August 2002; updated: November 2005
Legal framework for personal data processing in connection with library work is set by Act No. 257/2001 Coll., on Libraries and Terms of Operating Public Library and Information Services (Library Act), as amended. The Library Act is a lex specialis in relation to the Act on the Protection of Personal Data and on Amendments to Some Related Acts, as amended (hereinafter referred to as “Personal Data Protection Act”).
Whereas the Library Act does not define the processing of readers’ personal data in library registry explicitly, the processing of personal data must be judged on the basis of the Personal Data Protection Act.
In principle, Article 5(2) of the Personal Data Protection Act provides that personal data may be processed only with the consent of the data subject. Without this consent the controller may process personal data only if one of the preconditions defined in Article 5(2)(a) to (g) of this Act is met. An exemption pursuant to item (e), “if it is essential for the protection of rights and legitimate interests of the controller”, or (b), “if the processing is essential for fulfilment of a contract to which the data subject is a contracting party”, may be applicable to the keeping of registry of library users, because library have the right and a duty provided by the law to protect their library stock and the lending/borrowing relationship between a library and its users is contractual in nature. If the registry of library users is kept only in respect of current lendings, the exemption may be applied to this kind of processing of personal data.
Whereas theArticle 5(1)(e) of the Personal Data Protection Act provides that the controller shall be obliged to preserve personal data only for a period of time that is necessary for the purpose of their processing, however, in the case of the application of the aforementioned exemption for the processing of personal data this period of time ends when the lent library article (book, videocassette etc.) is returned undamaged, or alternatively is ended by the action of checking that it was returned undamaged, or in the state in which it was lent out. At that moment the personal data processing should be terminated by destruction of the reader’s identification data, with the understanding that data on the lending of library stock may continue to be processed. When defining how long to preserve personal data on lendings it is necessary to work on the basis of the fact that any damage to a library article should be identified immediately after the user returns it respectively after taking over. Later discovery of damage, e.g. pointed out by a subsequent borrower, is irrelevant. Preservation of non-anonymised data on completed lendings may thus also be to the user’s benefit, but that does not constitute a different definition of the period necessary for processing the personal data of borrowers. The period necessary for preservation of personal data on lendings is determined by the manner in which lending protocols are maintained.
According to the previous experience of the Office for Personal Data Protection, registry of library users is, as a rule, kept as permanent registry, so even the personal data of readers who currently have not borrowed any library material are permanently preserved in the registry. In libraries more than elsewhere, the identification data of readers are a direct key to further personal data, such as identification data of borrowed documents, in particular the names of borrowed documents or their registration numbers that make it possible to track down the descriptive details of a lending. In line with the well-known adage, “Tell me what you read and I will tell you who you are”, a list of lendings over a relatively long period of time gives an insight into the interests and orientation of a particular reader and creates a more-or-less detailed picture of the reader. Some lending records may even – though they need not always – reveal facts that could be processed as sensitive data. For example, regular borrowings of books about a particular philosophy or religion may indicate that the reader shares identical philosophical or religious conviction, causing the reader to be treated accordingly, even though there may of course be different reasons behind the borrowings: impartial study, publicism or research, say. With a view to this fact as well, it is necessary to have the consent of the library user, as the data subject, for keeping permanent registry of library users that contain their personal data showing information about past borrowings. When soliciting this consent, the library must provide the library user with the information defined in Article 5(4) of the Personal Data Protection Act. Concurrently, it is necessary in order that the library, as the controller of personal data, fulfil its other duties provided by the Personal Data Protection Act, in particular the duty to specify the purpose for which the personal data are to be processed (see Article 5(1)(a) of this Act).
The library’s duty to inform library users is laid down by the Personal Data Protection Act in every case, however, specifically under Article 11(1) and (2) of the Personal Data Protection Act.
