Libraries and the Freedom of Information Act

2 Mar

This is the second of two posts based on session I attended recently entitled What’s private and what’s public? Data Protection and Freedom of Information.  This post does not constitute formal legal advice.

The Freedom of Information Act 2000 (FoI) refers to information which you have an obligation to provide, whereas the Data Protection Act 1998 (DPA) is concerned with information which you must not disclose.

FoI is underpinned by the public right to know what is done by public bodies and how they operate.

The basic FoI right is to be informed in writing by the public authority whether it holds info of the description specified in the request; and if this is the case, to have that info communicated within twenty working days.

Most libraries and archives are publicly funded, and therefore affected by FoI.  The focus is on policies and procedures but FoI affects all information held, including manuscripts and rare books.

Is it an FoI request?

  • It must be in writing and include an address to which reply can be made
  • The request does not have to come from someone based in the UK
  • The request does not have to mention FoI explicitly

Does this sound familiar?  Most reference enquiries will come under the Act, so in fact many libraries were complying with the principles of FoI long before the Act came into being.

FoI exemptions

No need to supply the information if:

  • it is accessible by other means
  • It would adversely affect commercial interests
  • it would contravene data protection provisions
  • it would breach confidences
  • it is not your information to share
  • you plan to publish it soon
  • it would cost too much

More details about FoI exemptions

  • it is accessible by other means – policies and procedures may already exist on your website, but it would be good practice to supply a copy anyway.  Other example: reference requests where the information exists in books which could be purchased by the enquirer or accessed via a local library, inter-library loan or at the British Library
  • it would adversely affect commercial interests – for example, information about preferred supplies or buildings contracts
  • it would contravene data protection provisions – such as disclosing personal information about another person
  • it would breach confidences – not a complete exemption, as you must still weigh the public interest
  • it is not your information to share – such as deposited manuscripts or other material given but with conditions, or information affecting other University bodies
  • you plan to publish it soon – for example, a catalogue or critical edition.  Informal advice suggests that a time frame of “within three years” is reasonable.  It does not have to be the library that is the publisher of the information
  • it would cost too much – when considering expense, distinguish between (1) gathering/establishing the info, (2)  deciding whether it’s exempt and  (3) producing/supplying the info.

Deciding whether it’s exempt is not chargeable

Producing/supplying the information is chargeable at cost in advance

Calculating the costs of gathering the information is more complicated.   The cost is calculated at £25/hour to a maximum of £450 – the equivalent of 18 hours’ work.

If the costs of gathering the information will be less than this, you must supply the information for no more than the cost of supply (i.e. you must absorb up to 18 hours’ worth of work time).

However, if the costs of gathering the information will be more than 18 hours, you may decline to fulfil the request; offer to do it under FoI and charge at £25 per hour; or offer to do it outside the terms of the FoI.

There is no fee chargeable for fulfilling FoI requests, unlike DPA-related enquiries where data subjects can ask to see all our records relating to them within 21 days, for a small admin fee.

Helping the enquirer

Do everything you can to help the enquirer with their request.  If the information they’re asking for is too broad or vague, advise them to rephrase their request.  If they make the request by phone or in person, advise them to make a proper request in writing.

Time limits

The time limit of responding to FoI requests within twenty working days includes Mondays-Fridays only, not weekend days.  It excludes public holidays but not other closed days, and does not take account of personal leave.

The clock starts with initial receipt of the request by the University and ends with supply or refusal of the request.

Ensuring compliance

Responsibility

Each department of the University should have a nominated first point of contact for all FoI matters.  The team which receives the original request is responsible for assessing it and seeking assistance if necessary.

Timescale

Date stamp on opening, identify person/dept opening and any forwarding dates or details Assess within two working days Respond within another 8 working days Open mail for employees away for more than 10 working days (or fewer by agreement) unless marked private or personal Open mail if just marked confidential

Email

It is recommended that you have a folder for FoI emails and keep all correspondence (including replies) for one year.

If you will be away from work for more than 10 working days, ensure that your auto-reply includes an invitation for anyone with a request for information to resubmit it to another specified address.

Providing the answer

The enquirer may express a preference for receiving a copy of the material, a summary of the content of the material, or coming to inspect the material.

