CPLR 4509

In the state of New York, library records linked to the names of users can only be disclosed:

1) upon request or consent of the user;

2) pursuant to subpoena or court order; or

3) where otherwise required by statute.

Therefore, the strong default answer to the member’s questions is “NO.”

This strong default position is based on New York Civil Procedure Rules (“CPLR”) 4509, which states:

Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute.

[emphasis added]

But when it comes to the records of minors at a school serving minors, after this omni-present strong default, there are some additional factors to consider.

FACTOR #1

Does the school condition library privileges on express parent/guardian access to library records?

Under CPLR 4509’s first prong (“consent of the user”), some libraries may condition library use by a minor on permission to share library records with parents/guardians. 

This condition is not invisible or automatic; it would need to be in the cardholder agreement signed by the student, or in a written school policy passed by the school board.  It must be clear, and in writing.

There is much vigorous debate about what level of parent/guardian access it is appropriate to condition library privileges on.[1]  But since such conditioning is allowed by the law, setting the appropriate balance between privacy and access is the job of the library and its leadership.

The bottom line on this factor? If a school library has an express, written policy allowing it,[2] and if that policy also complies with the school’s obligation’s under FERPA (see below), a list of titles checked out may be disclosed  to parents in conformity with CPLR 4509.

FACTOR #2 

Does the school regard library records as “education records” under FERPA?

The member’s questions warrant three considerations vis-à-vis FERPA (“Family Education Rights Privacy Act”), a country-wide law which applies to any educational institution receiving federal aid.

First FERPA consideration: Are the school’s library records accessible as “education records” under FERPA?

Because it is famous for protecting privacy, people generally think of FERPA as a bar—not a means—to information.  But FERPA expressly allows parents and guardians of students under 18 (unless the minors are attending a higher ed institution) to “inspect” “education records,” and, under the right circumstances, allows disclosure of education records to school administrators. 

A list of titles borrowed from a library, if maintained in a way that meets FERPA’s definition of “education records” could be subject to such inspection and disclosure. 

So let’s look at that definition:

[Information]

(1) Directly related to a student; and

(2) Maintained by an educational agency or institution or by a party acting for the agency or institution.[3]

That’s a broad definition!  But several categories of information are exempted from it, including:

 (i)  records of instructional, supervisory, and administrative personnel and educational personnel ancillary thereto which are in the sole possession of the maker thereof and which are not accessible or revealed to any other person except a substitute;[4]

Under this exception, school library records, if kept in a certain way (with only the librarian, or “substitute,” having access to the records, and the information not linked to or accessible to others, including the student), are arguably exempt from FERPA. 

What’s the take-away, here?  It is possible—but not a uniform rule—that school library records are “education records” under FERPA.  Determining if they are should be part of a school’s annual FERPA notice and policy work, and should be a consideration when a school library considers automation options. 

Second FERPA Consideration: If a school determines their library records DO qualify as “education records,” does a school administrator, safety officer, or SRO[5] have a right to access them under FERPA?

Even if the library records at a specific school qualify as “education records,” when it comes to school administrators, there are only two instances where disclosure is allowed.

The first instance is created by FERPA regulation §99.3.  It allows “… disclosure … to other school officials…[if the disclosure is in the student’s] legitimate educational interests.” 

With regard to a request for a list of borrowed library books, this means there must be a direct, pedagogical reason to disclose that particular list to that particular administrator, safety officer, or (if their contract has the right provisions) external personnel.  To determine if those individuals’ access is in the students “legitimate educational interests,” consideration of the unique circumstances is required, but it comes down to: how does this serve the student?  

The second instance is created by FERPA regulation §99.36.  This regulation allows an educational agency or institution to “disclose personally identifiable information from an education record to appropriate parties… in connection with an emergency if knowledge of the information is necessary to protect the health or safety of the student or other individuals.”

Under extraordinary circumstances, this exception could be cited to justify disclosure of education records to an administrator, safety officer or SRO addressing a concern about immediate health or safety. 

