He Knows What You’ve
Been Checking Out

Christopher Dreher

The USA PATRIOT act gave the government broad new powers to obtain library and bookstore records—and to keep librarians and booksellers from complaining about it.1

Libraries might seem an unlikely place to hunt down terrorists. But in the wake of September 11, authorities learned that some of the al-Qaida hijackers had used library computers to communicate with one another and research the attacks. The FBI obtained court orders for Internet sign-in sheets and computer hard drives from two Florida public libraries, and in the following months gathered information from other libraries in Florida, Maryland and Virginia as part of investigating terrorist activities in the United States.

But even though the government was able to get what it wanted from those libraries under existing laws, intelligence agencies argued they needed more sweeping powers. The result was the passage last October of the USA PATRIOT Act (USAPA), an acronym for the unwieldy “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act.” USAPA, of course, deals with much more than libraries—it amends more than 15 statutes, including the Electronic Communications Privacy Act, the Foreign Intelligence Surveillance Act, the Cable Act, and the Federal Wiretap Statute. The new law gave the government unprecedented authority to conduct secret searches, monitor e-mail and Internet usage, share information between intelligence agencies and seize personal information with only nominal judicial oversight.

And the new USAPA powers will also reach into libraries and bookstores, if investigators believe that records of what someone is reading and researching are relevant to an anti-terror investigation. Already librarians say they’ve received requests for records under USAPA, but they are prohibited from making such demands public; they can’t reveal who made the requests and what they asked for, or keep track of such requests in any way.

Civil libertarians say USAPA gave the government authority to bypass privacy rights without enough checks and balances to assure that the new powers are being used appropriately. In fact, the legislation amended several laws that were put in place to prevent the type of government surveillance scandals that made news in the 1960s and 1970s, such as the FBI’s widespread, illegal surveillance of American citizens and domestic dissent groups. Although USAPA proponents claim that the new law is aimed at foreign nationals, many of the changes apply to American citizens as well. Librarians and booksellers worry that this expansion of the surveillance laws will ultimately have disastrous consequences for civil liberties and dampen intellectual freedom by having readers thinking twice about what they check out or buy.

Chris Finan, president of the American Booksellers Foundation for Free Expression (ABFFE), says that the USAPA is “an open door for government to browse into our records.”

USAPA supporters say civil libertarians and privacy advocates are hand-wringing as usual, missing the fact that the USAPA gives the government what it needs to combat terrorism while respecting Americans’ privacy rights. “There won’t be any problems if the government obeys the law and keeps within the restrictions,” says Michael Woods, former head of the FBI’s National Security Law Unit.

But the FBI has had uneasy relations with librarians in the past. In 1987, the American Library Association (ALA) received a call from a librarian in New York who said that two FBI agents had been asking staff about what citizens of “hostile sovereign nations” were reading. During the months after the story broke in the press, the ALA was inundated by calls from libraries around the country that had received similar visits.
“We documented 23 cases,” says Judith Krug, who since 1967 has been fighting for library privacy rights as director of intellectual freedom division of the ALA, an advocacy group with over 63,000 members. “In retrospect, it was absolutely bizarre. There’s a history of people attempting to use circulation records to impugn motives because of what people have read, but that took the prize.” Soon after, the FBI discontinued its “Library Awareness” program, which Krug and others were shocked to find out had been going on for decades.
Traditionally, book purchases and library records have been protected from law enforcement searches in ways that other records are not. Libraries, which have been fighting off attempts to view their records for decades, have statutes in 48 states and the District of Columbia prohibiting librarians from releasing lending information without proper legal authority. In fact, most lending software sold during the past eight years automatically disengages the borrower’s name from the book or other material once it’s returned, though that information remains in backup logs until the logs are erased.

Although there are no specific statutes protecting book sales records, the courts have required that law enforcement demonstrate a “compelling need” to the court before issuing or enforcing subpoenas or search warrants for bookstore records.

