COVID-19

As the use of online tools for tracking use of copyright-protected content becomes more widespread, this is happening to schools, libraries, museums, and other cultural/educational institutions with greater frequency.

While these threats will vary based on the circumstances, here is a step-by-step "Copyright Threat Diffusion Guide" to help you de-escalate the tension and figure out what to do, from the moment an infringement threat hits your in-box.

Step 1

Breathe.  It's going to be okay.  Make some tea, or go for a walk if you feel nervous.

Step 2

Print the threat, and save a copy as a PDF with the document name "CopyrightClaim[DATE]."  DO NOT FORWARD IT.

Step 3

DO NOT REPLY to the threat.

Step 4

DO NOT take any of the steps it demands (removal of content, paying money, saying you’re sorry, etc.).  Just stay cool for a few more steps, first.

Step 5

Within one business day of its arrival, appoint a "copyright claim buddy"[2] to work with you on this.  If you are a director, this is a good role for your second-in-command.  If there is no other employee who can help out, loop in a board member (all of this should be over the phone, no e-mails).  Just "Hello, we got a claim of copyright infringement we need to assess, I read this thing that says an organization should always have at least two people work on that type of thing, can you work with me on it?"

Step 6

Hopefully, you now have a "copyright claim buddy" and you are ready to make your first decision: alert your institution's lawyer, or alert your institution's insurance carrier.  Either is good.

Here's how you notify your attorney: If you have lawyer, e-mail them the pdf of the threat (cc your buddy), and write "The [library] received this on [DATE].  [NAME] and I are responsible for handling it.  Are you available to help us this week on this, and if so, can you propose a budget for helping us with this?  And if you can't help right now, can you recommend someone who can?  We know we need to handle this promptly."[3]

Here's how you notify the insurance carrier: If you have an agent or broker, e-mail them the pdf of the threat, and say "The [library] received this on [DATE].  [NAME] and I are responsible for handling it.  Is there coverage for this, and if so, does the carrier want to respond?"

It is reasonable to expect replies within three business days.

Step 7

With Step 6 done, the matter is either out of your hands as the driving force of resolution (you and your buddy will remain engaged with the carrier or the lawyer, but they will be the interface with the claimant...if they decide the threat is even worth responding to), OR you have confirmed you have no insurance coverage for this, and you haven't found a lawyer who can help you.[4]  Which brings us to...

Step 8

Step 8 is the time for all the initial responses that likely hit you in an adrenalized rush when you first opened the threatening message.  It includes things like:

• Conducting an inventory of your institution's alleged use of the material[5];
• Establishing how the material came to be used as it was (if it was);
• Assessing if your institution's use of the material was "fair use";
• Assessing if any internal policies were violated when the material was used (again, if it was);
• Assessing if your institution's use of the material was under a license;
• Determining if a third party supplied the material to the institution;
• Determining if it is wise to remove the material now;
• Determining if the material listed in the threat letter is protected by Copyright;
• Determining if the copyright to the material listed in the threat letter is registered with the Copyright Office;
• Seeking any other factors that would weaken the threats on the claim;
• Using all the above-bulleted information to assess your institution's unique position in this matter.[6]

Whenever possible, everything in "Step 8" should be either conducted by an investigation by your insurance carrier, or with the participation of your library's attorney so the findings are protected by attorney-client privilege. 

Step 9

Step 9 is the course of action developed based on the information established in Step 8.

Because so many variables impact it, there is no one answer or outcome to Step 9, but here are some real-world resolutions I have seen:

Taking a close look at the content, it was determined that the material in the threat and the material used by the institution weren't actually the same thing. Result: case closed with no credible threat of litigation having been made.

Taking a close look at the content, it was determined that the Copyright was not registered, and thus there was no credible threat of litigation at that time.  Also, there was some room to claim fair use. Result: to be cautious, the institution removed the content, but without acknowledging the threat and with no money paid.

Taking a close look at the content, it was determined that...Oops, this institution made a mistake and used someone's content without permission to advertise a small, free event.  Further, the content was properly registered, so the threat of litigation was credible. Result: insurance carrier took over and negotiated a very small settlement.

These are just a few examples, but they show the range of resolution possible when a systematic analysis of threatened copyright infringement is conducted in a calm and rational manner.

I do want to emphasize the importance of bringing in your institution's attorney.  Determining the facts that position an institution to take Step 9 requires a full and frank discussion of what might have happened during Step 8.  That means that unless the process is protected by attorney-client privilege, getting to Step 9 can create discoverable evidence that would have to be turned over during a lawsuit.  Depending on what happened, that could be to your institution's disadvantage.

Finally: I know I started this with the admonition to "stay calm," but then included some fairly alarming things in this answer! For anyone who has read this and is now worried about content your institution has posted on its website or on social media, a nice way to allay a panic attack is to casually reach out to your insurance carrier or agent and say: "Hey, do we have coverage for alleged copyright infringement? We don't plan on infringing anybody, but it would be good to know what to do if someone claims we have."

That way, you know who to call just in case you get one of these letters. 

Call it "Step Zero."

 

 

---

[2] Why do I recommend a "copyright claim buddy?"  Several reasons.  First, this type of thing is no fun.  Second, this is a chancy world, and any one of us can suddenly get sick, in an accident, or win the lottery and quit our job.  For critical matters like threatened litigation, an organization's response team should be at least two people deep.  Further, it is a good development opportunity for future leadership.

[3] If your lawyer does not regularly handle copyright matters, they are welcome to call my office at (716) 464-3386.

[4] Keep trying!  Don't go it alone.

[5] Are the facts asserted in the letter even accurate?

[6] If you are a state institution, there are certain protections you have; if you are a not-for-profit educational institution, there are certain protections you have; if a third party posted the material, there are certain protections you might have.

Before I answer, let's talk about why a person or business might create an LLC ("limited liability company").

A primary function of an “LLC”[1] is to do exactly what the member has proposed—to create a separate entity designed to hold the liability associated with a particular venture.

Examples of how an LLC can be used to take on liability (and keep it from flowing to its owner/s) include: ownership of rental properties, operation of restaurants, and yes, collaborative formation of charitable initiatives, like a medical closet operated in affiliation with a library.[2]

This is because, when set up properly, an LLC allows its "members"[3] to have an ownership stake in the company, while minimizing the risk of liability associated with the LLC adhering to other parties (like the members).

For this reason, a lot of property owners and participants in risky ventures[4] use an LLC to contain the liability that could result from the risks of the venture.  This helps with insurance, critical decision-making, and keeping unrelated assets separate from the liabilities of a venture.

Aside from this primary “separation of risk” function, the LLC model also allows creative arrangements for financial operations and tax considerations.  Among many other things that relate to ownership of family businesses, and complex corporate structures, this includes allowing one or multiple 501(c)(3)[5] not-for-profit charitable entities to form an LLC that will have a similar tax status. 

So the "short answer"[6] to the member's question is: YES.

That said, I do have a "long answer" composed of several considerations and caveats, which I hope will be helpful.

Consideration 1: Audit.

While the laws governing public libraries[7] do not forbid--and arguably expressly allow--an education corporation like a public library to own, or partially own, the asset of an LLC[8], a review of various New York State Comptroller audits[9] shows that any assets flowing between the two entities will be considered subject to all the requirements that must be followed by the library.

In other words, if the State Comptroller conducts a fiscal audit of the library (as State Comptrollers are randomly wont to do), the Comptroller will not only look at the books of the library, but also the books of the LLC—subjecting them to the same scrutiny as the library. 

So, to the extent money and resources flow from the library to the LLC, the same constraints on procurement, investment, and other use of assets will be imposed on the LLC.  This could bar or limit the activities of the LLC, so should be a primary consideration when it is formed.

Consideration 2: Operations

By "operations," I mean: who is helping the LLC get the work done?

In the scenario submitted by the member, it is the library who will "be responsible for cataloging the items, tracking their circulation, and applying for grants to help with funding."  Meanwhile "local visiting nurses have volunteered to handle the distribution of equipment."  And finally, as described by the member, the storage/pick-up (the "Closet") will be off-site (not on library property).

This means that the LLC would rent/borrow the space for the Closet, volunteer nurses would work there helping to distribute equipment, and the library would use its personnel to track the lending and equipment.

And although the member doesn't specify, let's say the library doesn't use its own circulation system for this, but instead, buys or builds a custom system—maybe even something as simple as an Excel spreadsheet.[10]

So the library would supply the "time and talent" of its people on an ongoing basis to the LLC, perhaps tracking it as an in-kind support to the charitable venture,[11] and also separately purchase assets that would be solely owned and used by the LLC.

This "time and talent," is where "risk and liability" for the library—even with an LLC housing the operations—truly enter the picture.  Even with a separate entity designed to take the hit, when an entity supplies its own people to staff a venture, there is always some risk that the direct involvement of a third party can lead to an assertion of liability (when people sue, they often look for not only deep, but multiple pockets).

How do you solve that?  It takes two things:

Consideration 3: The Operating Agreement

By law, every LLC must have an "Operating Agreement" that specifies how the "members" run the company.  For small, simple LLC's, an "OA" can be a fairly short document.  For complex ventures with detailed financial goals and complex management structures, an OA can be hundreds of pages.

