Skip to content
Nov 5 / Kimberly Mason

Student Data and Information Policy

Written by Kristina Olsen

Due to the changing rate of technology and increasing collection of data, as students we should take care in knowing what policies are in place to protect our privacy as well as what the university does with our data. Consider our academic libraries; “user data can be obtained from a number of library systems and services” (Coombs, 2004, p. 493). In academic libraries, user data collected can be from “library web sites, integrated library systems, electronic reference, and interlibrary loan systems” (Coombs, 2004, p. 493). This leaves many channels for the security of our personal data to be questioned.

First, we must understand why libraries collect our data. Libraries collect user data for protection of access to library resources. This can be seen in libraries that require users to login to public computers. Libraries also collect data to increase the efficiency of the services and quality of collections by the library. They do this by utilizing software, in a way similar to Amazon, in order to personalize the user’s experience. Another reason for libraries to collect user data is to “meet licensing agreements with vendors” (Coombs, 2004, p. 495-496). Vendors and publishers want to know who is using the resources, whether the users are authorized or unauthorized users (Coombs, 2004). Nevertheless, there is a strong tension between libraries and its users when it comes to data collection (Coombs, 2004).

There are several policies in place that attempt to protect student data. There is the Family Education Rights and Privacy Act, which “protects the privacy of student education records” (FERPA, n.d.) and the Privacy Act of 1974. Further, there is the Library Bill of Rights and the American Library Association Code of Ethics that address privacy protection (Coombs, 2004). However, it is argued that more should be done to protect students’ privacy. A study found that “64 percent of libraries had a data protection policy, but only 14 percent of libraries had a privacy policy” (Coombs, 2004, 496). This is cause for serious consideration of implementing and educating students of his or her privacy rights.

Further, it is striking that there is strong support for student privacy despite the amount of personal information students share on the Internet. A survey revealed that 85 percent of students said their “online privacy was important to them” (Magi, 2010, p. 256). The survey also displayed the results of what students thought the university and library should be doing to protect their data. It revealed that the university or library should obtain student information only if there is consent from the student, it is collected for a clearly defined purpose, the information will never be shared with a third-party, and that there is a predefined time the information is kept before being discarded (Magi, 2010). Not only do students want more from their university and libraries, but 74 percent of the students surveyed thought “it was not justifiable to develop student profiles for the purpose of improving library collections and services” (Magi, 2010, p. 256). They also believe the university or library should educate students about the USA Patriot Act (Magi, 2010). These are important aspects to consider when defining and implementing an information policy.

The university needs its students’ data, but also needs to protect their privacy. With this becoming an ever-increasing issue, what more can universities and its libraries do to protect student data?

Coombs (2004) gives three “action points” to combat these issues. First, a collection of information privacy policies need to exist, such as a “privacy policy, an acceptable use policy…, and a data retention policy” (Coombs, 2004, p. 497). Next, students should be educated about these policies as well as common privacy issues. Students should understand what their rights are and what protection exists. Lastly, these policies should reflect the current trends and changes in technology; in addition to how these will impact future privacy protection (Coombs, 2004).

As a student at Wayne State University, I feel the university and library system do well to inform its students. The policies are simple to find on the school’s website as well as on the library’s web page. I think with any data collection there will be gaps in which information policy is lagging behind. Therefore, I think it is important to consider what the student expects from his or her university, as well as the university consistently updating its policies.


Coombs, K. A. (2004). Walking a Tightrope: Academic Libraries and Privacy. Journal of Academic Librarianship, 30(6), 493-497.

Family Educational Rights and Privacy Act (FERPA). (n.d.) U.S. Department of Education. Retrieved October 31, 2013, from

Magi, T. J. (2010). A Content Analysis of Library Vendor Privacy Policies: Do They Meet Our Standards?. College & Research Libraries, 71(3), 254-272.