The name, surname, date of birth and permanent address is sufficient for identification of a natural person (library user); in opinion of the Office for Personal Data Protection, the aforesaid data combined with the library’s registration number (library card number) is the extent of identification data absolutely necessary for the purpose of keeping registry of library users.
If the library intends to use the library user’s birth number instead of his date of birth, it needs to make allowance for the fact that birth numbers enjoy special legal protection pursuant to Act No. 133/2000 Coll., on Register of Population and Birth Numbers and on Amendments of Certain Acts (Population Registration Act), as amended. Without the consent of the bearer of a birth number, or his legal representative, the birth number may be required and further used only in cases specified explicitly by the relevant legislation. The use of birth numbers for registry of library users is not specified by the act. For using users’ birth numbers is therefore necessary their consent pursuant to Article 13c(1)(c) of Population Registration Act, which consent, given for the purpose of collecting the birth number, also constitutes consent for the processing of birth number as personal data, i.e. consent under Article 5 (2) of the Personal Data Protection Act. When collecting personal data for registry of users, the data subject must, as mentioned above, be informed pursuant to Article 11(1) and (2) of the Personal Data Protection Act. In accordance with Article 11(2) of this act, the data subject must concurrently be informed that the provision of his birth number is voluntary.
The notification duty pursuant to Article 16 of the Personal Data Protection Act in processing registry of library users pursuant to Article 18(1)(b) of this act shall not apply to the processing of personal data that is imposed on the controller by a special Act or if such personal data are necessary to exercise the rights and obligations ensuring from a special act. If only lendings registry is kept, containing library users’ identification and contact data, and records in it are preserved only for the duration of lending (whether internal or external lending), the conditions of the cited exemption from the notification duty are met; these conditions are arising from a provision of the Library Act which impose on library operator to ensure that the library stock is protected against theft and damage. User’s personal data are necessary for exercising the rights and duties imposed by a special act up to the return of lent documents. If, however, permanent registry of users is kept, no ground for exemption from the notification duty is constituted, regardless of the form in which this registry is kept and the extent of personal data processed in them.
The same terms shall apply mutatis mutandis to other public library and information services, i.e. a) providing access to library documents from a library’s stock or via inter-library services from the stock of another library; b) providing oral bibliographic, reference and factographic information and research; c) mediating information from external information sources, in particular information from state administration and local government; and d) providing access to external information sources to which the library has access free-of-charge by using telecommunications equipment. With all these services, it is necessary to work on the basis of whether grounds for processing personal data are constituted. It generally applies that the moment at which a ground for processing personal data is constituted, is, with regard to the provision of Article 4(2) of the Library Act, at the earliest the moment at which the user makes a request for provision of a service by providing access to a document or by providing performance pursuant to Article 4(1)(b) and (c) and at the latest the moment at which the actual performance is provided, i.e. provision of the requested document. The approaches described above also fully cover the needs of providing services where libraries have a legally defined exemption from the principle of free-of-charge provision. There is no legal regulation imposing on libraries duty to process users’ personal data in this context.
Determination of the extent of users’ personal data to be collected on application forms or request forms may only be tied to the purpose of the provision of services. In the event that a user on that occasion pre-selects only a part of the full range of offered services, the form’s design can be adjusted so that it does not demands data that are not necessary for the provision of the selected services, respectively so that a user receives clear information and instructions. Combining the primary collection of the identification and contact data of library service users with the targeted ascertainment of further data on users is not in accordance with the principles of the protection of personal data, regardless of any subjective justification of such data collection by the library. Further data may be ascertained on such an occasion, but solely in the manner of a questionnaire survey, and allowing access to the public library and information services provided under the Library Act cannot be tied to the provision of further data.
The principles governing registry of library users may be used mutatis mutandis for registry of users and lendings in libraries operated under a trade licence and in video rental shops and similar establishments.
Mode No graphics is currently switched on. Therefore you see the web page with no decorative graphics as well as any advanced formatting. If your browser supports CSS2, you can switch a graphic mode on.