libraries

E-Lending Challenges and Libraries’ Mission to Ensure Information Access for All

/ Washington Journal of Law, Technology & Arts / Leave a comment
Photo by Emily on Pexels.com

By: Anusha Seyed Nasrulai

Library services have transformed from being primarily administered in the physical library space to providing library card holders with access to a broad range of digital materials, including ebooks, audiobooks, research, music, film, and more. When digital materials first entered the market, they posed great opportunities to increase the availability and accessibility of library collections. Libraries have adjusted their acquisitions and curation efforts to accommodate an increased demand for digital materials. At the same time, publishers and vendors have repackaged their products to drive profits in response to the demand by raising ebook costs to exorbitant rates. Libraries are “typically required to pay 3–4 times the consumer price for an ebook or audiobook license of a popular title.” Also, many publishers have replaced perpetual licenses with time limited licenses. Publishers further control the market by restricting “how many copies libraries can have, who they can lend to, and how long they (and their patrons) can keep the books.” This has led to library budgets being consumed by licensing costs.

The e-lending marketplace presents multiple challenges to libraries’ longstanding commitment to ensure access to information for all. Digital materials are many patrons’ primary method of accessing information. For example, digital formats are essential resources to patrons with “vision impairment, dyslexia, and other physical or learning needs.”

Libraries are at the whim of the power wielded by vendors controlling access to vital digital materials. About five companies control publishing and dominate the industry for licensing digital materials to libraries. Some companies have business enterprises beyond academic information, including the use and sale of personal and financial information. Thomas Reuters and RELX Group (parent companies of Westlaw and LexisNexis) not only dominate the legal research market, but they also own some of the largest news and academic databases and are data brokers that sell to private entities and law enforcement agencies. Sarah Lamdan, former CUNY law librarian and professor, now ALA director, described the digital information market landscape as a monopoly of information markets, which raises significant ethical and privacy concerns.

Libraries’ Respond to Market Shifts 

The rest of this article examines the implications for the market shift to digital materials for libraries and their patrons, focusing on ownership rights, open source projects, and patron privacy. In response to vendors’ overwhelming control of the digital information marketplace, libraries and researchers are developing solutions to ensure information access for all.

Ownership Rights

Libraries hold ownership rights and control lending access over physical books by the right to first sale. The “first sale” doctrine (17 U.S.C. § 109(a)) “gives the owners of copyrighted works the rights to sell, lend, or share their copies without having to obtain permission or pay fees.” However, this ownership doctrine does not control digital transmissions— including ebook acquisitions. Publishers create license agreements in partnership with vendors, who then license them to libraries. Margaret Chon, Law Professor at Seattle University, argues that high prices and restrictive lending practices undermine the special position libraries have historically held in the copyright system as institutions protecting and facilitating public access to copyrighted works.

Without copyright reform, libraries are often at the behest of vendors’ licensing models. In response, libraries have developed comprehensive strategies to negotiate with vendor providers and select vendors that align with their mission. Still, “the contract-law focused world of copyright for digital content is much more heavily weighted to the benefit of publishers and to the greatest extent possible.” Therefore, libraries have sought legal reforms as one of the solutions to address the modern digital information marketplace. 

ReadersFirst is an organization of almost 300 libraries dedicated to libraries maintaining open and free access to ebooks as collections are increasingly digitized. ReadersFirst advocates for ebook legislation to prevent content restrictions, prohibitively high prices for licenses, and using licenses to excise important copyright law, such as Fair Use. This past summer, Connecticut passed an ebook bill and other states have introduced similar legislation. This bill will be carefully watched after similar legislation in Maryland and New York have been undone by copyright challenges. 

Open Source Projects

During the COVID-19 pandemic, Internet Archive launched the National Emergency Library (NEL). NEL was a continuation of a previous online project where scans of physical library books were “checked out” to people as though they were physical books. In Hachette v. Internet Archive, publishers successfully challenged NEL’s temporary lifting of the one-person-limit on lending. Though this case did not involve a traditional library, it does call into question whether controlled digital lending practices by libraries are vulnerable. 

To protect library projects that expand access to digital materials, new industry standards are being proposed. Controlled digital lending (CDL) protections allow libraries to lend, preserve, and archive digital materials. Currently, a new NISO consensus framework is being developed to support CDL in libraries, with the goal of expanding “understanding of CDL as a natural extension of existing rights held and practices undertaken by libraries for content they legally hold.”

The ability to curate and share open source resources further libraries’ goal to ensure information access for all. An important example of library open source projects are research guides. Research guides are collections of high quality and relevant resources on a given topic from books. Resources included articles, books, media, databases, special collections, exhibits, and programs. Kara Phillips, director of the Seattle University Law Library, stated that research guides “respond to important issues so that patrons can find reliable, authoritative information… [to] support democracy, rule of law, and the legal system.” 

