Privacy

What a difference a month makes.  When this question came in, my kids were in school, my staff was at the office…and I am willing to bet at least one person in that group had an overdue library book.

Now, of course, we are all home trying to “flatten the curve” of a global pandemic.  If we had overdue books before, they might be overdue for a bit longer.[1]

Despite a global shift in focus since this submission, it is still a good one, and the second question may be more urgent than ever.

The FERPA fundamentals impacting this question were addressed in an “Ask the Lawyer” last year: Patron Confidentiality in School Libraries.

With that as background,[2] here are my answers:

Is sending unsealed overdue notices to students in their classrooms a FERPA violation?

Unless there is a specific waiver or request for the information, unsealed notices distributed in classrooms risks both a FERPA violation, and a violation of CPLR 4509.

Sealing the notices so the contents can’t easily be seen by people who aren’t the students or their legal guardians is a good idea.

 

Is calling a student's home and leaving a message stating that they have an overdue book and giving the price of the book a FERPA violation?

Unless the student requests it, or a policy states that such a practice is for the proper operation of the library, a message reciting library records to a home phone answering machine risks a violation of CPLR 4509.[3]  If the student is under 18, it is not a FERPA violation—so long as the home answering machine is that of the child’s legal guardians—but as reviewed here, FERPA is not the only privacy law a school library in New York must follow.

Lost in a sea of law and regulations?  When considering the implications of FERPA and CPLR 4509 for a school library, seeking solutions that err on the side of privacy is always the safest course.   While applying the letter of the law can be frustrating, a default prioritization of privacy will almost always carry the day.[4]

Thanks for a thoughtful question.  At times of de-stabilization and change, focusing on the principles that guide us—like a commitment to providing access to information along with assured privacy—can bring calm.

---

[1] Many thanks to the Buffalo and Erie County Public Library for automatically renewing our books!

[2] Intricate, complex, and possibly unsatisfying background!

[3] I like this 2009 guidance from the New York Committee on Open Government on the nuances of CPLR 4509: https://docs.dos.ny.gov/coog/ftext/f17671.html

[4] If health and safety are in seeming conflict with privacy, that is a good time to do a quick check-in with a lawyer.

 

This is a huge question.  To answer it, let’s start with where the mania over image releases comes from.

New York Civil Rights Law, §50, states:

A person, firm or corporation that uses for advertising purposes, or for the purposes of trade, the name, portrait or picture of any living person without having first obtained the written consent of such person, or if a minor of his or her parent or guardian, is guilty of a misdemeanor.

In this age where every “click” and post is potentially monetized (and thus “advertising”), this rule is tough to advise on.  If I post a picture of my sister on Facebook, and her smiling face helps Facebook get attention for a sidebar advertisement, can she fulfill a threat made back in 1987 to get me in “sooooooooo much trouble?”  Not quite.  But if I create an ad for an event to be held at my law firm, and I use someone’s image without permission, that could be problematic.

The next layer of concern could come from Facebook itself.  As they say in their “Terms,” users may not:

…do or share anything:

• That violates these Terms, our Community Standards, and other terms and policies that apply to your use of Facebook.
• That is unlawful, misleading, discriminatory or fraudulent.
• That infringes or violates someone else's rights.

[emphasis added].

So, if my sister alleges that I have “violated her rights,” by posting her picture, am I risking my Facebook account, too?

A lot of this comes down to how Civil Rights Law §50 is being applied these days.  As of this writing, I did not find any case law where simply posting an image to Facebook violated §50.  Further, recent case law gives insight into what the courts will consider to be “advertising.”

“Under Court of Appeals precedent, the statute is to be narrowly construed and strictly limited to nonconsensual commercial appropriations of the name, portrait, or picture of a living person. A use for advertising purposes has been defined as a use in, or as part of, an advertisement or solicitation for patronage.” [1]

This sounds helpful, until you starting thinking that, in the world of Facebook, everything is only one degree from being an advertisement.  So how does a library post photos of patrons using their library without losing sleep at night?

The 2013 case of Leviston v. Jackson is instructive.  In Leviston, a woman sued the rapper 50 Cent for posting a sex tape (not made for commercial use) featuring her on his unmonetized web site.  During his testimony, 50 Cent stated that he posted the video to antagonize an opponent in a rap war.  During his testimony, 50 Cent admitted that rap wars are conducted in part to test the mettle of different rappers, and to bring attention to the combatants.  The judge, seizing on this admission that rap wars are in part for “attention” (of the commercial variety) refused to dismiss the Plaintiff’s claim.

So, if your public library is at war with the association library across town, or fighting a budget battle, and you would like to post pictures of patrons claiming “Our Books Our Bigger!” your library should get written image releases.   If, however, your not-for-profit library is simply publicizing “new hours!”, the person whose image you use would have a very weak claim (if they had a claim at all).

That said, in general, it is a good practice for libraries to get image releases whenever possible.  First, you never know when you might snap the perfect picture to illustrate why a new resources or a bigger budget would really help your mission.  Second, asking for permission to use a person’s image will emphasize your library’s respect for personal privacy and patron confidentiality.  And finally, by memorializing permission to use an image, you reinforce the patron’s connection to the library…and generate a great record for the archivist who will be trying to catalog your photos in 2118!

Thank you for your question.

---

[1] Leviston v. Jackson.

 

When this question landed on my desk, I had recently watched a viral video[1] on YouTube about how some people have no "inner monologue".

The video explained, in plain and accessible terms, that there are people who, rather than internally narrate their world, don't have constant chatter in their heads.  They don't have an "inner voice."  Rather, their brains "map" their reactions to the world, and those reactions are only put into words through vocalization.

The reason the video went viral is because for those of us with a strong inner monologue, the idea of living without one was mind-blowing.

My brain was still wrestling with this concept ("You mean there is no narrator in your head?  None??"), when I read the member's question.

And when the question hit my brain, just like that, I got it.

When I read this question, I didn't hear the words, but I saw the answer.  I couldn't articulate it, but it was there: a Venn Diagram of overlapping legal concerns,[2] "mapped out" in my head, just like the video described: CPLR 4509; FERPA; NYS Image Rights Law.

Only after I had mapped out that diagram in my head could I unpack the details and start to compose.

So, before we delve into the question, I want to thank the member for inspiring a bit of neuro-diverse-empathy in yours truly.  Our brains are endless mysteries; it's good to occasionally see ourselves differently.

