In some specialized applications librarians have expressed frustration when turnkey vendors refuse to provide certain statistical capabilities because of "security and privacy" concerns. Computer security and privacy are not the sane thing. Security is the protection of data from unauthorized access; the protection of parts of a file system from authorized users who do not have the appropriate level of clearance is privacy. Another way of differentiating the two concepts is to say that security is the prevention of access to the system and that privacy is authorization to access parts of the system.
Security has not generally been emphasized in RPPs prepared by libraries; privacy has been. Because of the limited value of library data bases, the relatively small number of terminals on library systems and their restricted distribution as staff terminals in library work areas, security-the prevention of unauthorized access to the system as a whole--has not been regarded as a serious problem. Security and privacy will become more important as libraries add patron access catalog terminals and provide remote access to personal computer users.
Securing a system may be necessary for reasons other than those normally considered as part of "security" to limit access to authorized users to that computer resources are not taxed as well as to prevent access by persons or organizations not served by the library. Privacy will have to be insured for those parts of the files which contain information which should not be seen by those who do not have access authorization. Clearly, patron records should be protected. Nevertheless, the information may have to be retained in the system to meet library needs.
In the past, privacy has too often been achieved by purging information from files. For example, patron histories are paged in most turnkey vendors' software as soon as materials are returned and any fines incurred are cleared. This approach has posed problems for libraries that want information for specific purposes such as avoiding the booking of a film to a user who has recently had it or not sending the same item twice to a remote reader who requests books or recordings on a subject without specifying particular titles.
In order to ensure privacy, the appropriate restriction is to prohibit the structuring of screen displays or print-outs of a patron's use history or of specific item records with the identification of all past users. In this broader sense, privacy also encompasses the protection of bibliographic records against alteration by any but authorized technical services staff. In a properly designed online environment it should be possible to lock-out the "mad dater" who entered death dates on one research library's catalog cards. Finally, statistical files should be controlled so that the staff of a library department cannot enhance" the statistics, as has occurred in at least one library.
