Privacy polices for web proxies

[Peter Murray]

I'm in the final preparations for a LITA Regional Institute on Proxy Web 
Servers and Authentication (<http://www.lita.org/institut/>), and one of 
the things I'm including is about forming a privacy statement for your 
proxy server.  If you think about it, the log files of a proxy server are 
far more dangerous to the privacy of an individual than web server log 
files are.  All of the requests for a particular user go through the proxy 
server to any number of web sites, and some proxy servers will log the 
username of the person making the request!

I have the information from TrustE.org about a basic privacy statement, and 
that can be adopted in the case of proxy servers, but in all of my browsing 
and searching I haven't found examples of privacy statements for library 
proxy servers.  Has anyone created and implemented one?  Or perhaps you may 
be relying on an over-all institutional privacy policy?

Other thoughts?

Thanks!


Peter
--
Peter Murray, Computer Services Librarian              W: 860-570-5233
University of Connecticut Law School             Hartford, Connecticut