And with that, here is my "(Academic) Library Right to Privacy Venn Diagram," unpacked and articulated, and, per the member's request, set out in a "Policy" format, ready to customize for your academic library.

(NOTE: Why are there TWO policy templates?  Because people may have a context-specific first amendment right to film in a public library or the library at a state university, while at a private academic library, only the rules of the institution will apply):

[PRIVATE COLLEGE/UNIVERSITY NAME] Policy on Academic Library Privacy	Related Policies:   [FERPA Compliance Policy, Student Code of Conduct, Employee Handbook, Patron Code of Conduct, Campus Guest Policy, Institutions' Data Security Policy]
Version: DRAFT FOR CUSTOMIZATION Passed on:  DATE	Positions responsible for compliance

FOR USE IN PRIVATE COLLGES AND UNIVERSITIES	POLICY The state of New York provides that library records containing personally identifying details regarding the users of college and university libraries ("Patron Records") shall be confidential, except to the extent necessary for the proper operation of the library. To safeguard this right, the [NAME] library will observe the below protocols.
	No Patron Records, including but not limited to circulation records, computer searches, information requests, inter-library loan requests, or duplication requests, shall be disclosed, unless 1) upon request or consent of the user; or 2) pursuant to subpoena, court order, or where otherwise required by statute.
	The use of security footage showing access to library resources (computers, collection materials, duplation technology) is considered to be a Patron Record.  NOTE: As authorized by law, the Library may release such records incident to promoting proper operation of the library.
	No recording of library users by any third parties is authorized on the premises without the filmed individual's express consent.  This includes recording for academic, professional, or social purposes.
	To the extent Patron Records overlap with FERPA-defined education records, the Library shall interpret the law to provide maximum assurance of the privacy of the library user, while also reserving the right to promote the proper operation of the library.

 

 

[PUBLIC COLLEGE/UNIVERSITY NAME] Policy on Library Privacy	Related policies: [FERPA Compliance Policy Student Code of Conduct Employee Handbook Patron Code of Conduct Campus Guest Policy Institutions' Data Security Policy]
Version: DRAFT FOR CUSTOMIZATION Passed on:  DATE	Positions responsible for compliance

 

FOR USE IN PUBLIC COLLEGE AND UNIVERSITIES	POLICY The state of New York provides that library records containing personally identifying details regarding the users of public college and university libraries ("Patron Records") shall be confidential, except to the extent necessary for the proper operation of the library. In New York, libraries at state, county and municipal institutions may have specific status under the Open Meetings Law and various civil rights laws, but such status does not eliminate their obligations under CPLR 4509, nor limit patrons rights to access services without fear of that record being accessed by another. To safeguard this right, the [NAME] library will observe the below protocols.
	No Patron Records, including but not limited to circulation records, computer searches, information requests, inter-library loan requests, or duplication requests, shall be disclosed, unless 1) upon request or consent of the user; or 2) pursuant to subpoena, court order, or where otherwise required by statute.
	The use of security footage showing access to library resources (computers, collection materials, duplation technology) is considered to be a Patron Record.  NOTE: As authorized by law, the Library may release such records incident to promoting proper operation of the library.
	Individuals or representatives from the media who wish to make recordings in the unrestricted areas of the library must adhere to the following rules: To record students or patrons generating Patron Records (conducting internet searches, retrieving materials, using materials, checking out books, requesting information at the Reference Desk, etc.), the patron's permission must be obtained in advance; for minors, the written permission of their guardians or parents must be obtained; Recording of the Circulation Desk(s) or Reference Desk(s) is forbidden if the area is staffed and serving patrons; Recording and/or requesting permission from patrons and students must not disrupt normal operations of the library. To avoid inadvertent violation of these rules, individuals or representatives from the media who wish to make recordings in the library may, but are not required, to discuss their projects with the Director; however, neither the Director nor staff can give permission to waive this policy or give permission to record patrons or students. Conduct that would be barred by any other policy is not legitimized by the presence of a recording or transmitting device; this includes harassing patrons or staff, or any behavior that violates the rules of the institution.
	To the extent Patron Records overlap with FERPA-defined education records, the Library shall interpret the law to provide maximum assurance of the privacy of the library user, while also reserving the right to promote the proper operation of the library.

 

Now, before I go, just a few words on working with these policy templates.

First and foremost, while templates can be a great starting place (and these are designed to inspire generative conversation), they should NEVER be adopted without a thorough analysis and scrubbing by your institution.

For instance, a public or private academic institution could already have a campus-wide policy on filming people.  Or, on the flip side, the institution could have a strong Media Communications or Film department that relies on being able to send students out onto the campus for filming; a policy like this, with no warning, could cause an unnecessary confrontation.[3]  Policies within smaller units at a big institution can cause inconsistency and friction that can be hard to anticipate, unless you bring in some colleagues to pass the policy with.

So before passing a policy based on a template I've provided, here is who I suggest should be on an academic institution's "Library Privacy Policy Collaboration Team," and why:

The Director of the Library (I trust the reason why is obvious), and at least one staff member (the staffer will provide an in-the-trenches perspective; plus, collaborating on that policy is great training for following that policy).

The Director of Campus Safety/Security/Police.  Why?  Because 1) they might have to help enforce the policy; and 2) it is important that they understand the privacy obligations of the library.  Further, at a public institution, they will likely be a ringer who understands the nuances of "quasi-public" space (for first amendment concerns[4]).

The Dean of Students: Why?  Because 1) they might have to help enforce the policy; and 2) it is important that they understand the privacy obligations of the library are for the benefit of the students.

The Director of IT: Why?  Because 1) it is important that they understand the privacy obligations of the library; and 2) they must ensure those obligations are supported by the institution's current and future information technology.

A student government rep: Why?  Because 1) it is important that students have a voice in policies that are meant for their benefit; and 2) students can help articulate the reasons and importance of policies in ways their peers can relate to.  Bonus reason: participating will look good on their apps for grad school!

The institution's lawyer and/or compliance director: Why? Basically, you want the person who keeps an eye on all the rules at your institution, to make sure they are harmonized and are consistent with each other.  Institutional policymaking cannot be done in isolation.

Optional, but a gold-star member: your institution's Family Rights Education Act (FERPA) compliance officer (for a discussion on how FERPA and library privacy obligations interact, see FERPA and NYS Privacy Laws.).