USAPA dramatically changes the way law enforcement accesses bookstore and library information. The law’s Section 215 greatly expands the authority of the Foreign Intelligence Surveillance Act (FISA) and allows investigators to use it to gather business records—which include library circulation information and bookstore purchases—by merely certifying that the records are relevant to a foreign intelligence investigation. FISA warrants are issued by a special judge in a secret FISA court and prohibit the participants from telling anyone besides an attorney that they have been contacted for the information.

Theresa Chmara, an attorney who has written amicus briefs for the ALA and ABFFE in other First Amendment cases, says the USAPA largely removes booksellers’ and librarians’ ability to contest the legality of these requests and makes it almost impossible to monitor how, and how often, the searches are being conducted.
“Any time the public believes what they’re borrowing or reading will be under surveillance, it will have them thinking twice,” Chmara says. “It’ll go through people’s minds if they want to learn more about the Taliban or Islam as they’re reaching for the shelf.” No one knows how many USAPA requests have been made since USAPA became law in October, because of the built-in gag order. But a few individual librarians around the country admit they’ve received requests. Gary Strong, director of the Queens, N.Y. library— which has the largest circulation of any U.S. library—confirms that he has received USAPA requests, but he says the law prevents him from revealing more than that.

“It makes you realize your library is very much involved in what’s going on,” says Strong, who recently spoke at an ALA meeting about how librarians should comply with USAPA.

The ALA’s Krug says that there has been a noticeable increase in requests for information about privacy issues from libraries around the country. Before September 11, Krug says she fielded an average of one call a month from a librarian or library asking about privacy issues, but in the months after September 11 she was getting two or three a week. The ALA sent out information to librarians about what to do if they received a USAPA request and offered to put librarians in touch with an attorney without asking questions and jeopardizing the librarian’s compliance with the gag order. Krug says that since September 11 she has received a few of these requests for lawyers, but beyond that she doesn’t know how many libraries have been approached.

USAPA’s reach extends beyond bookshelves. After home and work, the library is the third leading place where Americans access the Internet: over 95 percent of libraries offer Internet access, and a recent study of

Internet usage by the U.S. Department of Commerce shows that a growing number of people use library computers for personal use instead of places like work, where many companies monitor their employees usage. Also, libraries are one of the foremost places that bridge the so-called “digital divide,” offering people who do not have Internet access a place to do research, brush up their job skills, or just browse. Libraries even attract those who already have the Internet because of the search and support help that librarians provide.
“The means for providing information have changed dramatically in terms of providing technology access,” says Mary Minow, a consultant who is working on a book about library law for the ALA. “There are lines in most libraries for people to get onto the terminals. The technology is bringing in a wide range of people, people that have never been into the library before.”

USAPA expands the use of “roving wiretaps,” Minow explains, which in addition to allowing the monitoring of phone conversations also permits tracking of a suspect’s Internet use on whatever computer they use, including library computers. What disturbs librarians is that once the order is placed, the Internet monitoring indiscriminately records the Net usage of other users at the same time.

But perhaps the biggest change in Internet surveillance is the expansion of “pen / trap” orders, an investigatory tool originally designed to give police a list of phone numbers a suspect called and received. Updated by the USAPA to catch up with advances in technology, pen / trap orders now cover electronic communications, which is especially troubling to civil libertarians because to use a pen / trap, authorities need only certify that such surveillance is relevant to an ongoing investigation—and it gives law enforcement access to a wealth of information far more comprehensive than a list of phone numbers. It allows authorities to gather all information about e-mail messages (but not their actual content), URLs, sites visited, and other specific information about Internet usage. But unlike wiretap orders, which after a certain period of time compel authorities to disclose to the suspect that he or she had been under surveillance, there is no similar requirement for pen / trap orders. This means that law enforcement could collect and keep information about someone’s online activities without ever telling the person who was monitored. (The only way someone would find out is if they were later charged with a crime and the evidence was used in court.) Minow says the implication of the USAPA for electronic freedom is “a patriot missile, not a patriot act.”

