16 Association of Research Libraries Research Library Issues 297 — 2019 practice leaves the user in control of as many choices as possible” and that libraries should refrain from sharing personally identifiable information with third parties or vendors without permission from the users.3 While patron privacy has long been a fundamental value to libraries, the digital world complicates traditional notions of privacy because of the vast amounts of data collected when users encounter technology. In the digital age, research libraries are tasked with addressing broader privacy concerns than in the analog world because they must account for more than the records libraries themselves create and keep, but also the personal data that may be collected by services, applications, and vendors that libraries work with. Indeed, this personal data can prove valuable for third-party vendors and services, but also for libraries seeking to enhance user experience. Libraries today must carefully consider how to balance core values of privacy—and the inherent trust that is placed in them by patrons—with improved delivery of service to their users. As libraries evaluate best practices to protect patron privacy in the digital era and policy makers determine how to move forward with legislation to protect consumers, it is clear that there are no easy answers. All stakeholders and policy makers in the privacy debates must consider a range of complicated issues. Some of the biggest issues to consider in determining what elements should be included in a comprehensive, consumer privacy regime are: • How broadly should the law apply? In order to avoid the current problems with the sectoral approach, a comprehensive solution must address broader privacy issues. Stakeholders in the privacy debate have differed as to whether federal privacy laws should apply solely to the technology sector or to all companies Libraries today must carefully consider how to balance core values of privacy...with improved delivery of service to their users.