And, in the case of this member's question: the Chair of the Media Arts Department: because as you meet, you can explore setting up ways for the film students to get the permission and image releases they need, in a way that supports their projects but respects the rights of others…skills they will need in "real life."

Okay, I can hear some of you (in my inner monologue!) saying: that's a huge meeting!  Do I really need to convene all those people?

Based on my experience as an in-house counsel at a University (ten years or so), my answer is: YES.

Why?  Because you don't want your first discussion about privacy with Campus Safety to take place when they ask you for the internet search records of a student who was reportedly making a weapon in his dorm room.  You don't want your first discussion about privacy with the Dean of Students to occur when they demand to know if a student was in the library at the time they are accused of driving drunk across campus.  You don't want your first discussion about privacy with a student rep to be when a "first amendment auditor"[5] shows up at your public university campus.  And you don't want to jeopardize your relationship with the IT Director by finding out she set up security cameras you don't know about.

And most critically: Privacy, security and safety on any college/university campus are a collaborative effort, and your library deserves special consideration within that effort.  Why?

No other space on campus has your precise mission and obligations.[6]  A team that knows and supports that mission, and those obligations, can be a great asset.

This is true whether your library's commitment to access and privacy is fully articulated by the team members' constant inner monologues, or is simply hard-wired into the "maps" in their heads.[7]

By jointly working on a policy, and paying attention to the details, either is possible.

Thanks for a great question, and best wishes for developing a strong, coordinated, customized policy!

---

[1] You can enter the rabbit hole here: https://youtu.be/u69YSh-cFXY I hope it's still there!

[2] NY CPLR 4509, FERPA, Civil Rights Law §50, the first amendment, 20 U.S.C. 1011(a), and a bunch of laws on trespass, Public Officers Law, etc.

[3] I'm a lawyer, so I am very happy about the concept of "necessary confrontation," but I like to save people time and stress whenever possible.

[4] This is not the place to dissect the first amendment's impact on public college/university libraries (see next footnote), but for the record, the "Higher Education Opportunity Act" emphasizes that ALL higher education institutions should be a place for "the free and open exchange of ideas."

[6] That said, an on-campus Health Services facility, Campus Counseling, Records, or other place with confidentiality obligations will have similar needs that might be instructive.

[7] I would like to apologize for any painful pseudo-science in this "Ask the Lawyer."  Stupid viral videos.

 

This question is rather like asking an astronautical engineer: When on a spacewalk, are there any safety procedures specifically related to securing my helmet as I exit the airlock? 

Such a question could inspire an initial reaction like:  Safety concerns?  In SPACE???  Blazing comets,[1] the safety concerns start the moment you blast off!

But upon reflecting on the actual question, the calm, composed answer might be: “To ensure integrity of the pressure garment assembly, double-check the neck-dam’s connection to the helmet’s attaching ring.”[2]

Lawyers get this way addressing questions related to children and liability.  Our first reaction is to think about everything that can go wrong.  But then we calm down and focus on the specific issue at hand.

So, here is my calm, composed answer to the member’s very specific question:

There are two potential instances where a public library offering a program for unaccompanied minors might be obligated by law to collect emergency contact information.

FIRST INSTANCE

If the program the library is hosting is a camp required by law to have a “Safety Plan,” applicable regulations arguably require that the library gather the child’s emergency medical treatment and contact information.[3]

SECOND INSTANCE

If the library is paying a child performer as part of an event, the law requires that the library must collect the child performer’s parent/guardian information before the performance.[4]

Other than the above instances, while such a practice may be required by an insurance carrier,[5] a landlord, or event sponsor, there is no state law or regulation that makes collecting emergency contact information a specific requirement of a public library.

I do have two additional considerations, though.

FIRST CONSIDERATION

 “Emergency contact” information provided by the parents/guardians, in a signed document drafted expressly for your library, is generally the best course of action when welcoming groups of unaccompanied minors for events not covered by your library’s usual policies. 

I write this because Murphy’s Law (which is not on the bar exam, but remains a potent force in the world) will ensure the one time there is an incident at your youth program, the district’s automation system will be down.

Which brings us to the….

SECOND CONSIDERATION

Libraries and educational institutions sharing automation systems must make sure that such data exchange does not violate either FERPA (which bars educational institutions from sharing certain student information), or CPLR 4509 (which bars libraries from sharing user information).

Emergency contact information maintained by a school is potentially a FERPA-protected education record.[6]  If FERPA-protected, it is illegal for any third party—such as a public library—to access it unless there is an agreement in place with certain required language AND the library’s use of the information is in the students’ “legitimate educational interests.” [7]

Of course, given the right circumstances, meeting these criteria is perfectly possible.  In fact, such agreements can be a routine part of a school’s operations.   But just like with a space helmet before leaving the airlock, its best to confirm that everything is in place before you take the next step.[8]

Thanks for a thought-provoking question.

 

In the state of New York, library records linked to the names of users can only be disclosed:

1) upon request or consent of the user;

2) pursuant to subpoena or court order; or

3) where otherwise required by statute.

Therefore, the strong default answer to the member’s questions is “NO.”

This strong default position is based on New York Civil Procedure Rules (“CPLR”) 4509, which states:

Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute.

[emphasis added]

But when it comes to the records of minors at a school serving minors, after this omni-present strong default, there are some additional factors to consider.

FACTOR #1

Does the school condition library privileges on express parent/guardian access to library records?

Under CPLR 4509’s first prong (“consent of the user”), some libraries may condition library use by a minor on permission to share library records with parents/guardians. 

This condition is not invisible or automatic; it would need to be in the cardholder agreement signed by the student, or in a written school policy passed by the school board.  It must be clear, and in writing.

There is much vigorous debate about what level of parent/guardian access it is appropriate to condition library privileges on.[1]  But since such conditioning is allowed by the law, setting the appropriate balance between privacy and access is the job of the library and its leadership.

The bottom line on this factor? If a school library has an express, written policy allowing it,[2] and if that policy also complies with the school’s obligation’s under FERPA (see below), a list of titles checked out may be disclosed  to parents in conformity with CPLR 4509.

FACTOR #2 

Does the school regard library records as “education records” under FERPA?

The member’s questions warrant three considerations vis-à-vis FERPA (“Family Education Rights Privacy Act”), a country-wide law which applies to any educational institution receiving federal aid.

First FERPA consideration: Are the school’s library records accessible as “education records” under FERPA?

