Privacy Rights Re-“Kindled”: eBook Reader Privacy

There has been a tremendous sea change in the publishing landscape over the last several years. As people have been shifting from buying books in brick and mortar stores like Borders and Barnes and Noble, to online distribution of physical media like Amazon, to the rise of electronic distribution like Amazon’s Kindle or Apple’s iBooks ecosystems, the ease and accessibility of obtaining and exploring new works has been steadily increasing. However, what has remained constant are the insights that our reading history provide upon our lives, including our religious beliefs, our political leanings, and even our health concerns.

E-book technology, as provided by Kindle or iBooks, presents particularly significant threats to reader privacy. As noted by the Electronic Frontier Foundation back in December 2009, e-readers have the potential to report back substantial information about their users’ reading habits, including what book you have read, what page you have searched for, how long you viewed it for, and what page you continued onto next. For example, Amazon’s Kindle License Agreement notes that Amazon will be provided with information on not only what books you have bought, but also “annotations, bookmarks, notes, highlights, or similar markings you make using your Kindle.” As such, there has been tremendous concern that such reading records are too easily tracked, and consequently vulnerable to exposure in legal proceedings. These concerns have been played out in recent times, with the North Carolina Department of Revenue demanding that Amazon turn over personally identifiable information linked to specific purchasing records for customers in North Carolina, and Colorado police attempting to subpoena information regarding all book orders ever placed by a suspect at a book store.

Facing these concerns, California recently passed S.B. 602, the Reader Privacy Act, which updates reader privacy laws by ensuring that privacy protections for book purchases are similar to long-established privacy laws for library records. The ACLU, a sponsor of the bill, noted the three prongs of protection to reader privacy associated with this Act:

–          Disclosure to Government: Government entities that seek disclosure of reading records must obtain a court order by showing a compelling interest, as well as an indication that they are using the least intrusive means to achieve this compelling interest. Furthermore, notice must be provided to the reader when the court order is executed, and prior notice must be given to the book seller and provider in order to provide the opportunity to appear and contest.

–          Disclosure to Third Parties: Third parties who seek disclosure in a civil or administrative action must similarly obtain a court order by showing a compelling interest, as well as an indication that they are using the least intrusive means to achieve this interest. For third party disclosures, both the book seller/provider and the reader must be given prior notice and the opportunity to appear and contest before disclosure.

–          Voluntary Disclosure: Reading records may be disclosed when the reader consents or exigent circumstances exist.

Some have questioned whether this law, although noble in intent, is necessary in practice. Mark Giangrande wondered exactly how many prosecutions had taken place where the person’s reading records were allowed into evidence. He noted that the current standard is that, in most cases, the government may not use a person’s reading habits, literary tastes, or political views as evidence against him, on the grounds that such evidence is prejudicial and not necessary to the charges.[1] He notes further that in cases where the reading habits are held relevant to the case, such habits are still considered inadmissible unless the defendant raises that issue.

While Giangrande’s arguments make sense, its retroactive perspective seems to miss the true benefits the law provides when analyzed from a prospective perspective. By establishing a bright line rule rather than a murky standard, California citizens are protected against not only increased litigation to prevent disclosure, but also against their data being released without notice. Businesses also benefit in two ways. First, the standards under which a business has to comply with a subpoena for customer information is clarified. Second, consumers will likely be more comfortable with using e-books, knowing that their personal reading history is protected. Even if the courts ultimately decide that reading habits cannot be admitted as evidence in criminal cases, this law is helpful because it expedites the litigation process.

Yet while the law is a good first step, there are certain limitations to the law. Of course, as a California law and not a federal law, the Reader Privacy Act’s protections are limited. Furthermore, the Act provides protection for the purchase and use of only e-books and books. With the rise of digital media, an increasing number of people acquire information through the internet and blogs. The Reader Privacy Act does not protect users against requests concerning their online history. Finally, the Act provides that “a provider shall not knowingly disclose to any government entity, or be compelled to disclose to any person, private entity, or government entity, any personal information of a user…,” where government entities refer only  to state or local agencies. For the law enforcement provisions, the protections extend only to requests by state law enforcement agencies. Joe Brockmeier notes that this merely means that California police cannot access your reading history, but there is no corresponding protection against federal agencies, even for users in California. As such, while California’s Reader Privacy Act should serve as a model for other states, California cannot afford to rest on its laurels. With technological advances providing increasing concerns regarding individuals’ privacy rights, legal protections must also evolve in a way that alleviates those concerns and mitigates the harmful impacts.

[1] For example, United States v. Giese, 597 F.2d 1170 (9th Cir. 1979) stated that it was “not establishing a general rule that the government may use a person’s reading habits, literary tastes, or political views as evidence against him in a criminal prosecution. In many cases such evidence would be clearly inadmissible.”

One Reply to “Privacy Rights Re-“Kindled”: eBook Reader Privacy”

  1. Pingback: E-books are tracking your reading habits | Sci-Tech | DW.DE | 07.11.2012 « Collection Development – notes

Leave a Reply