In the case of a "Medical Loan Closet" LLC meeting the criteria in the member's scenario, the operating agreement would have to address, head-on:

• The precise responsibilities of each member[12]; and
• The in-kind services being supplied by each member; and
• The precise terms under which individuals would contribute their services, including volunteers; and
• The precise way assets of the LLC are purchased, loaned, and de-accessioned (this is the part the Comptroller would look at); and
• How the premises of the Closet is managed and insured; and
• Most critically, the way the LLC would hold harmless and indemnify the participating parties for any assertion of liability against them based on LLC operations.

Which brings us back to...

Consideration 4:  Insurance

At the end of the day, this question is about two things: 1) how to do a good thing for a community; and 2) how to make sure the organizations doing that "good thing" properly manage the risks of doing it.

While much of this can be addressed via good planning, rigorous equipment maintenance,[13] and proper paperwork, as can be seen in "Consideration 3,” and as the member clearly knows, a venture that will be so closely connected to people's physical health must have some form of insurance. The coverage should extend to every person with either a fiduciary, employment, agency, or volunteer relationship with the Closet.

While precise coverage amounts should be determined by the participating parties, my instinct is that there should be at least $1 million of coverage per incident, with no less than $3 million/year aggregate.[14]  But it will depend on many factors.

So, what to do?

Many times, there is a very solid reason to start an LLC.  If the Closet described by the member was going to own real property, have its own employees, apply for grants, and in general, take care of most of its operations in-house, with the support—but not the direct service—of the members, I'd say that was the right solution for this scenario.

However, if the Closet is to be a collaborative effort that will rely on the direct services and assets of the member organization/s (in this case, services by library employees, on library time), in my experience[15], a tightly structured plan that properly establishes the responsibilities of the collaborating parties—and ensures there is proper insurance coverage for all involved—might be the most practical way to move forward. 

This will also position the library to do the right type and amount of "volunteer vetting" and to properly confirm the conditions of (and insurance coverage for) the volunteers.

So, on a practical level, what am I saying?  A library can spend thousands to set up a charitable LLC to run a Medical Loan Closet[16], and then about a thousand or so a year to ensure the proper administration of that LLC--or it can develop the Closet as a program of the library (either stand-alone, or in collaboration with others) and spend the money on additional risk management and insurance. 

After all, we're not talking small engine repair, here.  Lending things—even if it is health-related equipment—is part of any library's core mission.

At the end of the day, many factors will play into the decision to use 1) an LLC, 2) a collaboration agreement[17], or 3) to simply operate the Closet as a new program of the library (with some volunteer agreements for the nurses). 

To get to the part where the library can make the decision, I advise developing an "Operational Plan"[18] for the program, and getting quotes from several insurance carriers as to what the coverage would costs for your library and/or for a new entity to conduct the activities in the Operational Plan.

Since there will be a lot of detail to review, a small ad hoc committee[19] consisting of a board member or two, the library director, any other person whose input will be helpful, and the library's attorney, can then review this information, and come up with a solution to pitch to the board. 

And when that pitch is made, everyone should be confident that there is no "wrong" way to develop a new, life-saving lending initiative—so long as the way selected clearly defines everyone's responsibilities, establishes that clarity in writing, assures legal and fiscal compliance, and ensures everyone helping out is covered by insurance.  With the right attention to detail, this could be an LLC—or another solution.

I wish this venture luck and stout hearts for getting it over the finish line; it sounds like a great asset to any community!

 

---

[1] When I write about LLC's, I really struggle with putting "an" before an acronym that begins with a consonant ("LLC").  But the rules on "indefinite articles" assure me it is proper.

[2] There are some questions about the operation of a collaborative 501(c)(3) LLC in New York, but they happen, and haven't been shot down yet.

[3] "Members" is what the New York State Limited Liability Company Law calls owners.

[4] I don’t mean “risky” as in “Don’t drive that Pinto!” In in this context, “risky” applies to any venture that has a risk of exposure to legal claims due to having premises, employees, contractual obligations, or providing goods/services.  In that context, even my own law office (which is a type of LLC) is “risky.”

[5] "501(c)(3)" is a designation from the IRS that allows a library or other charitable organization to accept donations while the donor takes a deduction.

[6] Trust me, this WAS that short answer!  Another business lawyer who reads this will find it pretty skimpy.

[7] The Education Law, the Not-for-Profit Corporation law, the General Municipal Law, the Public Officer's Law.

[8] This is NOT to say that the local library could engage in a hostile takeover of the LLC-operated laundromat next door to ensure the very loud HVAC system is turned off during children's story hour.  A not-for-profit, and a public library, both have extensive rules regarding what assets and investments they can own, and how they can benefit from them.  But it could be done (in my hypothetical, it could be done if either: a portion of the laundromat income was a directed donation used to purchase special collections OR if use of the machines to clean clothes while reading or using library Wi-Fi was a free service to the community tied into the library's Plan of Service.  Which, by the way, would be AWESOME).

[9] When I want to relax, I just pop on over to the Comptroller's "library audits" page at https://www.osc.state.ny.us/local-government/audits/library, and have a jolly good read.

[10] My apologies if my assumption that such a project could be tracked via Excel is laughable.  While I can script out workflow and compliance protocols like a pro, my database programming skills stop with a 4-column chart in "Microsoft Word."

[11] Remember, the assets of both a not-for-profit and a public library come with heavy restrictions.  This includes the "asset" of the workforce.  In this scenario, we're assuming all the right paperwork for "lending" employees to a venture is properly in place...not something to assume lightly in the Real World.

[12] Operating a charitable LLC is fairly simple after the start-up phase, but there are routine tasks that must be kept up with: book-keeping, audit, routine IRS and Charities Bureau filings, compliant procurement, de-accession.  Consider who will be responsible for all these things.

[13] This consideration—about properly maintaining loaned health-related equipment—is addressed in the RAQ response to a question we got back in April 2020 about lending a Telehealth kit, which is found here: https://www.wnylrc.org/ask-the-lawyer/raqs/132.

[14] A great short cut on this would be to find some other medical loan closet programs in New York and ask who their carrier is.  Establish your credentials and tell them why you need the information first, though...places get VERY nervous when you ask who their insurance carrier is!

[15] At this point, I have worked on joint ventures for educational purposes, arts purposes, community gardens, the development of apps for civic transparency, community murals, and just about every feel-good thing you can think of.  I will never be rich, but I love my job.

[16] A word of caution: the phrase "Medical Loan Closet" is part of a name protected by a trademark, the "Wichita Medical Loan Closet" which can be seen here: https://tmsearch.uspto.gov/bin/gate.exe?f=tess&state=4802:iitou7.3.1. When developing a "closet" program here in New York, take care to distinguish your brand so there is no risk of getting a cease-and-desist.

[17] Remember, a “collaboration agreement” is different than an LLC’s “operating agreement.”  A “collaboration agreement” unites the efforts of two or more entities creating the venture, and manages risk WITHOUT creating an LLC. 

[18] The "operational plan" will evolve once you make the decision about the entity type, but to start it is just a description that sets out how the Closet will run.  If the idea is largely to use the same model used by the current operator, that is a fairly simple task, but make sure to include every role and responsibility, simply noting "TBD" is you don't yet have an answer.  An inventory of equipment will be an essential component of this exercise.

[19] Since I have hit you with a lot of detail that could be daunting, I will add this gratuitous advice: if possible, have a meal or fun snack at your planning meetings (even if they have to be via Zoom right now).  I have been working on a charitable planning committee, and by turning it into a convivial experience, we are getting through some fairly obscure stuff while staying in touch with basic human joy.

In 2012, I was an in-house attorney at a university when the "Penn State Scandal"[1] broke.  Along with the nation, I was horrified to learn about the serial sexual abuse of children by a powerful coach in an NCAA Division I football program--and just as critically, the system that allowed the abuse to go unchecked for so long.

If I hadn't been before, at that point I became acutely aware of the responsibility of an institution to safeguard the vulnerable populations it serves—even when only hosting or renting a part of its facility.[2]  I looked to the law and other guidance for solutions, and spent time working on contracts, policies, and trainings for safeguarding minors--and avoid liability for failing to do so.

As the member's questions point out, in a busy, community-oriented library, that liability can enter the scene in many ways.  Let's tackle their questions one-by-one.

Member question: Many of our libraries have community rooms that are reserved at no cost, or minimal cost, for service organizations, community groups, or private events. What best practice measures should libraries implement to reduce liability? Is there particular language that we should include in our community room rental agreements or policies?
I have spent a lot of time over the last four years[3] reviewing various library policies.  And if there is one thing I have learned, it's that almost every library governs the use of its space by outside organizations differently. 

This makes a uniform approach to this question difficult, but I think I can give you some good initial food for thought by providing two answers:

ANSWER #1: adopt a “Protection of Minors” addendum to written policies and (ahem[4]) "handshake procedures" for allowing use of your facilities for one-time (or very rare) use by outside groups.

Thank you for using the ABC Library for your gathering! 

At the ABC Library, our mission is based on service to the community, and that includes a commitment to practices that keep our community safe.

Therefore, a representative of your organization must fill out this "Assurance Regarding Minors" before granting you permission to use the space.

1.  Will your event include minors (children under the age of 18)?  YES     NO

If "NO", we're all set, please sign and date below.

If "YES", please continue

2.  Will your event require the guardian or parent of any minors attending to be present?

YES     NO

If "YES", we're all set, please sign and date below.

If "NO", please continue

3.  If minors unaccompanied by a parent or guardian will be at your event, please list the adults responsible for the well-being of the minors, and how your organization has confirmed they do not pose a risk to the minors.

Name	Role in your organization	Method of risk assessment

 

Thank you for filling out this assurance.