Because it is famous for protecting privacy, people generally think of FERPA as a bar—not a means—to information.  But FERPA expressly allows parents and guardians of students under 18 (unless the minors are attending a higher ed institution) to “inspect” “education records,” and, under the right circumstances, allows disclosure of education records to school administrators. 

A list of titles borrowed from a library, if maintained in a way that meets FERPA’s definition of “education records” could be subject to such inspection and disclosure. 

So let’s look at that definition:

[Information]

(1) Directly related to a student; and

(2) Maintained by an educational agency or institution or by a party acting for the agency or institution.[3]

That’s a broad definition!  But several categories of information are exempted from it, including:

 (i)  records of instructional, supervisory, and administrative personnel and educational personnel ancillary thereto which are in the sole possession of the maker thereof and which are not accessible or revealed to any other person except a substitute;[4]

Under this exception, school library records, if kept in a certain way (with only the librarian, or “substitute,” having access to the records, and the information not linked to or accessible to others, including the student), are arguably exempt from FERPA. 

What’s the take-away, here?  It is possible—but not a uniform rule—that school library records are “education records” under FERPA.  Determining if they are should be part of a school’s annual FERPA notice and policy work, and should be a consideration when a school library considers automation options. 

Second FERPA Consideration: If a school determines their library records DO qualify as “education records,” does a school administrator, safety officer, or SRO[5] have a right to access them under FERPA?

Even if the library records at a specific school qualify as “education records,” when it comes to school administrators, there are only two instances where disclosure is allowed.

The first instance is created by FERPA regulation §99.3.  It allows “… disclosure … to other school officials…[if the disclosure is in the student’s] legitimate educational interests.” 

With regard to a request for a list of borrowed library books, this means there must be a direct, pedagogical reason to disclose that particular list to that particular administrator, safety officer, or (if their contract has the right provisions) external personnel.  To determine if those individuals’ access is in the students “legitimate educational interests,” consideration of the unique circumstances is required, but it comes down to: how does this serve the student?  

The second instance is created by FERPA regulation §99.36.  This regulation allows an educational agency or institution to “disclose personally identifiable information from an education record to appropriate parties… in connection with an emergency if knowledge of the information is necessary to protect the health or safety of the student or other individuals.”

Under extraordinary circumstances, this exception could be cited to justify disclosure of education records to an administrator, safety officer or SRO addressing a concern about immediate health or safety. 

But the circumstances warranting the disclosure would need to be—as I say—extraordinary.  Congress and the U.S. Department of Education want this to be a very narrow exception tied to imminent threats:

The Department has consistently interpreted this provision narrowly by limiting its application to a specific situation that presents imminent danger to students or other members of the community, or that requires an immediate need for information in order to avert or diffuse serious threats to the safety or health of a student or other individuals.

Such a “health/safety” analysis—especially if used to justify disclosure of library records—will be highly fact-specific.  Whenever possible, it should be done in consultation with the school’s attorney, with careful consideration of the precise circumstances and any relevant policies (by the way, this is the kind of “now or never/critical” question school attorneys cancel meetings to research and answer promptly).

Third FERPA consideration: if a school determines their library records are “education records,” CPRL 4509 may still bar parent access under FERPA.

And finally, there is also a possibility that even if a school’s library records are “education records,” under FERPA, library records in New York schools are barred from being shared (without consent) with parents/guardians by CPLR 4509. 

I base this on §99.4 of the FERPA regulations, which states:

An educational agency or institution shall give full rights under the Act to either parent, unless the agency or institution has been provided with evidence that there is a court order, State statute, or legally binding document relating to such matters as divorce, separation, or custody that specifically revokes these rights.[6]

In New York, we have just such a “State statute:” CPLR 4509.  When it was adopted, its role was described as follows:

The New York State Legislature has a strong interest in protecting the right to read and think of the people of this State. The library, as the unique sanctuary of the widest possible spectrum of ideas, must protect the confidentiality of its records in order to insure its readers' right to read anything they wish, free from the fear that someone might see what they read and use this as a way to intimidate them. Records must be protected from the self-appointed guardians of public and private morality and from officials who might overreach their constitutional prerogatives. Without such protection, there would be a chilling effect on our library users as inquiring minds turn away from exploring varied avenues of thought because they fear the potentiality of others knowing their reading history.[7]

Those are some stirring words about privacy.  They show what the Assembly’s intent was when CPLR 4509 was passed. 

That said, this potential conflict between CPLR 4509 and FERPA has not been tested in a court of law.[8]  This position is not something a school should  adopt or rely on without consultation with their own attorney, as part of their annual FERPA notice and policy work.

But it is definitely something to consider.

Final FERPA Consideration: how to resolve a FERPA question when state and federal law conflict.

The good news in all this 4509/FERPA complexity is that FERPA itself anticipates this type of conflict and resulting concerns.  FERPA Regulation §99.61 states:

If an educational agency or institution determines that it cannot comply with the Act or this part due to a conflict with State or local law, it shall notify the Office within 45 days, giving the text and citation of the conflicting law.

In other words, the U.S. Department of Education knows schools will be wrestling with these issues!  A school that makes a good-faith determination of non-disclosure under FERPA (always with the advice of their attorney) can follow this policy for reporting a conflict.  The USDOE will write you back, even if your concern is policy-driven or hypothetical.

Conclusion

Since school libraries—which are legally distinct from libraries at colleges and universities—are specifically named in CPLR 4509, there is no doubt that 4509’s strong bar on disclosure applies to schools where minors are in attendance, while the law is silent about access of guardians/parents to their children’s library records.

The best way for a school library and its leadership to handle these questions is in advance, by having a policy that respects student/family rights, and the operations of the library. 

A good school library “Confidentiality of Library Records” policy will protect student privacy, educate students about their right to privacy, coordinate with the school’s position under FERPA, consider student and employee well-being, and position the library to operate properly. 

Creating such a policy is an exercise in staff teamwork and aboard responsibility.  Considering the complexity of the different factors at pay, I urge school librarians and their leaders to review these considerations with their own attorneys, and to work with their boards to adopt policies that reflect the legal position and the educational priorities of their institutions.

Thank you for these important questions.

 

It took me 4 cups of coffee to figure out how to reply to this question!  And it’s not because I didn’t know the answer. 

FERPA is the “Family Rights Privacy Act.”  It bars disclosure of students’ “education records.”