But the circumstances warranting the disclosure would need to be—as I say—extraordinary.  Congress and the U.S. Department of Education want this to be a very narrow exception tied to imminent threats:

The Department has consistently interpreted this provision narrowly by limiting its application to a specific situation that presents imminent danger to students or other members of the community, or that requires an immediate need for information in order to avert or diffuse serious threats to the safety or health of a student or other individuals.

Such a “health/safety” analysis—especially if used to justify disclosure of library records—will be highly fact-specific.  Whenever possible, it should be done in consultation with the school’s attorney, with careful consideration of the precise circumstances and any relevant policies (by the way, this is the kind of “now or never/critical” question school attorneys cancel meetings to research and answer promptly).

Third FERPA consideration: if a school determines their library records are “education records,” CPRL 4509 may still bar parent access under FERPA.

And finally, there is also a possibility that even if a school’s library records are “education records,” under FERPA, library records in New York schools are barred from being shared (without consent) with parents/guardians by CPLR 4509. 

I base this on §99.4 of the FERPA regulations, which states:

An educational agency or institution shall give full rights under the Act to either parent, unless the agency or institution has been provided with evidence that there is a court order, State statute, or legally binding document relating to such matters as divorce, separation, or custody that specifically revokes these rights.[6]

In New York, we have just such a “State statute:” CPLR 4509.  When it was adopted, its role was described as follows:

The New York State Legislature has a strong interest in protecting the right to read and think of the people of this State. The library, as the unique sanctuary of the widest possible spectrum of ideas, must protect the confidentiality of its records in order to insure its readers' right to read anything they wish, free from the fear that someone might see what they read and use this as a way to intimidate them. Records must be protected from the self-appointed guardians of public and private morality and from officials who might overreach their constitutional prerogatives. Without such protection, there would be a chilling effect on our library users as inquiring minds turn away from exploring varied avenues of thought because they fear the potentiality of others knowing their reading history.[7]

Those are some stirring words about privacy.  They show what the Assembly’s intent was when CPLR 4509 was passed. 

That said, this potential conflict between CPLR 4509 and FERPA has not been tested in a court of law.[8]  This position is not something a school should  adopt or rely on without consultation with their own attorney, as part of their annual FERPA notice and policy work.

But it is definitely something to consider.

Final FERPA Consideration: how to resolve a FERPA question when state and federal law conflict.

The good news in all this 4509/FERPA complexity is that FERPA itself anticipates this type of conflict and resulting concerns.  FERPA Regulation §99.61 states:

If an educational agency or institution determines that it cannot comply with the Act or this part due to a conflict with State or local law, it shall notify the Office within 45 days, giving the text and citation of the conflicting law.

In other words, the U.S. Department of Education knows schools will be wrestling with these issues!  A school that makes a good-faith determination of non-disclosure under FERPA (always with the advice of their attorney) can follow this policy for reporting a conflict.  The USDOE will write you back, even if your concern is policy-driven or hypothetical.

Conclusion

Since school libraries—which are legally distinct from libraries at colleges and universities—are specifically named in CPLR 4509, there is no doubt that 4509’s strong bar on disclosure applies to schools where minors are in attendance, while the law is silent about access of guardians/parents to their children’s library records.

The best way for a school library and its leadership to handle these questions is in advance, by having a policy that respects student/family rights, and the operations of the library. 

A good school library “Confidentiality of Library Records” policy will protect student privacy, educate students about their right to privacy, coordinate with the school’s position under FERPA, consider student and employee well-being, and position the library to operate properly. 

Creating such a policy is an exercise in staff teamwork and aboard responsibility.  Considering the complexity of the different factors at pay, I urge school librarians and their leaders to review these considerations with their own attorneys, and to work with their boards to adopt policies that reflect the legal position and the educational priorities of their institutions.

Thank you for these important questions.

 

Depression.  Burn-out. Dissatisfaction. Lack of connection.  Lack of money. Lack of parking.

These are just some of the reasons students give when they choose to leave—or are forced to leave—their college or university before graduating. 