They may request to have the material in a re-usable form e.g. as a spreadsheet, not a PDF.  Accede to the preference unless other factors apply.

Copies can exceed fair dealing limits but should be accompanied by a note about legitimate use of the material.

Problem areas

  • Policies and procedures – these are often sensitive
  • Misdirected requests – the time needed to reroute the request is included within the time limit
  • Manuscripts and rare items – is it unique or effectively unique?   Refers to terms and conditions, and consider whether they include personal information about a living person
  • Time limits

In summary, think of most FoI requests like normal reference enquiries and do everything you would normally do in terms of providing a prompt, helpful reply.

In trickier cases, seek advice from your nominated FoI contact and record all the steps you take, including forwarding messages to other teams or awaiting a reply from someone else and keep it all moving along so that you can respond to the enquirer within the time limit.

See also: Libraries and the Data Protection Act

Tags: , , , , ,

Libraries and the Data Protection Act

1 Mar

This is the first of two posts based on session I attended recently entitled What’s private and what’s public? Data Protection and Freedom of Information.  This post does not constitute formal legal advice.

The Data Protection Act 1998 (DPA) is mostly concerned about information you must not disclose, whereas the Freedom of Information Act 2000 (FoI) covers information which you have an obligation to provide.

Personal data in libraries

In libraries, we hold information which is affected by the DPA, such as:

  • Info about students themselves and their use of libraries – where they’ve been, what they’ve borrowed, name, address, email etc ; as well as information about staff and possibly non-members of the University (external visitors)
  • Other examples: trading information about customers  (if your organisation has an online shop); personnel info about staff (such as the results of Criminal Records Bureau checks,  employment records)

8 principles for handling personal data

Data must:

  1. Be processed fairly and lawfully
  2. Be held only for specified purposes
  3. Be adequate, relevant and not excessive
  4. Be accurate and kept up-to-date
  5. Not be kept for longer than necessary
  6. Be processed in accordance with the data subject’s rights
  7. Be kept secure
  8. Not be transferred outside the European Economic Area, unless the recipient country can ensure an adequate (equivalent) level of protection

How the University fulfils these criteria

  1. Be processed fairly and lawfully – our processing is lawful because we undertake it in pursuit of the legitimate interests of our business, namely providing readers with books.  The University of Oxford asks its members (and external readers) to sign their agreement to the University holding the data when they apply for their University Card.  The agreement reads: “I understand that the information will be collected and processed according to the provisions of the Data Protection Act 1998″
  2. Be held only for specified purposes – the University is registered for lending and hire, education and training; and these cover all activities relating to the access and borrowing privileges of readers.  This also means that we can’t use readers’ data for purposes beyond this remit without their permission
  3. Be adequate, relevant and not excessive – we only gather the data we need for library purposes
  4. Be accurate and kept up-to-date – when a reader informs us of a change to their details, we must update their record promptly
  5. Not be kept for longer than necessary – The main University Card database holds records indefinitely as people may return for further study or employment.  However,  once a reader’s record expires, their record is deleted from the library’s database
  6. Be processed in accordance with the data subject’s rights – the data subject has the right to inspect the data we hold about them; and if they believe that something is wrong and/or that damage or distress is being caused, they have the right to prevent processing of data about them, to rectify, block or erase data and to sue for damage being caused
  7. Be kept secure – we must not disclose personal data to unauthorised persons.  Library staff are authorised persons because they are employees of the Data Controller.  Take care with the angle of computer screens at enquiry desks so that readers can’t see personal info about other people.  Don’t write passwords on notes kept by the computer.  Ensure filing cabinets containing personal data are kept locked.  Dispose of personal data securely (i.e. by shredding it).  If students occupy a staff area, switch off computers immediately.  It is good practice to lock computers [PC: Ctrl-Alt-Del and Enter] when not in use, even in staff-only areas
  8. Not be transferred outside the European Economic Area, unless the recipient country can ensure an adequate (equivalent) level of protection – for example, the USA does not have such provisions.  Take care over the location of your servers and cloud computing services.  If using a site like SurveyMonkey, you might choose to state that “this data will be processed in the USA”

Sensitive data

A step beyond personal data, sensitive data is defined as information relating to:

  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs or similar
  • Trade union membership
  • Physical or mental health
  • Sexual life
  • Commission or alleged commission of any offence
  • Proceedings relating to any offence or alleged offence

Sensitive data may only be recorded with the explicit consent of the person. If the person has disclosed some of this information to any one person in the University, the whole University is deemed to know, even though the info is secret and therefore probably not being passed on.