“Education records” (like grades, disciplinary reports, attendance) are defined by FERPA as records:

               (1) Directly related to a student; and

(2) Maintained by an educational agency or institution or by a party acting for the agency or institution.

That is the entirety of the definition, from which many things—like names, team participation, dates of birth—are then excluded.[1]

The punishment for a FERPA violation is loss of ability to qualify for federal funds…a scary prospect for any school.  A FERPA violation also comes with a heavy dose of self-correction and shame, as an institution must fix whatever caused the problem, and often, send out letters of correction/apology.

With ten years as an in-house attorney at a university under my belt (and thus, a ten years’ worth of “FERPA Fear” in my brain), the minute I read this submission, I thought: Pshaw, no student newspaper or magazine is an education record under FERPA!  These grants are fine.

That was at cup #1.  But as I started cup #2, I thought: But why are these grants fine?  Why is no student newspaper or magazine an education record under FERPA?  Technically, they could meet the definition.

And those cocky ten years in higher ed were giving me no reason for my answer. 

For a lawyer, an answer without reasoning is no answer at all.  So I kept sipping (and researching). 

As I settled into cup #3, I reviewed some FERPA case law.   But although this were fun to revisit, by the time I was brewing cup #4, I realized: This is not telling me why a student newspaper or magazine doesn’t meet the definition of “education record” under FERPA.

It was only when I re-read FERPA’s definition for “disclosure” that I could back up my instinctive answer with actual legal reasoning. 

Remember, FERPA bars “disclosure” of student education records.  As it says in 20 U.S.C. 1232g(b)(1) and (b)(2)):

"Disclosure" means to permit access to or the release, transfer, or other communication of personally identifiable information contained in education records by any means, including oral, written, or electronic means, to any party except the party identified as the party that provided or created the record.  [emphasis added]

As I sipped gratefully at cup #4, there was the answer: if any student newspaper or magazine has content in violation of FERPA, the violation happened the minute it rolled off the presses…not when the content was published to a larger audience. 

It’s a bit metaphysical (or perhaps ontological) but bear with me: Re-publication in the way the member’s question describes—while arguably making an original violation bigger—cannot create a violation where there was none before. In other words, if FERPA-protected educational records were already “disclosed” via a student newspaper or magazine, allowing other people (students, parents, advertisers) unauthorized access to education records, there was already was a violation, back when the content was first published.  And if protected records aren’t already disclosed, the re-publication won’t be a forbidden disclosure, now.

To illustrate this, here is a hypothetical.  Let’s say that in 1991, the New Hartford High School newspaper (the Tattler!) printed all of my grades (without my permission).  That would have been a FERPA violation, about which I could have complained to the U.S. Department of Education.

Fast-forward to 2019.  Let’s say the Tattler ends up on New York Heritage, where everyone could then see that during the first Iraq war, I was a very strong scholar in English and History, but things were…a tad lacking in Math. 

While that would be a continuation of the old FERPA violation, it would not be a new violation (even if I was just seeing it for the first time).  And while I could still conceivably make a complaint to the USDOE, asking them to ask the school to work with New York Heritage to take it down, my options to do so would be limited, since there is no private cause of action or right to sue under FERPA. 

So, while I cannot “clear” unseen content for FERPA violations (remember my Tattler scenario), I can say that a new FERPA violation will not be caused by posting already-published material on New York Heritage.

In that same spirit, I will now address the other question the member asks:  Are there any other legal reasons student [publications] could not be made available freely in an online repository?

I wish I could just say “No,” and everyone could not worry about this at all.  But we must never underestimate the creativity of lawyers and plaintiffs in finding new ways to threaten legal action!  If the content of a particular student newspaper or magazine is scandalous or allegedly harmful enough, an attorney could try to frame a claim around some type of defamation or personal injury action.  And of course, when publishing content, there is always a potential claim based on copyright or trademark….even if that claim turns out to be bogus.

But these cautionary words are based on highly speculative scenarios.  There is no outright bar on sharing student publication content the way there is for disclosing grades, health information, and attendance-related records.  And because the digitization of student publications creates a useful array of otherwise ephemeral material, and can be a valuable snapshot of a culture at a particular place in time, there are  strong legal defenses for the digitization and publication of them by not-for-profit entities.[2]

To position a student publication digitization project to stand up to legal threats, a solid understanding and articulation of why the project has academic, social, and/or historic value, and a clear ability to show there is no “for-profit” motive, are fundamental.  By thinking through a digitization project, establishing its social value, and documenting its adherence to professional and scholarly ethics, it is easier to defend making the material freely available—and searchable. 

The good thing about grant funding is that the application and reporting process often builds these analyses right into the project. 

Thanks for this stimulating question!

 

 

Depression.  Burn-out. Dissatisfaction. Lack of connection.  Lack of money. Lack of parking.

These are just some of the reasons students give when they choose to leave—or are forced to leave—their college or university before graduating. 

Many times, these reasons snuck up on them, although in hindsight, they could be seen: a pattern of missing classes, a downward trend in grades, maybe even dropping out of clubs and other campus activities.  And almost always, after a student leaves (often in tears) faculty and staff, coaches and friends, are left wondering: could they have done more[1]?

No matter what events led up to it, for each such incident of student “attrition,” the stakes are high: student loans, a sense of failure, the end of a career dream, and perhaps even a medical condition that went untreated while the student struggled on their own.

But what if the clues could be seen earlier?  What if the downward spiral could be stopped?

Fueled by increasing technological capabilities, many institutions of higher education are developing cross-campus, inter-sector systems to do just that: hoping to correlate the warning signs and fight student attrition through early intervention.  Using a variety of commercially available and home-programmed tech, they are tracking everything from dining hall meals, to class attendance, to visits to the gym.  These factors, as well as comments from concerned faculty or staff, are then routinely assessed and cross-checked for red flags. 

Because libraries are increasingly hosting classes and providing adjunct space for group work, it makes sense that such a system would consider tracking library usage.  After all, it can be a good sign that a student is just getting out of their dorm room!

But there is a tension within this well-meaning system.  College is where young adults journey to find their independence and privacy; promoting this maturation is part of a college or university’s purpose. Further, a net of privacy laws constrains the easy sharing of certain types of information.  But knowing the painful consequences of unchecked student struggles, many institutions work hard to find the right blend of metrics and policies to be able to intervene. 