Many times, these reasons snuck up on them, although in hindsight, they could be seen: a pattern of missing classes, a downward trend in grades, maybe even dropping out of clubs and other campus activities.  And almost always, after a student leaves (often in tears) faculty and staff, coaches and friends, are left wondering: could they have done more[1]?

No matter what events led up to it, for each such incident of student “attrition,” the stakes are high: student loans, a sense of failure, the end of a career dream, and perhaps even a medical condition that went untreated while the student struggled on their own.

But what if the clues could be seen earlier?  What if the downward spiral could be stopped?

Fueled by increasing technological capabilities, many institutions of higher education are developing cross-campus, inter-sector systems to do just that: hoping to correlate the warning signs and fight student attrition through early intervention.  Using a variety of commercially available and home-programmed tech, they are tracking everything from dining hall meals, to class attendance, to visits to the gym.  These factors, as well as comments from concerned faculty or staff, are then routinely assessed and cross-checked for red flags. 

Because libraries are increasingly hosting classes and providing adjunct space for group work, it makes sense that such a system would consider tracking library usage.  After all, it can be a good sign that a student is just getting out of their dorm room!

But there is a tension within this well-meaning system.  College is where young adults journey to find their independence and privacy; promoting this maturation is part of a college or university’s purpose. Further, a net of privacy laws constrains the easy sharing of certain types of information.  But knowing the painful consequences of unchecked student struggles, many institutions work hard to find the right blend of metrics and policies to be able to intervene. 

Part of this hard work is finding the right path through that net of privacy laws.  As the member writes, the biggest privacy law of all, FERPA,[2] does allow such inter-departmental sharing,[3] and even parental notification about safety concerns, when the time is right.  It does this through both application of the law, and “FERPA waivers.”

But in New York, FERPA is not the only privacy rule to apply[4] to these information-sharing systems.  As the member states, New York’s Civil Practice Laws and Rules (the “CPLR”) §4509 (“4509”) also governs a student’s records—at least, their library records.  And it sets the bar high.

4509 is a short law where every word matters, so it is worth quoting in full here: 

Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute. [emphasis added]

As you can see, “college and university libraries,” even though they are part of larger institutions, are clearly covered by this law.

So how does 4509 impact the member’s question?

First, every library (academic or not) should have a clear sense of what it regards as “library records.”  As can be seen in the statute, the term is not precisely defined (“including but not limited to” leaves a lot of room for argument!).  Some of the obvious ones are listed in the law (circulation records, database searches, copy requests) but unnamed others could be just as vital to privacy (use of a 3-D printer, security footage covering the circulation desk, and in the member’s example, the use of research appointments).   And still others activities that use the library may or may not apply (classes conducted in the library, but not part of library programming, are arguably excludable).

To protect the records as required by law, a library must know precisely what records it must protect.  This is why, just like a public or association library, a college or university library should have a “Privacy of Library Records” policy clearly showing where it draws the line. Such a policy should also have a “subpoena response protocol,” so the library can train staff on how to receive internal and external third-party demands for information. 

And in a perfect world, this college or university “Privacy of Library Records Policy” should be known and supported by the institutional officer who oversees the library (a Provost or Academic VP).  This officer’s authority, from time to time, may be needed to ensure the policy is respected by campus safety officers, student disciplinary administration, and any other department that might want library records in service of another institutional purpose.  Librarians should not hold the 4509 lines alone!

Now, back to the member’s scenario.  Once a library knows precisely where it “draws the line” on library records, the member’s instinct is right: any access to information that falls within the institution’s definition of “library records” should be either denied, or allowed only as the law requires: via a signed consent from the user/student.

I know, just what every student wants—to fill out another form!  But these 4509 consents, just like a “FERPA Waiver,” are not only mechanisms to ensure legal compliance, they are a chance to educate students about their right to privacy. 