DATE: ________________

 

SIGNATURE: _______________________

PRINT NAME: ________________________

ADDRESS: ____________________________

 

WITNESS: _______________________

PRINT NAME: ________________________

ADDRESS: ____________________________

 

ANSWER #2: Add a "Protection of Minors" provision to the standard contract your library uses  to set the terms of regular/routine use of your facilities by outside groups.

[NOTE: A "Facility Use Agreement" should name the organization in the contract,[5] set out the rules for use, confirm if the use is paid, bar use for political purposes,[6] and—critically—if there is a heightened risk to the activity,[7] require insurance.  What I have set out below is just the provision related to minors.  A template facility use agreement is on "Ask the Lawyer" at RAQ #167]

Protection of Minors

The ABC Library expressly forbids abuse or sexual abuse of minors on its premises. 

As a condition of using space in the Library, ORGANIZATION represents and warrants:

a.  ORGANIZATION has verified, and shall verify every six months, that all employees and volunteers who will be at the Library per this Facility Use Agreement are not listed on the New York State Sex Offender Registry.

b.  ORGANIZATION maintains a policy barring sexual abuse within its operations, and requires all employees and volunteers to report instances of sexual abuse to law enforcement within 24 hours of observation or receiving a report of sexual abuse; a copy of the policy is attached.

c.  The indemnification and insurance provisions in this agreement expressly include indemnification and coverage of the Library, its trustees, officers, employees, volunteers and agents for any complaint, claim, or cause of action related to alleged sexual abuse.

 

Next member question: On a related note, what about other library visitors that make use of library common space on a regular basis for tutoring or counseling that doesn't constitute a library sponsored program or group?

This is a very tough one, because the risk will vary based on the design and capacity of your library.

Libraries with space in wide-open areas near circulation and reference desks obviously have an advantage in this regard: there is lots of space for people to meet as described in the question, without the seclusion that can provide protective cover for illegal behavior. 

That said, libraries also provide secluded areas so people have places for quiet contemplation.  Quiet contemplation being one of the things we need more of in this world, I imagine most libraries are not considering totally getting rid of it any time soon.

There is no perfect solution to this issue, but here is the best input I can offer: once every few years (at least), a library should review its floorplan, policies, and any and all safety-related concerns with the library's insurance carrier.  They will be in a position to help the library assess its unique position in this regard.

 

Finally, what about staff who often work alone in the library, or alone in the children's room? Even with policies regarding unattended children under a particular age, those age limits are often well below adulthood and library staff are in a one-on-one situation for extended periods of time.
At least once a year, staff—especially staff who work alone or in isolated areas—should be trained on practices to keep themselves and others safe.  This should include:

• Security protocols
• Emergency response plan
• Recognizing warning signs and preventing violence in the workplace
• Appropriate boundaries in the workplace
• Addressing and responding to medical emergencies (including mental health emergencies)
• Enforcing the Code of Conduct
• Generating documentation of incidents

For some libraries, this training will draw on a large collection of formal policies.  For others, it will simply be running through a series of standard operating procedures.

The goal of such training--and the answer to the member's question--is to develop and enforce good boundaries (set by written policy or a well-articulated "standard operating procedure"[8] or "SOP") that includes a clear set of rules[9] for how to interact with minors, and every person and co-worker in the library.  By developing such rules/procedures while focusing on the entire spectrum of how a library keeps its employees and patrons safe, the energy spent on training and thinking about safety-related best practices will be maximized.

• Requiring groups routinely using library space to give critical assurances and supply insurance;[10]
• Requiring less routine users to at least give written assurance as to how they ensure safety;[11]
• Training employees regularly to be aware of and ready to enforce policies related to safety;

...positions a library to both diminish the risk of child abuse at its premises, and to have the documentation to show the library did the best it could to diminish that risk.  This reduces both the likelihood of harm, and liability.

And as always when it comes to managing risk and liability, as often as is practical, invite your attorney and your insurance carrier to participate in these efforts--they are critical partners in such initiatives. 

Thank you for a very important set of questions.

 

---

[1] I am sure you can Google it, but here is a link to a thorough summary: https://www.chronicle.com/package/penn-state-scandal/. 

[2] I am also a parent. However, you'll only get the cool, rational lawyer part of my brain for this answer, since the "parent" part of my brain does not think about this issue either coolly or rationally. 

[3] That's right, "Ask the Lawyer" has been around for almost four years! 

[4] Since COVID has killed the handshake, we'll just call these "unwritten policies."

[5] In the sample language, I am calling the organization using the library's room "ORGANIZATION."

[6] For more on this political issue, see RAQ #95.

[7] Like learning how to make stained glass (which can lead to nasty palm cuts), and leading a group of minors (which requires consideration of how an organization guards against abuse).

[8] Like, for instance, not having physical contact with patrons (no matter what their age).  Of course, such a protocol is a lot easier to enforce in COVID-times.

[9] If I ran your library, those rules would be: no physical contact with patrons (regardless of age), no unaccompanied minors under 16 allowed if the library only has one employee on staff, no leaving the circulation desk when patrons are in the library if there is only one employee on hand, no being in a room alone with an unaccompanied minor.  It would also be a rule that these rules are consistently applied.

[10] Answer #2.

[11] Answer #1.

I remember getting my first library card at the Utica Public Library with my Dad, circa 1985.  It was a right of passage: something "official" before I could drive, or work, or vote; a stepping-stone to adult life.

Of course, back then, we didn't have the Child Online Privacy Protection Act, the SHIELD Act, or the GDPR.  We did have CPLR 4509[1], but if that was part of the application, I probably assumed it was what the library would use to revive me if I had a heart attack in the stacks.

But enough of Memory Lane: this question is rooted in 2020, a time of pandemic, of online ecosystems, and of growing awareness about personal privacy and data security.  During this time, a library putting in place direct access to services for children in the ways listed by the member is a critical service, and as the member points out, introduces a lot of legal factors to think about.

To answer the member's questions, let's dive into them.

Contracts and Kids

Since the relationship of a library to a patron is (among other things) contractual, and in New York a person (generally) cannot be held to a contract until they are 18[2], any terms a library wants to be able to enforce on a minor must require legal consent of a parent or guardian...and in some cases, the contract really is just with the parent or guardian (who I will call "P/G" for the sake of efficiency going forward).

This, by the way, doesn't mean a library can't let minors have a card and borrow books (or have online access, or be in the library) without the signature of a parent or guardian—it just means if you want to enforce any contractual terms against those minors (like the requirement to return borrowed books), it's best to have a P/G's consent along for the ride.

 

Contracts and the Internet

Most contracts—including those signed by P/Gs binding minors—can be entered into electronically,[3] and a contract signified by a library card is no exception.  So yes, a patron, including a child, can get a library card or access to services through an electronic signature. 

(Just in case you want the nation-wide definition, an "electronic signature" is "an electronic sound,[4] symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record."[5])

 

What about COPPA?

When a website specifically provides services to children, we often have to consider the Children's Online Privacy Protection Act, or "COPPA."  But not today, since COPPA expressly states that the law applies to "commercial" websites and online services and generally not to nonprofit entities like a library.[6]

Although nonprofit entities are generally not subject to COPPA, the FTC "encourages[7] such entities to post privacy policies online and to provide COPPA’s protections to their child visitors."  Since libraries are sticklers for privacy, this makes sense, but if your library does this when setting up online resources for minors, don't call it "compliance with COPPA," call it "doing it the right thing because we want to."[8]

 

Should we require a parent?

COPPA, by the way, is one of the laws that uses the age of thirteen as the cut-off age for children being able to sign up for things (commercial or otherwise) on their own.  In my experience, 13 is also the age when insurance carriers decide children transition from "vulnerable" to simply "minors."  For this reason, many content providers and services (including libraries) bar access without a parent to those under 13.

All of which is to say: while there might not be a legal requirement to involve a P/G, in general, I'd say this is a good practice.  Good—but not required.  Remember, to legally enforce any conditions[9] (collect fines), you need a P/G's signature, but if you just want to let a kid borrow a book without consequences enforceable in court, you don't.

 

Let's see some ID?

Okay: you're set with electronic signatures.  You know you need to get P/G into the mix for patrons under 18.  You're "Doing The Right Thing Because You Want To" when it comes to soliciting information from minors under 13.  Do you need to see identification to make things official?

That depends.

If the privileges the library card or access grants come with conditions you will need to enforce in a court of law (fines, damages), it is ALWAYS better to get some form of identification or proof of address.  I say this, because when lawyers sue, proper ID and proof of address is how they know they are suing the right person.

Similarly, if there is an age or residency requirement, or a financial element (for instance, loading money onto an account), or if a person is to have access to another's account, you might need to require ID. 

Because the need for it will vary, when to require ID is a good question for your local attorney.  From my perspective, if a person is allowed to take out more than $10,000.00 worth of library assets at a time, or a library wants to be able to collect fines, I'd want to know how to enforce a return of those items.  Similarly, if patrons are allowed to access services from third-party vendors through their library card (software programs, audio books, anything governed by a third-party license), and there are consequences for a violation, it is good to have solid information about who your patron really is.

The problem is, if you are going to require ID, you must have a solid policies and procedures that address:

• Requiring ID in a manner that does not disproportionately impact those who live in poverty, or other categories of people[10]
• Requesting ID
• Evaluating ID
• Securely retaining and routinely destroying hard copies of ID
• Securely retaining and routinely purging electronic copies of ID
• Have a plan for data breach impacting retained ID

Basically: the reason a library would require ID—aside from verifying that a person lives in the relevant area of service, or is who they say they are—is to collect damages or to legally enforce conditions the patron has agreed to as a condition of a card.  Since that is an unpleasant business, its best to avoid it whenever you can...but when it's important, it's important to do it right.