Part of this hard work is finding the right path through that net of privacy laws.  As the member writes, the biggest privacy law of all, FERPA,[2] does allow such inter-departmental sharing,[3] and even parental notification about safety concerns, when the time is right.  It does this through both application of the law, and “FERPA waivers.”

But in New York, FERPA is not the only privacy rule to apply[4] to these information-sharing systems.  As the member states, New York’s Civil Practice Laws and Rules (the “CPLR”) §4509 (“4509”) also governs a student’s records—at least, their library records.  And it sets the bar high.

4509 is a short law where every word matters, so it is worth quoting in full here: 

Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute. [emphasis added]

As you can see, “college and university libraries,” even though they are part of larger institutions, are clearly covered by this law.

So how does 4509 impact the member’s question?

First, every library (academic or not) should have a clear sense of what it regards as “library records.”  As can be seen in the statute, the term is not precisely defined (“including but not limited to” leaves a lot of room for argument!).  Some of the obvious ones are listed in the law (circulation records, database searches, copy requests) but unnamed others could be just as vital to privacy (use of a 3-D printer, security footage covering the circulation desk, and in the member’s example, the use of research appointments).   And still others activities that use the library may or may not apply (classes conducted in the library, but not part of library programming, are arguably excludable).

To protect the records as required by law, a library must know precisely what records it must protect.  This is why, just like a public or association library, a college or university library should have a “Privacy of Library Records” policy clearly showing where it draws the line. Such a policy should also have a “subpoena response protocol,” so the library can train staff on how to receive internal and external third-party demands for information. 

And in a perfect world, this college or university “Privacy of Library Records Policy” should be known and supported by the institutional officer who oversees the library (a Provost or Academic VP).  This officer’s authority, from time to time, may be needed to ensure the policy is respected by campus safety officers, student disciplinary administration, and any other department that might want library records in service of another institutional purpose.  Librarians should not hold the 4509 lines alone!

Now, back to the member’s scenario.  Once a library knows precisely where it “draws the line” on library records, the member’s instinct is right: any access to information that falls within the institution’s definition of “library records” should be either denied, or allowed only as the law requires: via a signed consent from the user/student.

I know, just what every student wants—to fill out another form!  But these 4509 consents, just like a “FERPA Waiver,” are not only mechanisms to ensure legal compliance, they are a chance to educate students about their right to privacy. 

For instance, the consent form (I imagine it would be a digital click-through on a password-protected student account, but it could be a paper form) could say:

“The privacy of library records is protected by the law in New York State (CPLR 4509).  Your enrollment in the [SYSTEM NAME] will ask the library to disclose certain library records that are protected by this law.  As a library user at an library in New York, you have the right to keep your library records private.  A list of what [LIBRARY NAME] considers to be library records is here [link to policy].  If you would like to consent to the [NAME OF LIBRARY] sharing your library records with only [SYSTEM], please check the below consent:

[ ] I am at least 18 years of age, and consent to the limited sharing of my library records for purposes of sharing the information with the [SCHOOL NAME] [SYSTEM].  This consent does not allow sharing my library records, even within the school, for any other purpose.  No consent to share the records with external entities is give. 

I understand I will need to renew this consent every fall semester, and that I may revoke this consent at any time.

Of course, there is no legal requirement for annual renewal, but it is worth considering.  A year is a long time in the life of the typical undergraduate student, who may enter college with one set of civil rights values, and leave with another. With an annual renewal, the library not only complies with the law, but educates the student about their privacy rights on an annual basis.

So, to address the member’s final questions:

Have we crossed any lines here?

No.  By thinking about this issue during the planning phase of the system, you are making sure the lines are bright and well-defined.

Do we even need the opt-in statement?

You could call it that, but I recommend calling it a “4509 Consent.”  That would build awareness of this important law in our future leaders (and librarians).  Of course, as a lawyer, I may be biased as to how important that is (but it’s really important!).

Is this something clear or fuzzy/grey?

Not so long as your library has a clear and routinely evaluated policy defining what it regards as “library records.”  This can be tough at an integrated institution, where so much information technology crosses through different sectors.  But it should be done.

What should we be considering that we haven't thought of?  

I think you should consider buying yourself a nice cup of coffee or tea for doing your part to support a commitment to personal privacy in the United States of America and State of New York.  Unlike in the European Union, our privacy currently risks death by a thousand cuts.  Every bit of armor counts. 

Thanks.

And thank you.

 

Wow.  There is really just no hum-drum day for librarians, is there?

Okay, let’s take this in stages.

First, the member’s question starts with the premise that the alteration of certain documents is illegal.  That premise is correct.   And although there are any number of crimes such alteration could be (depending on the type of document), here in New York, the catch-all term would be “Forgery.”  

Forgery [1] is a crime that comes in many degrees, but whatever degree, it involves the act of falsely making or altering a document (meaning the forger invented it wholly, or—as in the scenario—somehow manipulates or alters the original).  However, it is important to note that a critical element of Forgery, no matter what degree, is the intent to defraud, deceive, or cause injury.

Second, the member raises the concern that, if library staff assist a patron who turns out to be a forger, they could risk being implicated in the crime—or feel an obligation to report what they have seen.  While I found no case law addressing this precise scenario, these are valid concerns.   

We’ll start with some good news: for staff to be (legally) implicated, they would have to be aware of the forger’s criminal intent.  In other words, the staff would have to know that the person was planning to defraud, deceive, or cause injury; the mere suspicion would not make them part of a crime [2].  

That said, if the content visible on the screen makes it difficult to ignore a crime in progress (for instance, the manipulation of child pornography) or the possibility of imminent harm to another (someone changing the checkboxes on a Power of Attorney, for example), both library operational integrity, and staff well-being, may require removing personal service, removing privileges, and/or alerting law enforcement.

Unfortunately, after looking at case law, guides from the ALA, and numerous policies in the field, I could find no graceful way for staff to simply discontinue service, without telling a patron why.  Since staff assistance is in many ways as much of a right (once it is routinely provided) as access to your collection and technology, withholding it without a clear basis is a due process concern (for public libraries) and a professional ethics [3]/best practices concern (for private libraries).

That said, I can offer the following steps to making sure staff are ready to address this difficult situation: 

First, every employee and volunteer assisting patrons should have the phrase “service to patrons, in accordance with established policies and procedures” in their employee handbook, job description or volunteer letter (the wording doesn’t have to be precisely this, but the requirement of staff to follow library policies should be express).