For instance, the consent form (I imagine it would be a digital click-through on a password-protected student account, but it could be a paper form) could say:

“The privacy of library records is protected by the law in New York State (CPLR 4509).  Your enrollment in the [SYSTEM NAME] will ask the library to disclose certain library records that are protected by this law.  As a library user at an library in New York, you have the right to keep your library records private.  A list of what [LIBRARY NAME] considers to be library records is here [link to policy].  If you would like to consent to the [NAME OF LIBRARY] sharing your library records with only [SYSTEM], please check the below consent:

[ ] I am at least 18 years of age, and consent to the limited sharing of my library records for purposes of sharing the information with the [SCHOOL NAME] [SYSTEM].  This consent does not allow sharing my library records, even within the school, for any other purpose.  No consent to share the records with external entities is give. 

I understand I will need to renew this consent every fall semester, and that I may revoke this consent at any time.

Of course, there is no legal requirement for annual renewal, but it is worth considering.  A year is a long time in the life of the typical undergraduate student, who may enter college with one set of civil rights values, and leave with another. With an annual renewal, the library not only complies with the law, but educates the student about their privacy rights on an annual basis.

So, to address the member’s final questions:

Have we crossed any lines here?

No.  By thinking about this issue during the planning phase of the system, you are making sure the lines are bright and well-defined.

Do we even need the opt-in statement?

You could call it that, but I recommend calling it a “4509 Consent.”  That would build awareness of this important law in our future leaders (and librarians).  Of course, as a lawyer, I may be biased as to how important that is (but it’s really important!).

Is this something clear or fuzzy/grey?

Not so long as your library has a clear and routinely evaluated policy defining what it regards as “library records.”  This can be tough at an integrated institution, where so much information technology crosses through different sectors.  But it should be done.

What should we be considering that we haven't thought of?  

I think you should consider buying yourself a nice cup of coffee or tea for doing your part to support a commitment to personal privacy in the United States of America and State of New York.  Unlike in the European Union, our privacy currently risks death by a thousand cuts.  Every bit of armor counts. 

Thanks.

And thank you.

 

CPLR 4509 [1] is a critical caisson in a library’s foundation, protecting users from those who would draw negative inferences based on access to the library.  The law sets out, in bold, simple language, that librarians shall not disclose such records to law enforcement (or others), unless there is an appropriate subpoena, court order, or disclosure is required by law.

That said, there will be instances when serious patron misconduct might require a report to law enforcement—but the mere act of reporting it will disclose a circulation record (for instance, a patron signing onto a library computer that is then used for a crime).  How does a library report the criminal behavior, while honoring the letter and spirit of 4509?

The American Library Association has compiled a great array of information on balancing these priorities, and it is clear that the answer lies in the library’s policies.  I will not re-create this excellent list of considerations here, but when it comes to this particular question, it is clear every library should have:

• Policies regulating conduct in the library (a policy on internet use can play a part in this);
• A policy setting the conditions for loss of patron privileges when misconduct impacts the community or library operations (this policy must have appropriate due process and levels of appeal);
• A policy, or well-established internal procedure, for reporting misconduct impacting operations of the library to law enforcement; this policy or procedure should consider how 4509 will be honored when such a report must be made;
• A policy for responding to law enforcement requests for circulation records (not based on a library’s report).  This policy should include the library’s process for evaluating law enforcement requests;
• All policies and procedures referring to “circulation records” should have clear and consistent language regarding what “circulation records” are (both under 4509, and in that particular library [2]).

The New York Library Trustees Association has a thorough database of policies addressing, from a variety of libraries, addressing these topics.  But just use these for inspiration, since policies must be crafted, evaluated, and periodically revised to serve the mission, legal requirements, and operational needs of your particular library. Ideally, your lawyer should not only review the final product, but be ready to assist with any law enforcement request, is a good idea.

A library that makes sure it has addressed the points in the above bullets, and has trained their staff on these priorities, is ready to protect circulation records, while safeguarding the “proper operation of the library!”

 

---

[1] Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute.

[2] Note the ALA guidance on steps to minimize creating/retaining circulation records.