I enjoyed writing this answer, because as part of it, I got to poke around and see how different libraries are solving this issue.  I saw some great stuff, including a temporary e-access system that let the technology do all the work (requesting verification of age via click-thru, using location services to confirm location in NY, imposing conditions on digital content via function without the need for legal enforcement mechanisms).

It is good to see when the law inspires, rather than quashes, creativity and information access.  I hope your library and library system finds this helpful as you imagine new ways to connect people to vital services!

 

 

---

[1] Requiring libraries to not release an individual's library records to a third party.

[2] There ARE some exceptions, but unless your library is hiring a minor to act in their movie, or selling a married couple of 17-year-olds a house, they shouldn't apply here (see General Obligations Law § 3-101).

[3] (15 USCS § 7001) states: "a signature, contract, or other record relating to such transaction may not be denied legal effect, validity, or enforceability solely because it is in electronic form."

[4] This definition's use of "electronic sound" created a rabbit hole where I envisioned a series of "auditory" contract signature proceedings where a person uses their Spotify Playlist to accept contracts.

[5] 15 USCS § 7006

[6] Entities that otherwise would be exempt from coverage under Section 5 of the Fair Trade Commission Act, which most if not all libraries are.

[7] You can find this "encouragement" at https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions-0

[8] A great guide for "doing the right thing" is here: https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions-0#A.%20General%20Questions

[9] By "enforce conditions," I mean contractually, in a court of law.  A library can always ask a 12-year-old to pipe down, and enforce its Code of Conduct if they do not.  But to collect fees, get a P/G signature!

[10] This question is critical to a library's mission.  While there is no "right" answer, I can say that even facially neutral things such as asking for utility bills, pay stubs, or non-driver ID can alienate people within a library's area of service.  I advise maintaining a list of ID types that includes "the usual" types of ID (driver's license, ss card, birth certificate, non-driver ID), and some other types, as well (report card, lease, or any correspondence from a government agency (with private information redacted)).  The list maintained by NYPL, who clearly gets this issue, made me smile: https://www.nypl.org/help/library-card/terms-conditions.

Yes, I can!  But first, a few caveats:

• Any template contract is just a starting point.  Use a lawyer to generate a version of this document customized to your library. 

• For any Organization that wants to use your library for a high-risk event (sports, concert with stage or sound equipment, large event open to the public, routine presence of children), whenever possible, additional review for insurance concerns and premises liability is wise.
• When filling this out, always make sure the nature of the Organization is confirmed (individual, DBA, LLC, NFP, corporation, etc.), and you have confirmed they exist as stated. 
• If the form shows that an activity requiring a professional license is going to happen (haircuts, massage, tax prep, legal clinic) obtain a copy of the insurance coverage for the professional activity and make sure it names your Library.
• No political events should occur unless it is confirmed the arrangements conform to IRS and NYS Charities guidance.
• A copy of the signed contract should be kept for 7 years (because the statute of limitations to sue on a contract is 6 years). 

 

ABC Library

FACILITY USE CONTRACT

This contract for facility use is between the ABC Library (the "Library") and INSERT NAME ("Organization") an [insert type organization/individual] ("Organization") with an address of [INSERT], for temporary use of [INSERT ROOM# or Description] in the Library (the "Space").

Details of Temporary Use

Date(s) and time(s) of use     NOTE:  If use is routine ("Every Monday in 2020") note the routine
Purpose of use (the "Event/s").  Please describe the activity to be conducted while you are using the Space.
Estimated maximum attendees
Will you bring in any contractors or third parties under contract for this event?   If so, you must provide the Library with a copy of the contract and they must name the Library on their certificate of insurance.
Please list any special details
Person from Organization who will oversee Organization's use of the Space (must be present at all times) and their back-up person	Name: Cell number: E-mail:   Name: Cell number: E-mail:
[If applicable]   Rental Fee on a per-use basis   NOTE:  If the use is charitable and the fee is to be waived, the use must not involve any political activity as defined by the IRS.
[If applicable]   Fee is payable to [INSERT] and shall be paid by:
Will minors unaccompanied by parents/guardians be attending the event at the Space?   If yes: does Organization have a policy barring abuse of minors, and requiring instances of abuse of minors in connection with Organization's programs to be reported to law enforcement within 24 hours?
Is Organization a chapter or affiliate of a larger organization?   If so, include larger organization's name.
Will the event involve food or the creation of materials to dispose of?   If yes, what time will clean-up, including removal of all trash and recycling generated by the event, be completed?
Organization's Library Contact (the person who will help them with any questions and address any concerns)	Name: Email: Cell:

Library Mission and Terms of Use

The ABC Library's mission is [INSERT].

As part of its mission, the Library requires that all people on Library property abide by all the Library's policies.  In addition, while using the Space, Organization and any person at the Space in affiliation with Organization must at all times follow the below rules, and any reasonable request of any Library representative.

Rules include:

No harassing, abusive, or demeaning activity directed at any person or the Space.

No contact that violates any applicable law or regulation.

In the event of an emergency at the Library, Organization shall abide not only by the reasonable request of any Library representative, but also any first responder assisting with the emergency.

In the event of any injury to any person, or incident of property damage while the Space is in use, Organization will immediately notify the Library Contact listed in the chart above immediately.  In the event of a crime or medical emergency, call 911.

Aside from those attending the event(s) in the Space sponsored by Organization, no filming or taking pictures of any individual in the library (visitor or employee) is allowed, without their express permission.

After use, the Space will be restored to the condition it was in prior to Organization's use, by the Organization, unless otherwise specifically confirmed with the Library Contact.

Organization will not promote the event using the Library/Space as the location until this contract is fully signed and (if applicable) Organization has paid the applicable Rental Fee.

Drafting note: if the Library does not own the building, add any other rules based on requirements in the lease.

Violation of any rules may result in the termination of this Contract with no refund, and denial of future use.

Emergency Cancellation

This Contract guarantees that Library will reserve the Space for Organization as set forth in the "Details" section, above. However, in the event the Library or a related entity experiences an emergency which, in the sole determination of the Library, requires the cancellation of the use (including but not limited to condition at the facility, weather emergency, or event requiring Library's emergency use of the space), Library shall notify Organization as soon as possible, and work with Organization to refund the fee or determine a new date, whichever is preferable.

Indemnification
To the greatest extent allowed by law, Organization hereby agrees to indemnify and defend and hold harmless the Library, its Board of Trustees, employees, agents, and volunteers, from any and all causes of action, complaints, violations, and penalties, and shall pay the cost of defending same, as well as any related fines, penalties, and fees, including reasonable attorneys' fees, related to Organization's use of the Space, including conduct by any third party or contractor present at the Space as part of the Event/s.

Insurance
Organization shall provide insurance meeting the requirements shown in exhibit "A."

Drafting Note/Instruction: the person at the Library organizing the contract will either select the default insurance requirement, which is the conventional insurance demand, or it shall be determined that no insurance is required.  For organizations conducting routine meetings, and especially if children are served by the Organization, the library's lawyer, and/or your insurance carrier will almost always advise insurance be required. 

Person signing for Organization
The person signing on the line below on behalf of organization is at least 18 years of age and has the power to sign for the Organization.
 

Venue for Dispute
This contract and any related action shall be governed according to the laws of the state of New York, and Venue for any dispute shall be INSERT county, New York.

Accepted on behalf of the Library:___________________     on:___________

                              Print name:__________________

 

 

Accepted on behalf of the Organization:___________________          on:___________

                              Print name:________________________

Many of the questions we get at "Ask the Lawyer"[1] relate to this concern.  As the priorities cited by the member suggest, the library-municipality relationship is a Big Issue.

I have worked with city, town, and village attorneys, in one way or another,[2] for most of my professional life. So I can understand why sometimes, if they are focusing on reducing liability or overhauling operations, a town board or a city mayor might be tempted to think of the library as "just another department."

But we know that is not the case.

With all that in mind, I am very grateful to have this opportunity to craft a pro-active answer to this issue.

I am going to let the requested sample Memorandum of Understanding—or "MOU"—do most of the talking on this topic.  For comments on why I have included certain things, you'll see footnotes and items in italics that should be removed from any final version (unless you have a really fun-loving and tolerant town attorney).

Caveats

Of course, with all things "template," this MOU should only serve as a boilerplate.

Further, libraries with very sensitive or less-than-ideal relationships with their municipalities might want to use this only as an internal guide for discussion.  It's not a fun fact, but it remains a fact that some municipal leaders could take a "request for clarity" as an act of aggression.

And as noted throughout, to the greatest degree possible, your library should consult their own attorney about the different considerations in this template.[3]  With that in mind, I hope this document is a useful starting place for that attorney, and I welcome calls from lawyers working with this document.[4]

And here we go:

USING THIS TEMPLATE:  Any guidance in italics, and the footnotes, should be removed before an MOU using this template is finalized.  If at all possible, the MOU and attachments should be reviewed by an attorney before signature.  Items in bold are non-negotiable; they are based on the law and are not subject to change.[5]

 

[PROPOSED] MEMORANDUM OF UNDERSTANDING

Between the [NAME] Library and the [MUNICIALITY]

This memorandum of understanding is between the [NAME] Library (the "Library") and the [INSERT NAME OF MUNICIPALITY] (["GOVERNMENT ENTITY" or "GE"][6]), which both serve the community of [INSERT NAME OF MUNICIPALITY] (the "Community").