Patron Privacy

As vendors adapt to the competitive digital information marketplace, the change in business models has increased their appetite for patron data. As Roxanne Shirazi, a research librarian at CUNY, puts it, “[a]s lenders, library vendors do not end their relationships with libraries when they complete a sale. Instead, as streaming content providers, vendors become embedded in libraries. They are able to follow library patrons’ research activities, storing data about how people are using their services.”

There are only a handful of states that protect readers’ data outside of libraries. For example, the California’s Reader Privacy Act safeguards readers’ data when accessing physical books or ebooks. Therefore, ensuring patron privacy and holding vendors accountable to ALA privacy standards are central to libraries’ mission.

The Path Forward for Libraries

Librarians and other stakeholders are organizing to address the profound problems that have arisen from changes in the e-lending market. In providing guidance regarding digital access, the American Library Association states, “[i]n order to have a functional democracy, we must have informed citizens. Libraries are an essential part of the national information infrastructure, providing people with access and opportunities for participation in the digital environment, especially those who might otherwise be excluded.”

The Freedom to Inquire: Data Privacy Lessons from Libraries

/ Washington Journal of Law, Technology & Arts / Leave a comment
Photo by Stanislav Kondratiev on Pexels.com

By: Anusha Seyed Nasrulai

“All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information.”

These are the words enshrined in the last article of the American Library Association’s (ALA) Library Bill of Rights. The ALA first adopted principles protecting the freedom of inquiry in 1939 in response to concerns of government censorship and surveillance amid a moral panic against anarchists. In subsequent decades, the Library Bill of Rights was amended and interpreted to champion intellectual freedom during eras like McCarthyism, the Civil Rights Movement, and post-9/11. 

The Legal Right to Data Privacy 

Recognition of the freedom of inquiry in libraries also developed at the same time as a legal right to privacy was being conceptualized. In 1890, lawyers Samuel Warren and future Supreme Court Justice Louis Brandeis first defined a legal right to privacy in a famous law review article. Still, a legal right to privacy was not widely recognized till 1965 in Griswold v. Connecticut. There is currently no comprehensive federal data privacy law, resulting in a patchwork of sectoral and state data privacy laws. However, the libraries’ privacy principles obligate libraries to expand the privacy rights afforded to patrons beyond what the law requires. Examining libraries’ data privacy principles offers important lessons for envisioning new legal data privacy frameworks.

Libraries’ responsibility to protect patron privacy and confidentiality is, in fact, recognized by the law. Forty-eight states protect the confidentiality of patron records, and the attorney generals in the other two states have recognized the privacy of patrons’ library records. 

Libraries’ Approach to Data Privacy 

Precise definitions are required to understand these principles. For libraries, the right to “privacy is the right to open inquiry without having the subject of one’s interest examined or scrutinized by others.” Confidentiality is the libraries’ duty to keep personally identifiable information private on patrons’ behalf. Personally Identifiable Information (PII) is information that can be used to identify a specific person.

Data Privacy Policies 

Only 19 states have passed comprehensive privacy laws. Rights recognized under state laws may include the right to request data for correction or deletion, the right to opt out of certain processing and sales, the prohibition on discrimination for exercising rights under the law, notice and transparency requirements, and data purpose and processing limitations. The state laws typically only apply to for-profit businesses that meet high thresholds for gross revenue and amount of business activity in the state. Whereas library policies protect patron data from private and government requests. State laws are also limited by their enforcement mechanisms. Many state privacy laws rely on the enforcement of attorney generals rather than create a private right of action.

In addition to complying with privacy laws, library privacy policies are developed with guidance from the ALA’s Privacy Interpretation of the Library Bill of Rights and NISO Consensus Principles on Users’ Digital Privacy in Library, Publisher, and Software-Provider Systems. Libraries have a duty to create and maintain clear, easily accessible, and understandable privacy policies for all patrons. Privacy policies include information on what data is collected, who the data is shared with, and how long the data is retained for. PII should only be collected and stored when required for specific, clearly disclosed purposes and only with the patron’s consent. Users should have the right to access their own personal information or activity data for review, export, and request correction or deletion. Libraries should process these requests wherever operationally feasible.

Libraries practice data minimization, meaning libraries only collect personal data necessary for an operational purpose. Libraries default to practices such as purpose limitation and opting users out of nonessential data collections. Patrons should have an opportunity to give explicit consent so they can make an informed decision whether to agree with the collection of their data for nonessential purposes. Patrons should also be able to opt out at any time. For instance, some libraries offer patrons to opt in to a saved history of their checked-out books, otherwise, this data is deleted by default.

