March 14, 2006

USA Patriot Act Affects Cornell's Libraries

Print More

A title search for “bombs” on Cornell University’s Library Catalog generates 443 results; “Al Qaeda” and “Osama Bin Laden,” 17 each; and “terrorism,” 391.

Running such searches on a library computer – and checking out some of the materials they turn up – could get you into trouble with the law. Under Section 215 of the USA Patriot Act of 2001, these searches are potential grounds for an FBI subpoena to a library for user records without a warrant or additional reason for suspicion. According to this federal provision, which seeks to strengthen national security and root out possible terrorists, the head librarian must turn over records to the FBI without notifying students and may not inform anyone else of the subpoena.

The provision has roiled librarians across the country and provoked public outcry from the American Library Association. The issue is especially pertinent to universities, which pride themselves on being bastions of academic freedom and exploration. Many worry that the law could thwart university students from pursuing many topics of intellectual interest.

“Libraries are places where people should be able to go and look at whatever intellectual pursuits interest them” without worrying “am I going to get in trouble?” said Bernadette Murphy, director of communications at the Washington, D.C. office of the ALA. “We worry that these laws will encourage … fear.”

Staff members of Cornell University Library, which consists of 20 libraries and is one of the largest academic research libraries in the nation, have attempted to balance their concern for patrons’ privacy with federal law. If subpoenaed, a Cornell librarian must present the request to the University Counsel, whose members then verify its legitimacy.

Since the inception of the Patriot Act, Cornell libraries have tried not to retain user data for longer than necessary to protect their privacy to the maximum extent possible, according to Ed Weissman, assistant to the university librarian.

Even before 2001, librarians, if subpoenaed, were expected to provide records to the government, provided that the FBI harbored serious suspicions about an individual and produced a warrant. Moreover, in the case of university libraries, librarians could notify the affected student of the request, who could then seek legal counsel, according to Peter Hirtle, CUL intellectual property officer.

But under Section 215, which overrides 48 state laws protecting library users’ confidentiality, the FBI need not suspect any one person to request electronic and circulation records – it may request general information about thousands of library users. And at Cornell, as at other university libraries, federal law would prevent the subpoenaed librarian from informing the students whose records are being scoured.

Those with foreign-sounding names who borrow materials about the Middle East or complex scientific subjects – say, nuclear physics – are said to be especially vulnerable to the law.

“When someone is suspected of a crime, it’s entirely appropriate for law enforcement to go to a library … we respect that right of law enforcement when they present a legal document asking for those records,” said Murphy. “But we think Section 215 orders are too easy for them to get.”

CUL’s website assures patrons that New York State law protects the confidentiality of library records -that is, “circulation of materials, database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, reserve requests and the use of audiovisual materials, films and sound recordings.” It carries a subsequent warning about the conflicting powers of the Patriot Act.

Online chats with librarians are also recorded and susceptible to federal review if requested, although the library erases the information after 30 days.

Under the Patriot Act, a librarian subpoenaed by the FBI may challenge after one year the order mandating that he or she told no one about the subpoena, although Murphy said the ALA did not consider this a “meaningful opportunity.”

But there are methods of skirting surveillance.

“One of the nice things is that you don’t have to authenticate when you use a library computer at Cornell,” said Weissman. “You’re not typing in a net ID and password [to access computers], so you’re in better shape when you’re surfing the web.”

Tracy Mitrano, director of information technology policy and computer policy and law programs, feels that government access to electronic records is a crucial facet of the law. “Information technologies already are – and will continue – to be the way in which any of these records are actually stored or transmitted,” she said.

Certainly, the fact that libraries carry out most of their operations electronically has made protecting users’ information far more difficult everywhere. And here, CUL does not control all relevant electronic operations; Cornell Information Technology oversees a great deal of them, too. That makes ensuring maximum confidentiality even trickier, Weissman said.

“[Section 215] goes so contrary to the notion of academic freedom on campus,” Mitrano said.

Archived article by Maya Rao
Sun Staff Writer