Who’s who

Data controller: person who determines the purposes for which and the manner in which any personal details are or are to be processed

Data processor: any person (other than an employee of the data controller) who processes the data on behalf of the data controller

Data subject: an individual who is the subject of personal data

CCTV

Information captured by a closed-circuit television system counts as personal data.  People should know they are being recorded: have a notice displayed to let them know, with contact details in case anyone has any queries.

If a CCTV screen is on display to readers or other members of the public, it must be recording a view of the place where they are, not somewhere else.

You may only circulate images from CCTV to people who really need to know. Images may be passed to the police if they ask us to supply them.

Claims by data subjects

Data subjects can ask to see all our records relating to them – within 21 days, for a small admin fee. Therefore, only record what you are prepared for the data subject to see!

Only the data subject can ask, or their representative with written consent.  Only living people have rights under the DPA.  In supplying records, we must not breach others’ DPA rights.  Always refer to the University’s DP officer if in doubt.

See also: Libraries and the Freedom of Information Act

Tags: , , , , ,

Laura’s guide to Chartership

31 Jan

This is an unofficial guide, but it worked for me, and I hope you find it useful.

Start with CILIP’s Five steps to Chartership

Get yourself a mentor

When choosing a mentor, I think it’s a good idea to approach someone who is outside your sector.  If they don’t live near you, you can meet by phone or Skype.  Having a perspective from someone who is not as familiar with your work environment is good for two reasons:

  1. you can discuss issues and compare procedures and policies with someone who has a different perspective on libraries
  2. they can help you judge if you have explained your context fully, and that it makes sense to someone with no prior experience of your workplace

I think this is especially important if you work in a library which tends only to compare itself or benchmark against other organisations that are already very similar (such as academic libraries) and discussion with a mentor from a different information environment will help you generate new ideas about how to provide a better service for your users.

Writing your Personal Professional Development Plan (PPDP)

Think about your development in the broadest possible sense.  Don’t compare yourself with other people – this is your learning journey and what matters is that you have made progress from your starting point.

Examples of areas for training and development include:

Old-skool library skillz e.g. cataloguing and classification

People skills e.g. supervision or management of colleagues, customer service skills

The wonderful world of social media e.g. learning to write for the social web, monitoring and evaluating interactions on your library’s Twitter, Facebook or other social sites.  Or even being the person who starts these up for your information service

Transferable skills e.g. project management, managing budgets, collating data and statistics, administrative skills, giving presentations or inductions

Remember that training takes many forms: it can be on-the-job, shadowing, researching, learning by doing (i.e. there is no-one else I can find to teach me – I’m just going to have to figure it out as I go along) – it’s not just about attending a course.  And if you do go on a course, take time to reflect on what you’ve learned and how you will put it into action.

Chartership course

CILIP recommend that you attend a Chartership course.

Before the day, do some research into what you need to do to submit your portfolio, and be ready with questions.  You’ll get more out of the course if you arrive prepared and are already familiar with the basics.

The people who will be speaking at the course know their stuff, so use the opportunity wisely by asking them things you can’t easily find out by reading about Chartership on the CILIP website.

At the course, there may be portfolios on display.  Take a look at these and make notes to help you remember the good (and bad) points that you want to remember to include (or avoid) in yours.

Write your evaluative statement

It’s that simple – just write it.

If you need help with eking out all 1,000 words, try Written? Kitten! which rewards you with a picture of a cute kitty (sorry, dog lovers) each time you write another 100 words.

I found it useful to divide my words roughly equally between the four competencies I was trying to demonstrate:

  • Personal performance and service performance
  • Active commitment to continuing professional development
  • Personal and professional development and progression
  • Breadth of professional knowledge and understanding of the wider professional context

Collate evidence to support your personal statement

Gather certificates, emails, blog posts, tweets, policies… any documents which support what you have written in your evaluative statement about your development.