Second, an institution providing access to “maker equipment” (computers, scanners, 3D printers, recording devices, tools, etc), should have a posted, public policy forbidding use of library equipment for illegal activity.  Something like:

 “Use of library equipment for illegal activity is forbidden. Examples of illegal activity include  but are not limited to: manipulating illegal content, engaging in forgery (falsely altering documents), gaining unauthorized access to other computers or networks, and 3D printing of illegal devices.  Staff assisting you, who suspect illegal activity, are authorized to discontinue assistance, and the library may discontinue your library access and contact law enforcement.  Patrons using technology to alter official or signed documents should be aware that such activity may be perceived as potentially in violation of this policy.”

As with any library policy impacting access and privileges (including staff assistance), such a policy should have an established procedure, and at least one level of appeal. [4]

Third, staff and volunteers should be trained [5] on how to withdraw service while honoring the rights of patrons.  A very simple policy (coordinated with current bylaws and other institutional policies before implementation [6]), such as the generic one below, could assist with balancing staff well-being with patron rights:

POLICY

It is the policy of the library that, to promote the integrity of operations, and the well-being of staff, use of library equipment and staff services in furtherance of illegal activity is forbidden.  

Staff concerned that a patron’s use of library technology may violate the law shall withdraw their services and/or patron access to the technology, per the below procedure.

In making this policy, the library re-affirms that unless authorized by law, patron records, including those generated by the use of technology, are confidential, and that users of the library technology have a right to privacy. 

In making this policy, the library re-affirms that all patrons are entitled to excellent service and access, and that such service and access shall not be removed without due process.

PROCEDURE

A staff member identifies a potential violation, withdraws from the patron, and consults a supervisor to confirm that withdrawing service and/or access is appropriate.

If the supervisor, upon further assessment, agrees that the use violates the policy, and that withdrawing service and/or access is appropriate, the supervisor will initiate the removal, and provide in writing to the patron:

On [DATE], your access to [/SERVICE/TECHNOLOGY] was removed, on the basis that the use was barred under our posted policy (copy enclosed).  This removal may be appealed by sending a letter of appeal to [PERSON], at [ADDRESS] by [DATE].   The library respects your privacy and does not require you to appeal or to provide any further information regarding this matter, unless you choose to do so.

If an appeal is filed, the [PERSON TO WHOM APPEAL IS DIRECTED] shall consult leadership and legal counsel as needed, and shall notify the patron, in writing, as to the result of the appeal within [#] business days.

If there is concern that IMMINENT HARM may be caused by patron use of technology, staff shall immediately alert XXXX, who shall determine if law enforcement must be called, or if there are any additional immediate action take, per governing procedures.

I am sorry to not have a more graceful solution, but I cannot advise that staff simply withdraw services and not return to the patron.  I have designed the above generic policy to provide a “uh-oh” moment for the patron, when they can remove themselves from a situation, and the supervisor can choose to not pursue the matter further.  This is a delicate dance on the tightropes of confidentiality and operational integrity.

Further, I have added the final clause in bold so the person in charge at the time is reminded to use the “buddy system” when it comes to making tough calls about safety, inferring criminal intent, and assessing imminent harm.  These are decisions that, whenever possible, should not be made in isolation. 

This balancing, giving a situation time to breath, and due process, are the best way to shield library staff while honoring library principles.  I hope you don’t have to use it too often!  But with more and more people relying on libraries for service beyond the traditional quest for information, I suspect more institutions will be addressing this issue.

---

 

[1] NY Penal Law 170.00

[2] Of course, a prosecutor can pursue criminal charges if they believe they can prove such awareness…and they can try and prove it by using knowledge of the content.  And for certain documents, merely altering them is a crime.  So erring on the side of caution is wise.

[3] At the heart of this question is staff who don’t want to be implicated in wrongdoing, but honor their professional ethics, including the obligations to:

• Provide the highest level of service to all library users, and accurate, unbiased responses to all requests for assistance;
• Distinguish between personal convictions and professional duties;
• Strive for excellence via use of professional skills;
• Protect each patron’s right to privacy and confidentiality

[4] This is advised by the ALA at http://www.ala.org/advocacy/intfreedom/guidelinesforaccesspolicies, and of course is required for municipal institutions.

[5] As part of this training, staff should be alerted to the library’s policies about any signs of activity posing a risk of imminent harm (which may be a result of illegal activity).

[6] This coordination is critical.  Please don’t use any model language without considering your full suite of bylaws, manuals, policies, and procedures already in place.

Before I wrote this answer, I stopped to ponder the fact that there are over 20 library systems in New York, each with its own policy and approach to managing the information in its "ILS" (integrated library system).

The beauty of library law in New York--and it is beautiful--is that it uses a firm structure of laws and regulation to enable a sturdy but flexible array of unique library institutions.

All of which is to say: there is no single right answer to this question.

Every library system managing an ILS has the responsibility and right to set the terms for participation in that system. Among other things, that means every library system sets the terms for the use of the information access the system provides.

So, with that, can a library use the email addresses of its patrons from an ILS patron database to send a donation request for its annual fundraising drive?

The answer will vary from system to system. However, unless specific provisions have been made otherwise, the answer is most likely "no."

Here is why.

First, as always, we'll start with ethics.

The ALA and NYLA Code of Ethics provides: "We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted."

While using the patron information in the ILS to populate a donor solicitation list does not in and of itself reveal "information sought" by the patron, it does raise the issue of how the patron's confidential library records are being used.

Second, we'll look at the law, [1] which requires: "Library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state...shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library...."

While sending a late notice to a patron via email is certainly necessary for the proper operation of the library, using library records to solicit donations, without further consent by the patron, is again a dubious disclosure of patron information. I am not saying it is outright barred by law...but it gives me an icky feeling.

An "icky feeling," of course, is not admissible in court. So, let's dig a little deeper.

An ILS is a service each library participates in. The laws that govern ILS use are Education Law 255 and 8 NYCRR 90.3, and the bylaws of the particular system that library is a member of. Although a member library contributes information to an ILS, unless system bylaws or policies say otherwise, that information belongs to the system, who is just as ethically and legally bound to protect the information as a member library.

The default position for a library system to adopt is that patron information should only be used in furtherance of a patron's use of services from the system. This is the best way to stay on the right side of the law.

