10.2 Confidentiality of Usage Data
10.2.1 Privacy and User Confidentiality
Statistical reports or data that reveal information about individual users will not be released or sold by content providers without the permission of that individual user, the consortium, and its member institutions (ICOLC Guidelines, October 2006).
It is the responsibility of the Content Providers to be aware of and ensure that they meet security and privacy requirements, including GDPR and other standards and requirements that may be applicable.
10.2.2 Institutional or Consortia Confidentiality
Content providers do not have the right to release or sell statistical usage information about specific institutions or the consortium without permission, except to the consortium administrators and other member libraries, and to the original content provider and copyright holder of the content. Use of institutional or consortium data as part of an aggregate grouping of similar institutions for purposes of comparison does not require prior permission as long as specific institutions or consortia are not identifiable. When required by contractual agreements, content providers, such as aggregators, may furnish institutional use data to the original content providers. (Based on ICOLC Guidelines, October 2006).