Order, number and name them so you can easily cross-reference them from your statement (you are a Librarian, after all).

Personal details of other people

When using documents which contain names, emails or similar personal information about other people, you need to think about how you will present this information in your portfolio.

I had seen other portfolios in which candidates had obscured these details but I felt that this made the documents look censored.

Instead, I asked permission from the people involved to reproduce these documents in full and all of them agreed.  I made clear in my portfolio that these documents were included with permission, and I thought this looked more open and inviting to read.

Electronic submission

CILIP have started accepting electronic submissions and I would recommend this as it allows you to use working hyperlinks in your portfolio (I used these to link from my statement to the evidence and back again) and saves you having to print and bind three copies of your portfolio.

Best of luck!  Keep your eyes on the prize:

Chocolate MCLIP

Tags: , , , , ,

Classification 101 with Lego

27 Jan

Here is a demo that I did with my library team this week.  Here is a set of objects:

Selection of Lego bricks

The challenge was to sort them into groups and explain why you have chosen to arrange them in this way.

We came up with a variety of ways in which they could be arranged – here are some examples.

Grouped by colour:

Bricks arranged by colour

Grouped by width: one stud, two studs, more:

Arranged by width

Grouped by depth: are they flat or built-up?

Arranged by flat/built-up

All of these answers are valid, as they are supported by rational criteria for grouping the objects.

However, notice that as you group items by one characteristic, you separate them by another, e.g. the brown group has some pieces that are flat, but not all the flat pieces are brown.

In a library example, you could put all fiction books together, but an author may have also written drama or poetry, and so not all of their works will be together.  Similarly, grouping books by year of publication separates them by subject.

Ranganathan’s Fourth Law of Library Science is “save the time of the reader”.  In order to meet the needs of library users effectively, each library must decide how it will arrange its stock: which classification system to use.  The best way to arrange your stock is the way in which your users can most easily find what they are looking for.

For example, my library uses the Dewey Decimal Classification system to arrange books by subject.  This is the most helpful for our readers, who are usually studying one subject and expect all of their resources to be located in one place.

In a closed stack library, users request books from the catalogue which are fetched for them by library staff.  A closed stack library may arrange their stock in order of accession number, meaning that items are arranged from oldest to newest, and this makes efficient use of space.  It doesn’t matter that the books aren’t in order by subject; as the library staff member can locate the book accurately by its accession number.

A fiction library may arrange works by author, and a picture book library by colour.  At home, my non-fiction books are arranged in height order, as this is aesthetically pleasing and encourages serendipitous rediscovery of other things when I am looking for something else.

As in the examples above, when you group items by one characteristic, it is inevitable that you will separate them by another.  However, the most important thing is to choose a system that will help your users, and apply it consistently.

Thanks to my colleagues Nora and Louise who told me about the roles of Plato and Aristotle in the philosophical origins of catagorisation.

Tags: , , , , , , ,

How to get students to bring their library books back

1 Dec

This week I’m distributing flyers to all our students to remind them to renew their loans before they leave for the Christmas holidays, and also as a promo for our social media sites.

As an incentive for ensuring their accounts are up-to-date, I’m offering a “little seasonal thank you” (chocolate Santas from M&S or similar).

I hope this publicity will encourage students to update their accounts, call in at the library office to claim their treats and increase the numbers of Likes/followers on our social media sites.

If you’d like to join in, please Like us or follow us!

Tags: , , , , , ,

From ‘cataloguing’ to ‘metadata’?: resource description and subject classification in a digital age

24 Nov

I recently attended a day conference organised by the Bodleian Libraries, entitled “From ‘cataloguing’ to ‘metadata’?: resource description and subject classification in a digital age”.

The speakers were:

Susanna-Assunta Sansone, Team Leader at the Oxford e-Research Centre Susanna on LinkedIn

Edmund Chamberlain, Systems Development Librarian for Cambridge University Library @edchamberlain

Neil Jefferies, R&D Project Manager at Bodleian Digital Library Systems and Services

Alexander Huber, Metadata Co-ordinator at Bodleian Digital Library Systems and Services

I tweeted from the event using the hashtag #bodmetacat.  In the summary below, I have included contributions from others – attributed by their Twitter IDs.