The "special position" a library system could adopt, if it wanted to facilitate special mailings based on library membership and use (not just for fundraising, but perhaps based on demographics or interest) could be to enable patron consent to such information use, perhaps by using an opt-in or express waiver. This too would ensure adherence to the law regarding confidentiality.

For a library whose system takes the "default" position of not allowing ILS information to be exported for fundraising purposes, the library also has a few options, including:

1. Creating a passive sign-up sheet for library news and fundraising efforts and maintain a spreadsheet outside of the ILS with personal information. Here is some sample language:

Do you want to sign up for newsletter information, event notifications, and fund-raising? We won't supply your information to any third party, and our mailings will come straight from the library! Please enter your name and contact information below.

2. Proactively asking patrons to voluntarily consent to the disclosure of their information for fundraising purposes during sign up and create your own list outside of the ILS.  Here is some sample language:

Per our patron confidentiality policy, the library considers records of your patronage confidential. Do you consent to the library using your name and address for newsletter information, event notification, and fund-raising? If so, please sign the agreement below. We won't supply your information to any third party, and our mailings will come straight from the library!

NOTE: This permission can be revoked upon request.

I agree for my information to be added to the library's newsletter, event, and donation solicitation list.

 

NAME:______________________________________

 

Signature:_____________________ DATE:_______________

 

3. Asking the cooperative library system to add a "library event notice and fundraising information disclosure checkbox" so the information can be exported from the ILS. Of course, such "checkbox" would depend on the ILS technology (and might be impossible to add). But it would be work exploring.

Thank you for a thought-provoking question.

---

[1] New York State Civil Practice Law and Rules Section 4509.

In addition to being something of a historic preservationist, I am also a design fan, and a booster for my adopted hometown of Buffalo NY.  This means I am on several social media groups that discuss:

• Historic properties,
• Design of both private and public buildings, and
• Issues that impact the built environment (landscaping, planning, urban design).

On these groups, there is regularly a debate about the legalities, ethics, and diplomacy of taking pictures, providing information, and commenting in a public forum about privately owned property.

Issues that are frequently raised include:

• Privacy
• Safety
• Harassment
• Risk of a claim of defamation
• Cultivating ill-will

The issue can also take on tension if a person lives in a home they prefer to not have considered "historic," which can place added pressure and actual legal restrictions on the owner of the home.

On the flip side, many who proudly own "historic" or otherwise noteworthy properties glory in their building's appearance and history.  These are people who not only want their structure listed in print and online resources, but carry a jump drive they can distribute easily to make sure the building is described properly.[1]

When it comes to the risks of listing historic properties in a printed or online resource, there are very few direct legal issues.  With the exception of certain high-security locations, it is not illegal in any way to publish information related to real property, its ownership, and its historic nature (or other significant factors).  In fact, although not everybody realizes it, such information is generally available to the public in the form of tax maps, real property deeds, and other information housed by a county clerk.

That said, and in answer to the member's question, legal concerns can arise if a resident or owner can attribute negative consequences directly to the listing. For instance, if a listing suggests that a property is open to the public, when in fact it is not open, a property owner could have legal recourse. Similarly, if a write-up is directly connected to resulting harassment or vandalism, there could be an allegation of legal responsibility[2]--although such allegations would not lead to liability unless a precise set of factors were present.[3]

The stakes can also be higher when the listing is the result of a formal publication by an actual entity, such as a local library, historical society, religious corporation, or not-for-profit corporation.  This is because such organizations typically have a larger platform to communicate from, and are also perceived as having "deep pockets,"[4] as well as insurance.  They are also more vulnerable to public criticism, since they depend on public good will.

How can an organization mitigate such risk?  Here are three steps:

Step 1. If your organization is going to publish a guide, check with the organization's insurance carrier to see if its insurance includes coverage for "advertising injury" and other claims related to publication. While not every "general liability policy" has this feature, it is a fairly common type of coverage, and any group that is regularly publishing brochures or pamphlets--or even listing information on its website--should consider getting coverage for allegations of defamation and copyright infringement.

2.  Early in the initiative, decide what the precise criteria is for inclusion in your directory[5], and if your directory of local historic properties will have an "opt out" for people who don't wish their property to be listed or depicted.

3.  Once the criteria and any option for "opt out" is determined, consider using a form to notify people of the directory, and to allow people to supply information about their property or to opt out.  For instance:

Dear NAME:

[Info about your organization, upcoming event, pleasantries, etc.]

The NAME is preparing a directory of local historic properties, including your historic property at ADDRESS.

The criteria for the listing in the directory are INSERT.  The listing will include the address, a photo taken from the street, and a brief history of the property.  We will ensure there is no automobile with a legible license plate or people in the image.

To personalize this initiative and add depth to our information, we would like to provide you with an opportunity to send us information about the property, including any work you have done to steward it over the years, and any photos or legacy information you may have.  You can send anything you like to INSERT ADDRESS.  By sending information, you are giving the NAME a license to adapt it for use in the directory (both print and online), only.

In addition, because we appreciate that not everyone will want to supply information or have a picture of their property included in the directory, we are providing an "opt out" of the photo depiction.  If you do not want a photo of your property included in the directory, please check the box below:

 Please do NOT include a photo of my property at ________________ in the directory.  I understand this "opt out" is a courtesy and information regarding my property is part of the public record.

The directory text will be finalized by DATE and we anticipate publication by DATE.  Therefore, to be able to include your materials or remove a photo, we appreciate your reply by DATE.

[nice things, etc.]

[signature]

If at all possible, the organization's attorney should review the final letter before it goes out, which will allow the organization to address any concerns specific to the project or the particular locality.

Thank you for submitting an interesting and sensitive question.  Respect for those who steward historic structures is important...as is celebrating the legacy they preserve.

Happy bicentennial!

 

---

[1] Woe betide your guide if a "coppice" is mistakenly called a "cornice."

[2] I have never heard of a directory of historic properties being used to "dox" (harass via release of private information) somebody, but I can imagine it happening.

[3] For example, if the write up said "This is the historic Bailey mansion.  Legend has it if you throw a rock through a window, your wish comes true.  Bring a rock and have at it!"

[4] As in, money to pay for damages.

[5] Is it on the state registry, federal registry, or considered "historic" due to a local designation?  Or are the criteria simply that the structure was built before a certain year, hosted a significant event, or was once owned by a noteworthy person?