Libraries’ privacy policies often reflect a deep commitment to patron trust. As Mustafa Hassoun, a privacy attorney at Hillis Clark Martin & Peterson, noted, “Libraries always strive to do right by their patrons.” He works with libraries across Washington state and emphasized that “this commitment to patron trust and data stewardship continues even in the absence of broader legislation like the People’s Privacy Act, which would significantly expand data protection requirements in Washington.”

Vendor Partners 

Libraries aim to hold vendor partners, such as publishers and software providers, accountable to their data privacy principles where possible. Vendors are obligated to make their data use policies accessible to patrons. Libraries also carefully consider patrons’ privacy before entering data sharing agreements with vendors. The ALA’s Privacy Interpretation guides libraries to never share patron’s PII with vendors unless they have explicit patron permission or are required to under law or existing contract. When such information is shared, “any data collected for analysis should be anonymous or aggregated, it should never be linked to personal information.” Finally, when procuring new technologies, “[b]iometric technologies, like facial recognition, do not align with the library’s mission of facilitating access without unjust surveillance.”

The library community has developed processes and resources to negotiate contracts that align with their privacy principles. This is significant given that readers often lack clarity into how vendors use their data. Also, vendor partners may have great incentives to collect and aggregate as much user data as possible.

Complying with Law Enforcement 

The ALA guides library workers to consult with their library administration and legal counsel before complying with law enforcement. Records are to be shared only in response to a properly executed court order or legal process. “If a library worker is compelled to release information by a valid subpoena or court order,” they are instructed to personally retrieve the requested information rather than “allowing the law enforcement agency to perform its own retrieval [which] may compromise confidential information that is not subject to the current request.” 

Libraries have chosen to strictly comply with the boundaries of the law to balance the strong interest of protecting patron privacy while complying with legal orders. As Jonathan Franklin, a Digital Innovation Law Librarian at the University of Washington, puts it, “In a world where all data is seen as having value, it might be that the easiest path is to delete nothing and sell/use everything, so protecting privacy over profits takes extra-effort.” Companies or other entities may have different incentives for more broadly collaborating with law enforcement. Companies like Ring, Flock, and many others are directly partnering with law enforcement to share data that facilitates surveillance of customers and the broader public.

Looking Forward: Lessons and Challenges

Libraries provide important insights regarding how to enact data privacy principles and policies that champion people’s freedom of intellectual exploration and expression. As data privacy law continues to develop and transform, these lessons from libraries exemplify how data privacy principles can be enacted to uphold people’s privacy and civil liberties.

The privacy ideals of libraries are constrained by the realities of limited resources and funding. One study found that libraries face significant challenges when upholding patron privacy due to lack of technical knowledge and training among staff, as well as inadequate funding for training or privacy protection tools. Many of the data privacy studies and resources developed by and for librarians are funded by the Institute of Museum and Library Services (IMLS) grants. The current administration is attempting to dismantle IMLS, though that is being challenged in court. Amid these pressures, libraries have an almost century-long tradition of protecting patron data from censorship and surveillance.

As C. Allison Sills, an instructional librarian in North Carolina, aptly stated, the “Invasion of privacy by retaining patron checkout history is tantamount to book banning. If you surveil the populace, the populace will start to self-censor to prevent ‘potential’ discrimination, which starts the fear cycle.”

Shelving the dream of an online library? Hachette v. Internet Archive goes to the Second Circuit

/ Washington Journal of Law, Technology & Arts / Leave a comment
Photo by Perfecto Capucine on Pexels.com

By: Zachary Blinkinsop

The opening chapter: COVID-19 and the National Emergency Library.

With the COVID-19 lockdowns of early 2020 slamming library doors shut, students and researchers found themselves struggling to access critical educational materials. Libraries, like many institutions, scrambled to adapt to the unprecedented challenges posed by the pandemic. Many librarians responded by espousing the use of copyrighted materials in remote education and research. They cited the doctrine of fair use which protects certain unlicensed uses of copyrighted materials without permission from the rightsholder. Fair use can protect the use of copyrighted materials in a range of contexts, including in research, education, news reporting, and criticism.

The main character in today’s story, an online library, may have pushed the limits of fair use too far. Even before the pandemic, the Internet Archive ran a digital library in compliance with the principles of controlled digital lending. Controlled digital lending (CDL) is a novel legal framework that would permit libraries to digitize their physical books and to lend those digital copies in a manner analogous to traditional lending practices. Under the CDL framework, a library needs to maintain an “owned to loaned” ratio, lending only as many digital copies of an item as it legally owns. The legal theory of CDL had been largely untested, and legal scholars held a wide range of opinions about whether courts would broadly hold CDL to comport with fair use.

