Takedown protocol for sensitive information in Stanford digital collections

Adopted by Stanford University Libraries with approval of the University Privacy Office 

4 June 2020 

Stanford University hosts digital collections to advance study and research by students, faculty, and the general public. Whereas we present published and unpublished documents in various genres and formats, determining the authenticity and accuracy of information in those documents is the province of readers and researchers. Our intentions are to acquire and present documents, including personal archives, that are relevant and, in the case of publications by scholars, already subjected to peer review. The Libraries cannot and do not guarantee accuracy or authenticity. In preparing archival collections, the University undertakes minimal steps to the best of our abilities and availability of staff to identify and remediate sensitive information that could threaten the privacy and security of individuals, organizations, or other entities represented in the collection(s). 

Despite these efforts, sensitive and/or private information inadvertently may be included in digital collections. In such cases, living individuals whose private information is exposed (or who are acting on behalf of a minor child or an incapacitated parent, spouse, domestic partner or adult child) may submit takedown requests. All such requests will be reviewed by cognizant Stanford University officials, starting with the University Archivist, the Associate University Librarian for Special Collections, the University Librarian and other Stanford officials who these Library officers may identify. Persons requesting a takedown may be requested to supply additional information to better understand issues and their consequences. 

Given our commitment to preserving to the best of our abilities the authenticity and integrity of the scholarly and historical record in our archives, it is unlikely that perceived errors or inaccuracies present in original items will be “corrected”. Additionally the Libraries will not redact digital content or indices. Similarly, the Libraries will not remove access to materials other than in cases where there are legal concerns, for example, the presence of protected information arising from provisions of various laws, e.g., Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), Family Educational Rights and Privacy Act (FERPA), or in cases of significant risks to privacy (for example, exposed Social Security numbers), or convincing evidence of a clear and imminent threat to personal safety and well-being. 

Adapted from University of Michigan, “Takedown Policy for Sensitive Information in U-M Digital Collections.”