This memorandum of understanding ("MOU") is entered into by the Library's Board of Trustees (the "Library Board") and the [AUTHORITY OF THE ENTITY[7]] ("[GE AUTHORITY]"[8]) and is intended to ensure clarity and unified purpose with regard to critical interdependencies between the Library and the GE.  Together, the Library and the [GE] are the "Parties" to this MOU.

As a living document this [first] version of the MOU sets forward both items of clarity, will be revisited by the Parties in the month of [INSERT] every [TIME SPAN[9]].  

Mission and Shared Purpose

The mission of the Library is [INSERT MISSION].

The mission of the [GE] is to [INSERT MISSION].

The Library and the [GE] share the mission-oriented purpose of serving the Community within the [GE] by [compose and insert "shared purpose"[10]]; this is their "Shared Purpose." 

 

The Parties

The Library is a public library chartered by the Regents of the New York State Education Department on [DATE], as shown in the most recent version of the Charter attached as "A" (the "Charter").[11]

As required by law, the Library is governed by a board whose authority is set by sections 255, 256, 260, and 226 of the New York Education Law, the Not-for-Profit Education Law, the Charter, and the bylaws of the library.  A copy of the most current bylaws of the Library is attached as "B."  

The [GE] is a Municipal Corporation incorporated under the laws of New York State in [YEAR]. 

As required by law, the [GE] is governed by [INSERT][12].

A copy of the [GE] Code (the "Code") may be found at [insert code link[13]]. 

[IF RELEVANT] The provision[s] of the Code pertaining to the Library are attached as "C."

 

The Relationship of the Parties

As a Regents- chartered entity, the Library is an independent corporation with the ability to own property, enter into contracts, employ a workforce, and maintain its own bank account for the management of library funds. 

Further, the Library is required by state law and regulation to employ adequate employees to staff the Library in fulfillment of its Plan of Service, which is attached as "D."[14]

Since the [GE] and the Library are two distinct entities, many of their operations occur independently of the other.  However, for the sake of their Shared Purpose, the leadership of the parties have determined that certain "Critical Interdependencies" are in the best interests of the Community.

These "Independent Operations" and "Critical Interdependencies" are itemized below, with comments or additional information in column 3.[15]

Operational item	Independent Operation or Critical Interdependency? When possible, check your conclusion with your lawyer before making a final determination.	Important information or attachment
Ownership of Library Building   This should specify if the library or the municipality owns the structure housing the library.	If the GE owns the structure but charges no rent (or $1), it is a "critical interdependency."  If the library owns its premises, it is an "independent operation."	Attach a survey or schematic of the library's complete property as "F".[16]
Maintenance of Library: capital improvements   This should specify who takes the lead on capital projects and how the parties will work together for remodeling or building a new library.	By "take the lead," I mean: who signs the contracts for the work and manages the different factors in the capital project?   If the GE "takes the lead" on capital improvements, it is a "critical interdependency."  If the library takes the lead, it is an "independent operation."	The library should always have copies of warrantees and contracts related to capital improvements.
Maintenance of Library: emergency repair   This should specify what happens when a pipe bursts and you need to stop the water and fix the pipe, or who makes sure the elevator gets fixed promptly (we'll handle damage to library assets in another section).	If the GE is responsible for arranging emergency repair, it is a "critical interdependency."    If the library does, it is an "independent operation."	This is a great place to list who to call in the event of a facilities emergency.
Maintenance of Library: landscaping and snow removal   This should specify if the library or the municipality does the work or contracts for it.	If the GE is responsible for external routine maintenance, it is a "critical interdependency."    If the library does, it is an "independent operation."	This should establish not only the party responsible, but set the expectations for service (for instance, should the driveway be plowed before the employees arrive on a snowy day?  That sounds good to me).   If performed by a third party, the library should always have copies of contracts related to grounds maintenance, even if the contract is with the GE.
Maintenance of Library: routine cleaning   This should clarify the line between "routine" cleaning (like weekly vacuuming) and "non-routine cleaning" (like cleaning up when a printer cartridge breaks open near the rare book room), and specify if the library or the municipality does or contracts for the work.	If the GE is responsible for routine cleaning, it is a "critical interdependency."    If the library does, it is an "independent operation."	If performed by a third party, the library should always have copies of contracts related to routine cleaning, even if the contract is with the GE.   Details such as when the cleaning is, and the levels of access of workers, are important to clarify.
Damage to library structure: insurance coverage   This should specify what insurance covers damage to library structure.	If the GE coverage applies, it is a "critical interdependency."    If the library supplies its own coverage, it is an "independent operation."	The board should always have a copy of the policy covering the library structure, and the copy should be in the cloud, not just in the library.   Always.  This should not be left to chance.   Current insurance policy or amount determined for "self-insurance" by municipality is attached as "F."
Library Security Personnel   This should specify if the library or the municipality supplies any security personnel.	If the GE is responsible for security personnel, it is a "critical interdependency."    If the library employs or contracts for its own security, it is an "independent operation."	Any discussion of this or contracts relating to security should emphasize rights of access and patron confidentiality, and clearly establish who is "in charge" of the security personnel (who tells them what to do).
Library Security System, including any cameras   This should establish who pays for, monitors, and owns the system and any content on it.	If the GE is responsible for security personnel, it is a "critical interdependency."    If the library employs or contracts for its own security, it is an "independent operation."	Any discussion of this or contracts relating to security should emphasize rights of access and patron confidentiality![17]
Insurance coverage for damage to library assets (collection, furniture, equipment)   This should specify what insurance covers damage to library assets (not the structure).  The type and amount of coverage should be assessed on an annual basis by the board of trustees.	If the GE coverage applies, it is a "critical interdependency."    If the library supplies its own coverage, it is an "independent operation."   To help with this item, a library should have an inventory of its assets.	The board should always have a copy of the insurance policy covering the library assets, and the copy should be in the cloud, not just in the library.   Always.  This should not be left to chance.     Current insurance policy is attached as "G."
Employees: who is the employer	The employer of the employees is the library, not the [GE].	This is not negotiable.
Employees: who processes payroll and tracks leave accruals[18]	If the GE issues the paychecks, it is a "critical interdependency."    If the library runs its own payroll, it is an "independent operation."	Whatever entity (or third-party contractor) is doing this, it must be done properly and with proper retention of payroll records and paid time off accruals.
Employees: who administers benefits	If the library employees get benefits (health insurance, retirement) through the GE this is a "critical interdependency."    If the library arranges its own benefits, it is an "independent operation."	Copies of Summary Plan Documents ("SPD's") or other benefit descriptions are attached as "H"
Employees: what coverage applies for workers' compensation, paid family medical leave, and disability?	If the library employees are covered through the GE, this is a "critical interdependency."    If the library arranges its own coverage, it is an "independent operation."	This is another one to have absolute clarity on!    Your library should have the most recent mandatory postings[19] up in an area accessible to employees, confirming this clarity.
Employees: what employee policies apply, and who is responsible for determining them	The employer of the employees is the library, not the municipal entity.  While the library may "borrow" some or all municipal policies, within the constraints of applicable law and regulation, the board of trustees determines the employment policies.
Sexual harassment/civil rights complaints, whistleblower complaints, resolving conflict of interest matters	These complaints must always be managed by the Library Board per the relevant library policy.
Library Emergency Response Plan(s)   Optional but encouraged	The entity responsible for the library's response in an emergency is the Library Board, not the municipal entity.  While the library may "borrow" some or all municipal policies, within the constraints of applicable law and regulation, the Library Board determines any emergency response-related policies.
Facility use policies	Regardless of whether the library owns the building, or is a "tenant," only the Library Board determines facility use policies of the library (for example, rental or free use of rooms and other library space).	A good facility use agreement establishes the rules of use, confirms if/how liability for the use is transferred (hold harmless, indemnification), and addresses if insurance is necessary.
Banking   Who hangs onto the money?[20]	Library funds are solely controlled by the library, regardless of where the funds are kept.   Even if the operational funds of the library are held by the GE, this "critical interdependency" should be confirmed as being in aid of separate and distinct library finances solely controlled by the Library Board.	Money can be a HUGE source of dysfunction between a library and its municipality.  Before picking any battles, the Treasurer, director, and board should have clarity about their expectations and goals for stewarding the funds of the library.  This is a good topic to stay in touch with your system, Library Development, and your lawyer on.
Fiscal controls (petty cash, cash handling policy, book-keeping, accounts receivable and payable, use of credit card, tracking restricted funds, tracking capital funds)	To the extent needed, and consistent with a public library boards autonomy over library finances, these policies are to be adopted by the Library Board.
Audit	Different libraries will have different audit obligations, but all are subject to audit by the New York State Comptroller.   Any audit of the library should be done with the awareness of the library board.	The last 10 years of audits should be accessible for review by the parties.
Procurement and disposal of library assets[21]	Although controlled to a certain extent by law, procurement and disposal of library assets are solely controlled by the Library Board.
Budget	The library budget is passed by the board.
Library System	The library board is the entity that decides to sign any Library System membership agreement.	A library facing a determination based on any of the factors in this chart should reach out to their System as soon as possible for assistance.  Although every system is different, they will be a critical ally in navigating these items.  Remember, you are not alone!
Custom factors special for your library	Every library is different.  Use this section to track custom factors that impact your library-municipality relationship.	There are so many cool, odd, special things out there in library world, I am only surprised when a day goes by and I haven't learned about a new one.
Directors and Officers insurance and/or indemnification of library trustees	If the GE provides coverage and/or indemnification[22], this is a "critical interdependency."    If the library has its own policy, it is an "independent operation."	The board should always have a copy of the policy covering the library trustees and directors against assertions of liability in the course of their library duties.   Always.  This should not be left to chance.   Current insurance policy is attached as "I."