In March of 2020, the Internet Archive launched its National Emergency Library to support “emergency remote teaching, research activities, independent scholarship, and intellectual stimulation” while schools and libraries were closed due to the pandemic. It temporarily allowed multiple users to check out the same digital copy simultaneously, disregarding the “owned to loaned” ratio prescribed by the CDL framework. This sparked controversy.

The plot thickens: a lawsuit filed.

Publishers had already been taking aim at controlled digital lending programs. The Authors Guild argued that “copyright law does not support the practice of even true, traditional libraries offering unauthorized scans of books to its users on an e-lending basis…” The National Emergency Library’s flouting of CDL’s permissive framework crossed an implicit redline for publishers. In June of 2020, Hachette, HarperCollins, Wiley, and Penguin Random House sued the Internet Archive in the Southern District of New York for “willful mass copyright infringement.” In their complaint, publishers eviscerated the underpinnings of CDL, “the rules of which”, they wrote, “have been concocted from wholecloth and continue to get worse.”

In its response, the Internet Archive insisted that the National Emergency Library qualified under fair use as it offered a noncommercial, educational service to the public during a national emergency. It further maintained that a digital library should be treated like a traditional library: “Contrary to the publishers’ accusations, the Internet Archive and the hundreds of libraries and archives that support it are not pirates or thieves. They are librarians, striving to serve their patrons online just as they have done for centuries in the brick-and-mortar world.”

The future of controlled digital lending and the viability of online libraries was at stake in the case.

How does fair use apply to controlled digital lending?

Section 107 of the Copyright Act directs courts to consider four factors when evaluating a fair use defense to a claim of copyright infringement. A court must balance (1) the purpose of and character of the use, including whether it innovates in any way and whether it is for a commercial or non-profit purpose; (2) the nature of the copyrighted work; (3) the amount of the portion used in relation to the copyrighted work as a whole; and (4) the effect of the use upon the market value of the copyrighted work. Courts adjudicate fair use claims on a case-by-case basis; an activity that qualifies as fair use in one set of circumstances may not qualify under a different set of facts.

Capitol Records v. ReDigi, a case decided in 2013, foreshadowed the outcome of Hachette v. Internet Archive. ReDigi was a service that facilitated the resale of digital files originally purchased from the iTunes store. In that case, the court held that ReDigi’s resale of digital music files fell “well outside the fair use defense.” Running through the four-step test, the court found that (1) uploading and distributing digital files for sale does not add anything new to a copyrighted work; (2) copyright protections are intended to protect musical recordings; (3) transmitting a work in its entirety usually negates a fair use defense; and (4) ReDigi’s sales obviously undercut Capitol Records’ profits.

Although ReDigi’s marketplace was commercial in nature, an obvious difference from the nonprofit intent of the National Emergency Library, the other facts broadly aligned. The National Emergency Library arguably did not innovate the use of copyrighted books. Copyright protections clearly protect rightsholders’ interests in published books. The books offered through the National Emergency Library were transmitted in whole, and this arguably undercut the publishers’ profits from ebook sales.

An open-and-shut case? The Second Circuit enters the plot.

Judge John G. Koeltl held that the Internet Archive’s National Emergency Library failed all four factors of the fair use test. He wrote in his opinion that “IA’s fair use defense rests on the notion that lawfully acquiring a copyrighted print book entitles the recipient to make an unauthorized copy and distribute it in place of the print book, so long as it does not simultaneously lend the print book. But no case or legal principle supports that notion. Every authority points the other direction.” The opinion was a resounding victory for publishers.

The Internet Archive promised to continue fighting. The founder of the Internet Archive, Brewster Kahle, framed the case as a battle for free access to information within a wider war for global democracy: “Libraries are more than the customer service departments for corporate database products. For democracy to thrive at global scale, libraries must be able to sustain their historic role in society—owning, preserving, and lending books.”

On December 15, 2023, the Internet Archive filed its opening brief to the U.S. Court of Appeals for the Second Circuit. In the brief, the Internet Archive asks the Court to reverse the lower court’s decision and to hold that its controlled digital lending is fair use. The Internet Archive is arguing that the lower court erred in applying the four-factor test because the court “failed to grasp the key feature of controlled digital lending: the digital copy is available only to the one person entitled to borrow it at a time, just like lending a print book.” The Internet Archive says that the court’s misunderstanding particularly tainted its analysis of the first and fourth factors. For example, it argues that the court’s analysis of the fourth factor did not take into account expert testimony indicating that “lending is not a substitute for Publishers’ ebooks and has no effect on Publishers’ markets.”

The Second Circuit’s decision in this case will shape the future of controlled digital lending and the ongoing debate surrounding fair use and access to information in the digital era. Librarians, publishers, and legal scholars will be watching closely, waiting for the next major development in the application of free use to a rapidly evolving digital world.

Stay tuned for the next chapter in this story.