Dear Oklahoma Department of Libraries McVey,
¶ 0 This office has received your request for an official Attorney General Opinion in which you ask, in effect, the following question:
Does Section 1-105(A) of Title 65, which requires certain library records to be kept confidential, apply to library registries identifying individuals who have been assigned computers for personal use when these registries can be used to identify specific information viewed on the Internet by those individuals at a given time?
¶ 1 Section 1-105 of Title 65 of the Oklahoma Library Code governs the disclosure of records of any library supported in whole or in part by public funds. That section, which became effective in 1985,1 provides in pertinent part:
A. Any library which is in whole or in part supported by public funds including but not limited to public, academic, school or special libraries, and having records indicating which of its documents or other materials, regardless of format, have been loaned to or used by an identifiable individual or group shall not disclose such records to any person except to:
1. Persons acting within the scope of their duties in the administration of the library;
2. Persons authorized to inspect such records, in writing, by the individual or group; or
3. By order of a court of law.
65 Ohio St. 2001, § 1-105[65-1-105].
¶ 2 Libraries maintain registries that show which of the libraries' computers have been assigned to identifiable individuals for personal use.2 These registries can be used to identify specific information viewed on the Internet by those individuals at a given point in time. You ask whether the confidentiality requirement of 65 Ohio St. 2001, § 1-105[65-1-105](A) applies to these registries.
¶ 3 The Oklahoma Administrative Code provides that to be eligible to receive state aid grants "libraries and branches must provide internet access to the public." OAC 405:25-1-3(2)(D). There are no legal requirements as to the type of records required to be maintained to reflect Internet usage.3 Although the process differs from library to library, individuals who wish to use computers for Internet access generally sign a registry which reflects the individual's name, the date and time, and the particular computer to which the individual is assigned.4 There is no requirement as to how long these registries are kept and some are destroyed as early as the day after the usage.5
¶ 4 A person may access the assigned computer and with little or no specialized knowledge use the history function of the computer's Internet browser to view a list of information that was accessed on the Internet on a given day. With the information obtained from the library's Internet usage registry one can then determine the specific information viewed by an identifiable individual at a given time.
¶ 5 To determine whether these registries are confidential we must first determine whether they constitute records for the purpose of disclosure pursuant to Section 1-105 of Title 65 of the Oklahoma Library Code. The Library Code does not define the term "record."6 We must look to the Open Records Act ("Act"), 51 Ohio St. 2001 Supp. 2004, §§ 24A1-24A.28, to determine whether these registries are considered records for the purpose of disclosure. Under the Act "record" means the following:
[A]ll documents, including, but not limited to, any book, paper, photograph, microfilm, data files created by or used with computer software, computer tape, disk, and record, sound recording, film recording, video record or other material regardless of physical form or characteristic, created by, received by, under the authority of, or coming into the custody, control or possession of public officials, public bodies, or their representatives in connection with the transaction of public business, the expenditure of public funds or the administering of public property.
51 O.S. Supp. 2004, § 24A.3[51-24A.3](1).7 Under this definition the registries of computers assigned to specific individuals are records as they are documents created by public bodies in the transaction of public business, the expenditure of public funds or the administering of public property.
¶ 6 As the registries are records, they are to be kept confidential if they indicate which of the libraries' "documents or other materials, regardless of format," have been used by an identifiable individual. 65 Ohio St. 2001, § 1-105[65-1-105](A). The registries indicate which of the libraries' computers have been assigned to identifiable individuals for use at a given time.8 With this information, one can access the assigned computer and determine the specific information viewed by an identifiable individual on the Internet at a given time.
¶ 7 Whether the information obtained through these registries constitutes "documents or other materials, regardless of format" is determined by a construction of the statute as a whole. "The primary goal of statutory construction is to ascertain and follow the intention of the Legislature." Fulsom v. Fulsom,81 P.3d 652, 655 (Okla. 2003). "In the interpretation of statutes, courts do not limit their consideration to a single word or phrase in isolation to attempt to determine their meaning, but construe together the various provisions of relevant legislative enactments to ascertain and give effect to the legislature's intention and will, and attempt to avoid unnatural and absurd consequences." McNeill v. City of Tulsa, 953 P.2d 329, 332 (Okla. 1998). As McNeill stated, "[t]he subject matter and purpose of a statute are material to ascertaining the meaning of a word or phrase used and that language should be construed to be harmonious with the purpose of the act, rather than in a way which will defeat it." Id.
¶ 8 The American Library Association recognized that the purpose for maintaining the confidentiality of library records is to "protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted." Am. Library Ass'n, Am. Library Ass'n Code of Ethics, art. III (June 1995), available at http://www.ala.org/ala/oif/statementspols/codeofethics/codeofethics.pdf. This purpose is as applicable to information obtained via a computer as it is to information obtained through books or other publications. A library patron who is browsing the Internet is entitled to no less privacy than one who is scanning the shelves of his or her local library.
¶ 9 In dealing with constitutional challenges to a law requiring libraries to filter Internet access, the United States Supreme Court recognized the common characteristics of Internet access and other library resources. In United States v. AmericanLibrary Association, 539 U.S. 194 (2003), the Supreme Court in upholding the constitutionality of the Children's Internet Protection Act ("CIPA") stated:
[A public library] provides Internet access, not to "encourage a diversity of views from private speakers," but for the same reasons it offers other library resources: to facilitate research, learning, and recreational pursuits by furnishing materials of requisite and appropriate quality. . . . As Congress recognized, "[t]he Internet is simply another method for making information available in a school or library." It is "no more than a technological extension of the book stack."
Id. at 206-07 (citations omitted) (emphasis added). Thus, the legislative purpose of 65 Ohio St. 2001, § 1-105[65-1-105](A) is served by finding that the statute prevents disclosure of the registries that show which computers have been assigned to identifiable individuals to access the Internet.
¶ 10 In reaching this conclusion, we are mindful that the Internet, in spite of its many advantages as a research and learning tool, also creates an opportunity for illegal conduct such as providing a medium for sexual predators to contact minors to arrange for sexual encounters. Our conclusion does not ignore this danger as the registries do not remain confidential in every situation. The Legislature specifically adopted three exceptions to the statute, one of those being "[b]y order of a court of law." 65 Ohio St. 2001, § 1-105[65-1-105](A)(3). Under this exception, if an individual is using a library's computer for an illegal purpose such as viewing obscene material or child pornography, a court order may be obtained to gain access to the registry and determine the information viewed by that individual at a given time.
¶ 11 A system is also in place for controlling Internet access to certain sites in public libraries which receive federal funds. Congress enacted the Children's Internet Protection Act ("CIPA"), Pub.L. No. 106-554, 114 Stat. 2763 (codified as amended in scattered sections), to address the problems associated with the availability of Internet pornography in public libraries. Under CIPA, a public library may not receive federal assistance to provide Internet access unless it installs software to block images that constitute obscenity or child pornography, with the aim of preventing minors from obtaining access to material that is harmful to them. See 47 U.S.C. § 254(h)(6)(F). The CIPA was challenged in American Library Association on the basis that it violated the First Amendment. The Court held that Internet access in public libraries is not a "`traditional' nor a `designated' public forum" and therefore does not implicate First Amendment concerns in the context that Internet access allows "Web publishers to express themselves." Am. Library Ass'n,539 U.S. at 205-06. The Court also rejected the argument that filters may erroneously block access to constitutionally protected speech that falls outside the categories that software users intend to block, noting that with respect to adults, library officials may disable a filter "to enable access for bona fide research or other lawful purposes." Id. at 209; see47 U.S.C. § 254(h)(6)(D). Thus, those public libraries receiving federal funds have safeguards in place to prohibit Internet access to obscenity or child pornography.
¶ 12 It is, therefore, the official Opinion of the AttorneyGeneral that:
1. Title 65 Ohio St. 2001, § 1-105(A) provides that "[a]ny library which is in whole or in part supported by public funds . . . and having records indicating which of its documents or other materials, regardless of format, have been loaned to or used by an identifiable individual or group shall not disclose such records to any person" absent one of three exceptions being met.
2. Pursuant to the statutory exceptions library records may be disclosed by: "(1) [p]ersons acting within the scope of their duties in the administration of the library; (2) [p]ersons authorized to inspect such records, in writing, by the individual or group; or (3) . . . order of a court of law." 65 Ohio St. 2001, § 1-105(A).
3. Registries maintained by libraries that can be used to determine the specific information accessed by identifiable individuals on the Internet at a given time are records pursuant to the Open Records Act, 51 O.S. Supp. 2004, § 24A.3(1). As these registries indicate which of the libraries' documents or materials have been loaned to or used by identifiable individuals, these registries shall not be disclosed unless one of the three exceptions set forth in 65 Ohio St. 2001, § 1-105(A) is met.
W.A. DREW EDMONDSON Attorney General of Oklahoma
SANDRA D. RINEHART Senior Assistant Attorney General
1 See 1985 Okla. Sess. Laws ch. 81, § 1.
2 See letter from Susan McVey, Director, Okla. Dep't of Libraries, to Drew Edmondson, Attorney Gen. of Okla. (Mar. 17, 2005) (on file with the Dep't of Libraries).
3 See 65 Ohio St. 2001 Supp. 2004, §§ 1-101-4-106; OAC 405:3-1-1-35-1-2.
4 See n. 2.
5 Libraries that are not state agencies are not prohibited by the Oklahoma Records Management Act, 67 Ohio St. 2001, §§ 201-215[67-201-215], from destroying or otherwise disposing of records, as that Act applies only to state agencies.
6 See n. 3.
7 Title 51 O.S. Supp. 2004, § 24A.3[51-24A.3] was amended in the First Regular Session of the Fiftieth Legislature with an effective date of November 1, 2005. See 2005 Okla. Sess. Laws. ch. 199, § 4.
8 See n. 2.