Susanna Sansone: Using metadata for keeping track of scientific research on the web

  • Make experiments reusable by sharing the methods and results – use metadata to make them discoverable
  • Challenges: volume of info, free text descriptions (natural language), Babel of terminologies, heterogeneous file formats
  • Need standards: reporting descriptions, controlled vocabularies, common exchange formats
  • Problem of too many standards in bioscience – need harmonisation
  • Examples: standards being developed for describing genes, genomes, proteins… (@addedentry “Standards are good – that’s why there are so many of them.”)
  • Remits vary, as does degree of interaction with journals, funders, commercial sector. Dynamic but fragile environment
  • biosharing.org – coherent, curated and searchable catalogue of data standards, rated by usability and popularity (not quality)
  • Simplicity is good, but it is not simple
  • @addedentry Sticks and carrots for using standards: funding council requirements versus career benefits of citation & exposure

Ed Chamberlain

  • The way libraries used to manage data involved having a lot of control over its creation, consumption, environment, technology
  • Closed ecosystem = recipe for success (expensive?)
  • Then the Internet happened – challenge to library systems and its authority over data
  • Library response so far includes evolution of catalogue & change in interfaces.  Is the OPAC dead?
  • Catalogue data now consumed as keywords, faceted, supplemented, transformed, merged, amalgamated
  • “The best thing to do with your data will be thought of by someone else” – Rufus Pollock
  • discovery.ac.uk “Towards a thriving metadata ecosystem” – JISC initiative to get galleries, libraries, archives and museums sharing data
  • @addedentry Cambridge let search engines crawl their catalogue records. Google has now indexed 10% (500,000)
  • Linked bibliographic data – Cambridge’s work with Library of Congress, British Library and OCLC
  • @addedentry COMET = Cambridge Open Metadata (data.lib.cam.ac.uk) converted catalogue records to RDF
  • Who else is experimenting with linked data? Wikipedia, British Library, Europeana, British Museum, The National Archives, Library of Congress, Open University; national libraries in France, Finland, Sweden, Hungary and others – thanks @ostephens for additions to this list
  • openbiblio.net Open Bibliography Project
  • Creative Commons licences: @addedentry Cambridge using PDDL; Europeana and BNB using CC0; OCLC looking at CC-BY. I understand Oxford is on the way…
  • Vendors aim to profit from services based on data rather than data for its own sake?
  • Have to learn to be a cataloguer before developing scripts dealing with catalogue data
  • No LMS vendor is going forward with MARC21 as internal container for data
  • “No one will want to play with us if we cannot learn to share”

Neil Jefferies

  • Changing nature of intellectual discourse: artefacts, timescale, interdisciplinary, collaboration
  • Digital outputs: shift to born-digital content, publication not necessarily primary outcome, no “thing” to deposit
  • @addedentry Metadata is data in its own right – example of historical correspondence networks as a primary source
  • Emergent data model – not metadata, this information is important in its own right
  • @addedentry Cultures of Knowledge - cf Darwin Correspondence Project at Cambridge
  • @ostephens there is no meta, just data
  • @addedentry Interest in capturing uncertainty – not removing it – in catalogue records (e.g. disputed authorship)
  • @addedentry “Sheer curation”: minimal processing in storing digital objects
  • @addedentry “Today’s standards are tomorrow’s legacy issues”

My top tweet of the day:

I never metadata I didn't like

Tags: , , , , ,

Israel and library technology

16 Nov

Lots of library-related technology such as remote access was developed in Israel.  Because Israel was politically isolated from many of its neighbouring countries, it could not develop inter-library loans systems such as we are used to in the UK and other countries.  This meant that there was an urgent need to develop other ways of sharing information resources with other institutions worldwide.  As a result, many library technology companies such as Ex Libris started life in Israel and are still based there today.

Tags: , , , , ,

← Older Entries
Newer Entries →

Follow

Get every new post delivered to your Inbox.