 

Acknowledged on behalf of the [NAME]Library on _______:

BY: _______________________________________________

 

Acknowledged on behalf of the [NAME of ENTITY] on _______:

BY:______________________________________________

 

 

Attachments:

A: Library Charter

B:  Library Bylaws

C:  Section of municipal code pertaining to library

D:  Library Plan of Service

E:  Survey or schematic of library property

F:  Current Insurance Policy (premises)

G:  Current Insurance Policy (assets)

H:  Benefit documents

I:   Current Insurance Policy ("Directors and Officers Insurance")

 

---

[1] For example: RAQ #50; RAQ #62; RAQ #93

[2] My first experience with municipal law was when I worked for attorney Dan Seaman, who has served as the town attorney for many towns and villages in Niagara County, New York.  My former partner Daniel Shonn was the town attorney for Akron, NY, and I covered town meetings from time to time.  I worked closely with the Town of Lewiston and the City of Niagara Falls attorneys when I was the in-house counsel at Niagara University.  And lately, even though I love my city very much, I just can't stop suing Buffalo (on behalf of clients), so they are really getting to know me at the city law department.

[3] Critical difference between an "MOU" and a contract: an "MOU" is, by design, not intended to be enforceable-although it may recite items that are enforceable via other means (for instance, if they simply recite something that is mandatory under the Education Law, which this one will).  For libraries seeking to elevate an MOU to an enforceable agreement, it is best to work with a lawyer from the get-go.

[4] (716) 464-3386, or adams@losapllc.com.

[5] Any NY library system that wants a fillable version of this MOU Template can write to Jill@stephaniecoleadams.com

[6] For this item, you will select whatever type of entity you are working with: city, town, or village.  For this template, we're going to call it the "GE" (for "government entity"), although that will make it sound like you are trying to make them turn right in the 1800's.

[7] The authority entering into the MOU will vary depending on the entity type.

[8] This name will also be modified to reflect what applies to your municipality: Town Supervisor, Village Board, City Common Council, etc.

[9] This "time span" should be selected to ensure you never have a fresh board of trustees and municipal leaders who don't know how things need to function.

[10] A nice "shared purpose" might be "the service and betterment of those living in our community."  It's nice to revisit the "shared purpose" every now and again so leadership is invested in it and it doesn't get stale. 

[11] Make sure you use the most recent version of the Charter.  An updated copy can be obtained via a request to New York State Education Department, Division of Library Development.  If there is enabling legislation, attach that, too, since the legislation can impact some of the variables in the chart.

[12] This is whatever combination of leadership calls the shots for the municipality: town supervisor and board, etc.

[13] I am sure I don't need to tell a library audience that most municipalities have their codes online, but I just love footnotes.

[14] Yes!  This MOU will need a binder or a routinely updated database to hold all the attachments!  Don't you love it?

[15] From what I have seen—and at this point, it's a lot—every library working with a municipality handles this differently.  It's like a Myers-Briggs personality test...endless permutations, even within similar types.

[16] Knowing the exact physical footprint of the library is critical!  Among many other things, this is how you set the boundaries for the limit on things such as, for example, smoking near the property.

[17] This is critical for compliance and clarity about patron records under the New York Civil Procedure Laws and Rules (CPLR) 4509.

[18] A not-so-fun, but instructive, read on this topic is found in the NY State Comptroller Audit found here: https://www.osc.state.ny.us/sites/default/files/local-government/audits/2018-09/lgsa-audit-library-2018-brentwood.pdf

[19] A list and copies of most postings is here: https://labor.ny.gov/workerprotection/laborstandards/employer/posters.shtm

[20] Extensive information on this topic is found here: http://www.nysl.nysed.gov/libdev/trustees/handbook/pltreasurer.htm

[21] A good example of this is in Ask the Lawyer RAQ #68

[22] "Indemnification" is when an organization defends a director, officer, or employee in a lawsuit (like a discrimination claim).

Like many of you, I have had to tackle a lot of previously unaddressed conundrums since March of 2020.  Especially when it involved developing a Safety Plan, this "tackling" has required research, patience, a good sense of humor, and lots of flexibility.[1]

The issue of how to handle 1) newfound concerns regarding the sanitary conditions of workplace toilets; and 2) newfound concerns about sanitary conditions of toilets in public spaces, is one of the most high-stakes and complex.  It can cause a lot of anxiety.

When a matter makes me anxious, I resort to either exercise, or exacting linguistic specificity.  Since you don't come to "Ask the Lawyer" for workout tips[2], I will address this anxiety-provoking issue with exacting linguistic specificity, starting with the Occupational Safety and Health Administration (OSHA)'s definitions of the different terminology used for bathrooms[3]:

Personal service room, means a room used for activities not directly connected with the production or service function performed by the establishment. Such activities include, but are not limited to, first-aid, medical services, dressing, showering, toilet use, washing, and eating.

Toilet facility, means a fixture maintained within a toilet room for the purpose of defecation or urination, or both.

Toilet room, means a room maintained within or on the premises of any place of employment, containing toilet facilities for use by employees.

Urinal means a toilet facility maintained within a toilet room for the sole purpose of urination.

Water closet means a toilet facility maintained within a toilet room for the purpose of both defecation and urination and which is flushed with water.
 

Now, before we go further: a few words about OSHA.  Based on size, location, type, and a dozen other factors, there is no one-size-fits-all for OSHA compliance. But public employers (like many libraries) in NY are required to follow OSHA's standards for employee toilets[4], and non-public employers, whose bathroom-supplying obligations will change by site and size of the organization, can refer to those standards for inspiration.[5] And OSHA (along with the Center for Disease Control, or "CDC") is currently a New York State Department of Health (NYSDOH) go-to for COVID-related sanitization information. 

So with those three resources in mind (NYSDOH, CDC, and OSHA), let's address the member's questions:

QUESTION 1: Should we lock the restrooms to the public entirely?

The first question to address in this is not "should" the library lock the restrooms to the public entirely, but can it?

Any library considered a place of "public assembly,"[6] by state regulation, must have a bathroom open to the public.[7]  However, the definition of a "place of public assembly" expressly excludes public association and free libraries, so yes, and while a municipal library will have a few more hoops to jump through, an association library can decide to limit access by the public.

If your library isn't required to have a "toilet facility" accessible by the public[8], and the capacity of your library means the toilet facility can't be routinely cleaned per the NYSDOH's recommendations, it is worth considering reducing or shutting access down.[9]

 

QUESTION 2: Should we lock the restrooms and require the public to ask for a key?

If this would help monitor use so the bathroom can be cleaned on an as-needed basis per NYSDOH/CDC/OSHA recommendations, yes, that is a viable option, and can be included as part of a Safety Plan. 

Should we return to our pre-pandemic practice of completely open restrooms cleaned once a day?

OSHA states: "Employers operating workplaces during the COVID-19 pandemic should continue routine cleaning and other housekeeping practices in any facilities that remain open to workers or others. Employers who need to clean and disinfect environments potentially contaminated with SARS-CoV-2 should use EPA-registered disinfectants with label claims to be effective against SARS-CoV-2."

Meanwhile, the Phase II Safety Plan template from New York State requires any library to: "Conduct regular cleaning and disinfection at least after every shift, daily, or more frequently as needed, and frequent cleaning and disinfection of shared objects (e.g. tools, machinery) and surfaces, as well as high transit areas, such as restrooms and common areas, must be completed."

So, although there is no mathematically determined heightened standard, these requirements show that routine disinfection should be based on frequency of use, and at a bare minimum, bathrooms should be disinfected at least "once per shift," and there should be a log to register each cleaning (just as the member described they are already doing).

 

QUESTION 3: Should we require non-janitorial staff to clean the restrooms during open hours, and, if yes, how often, and do they require training on the products and methods required to clean a public restroom during a pandemic--and what kind of PPE does that require?

This is a tricky question.  "Requiring" non-janitorial staff to do a task not in their job description risks concerns with morale, operational consistency, and if there is a contract involved, compliance (this will vary from library to library, of course).  And if the cleaning supplies trip a person's health conditions, there might also be concerns with ADA. 

Because of this, like all aspects of the Safety Plan, the requirement to sanitize surfaces in the bathroom(s) must be planned carefully. 

That should start with an analysis of the toilet facility, just as the member asking this question has done.  Does it have one toilet or many?  Does it have touchless sinks or sinks with handles?  Is the tile in good condition, or is the grout failing?  In short, what does it take to sanitize your library's unique space effectively?

One you've done the analysis, select the right products from the EPA's list of products known to effectively combat COVID-19, and based on the instructions on the product, select the method of disinfection that meets the needs of your operation, including the frequency.  And once you have established the method and the frequency, the requirements for employee PPE and training are here: https://www.cdc.gov/coronavirus/2019-ncov/community/disinfecting-building-facility.html and they include a link to a pdf poster about safe disinfection of the work site: https://www.epa.gov/sites/production/files/2020-04/documents/disinfectants-onepager.pdf.

 

And finally, the last part of the member's submission: Any guidance on how to handle ostensibly public restrooms in an ostensibly public building is appreciated.

