The Spy Who Shushed Me

It isn’t often that libraries, those citadels of quiet refinement, play a role in capturing a serial killer. Yet that is what happens in the movie Se7en.

William Somerset, played by Morgan Freeman, is a veteran detective charged with training a newcomer, David Mills, played by Brad Pitt. Their first case is the murder of a morbidly obese man. The man is found at his kitchen table, face down in a plate of spaghetti, his hands and feet bound.

A day or two later comes another killing, this time of a lawyer, gutted like a fish in his fancy office. A word is written on the floor in the lawyer’s blood: greed. Acting on a hunch, Somerset returns to the first victim’s house and finds “gluttony” written on the wall in grease. 

After a third victim is discovered, the killer’s inspiration is clear: Catholicism’s Seven Deadly Sins. What the detectives don’t know is who is doing this or why.

Then, Somerset gets an idea. “What would [the killer] study,” he muses, “to do the things he’s done?” For an answer, he turns to an FBI friend, who uses an unnamed database to run a report of public library users who have borrowed relevant-sounding books like Paradise Lost or books on police procedure.

Several hours later, report in hand, the pair end up at the apartment of a man named John Doe, whose library records include a lot of books that made Somerset suspicious. They see Doe approaching, but before they can speak to him, he pulls out a gun and opens fire. A chase ensues. Doe gets away, but he later turns himself in, and we see his features for the first time: a blood-drenched Kevin Spacey.

For years, I assumed this sequence was fantasy. A database of every library — county, state, private — in a single city? How would that work? And why would the FBI care what people read? 

 My skepticism, it turns out, was unfounded.

Take action today to support libraries!

Privacy is considered a constitutional issue, yet unlike, say, freedom of speech or a fair trial, the word itself doesn’t appear in the United States Constitution. Rather, it is an unenumerated right — i.e., one not spelled out but inferred (some would say “made up”) by the courts.

There are a lot of such rights: the right to travel, the right to vote, the right to marry. The authority for recognizing these rights is the little-known Ninth Amendment, which states, “The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.”

Privacy became an unenumerated right in the 1965 case Griswold v. Connecticut, in which the Supreme Court held that there is a right to privacy in marital relations. This right has since expanded beyond the bedroom. Privacy statutes protect our medical information, our financial information, and our educational records.

One area where privacy rights have not been extended in the same way is library use.

This has caused problems in the past. One of these was the FBI Library Awareness Program in the 1970s and 1980s. Fueled by fears of a Communist takeover, the program’s purpose was to demand details about library use by people from countries “hostile to the United States, such as the Soviet Union.” The public remained ignorant of these efforts until a September 18, 1987, article in the New York Times, which called the program “part of a national counterintelligence effort.” 

Sign the petition to show that Americans love their libraries!

Library privacy hit the news again on October 26, 2001, forty-five days after the 9/11 attacks, when Congress passed the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act. The act gave the FBI unprecedented powers to gather intelligence on American citizens, including forcing bookstores and libraries to turn over patron records, à la John Doe.

As with the Library Awareness Program, this surveillance operated in the shadows until a pair of FBI agents showed up at the Windsor, Connecticut, office of Library Connection, a twenty-seven-member library cooperative, to demand user information. The board of directors decided they couldn’t comply with the request, so they fought it. Eventually, on March 9, 2006, the USA PATRIOT Act was reauthorized, with a significant change: It exempted most libraries from this kind of government inquiry. 

If censorship is a library Deadly Sin, then privacy violations may seem more like a peccadillo. Who has time to fight the former when there are so many battles involving the latter? 

Yet the two are not opposites; they are fruits of the same knotty vine. Both represent government overreach. Government intrusion. Government control.

Privacy has continued to be under attack in recent years. In May, President Trump fired Librarian of Congress Carla Hayden and Shira Perlmutter, head of the US Copyright Office. His replacement for Carla Hayden was Deputy Attorney General Todd Blanche, the second-highest-ranking Department of Justice official. 

This also puts Blanche in charge of the Congressional Research Service, a nonpartisan think tank that provides research and analysis to members of Congress. This would mean the Trump administration could see the advice Congress is getting from its own staff — a major privacy encroachment, not to mention a violation of the separation of powers.

Sign the petition to fight book bans!

There are also new state laws, such as a 2025 Nebraska law requiring school districts to “provide the opportunity for a parent, guardian, or educational decisionmaker of a student to be notified when the student of such parent, guardian, or educational decisionmaker checks out a book from the school library.” Other states have passed similar legislation.

Ebooks also raise privacy concerns. “Major publishers,” according to the website Fast Company, “are giving Big Tech free rein to watch what you read and where.” With no federal laws to stop them, “tech and publishing corporations are gobbling up data beyond your reading habits.” 

In 2024, a group of 25+ human rights organizations published an open letter to Congress calling for an investigation into the potential “harmful consequences” of these companies’ digital book practices. For example,

"Florida police might subpoena Amazon to discover a parent has read a self-published zine on gender-affirming care; a data broker might sell religious reading data to fuel opaque hiring AIs; or ICE might be sniffing out lists of who’s reading books on the US immigration processes that include IP addresses."

The privacy of transgender patrons is yet another concern. As Mel Baldwin writes, “With nearly 400 active anti-trans bills pending in state legislatures as of April 2024, it is a dangerous time in the US to be gender nonconforming.” Baldwin notes that trans patrons have unique privacy vulnerabilities such as having an ID that lists their sex or name assigned at birth, either of which may contradict their current presentation. This can lead to security issues. Ditto their checkout history. 

As journalists continue to monitor reports of book bans and other acts of censorship, they should keep a close eye on privacy concerns as well. 

Visit www.everylibrary.org to learn more about our work on behalf of libraries. 

#librarymarketers: Enjoy this story? Want to use it for your library newsletter, blog, or social media? This article is published under Creative Commons License Attribution-NonCommercial 4.0 International and is free to edit and use with attribution. Please cite EveryLibrary on medium.com/everylibrary.

This work by EveryLibrary is licensed under CC BY-NC 4.0