Librarians worry that September 11 will have other impacts on inquiry and intellectual freedom. The United States Geological Survey, for instance, recently ordered federal depository libraries to destroy a CD-ROM with information about national water systems. Francis Buckley, superintendent of documents at the U.S. Government Printing Office, says it was the first time he knew of that an order to destroy information to keep it from the public was sent out. After the order, FBI agents in Arkansas visited five libraries to make sure the CD-ROM was—one librarian had only taken the CD-ROM out of circulation, and the agents confiscated it.
Lynn Bradley, director of government relations at the ALA, says that although the order to remove one CD-ROM is not cause for widespread alarm, “if there is an increase in removed information or if the updates or certain records or publications were not being put out anymore, that would be a problem.”

In addition, the government has removed large amounts of information from public Web sites. “The scope of what has been removed is vast, and it has been done without any policy guidance or careful vetting,” says OMB (Office of Management and Budget) Watch, a nonprofit watchdog group that promotes government accountability and has monitored what types of information have been removed since September 11. OMB Watch also notes that other access to public information—such as public reading rooms—is now more restricted. Bradley says the ALA is organizing a group of librarians to monitor the government restriction of information, to see what information is being taken down and if and how the information is later returned.
Strong says that the most important thing librarians can do to protect privacy rights is to make sure they understand the new laws, have their privacy policy up-to-date, and know what to do if the FBI contacts them. “It doesn’t come home until a marshal or the FBI shows up with orders,” says Strong. “Then it becomes real, but by that time it’s too late to prepare.”

The FBI has made efforts to explain to librarians how it would use the new powers granted by the USAPA. At a Jan. 19, 2002, ALA meeting in New Orleans, the bureau sent Michael Woods, at that time the head of the bureau’s National Security Law Unit, to speak to librarians about “compliance with the USA PATRIOT Act.” Woods told Krug, Bradley, Strong and dozens of other librarians what the FBI would ask of librarians and how the librarians should respond to such requests. He stated that the days of badge-flashing and demanding records was over and that the agency would take care to follow all legal guidelines in their requests for information.
Bradley says whether this proves to be true remains to be seen. “The jury’s out on this,” she says, “But there are a lot of people with long memories who have experienced firsthand inappropriate invasions and incursions of library records. But I’d like to think it’s a new day.”
A month after speaking to the ALA, however, Woods took a new FBI assignment, and he no longer heads the bureau’s National Security Law Unit. Still, he doesn’t foresee much interaction between libraries and intelligence agencies. “From an FBI perspective, it’s very rare for the FBI to interest themselves in libraries and rarer still to proceed to any point” where the new freedoms granted by the USAPA might come into play, Woods says, and he insists the act has enough safeguards to protect Americans’ privacy rights.

But many don’t trust the FBI’s claim that it will handle its new powers responsibly. The Electronic Privacy Information Center’s annual report on civil liberties and electronic privacy has year after year named the U.S. government as one of the worst offenders when it comes to trying to bypass electronic privacy laws. And the American Civil Liberties Union’s Web site documents a long history of FBI surveillance abuses over the past decades. “They don’t have a good enough reputation to say, ‘Don’t worry, trust us,’” says Rachel King, legislative counsel for the ACLU’s national office. “They can’t be trusted. They’ve managed to offend the left, the right, and everyone in between.”

That history is what worries librarians and booksellers. “This law has the potential to be very harmful; that’s why we have to be cautious,” says Bradley. “People ask, ‘Why are you interested in privacy when thousands of people were killed and there are soldiers at risk?’ At the same time, we have in the United States a Constitution, a Bill of Rights, and all sorts of laws protecting privacy. One of the reasons we’re fighting is to protect these

rights that these people attacked us for in the first place. We don’t want to have to relearn some of the mistakes of the past. Hopefully the FBI remembers and realizes that it’s a new day.”

Editor’s Notes

The full text of the USA PATRIOT act can be read online at:

Relevant sections include: Sec. 201—203, 206, 210, and 214—216.

On September 24, 2002, the CCLE filed a Freedom of Information Act Request with the US Dept. of Justice (DOJ) and the FBI. The FOIA request asks for a list of books and materials placed under scrutiny since the passage of the act. More information is online at:

The ALA’s Web site can be found at:

The Center for Cognitive Liberty & Ethics’ Reader’s Rights Project can be accessed online at: