Have you ever not checked out or ordered a book because you were afraid it would be flagged?

What is the difference between privacy and confidentiality?

In a library, the right to privacy is the right to open inquiry without having the subject of one’s interest examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information (see “What is personally identifiable information” below) about users and keeps that information private on their behalf. Confidentiality is a library’s responsibility. This responsibility is assumed when library procedures create records such as closed-stack call slips, computer sign-up sheets, registration for equipment or facilities, circulation records, what Web sites were visited, reserve notices, or research notes.

In protecting the privacy rights and the confidentiality rights of library users, librarians should limit the degree to which personally identifiable information is monitored, collected, disclosed, and distributed.

For ALA’s privacy policies and Privacy: An Interpretation of the Library Bill of Rights, see the Intellectual Freedom Manual, latest edition, and the Web site, “Privacy and Confidentiality.”
http://www.ala.org/ala/aboutala/offices/oif/statementspols/statementsif/interpretations/questionsanswers.cfm

Policy on Confidentiality of Library Records

The Council of the American Library Association strongly recommends that the responsible officers of each library, cooperative system, and consortium in the United States:

1. Formally adopt a policy that specifically recognizes its circulation records and other records identifying the names of library users to be confidential. (See also ALA Code of Ethics, Article III, "We protect each library user's right to privacy and confidentiality with respect to information sought or received, and resources consulted, borrowed, acquired or transmitted" and Privacy: An Interpretation of the Library Bill of Rights.)
2. Advise all librarians and library employees that such records shall not be made available to any agency of state, federal, or local government except pursuant to such process, order or subpoena as may be authorized under the authority of, and pursuant to, federal, state, or local law relating to civil, criminal, or administrative discovery procedures or legislative investigative power.
3. Resist the issuance of enforcement of any such process, order, or subpoena until such time as a proper showing of good cause has been made in a court of competent jurisdiction.1

1Note: Point 3, above, means that upon receipt of such process, order, or subpoena, the library's officers will consult with their legal counsel to determine if such process, order, or subpoena is in proper form and if there is a showing of good cause for its issuance; if the process, order, or subpoena is not in proper form or if good cause has not been shown, they will insist that such defects be cured.

Adopted January 20, 1971, by the ALA Council; amended July 4, 1975; July 2, 1986.
http://www.ala.org/ala/aboutala/offices/oif/statementspols/otherpolicies/policyconfidentiality.cfm