@MASTERSTHESIS{pgi2020034,
	author = "S. Connor",
	supervisor = "D. McMenemy",
	title = "Informed Consent and Privacy in Scotland's Public Libraries",
	school = "Department of Computer and Information Sciences, University of Strathclyde",
	year = "2019",
	abstract = "With the rise of libraries offering digital services to patrons, this work explores the approach of libraries to protecting patrons{\^a}АЩ privacy when accessing these services. The research focuses on assessing the philosophical and legal issues of privacy and informed consent, and how the privacy policies in place in Scottish libraries tackle these issues. In order to do so, Freedom of Information requests were made to the 32 local authorities responsible for operating libraries in Scotland to provide the documentation used to manage privacy and data protection in libraries with a view to assessing the types of policy used and the themes present in these policies. 

The aim of the research was to firstly come to a understanding of informed consent, a term which originated in medical negligence law, and how this concept operates with respect to digital services; secondly, to assess the privacy concerns inherent in the use of digital services, particularly in libraries, and why it is important that users understand and consent to the use of their personal information; and thirdly, to evaluate the privacy documentation on offer in Scottish libraries as to how they take on these issues. 

Through undertaking this research, it has been discovered that, while libraries in Scotland have gone some way to addressing data protection, privacy, and consent in their policies and documentation, more could be done with these policies to ensure that privacy concerns are addressed and that patrons understand the information being gathered and used by libraries, and that patrons may not be able to properly consent to the use of this information because of the lack of explanation. It was also noted that there were several different types of policy, and that there was an uneven distribution of the different types of policy, both overall, and within particular organisations. 

As a result of this research, four recommendations were made: for clearer explanations of data protection and privacy as an ethical concept to be made, for consent to be clearly requested and to not be a binary process, for a more holistic approach to be taken to privacy, and for more policies to specifically address the library environment.",
}