32 Association of Research Libraries Research Library Issues 297 — 2019 first hearing will offer valuable insights that will help set the stage for meaningful bipartisan legislation,”32 indicating that additional hearings should follow, with the intention of a bipartisan effort to enact privacy legislation. Several additional hearings in Congress and the FTC have been held. As the numerous hearings and bills, as well as the NTIA’s request for comment illustrate, legislating in this area will require thoughtful debate and, ultimately, a nuanced approach in many areas. While all of the discussion drafts and comments have been criticized by various stakeholders, elements of any of the drafts could find their way into federal privacy legislation. The Upshot Any legislation in the United States would likely require libraries to evaluate their contracts with vendors and services, their own privacy policies, and data collection policies to which they agree. For example, while libraries may rely on outside services as platforms, libraries must fully understand what these services collect and why, as well as how this is communicated to patrons. Additionally, while research libraries are committed to improving user experience, they must consider what collection of data is appropriate and how to improve informed consent. Should some form of a right to deletion/right to be forgotten be included, libraries must determine how to balance these rules with the First Amendment or how to use any exceptions to such a right to preserve cultural heritage. Many of the issues a research library might face are ethical ones that depend on best practices, but could potentially fall under federal laws depending on how broadly or comprehensively a legislative solution is framed. Any legislation in the United States would likely require libraries to evaluate their contracts with vendors and services, their own privacy policies, and data collection policies to which they agree.