This is a great summarizing statement, because as it hints, and as this answer reviews, not all "public" restrooms are actually required to be open to the public at all.  Once you have confirmed the requirements for your particular library, it's time to assess what you can do—and what your mission demands that you do.  If that means reducing toilet facility access to minimum required levels, so employee energy and your library's budget can focus on service to the public, make it so.  If that means re-allocating part of the budget to hire a contractor specifically to clean the bathrooms every four hours since your library knows public access is either required or essential, and your library isn't situated to add that to employees' job descriptions, do that.  And if that means employees are expected to take on new duties to effect routine sanitization, develop a well-thought-out rollout plan[10] before implementing that as an express job duty.[11]

But whatever you do with the restrooms, the key is to consistently document that your library is following the NYDSOH, CDC, and OSHA guidelines suited to its unique site, location, and identity.

Thank you for a great question and a great example of the care libraries are taking to stay open and safe for the public.

 

 

 

---

[1] One of my co-workers rejected my first idea for managing our narrow hallway in the office.  "I will not announcement my presence by yelling "Gang Way!", Cole."  We settled on a protocol of visual inspection, first.   Even when your name is over the door, a Safety Plan is a matter of give and take.

[2] That said, if you suffer from carpel tunnel or sore forearms from too much typing, put your hands down flat (palm side up), stand on your fingers/palms, and pull upwards for 1minute 3xday.  Changed my life. 

[3] The OSHA-specific information is aggregated at this link: https://www.osha.gov/SLTC/covid-19/covid-19-faq.html#restrooms

[4]  This standard is enforced by the New York State Department of Labor Public Employees Safety and Health Bureau (NYSDOL PES) for public employees.

[5] Further information on required numbers of toilets can be found here, but for the sake of brevity, I am not going to go there: https://dos.ny.gov/system/files/documents/2021/05/tb-2011-required-toilet-facilities-based-on-occupancy.pdf#:~:text=Using%20exception%20number%204%20to,25%20and%20less%20than%2050

[6] Per New York State Labor Law, §2, a “Place of public assembly” shall include (1) a theatre, (2) moving picture house, (3) assembly halls maintained or leased for pecuniary gain where one hundred or more persons may assemble for amusement or recreation, except (a) halls owned by churches, religious organizations, granges, and public association and free libraries as defined by section two hundred fifty-three of the education law, and (b) hotels having fifty or more rooms. [emphasis added, note the exclusionary language].

[7] 12 NYCRR 36-2.8

[8] Be careful in this analysis; if possible, confirm any conclusion that you don't have to have a public bathroom with your local attorney, or the municipal building inspector.

[9] Just be mindful that General Business Law Section 492 requires any place of business with an employee bathroom to let a visitor use that bathroom if it is a medical necessity.  While your library might not be a "place of business" under that law, people with medical needs may have an expectation of access.  Be ready to be flexible if there is a medical need for a toilet facility.

[10] This could simply mean thinking the Safety Plan through, meeting with employees to make sure they are on board with it, and making sure every employee has clarity about safety.  It can also mean working with your civil service agency or local attorney, so any contractual aspects are properly considered.  Since these are tense times for employees, good planning and communication about job duties is essential.

[11] In many library environments, it will be fine to add sanitization as a "duty as assigned," but in other places (with detailed job descriptions, a union contract, or contracts or policies that could impact the "assignment") it will not.  This concern cannot be answered generally; it will vary from library to library.

I have been looking at some of my post-COVID "Ask the Lawyer" responses, and they are pretty grim.  Such serious writing.

Of course, these are serious days, and operating during COVID-19 is a serious topic.

But I have been on the lookout for a chance for some joy, if not some outright levity.  And finally, this question supplies one!

Why would a question about temporary disuse of a meeting room make me happy?  Well, as some of you may have noticed, very little gratifies me more than emphasizing a library's autonomy.[1]

So, hear me rejoice: Yes, your library has the right to disallow all meeting room use in the interest of safety!

And if that isn't joyful enough, get ready for more good news: this is true whether your library is a tenant or a landowner, a public library or an association library, a library in a big city or a library in a small rural village!

Why is that?  If a chartered library in New York has assessed its unique space, its unique operational capacity, and its unique ability to operate safely, and as a result has adopted a Safety Plan that does not allow meeting spaces or on-site programming, then...there will be no meeting use or on-site programming.  It's as simple as that.

Now, that said, can someone try and complain about it?  Sure.[2] Can a building owner (like a town or a landlord) try and over-ride it? Yes.[3]  Could a pre-COVID contract be implicated?[4]  Yes.  But as an autonomous entity governed by an independent board, can your library make a Safety Plan and stick to it?  Yes.

As it should be.

Of course, within that autonomy is the obligation to steward and utilize library assets responsibly, and in compliance with the law.[5]  This is why the member's point about uniform enforcement and clarity is so important.  If the access is restricted for the Book Club, it needs to be restricted for the Comic Book Club, and even for the Garden Club.[6]  But after ensuring basic fairness and compliant use of library resources, the baseline decision about what facilities to allow access to during the pandemic is in the hands of the library's board and director.  And as I have said in many of my recent answers: they must put safety first.

Only one thing remains to be said: despite my obvious relish for the task, I want to assure the reading public that I still did my homework for this reply.  As of this date,[7] the only court rulings in New York to address litigation or complaints about library access as impacted by COVID-19 are numerous claims about transmission concerns impeding access to a prison law library[8] (now, in that case, I can understand why someone would complain).  But I found nothing regarding action against public and association libraries due to COVID-induced closure, reduced operations, and impediments to general access.  Hopefully it stays that way.[9]

Thanks for a good question and for some time on the bright side.

 

 

 

---

[1] It gives me a very "we the people" thrill that no amount of election-year jitters can override.

[2] I am sure that by now (August 25, 2020), MANY of you have heard MANY complaints...complaints about masks violating the ADA, complaints about the Library being too open or too closed, complaints that your signage is in the wrong font, or perhaps complaints about the smell of your hand sanitizer being too fruity.  These days, people just need to complain about something—it helps us feel more in-control.  I know I directed a very strongly worded message to my local government regarding document retention policies after the repeal of Civil Rights Law 50-a; for about 10 minutes, I felt really in charge of my own destiny.

[3] This is why a lease, or at least an agreement with a municipality who may own the library building, is a good idea.  At the bare minimum, such a document should address security/confidentiality, insurance for loss, the protocol for an on-site slip-and-fall, and the process for planning capital improvements.

[4] For instance, a facility rental agreement.

[5] For instance, once your meeting room is again accessible to the public, you can't let a start-up business owner hold a pop-up retail stand there to turn a profit, since that would risk compliance with several laws and tax regulations.

[6] Comics are very cool, but obviously your library doesn't want to play favorites.  And just because the Garden Club shows up with trowels is no reason to give them special treatment.

[7] August 25, 2020.

[8] There are already over a dozen of these.  A typical case can be seen in Vogel v Ginty, 2020 US Dist LEXIS 148513 [SDNY Aug. 14, 2020, No. 20-CV-6349 (LLS)].

[9] It will be hard enough sorting out the impact on budgets and various regulatory requirements.

First: that is good news about your employee.

Second: a gold star to your library for having a screening system that works, and for following the requirement to restrict an employee who trips a screening factor from on-site work while waiting for test results.

Third: Let's talk about your alternate scenario (the one where you don't get such good news).

As of August 17, 2020, any library[1] that is up and running should have a Safety Plan as required by both the guidance for "Office-based Work", and "Retail Business Activities" (we'll call this the "Guidance").

The Guidance includes the requirement to fill out a New York Forward Business Affirmation Form, which attests to having a Safety Plan.  It also answers the member’s question about what to do if an employee tests positive for COVID-19.

Here is what the Guidance (as of 8/18/2020) requires:

An individual who screens positive for COVID-19 symptoms must not be allowed to enter the office and must be sent home with instructions to contact their healthcare provider for assessment and testing.

Responsible Parties should remotely provide such individuals with information on healthcare and testing resources.

Responsible Parties must immediately notify the state and local health department about the case if test results are positive for COVID-19.

Responsible Parties should refer to DOH’s “Interim Guidance for Public and Private Employees Returning to Work Following COVID-19 Infection or Exposure”[2] regarding protocols and policies for employees seeking to return to work after a suspected or confirmed case of COVID-19 or after the employee had close or proximate contact with a person with COVID-19.

So, the answer to the member's question: "What if the test came back positive?" is: "[I]immediately notify the state and local health department."

After that, the direction from the local health department may vary, but the Guidance requires:

If an employee has had close or proximate contact[3] with a person with COVID-19 for a prolonged period of time AND is experiencing COVID-19 related symptoms, the employee may return to work upon completing at least 10 days of isolation from the onset of symptoms.

...[and]...

If an employee has had close or proximate contact with a person with COVID-19 for a prolonged period of time AND is not experiencing COVID-19 related symptoms, the employee may return to work upon completing 14 days of self-quarantine.

And after that, things can really vary.  But in a scenario where every employee of the library came within six feet[4] of their (now confirmed as) infected co-worker, the library really could be looking at up to two weeks of employees in self-quarantine...along with any other response required by the local health department.

