guiding principle of librarianship in the United States (in particular) since the 1970s, as a 
strong reaction to U.S. government (through the FBI) requests to provide access to 
circulation logs for individuals under suspicion of espionage. This was in the early days of 
library automation, when large libraries with automated ILS systems could prevent future 
disclosure through the straightforward strategy of purging transaction records as soon as the 
item was returned. This practice became standard operating procedure in libraries, and 
expanded into new information service domains as they evolved over the following forty 
years. With good intentions, libraries have ensured that they maintain no long-term history 
for most online services. 

As a profession, we have begun to realize that the straightforward (and arguably simplistic) 
approaches we have relied on for so long may no longer be appropriate or helpful. Over the 
past year, these conversations found focus through a project coordinated by the National 
Information Standards Organization thanks to a grant from the Andrew W. Mellon 
Foundation.1 

The range of issues discussed here was far-reaching and touched on virtually every aspect of 
privacy and assessment imaginable. The resulting draft document, Consensus Framework to 
Support Patron Privacy in Digital Library and Information Systems,2 outlines 12 principles 
that libraries (and the information service vendors they partner with) should follow as they 
establish “practices and procedures to protect the digital privacy of the library user.” 

This new consensus framework sets a series of guidelines for us to consider as we begin to 
move into this uncharted (for libraries) territory. If we are to record and make use of our 
users’ online (and offline, for that matter) footprints to improve services, improve the user 
experience, and justify our value, this document gives us an outline of the issues to consider. 
It is time (and probably long past time) that we make conscious decisions about how we 
assess our online resources, in particular, and do so with a deeper knowledge of both the 
resources used and the people using them.  

At the exact moment in our technological history when we find ourselves able to provide 
automated services at scale to our users through the Internet and simultaneously record and 
analyze the intricate details of those transactions, we need to come to think clearly about 
what questions we have, what data we need to answer them, and be explicit about how those 
data points are treated. It is important that we start this process now and change our blunt 
practices into more strategic data collection and analysis. Where 40 years ago we opted to 



 

INFORMATION TECHNOLOGY AND LIBRARIES | DECEMBER 2015   

 

4 

bluntly enforce user privacy by deleting the data, we should now take a more nuanced 
approach and store and analyze data in the service of improved services and tools for our 
user communities. We have the opportunity, through technology and a more nuanced 
understanding of privacy, to conduct a protracted reference interview with our virtual users 
over multiple interactions… and thereby improve our services. 

REFERENCES  
 
1. http://www.niso.org/topics/tl/patron_privacy/ 

2. 
http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus
%20Principles%20Users%20Digital%20Privacy.pdf  

 

http://www.niso.org/topics/tl/patron_privacy/
http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus%20Principles%20Users%20Digital%20Privacy.pdf
http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus%20Principles%20Users%20Digital%20Privacy.pdf