Recommender Service Privacy Policy for Library VuFind Accounts


BACKGROUND/PURPOSE

The Recommender Service Privacy Policy for Library VuFind Accounts is a document to support machine learning processes for service delivery in the Library. The research and development of a library account based recommender utilizing machine learning was funded by the University of Illinois Campus Research Board in October 2015. The purpose of this policy is to provide documentation of the machine learning processes which leverages user account data. There are several data points utilized if the user logs-in to the recommender service, these include VuFind account information including VuFind favorites, VuFind renewals, VuFind item requests, and the users currently checked out items; researchers pair these data points with anonymized clusters of items that are checked out together. The experimental service will use VuFind checkout data along with other anonymized Voyager user data, specifically clusters of items that are checked out together, to provide recommended resources based on items in their account. The system will initially provide recommendations to other print and loanable technology items. This policy exists so that users who log-in to the recommendation service from VuFind accounts will be aware of the type of data we collect, preserve, and use from their VuFind account. For the purposes of this document the VuFind account is the user’s library account accessed from the following interfaces: Minrva for Android, Minrva for iOS, and the VuFind login link from University Library Webpages(s).

POLICY STATEMENT:

Notice/Awareness

Users are notified of the account based recommender policy from a library webpage; they are notified that the policy is a developed to support machine learning processes for service delivery. Library faculty and staff will receive updates to the policy through the library listserv or Faculty meeting updates. If the policy is updated, users will be notified through their accounts that a new library recommendation policy is available. The data collected by this experimental system will be stored on the University Library’s secure servers. The data will not include any information that identifies an individual. The only people who will have access to the data include researchers associated with the project and Library IT staff as needed for maintenance. The data mining of VuFind account actions and Voyager checkout clusters will be utilized for service improvements and Library service excellence within VuFind accounts and services that utilize or build on VuFind accounts like Minrva for Android, Minrva for iOS, and the VuFind login from the Library webpage(s). Recommendation data will be used to improve email communications from the Undergraduate Library where technology items will be recommended based on previously checked out equipment by the user.

Choice/Consent

By logging into the VuFind overlay through Minrva for Android, Minrva for iOS, or Library Webpages, the user consents to sharing their VuFind checkout data with the recommendation system. This privacy policy is linked from the Login page.

Access/Redress

A user can contact minrvaproject@gmail.com to request information about their IP address from the technical support team. Data about user names and library accounts are not recorded or available. Only a user’s IP address may be retained. These data points can be removed but not revised since they are simply server records. The data used for machine learning are stored in clusters and combined with other data points from Voyager, so individual access by a patron cannot be provided. An individual is not able to contest data accuracy or completeness with specific questions about their participation in the recommender service.

Integrity/Security

Data are stored in password protected servers. Only the technical staff that support this service has access to the data. Data are kept indefinitely for research purposes aimed at improving the app. Individual data is anonymized by way of unique identifiers in the place of a user identifiers. data are anonymized by way of unique identifiers in the place of a user identifiers. Since individual data are anonymized, individually identifiable data are not retained.