This is not a feel-good scenario.  But the good news is, the same Guidance that requires a library[5] to require employees to isolate also reduces the likelihood of such a remedy being needed.  This is because the Guidance also requires a host of preventative practices to limit exposure in the first place, including:

• Staggering shifts to limit "close or proximate contact," between people;
• Creating and posting clear signage;
• Consistently enforcing masking, cleaning, and social distancing practices

If a library maps these things out for employees, and consistently enforces them, there will be less need for the "isolation/quarantine" sections.  While right now, there is no magic bullet, the simple elements of your library's Safety Plan can reduce the need for quarantine.

And that's it; thanks for a great question.  I hope this answer never has to come in handy for your library.  But just in case it does: here’s a quick checklist for the steps listed in this response [6]:

"CHECKLIST FOR RESPONDING TO NOTICE OF COVID-19 EXPOSURE AT THE LIBRARY; TO BE USED IN CONJUCTION WITH UPDATED SAFETY PLAN"

• However the library was notified of the potential close/proximate contact, obtain a copy of the notice in writing (or send a confirmation e-mail to the source);
• As required by the most recent New York Forward Guidance, notify the library's local public health Department (both in person and in writing), and factor in their response[7];
• As required by the most recent New York Forward Guidance and the library's Safety Plan, determine who (if anyone) else must be restricted from the workplace, for how long; and if any further testing must be required;
• Ensure the library is taking steps to protect the privacy of any employees disclosing screening factors (like a high temperature);
• Ensure the library is taking steps to assess if any employee must be given paid time off or will need assistance to claim short-term disability or Paid Family Leave Act benefits;
• Generate a short statement reviewing the above check listed factors, summarizing what your library has done for each step, and make sure you retain copies of all documentation showing you completed these steps;
• Once these actions are taken and these determinations are made, notify your Board of Trustees of the critical aspects of the situation, but take care to respect the privacy of employees.

Here is a template notice to the board, designed to reflect taking the necessary steps, while also protecting employee privacy: 

On ____________, the library received notification of an [individual/employee] testing positive for COVID-19. As required by current guidance from the State, we notified the Health Department immediately.  At this time, the direction from the local health department is _____________________________________[this may be extensive]. 

We have determined that # employees must self-isolate until they DATE. 

We have determined that # employees must self-quarantine until DATE. 

We have confirmed with the health department that as a result of this notice and response, and consultation with the [Executive Committee of the board/full board/board officer/other] we will [close/reduce operations/operate under the status quo], unless the board determines otherwise. 

Our Safety Plan has been followed and we have retained the documentation showing such compliance.

 

 

---

[1] Any library that does not consider itself "operated by a local government or political subdivision", that is, since the New York Forward guidance specifically states that the various Executive Orders' business restrictions do not apply to such libraries.

[2] Found at this link as of 8/17/2020: https://coronavirus.health.ny.gov/system/files/documents/2020/06/doh_covid19_publicprivateemployeereturntowork_053120.pdf

[3] According to the Guidance, "close contact" is "to be someone who was within 6 feet of an infected person for at least 10 minutes starting from 48 hours before illness onset until the time the person was isolated."

[4] This should NOT be happening!

[5] Remember, local governments and political subdivisions may decide not to follow these precise requirements.  That said, if it determines it is operated by a local government or political subdivision, a library must then follow the safety plan set by that local government or political subdivision.

[6] Some of this isn't required by applicable laws or Guidance, but is in there to position a library to easily show it followed applicable laws and Guidance.

[7] While keeping confidentiality at top of mind, libraries need to think carefully about a voluntary system allowing users to log visits for purposes of contact tracing.  A voluntary list of names, dates and times, maintained with all due care for privacy, can position a library to participate in a local health department's contact tracing initiative.  This can in turn help a community reduce its rate of transmission.

Who is “in charge” of a library’s safety plan--the trustees, or the director?

It’s tricky, but if you bear with me, you will get an answer.

When it comes to who is “in charge” at an organization, boards must respect the authority of those they employ to lead (the director).  At the same time, the organization, including the director, must be guided by the work of those fiduciaries ultimately responsible for it (the trustees).

This dynamic can play out in many ways, but in a healthy board-director dynamic, the board lives up to its responsibility as a fiduciary by honoring the authority of the director. So to assess a question like this, I start with the board’s responsibility…which is also the responsibility of the library.

What is the responsibility of a library open during COVID-19?  Here’s the lay of the land, straight from the “NY Forward Lookup Tool”:

The “applicable guidelines”[1] I have so carefully underlined (as found July 6, 2020, at https://www.governor.ny.gov/sites/governor.ny.gov/files/atoms/files/RetailMasterGuidance.pdf)  state, in relevant part:

The Responsible Parties – as defined below – are accountable for adhering to all local, state and federal requirements relative to retail business activities. …

The proprietor/operator… or another party as may be designated by the proprietor/operator (in either case, "the Responsible Parties"), shall be responsible for meeting these standards.”

As part of the “applicable guidelines”, the “Responsible Parties” must certify having read and understood the obligation of their institution to “operate in accordance with such guidance,” as shown here[2]:

None of this expressly requires that the person signing the certification, or the developer of a Safety Plan, is any particular person or entity.  Rather, the “owner or agent” of the library (who could be an officer of the board with signing authority from the bylaws, the director, another employee, or even an attorney operating on instructions from the library/client) signs the certification, and at some point, they adopt a Safety Plan.  That’s it.

But while there is no prescribed process for the Safety Plan, a look at some of the things the Plan must address is instructive.  For instance, the above-linked guidance states:

Signage should be used to remind employees and customers to:

• Cover their nose and mouth with a face covering when six feet of social distance cannot be maintained.
• Properly store and, when necessary, discard PPE.
• Adhere to physical distancing instructions.
• Report symptoms of or exposure to COVID-19, and how they should do so.
• Follow hand hygiene and cleaning and disinfection guidelines.
• Follow appropriate respiratory hygiene and cough etiquette.

As I have written about elsewhere[3], the requirements listed above, among other things, become temporary modifications to a library’s Code of Conduct.  In order to enforce social distancing and use of PPE in the library as required by the State, a library must ultimately tie a patron’s failure to do so to its Code and process for restricting access to patrons.[4]  For that reason alone (and there are many, many others, including a Plan’s impact on conditions for employees, procurement practices, security procedures, budget, etc.), the board should be the entity that adopts the Plan.

This is not to say that a director with adequate experience to draft a library’s Safety Plan cannot be the primary author of the Plan.  In fact, the director (and other employees with high familiarity with certain operations) is likely the person best situated to envision adjusted floorplans, shift schedules, workflows, signage posting, employee temperature monitoring, and employee training methods (to name just a few), all of which must be addressed in the Safety Plan. 

But because of the many high-stakes areas a Safety Plan impacts, a library’s board should be the entity accountable for adopting it and ensuring it is updated at regular intervals.  On the flip side, after the Plan is adopted, the director will be the authority responsible for seeing that the Plan is followed.

The board has this accountability for passing the Plan because a COVID-19 Safety Plan is not just a tool for safety, but also a mechanism of legal compliance and risk management.  When you stop and think about it, most policies or plans that relate to safety, legal compliance, and risk management—things like workers’ compensation insurance policies, sexual harassment and civil rights policies, and fiscal controls policies—are all things that a board is ultimately accountable for.  While the director may have the authority to ensure compliance with them, they are adopted by a board. And that is as it should be.

Of course, it can be a challenge for a small board to meet as often as needed to keep a COVID-19 Safety Plan evolving in light of new research, evolving library operations, and on-the-ground improvements.[5]  For such situations, it is good to consider an approach like the one set out in the below template resolution:

BE IT RESOLVED that the board hereby adopts the Safety Plan considered at this meeting of DATE; and

BE IT FURTHER RESOLVED that the Plan be posted in the Library, as required by the Plan, within 24 hours of the passage of this Resolution; and

BE IT FURTHER RESOLVED that to ensure the Safety Plan is updated in a manner that is conducive to optimal operations of the Library, the Director, [in consultation with INSERT[6]] is authorized to update the Safety Plan as needed, consistent with CDC and OSHA guidelines, and shall present the current updated version then in effect at each subsequent meeting of the board, to be reviewed and ratified by same.

 

So, what is the answer to the member’s questions? 

There is no “right” answer to this, but lots of factors point to the board serving as a library’s COVID-19 Safety Plan’s ultimate authority.  That said, in passing such a plan, a board should draw from the experience, and support the executive authority, of the library’s director. 

Like all healthy board-director relationships, this approach requires listening, learning, a good sense of roles and boundaries, and mutual respect.  A tall order in frantic times, but one that good planning and careful consideration[7] can almost always bring about.

Thank you for an important question.

 

 

---

[1] You will no doubt be shocked to learn that my law school did not have a “graphic design” elective for marking up NY State pandemic policy documents.

[2] I imagine many directors and board members have gone through this triad of assurance many times, and are sick of it.

[3] RAQ #138

[4] While Executive Order 206.39 granted any business the right to refuse a person access if they are not wearing a mask (if they can medically tolerate one), I am not comfortable with any lingering consequences for refusal to wear a mask or otherwise abide by the safety plan unless they are tied to the due process in a Code of Conduct.

[5] Larger libraries will have already had a business continuity, disaster recovery, and perhaps even an all-hazards response plan in place.  The approach outlined in this answer is drafted with smaller libraries, who typically don’t have such deep resources, in mind.

[6] The option in brackets here is to allow revisions in consultation with some back-up for the director: a committee of the board, or the chair of the board, or an independent consultant as authorized by the board, or the local Health Department. 

[7] And frequent re-reads of the “Handbook for Library Trustees of New York State,” found at http://www.nysl.nysed.gov/libdev/trustees/handbook/.