The Inspector General of the Library of Congress discusses the Library's collections security program and how his office manages audits and investigations.
The Library of Congress (Library), located in Washington, D.C., is the United States' National Library, operating three large buildings in Washington, collections storage facilities in nearby Maryland, and a new audio/visual complex in the foothills of Virginia. The recently constructed climate-controlled storage facilities efficiently store books by size to conserve space. Interestingly, the 45 acre Virginia facility was used previously as a back-up operations center for the Federal Reserve in the event of a Cold War emergency; including vaults for storing backup money reserves. The Library also operates offices in Egypt, India, Indonesia, Brazil, Kenya, and Pakistan, that collect and process acquisitions in some of the approximately 450 foreign languages included in its collections.
Opened in 1897, the Library's first independent structure was the Thomas Jefferson Building. It is the Library's showplace, a major tourist attraction, and considered by many to be the most beautiful building in the United States.
In addition to being the National Library, the Library of Congress also operates the U.S. Copyright Office, Congressional Research Service, the National Law Library, and National Library Service for the Blind and Physically Handicapped. The Library's collections include about 138 million items made up of approximately 32 million books and serials, among which is a large collection of books printed before the year 1500 CE; 14 million microforms, 13 million prints and photographs, 1 million moving images, 3 million sound recordings, 5 million maps, and 61 million manuscripts. Deposits of intellectual property with the Copyright Office continually enrich the Library's collections.
The Library maintains an award-winning website that draws about 100 million visitors annually. The website makes available more than 11 million digital items from the Library and other partner institutions.
The Library of Congress may be the only library on earth with an inspector general. The purpose of the Office of the Inspector General (OIG) is to (1) provide an independent means to conduct investigations and audits relating to the Library, (2) provide leadership and recommend policies to promote economy, efficiency, and effectiveness, and (3) keep the Librarian and the Congress informed about issues relating to the administration and operation of the Library. The OIG accomplishes its mission by detecting and preventing waste, fraud, and abuse.
The Inspector General reports to the Librarian of Congress primarily through written audit reports and periodic meetings, and to the U.S. Congress through written semi-annual reports. The OIG conducts investigations that deal with administrative, civil, and criminal conduct issues including matters involving theft and mutilation of Library property. Audits include in-depth analyses of program performance including contracting and grant activities, and financial operations, among others.
OIG investigators execute search warrants and make arrests in criminal cases, including collections theft. A valuable tool for conducting investigations relating to collections thefts is subpoenas. Subpoenas are used most frequently to obtain evidence from internet providers and auction houses relating to the ownership trail of suspected stolen property.
As we all know, there is an inherent risk of damage and loss to collections that must be balanced with a Library's mission to make its collections accessible. Since its establishment in 1800, the Library has developed increasingly sophisticated security controls to combat theft and mutilation of its collections, from locks and keys initially to state-of-the-art electronic security systems and a host of other controls.
Early threats were from fire which destroyed its 3,000 volume collection in 1814. Another fire in 1851 destroyed about 35,000 of the 55,000 volumes in the collection. Obviously, subsequent facilities for the Library were built with fireproof materials, which led in 1953 to the creation of a beautiful large iron room in the U.S. Capitol before its first independent building.
Fire was not the only problem. It was discovered in 1861 that 1,300 items of the Library's 70,000 item collection were missing. This prompted additional controls such as compartmentalization and controlled access, particularly for manuscripts and rare books. Some of the Library's top treasures were targets for thieves as far back as 1896, which saw the theft of George Washington's diary. Although the diary was recovered, the Library recognized the need for additional controls.
Much larger than the threat from individuals is the threat of war. The threat was real enough at the beginning of World War II that arrangements were made to move 26 freight cars of material far away from Washington, D.C. for safekeeping. This included moving the U.S. Constitution, Declaration of Independence, and Great Britain's Lincoln Cathedral copy of the Magna Carta. Britain had sent us its Magna Carta when it entered the war. Several other European countries already at war had also sent us some of their most priceless collections for safekeeping.
Formerly a guard force, the Library's security staff was given police powers in 1950. Gradual physical security improvements were made in the ensuing decades, including stack access identification cards, closed-circuit television monitors in principal exhibit areas and high-risk collections areas, additional automation of fire and theft detection systems, and electronic security devices at entrance and exit doors.
In 1987, a much publicized manuscript theft by a prominent scholar intensified security efforts. The theft resulted in a more in-depth analysis of security, including reviews by the OIG and further enhancements of security technology. The newly appointed Librarian of Congress pledged further scrutiny of the collections security program.
In addition to exit inspections, the Library started performing entrance inspections in 1991. Furthermore, staff members were required to wear identification badges. In the early 1990s the Library discovered additional losses, including volumes gutted of their rare plates, volumes missing from the general collections, and thefts of rare maps and manuscripts. In response, the Librarian closed the stacks to the public and greatly reduced staff access. During this time, the Collections Security Oversight Committee (CSOC), composed of security professionals, librarians and others, was established.
In 1992, the Library began inserting theft detection devices in books and installing electronic theft detection gates. In 1996, the Library introduced a reader registration program. In 1997, an external team was brought in to make further security recommendations. These resulted in the establishment of a permanent Director of Security position, development of a comprehensive security plan which more thoroughly defined the threats to the collections and established priorities to protect them, and an expansion of the security awareness program. The public is now limited to viewing books and other collections while on Library premises.
Facilities security improvements were accelerated in 1995 after the bombing of a federal building in Oklahoma City. Security tightened further in 1998 following shootings at the U.S. Capitol and other events. Shortly thereafter, the Library expanded visitor screening and also began screening staff members with metal detectors and putting their personal articles through X-ray machines. Other enhancements included the installation of bollards and barriers around the perimeter of buildings, vehicle searches, installation of pop-up barriers at garage and parking lot entrances, and using contract guards in some reading rooms.
Important facets of security include protecting valuable collections from environmental damage and providing proper bibliographic, inventory, and preservation controls.
The 1997 security plan has evolved into the current Strategic Collections Security Plan. It categorizes the collections into a hierarchy of risk levels, with the strongest protection accorded the Library's ‘Treasures’ and other rare items. The plan identifies the five cycles that collections go through at the Library: in-process, in-use, in-storage, in-transit, and on exhibit. The plan also establishes a priority order of baseline protection standards for each item category in each of the cycles.
An important component of the comprehensive security program was the development of an inventory management plan which includes an ongoing baseline inventory project which began in 2002; several million items have already been inventoried. A security awareness program was put in place and in 2007 a year-long collections security awareness campaign was launched. An additional safeguard is the personnel security office that conducts background investigations to determine the suitability of employees, contractors, and volunteers.
Another significant aspect of the security program is the Integrated Library System (ILS) which improves tracking and inventory management at the item level. Accountability for newer collections is improved; the baseline inventory project is also improving accountability in existing collections and supplements other bibliographic, inventory, preservation, and physical security controls.
Recent improvements also include additional preservation controls to complement the security plan that address detailed emergency management, recovery, and continuity of operations plans. These controls align with the United Nations' Educational, Scientific and Cultural Organization (UNESCO) model and address environment, emergency preparedness and response, storage, handling, needs assessments, physical treatment, and reformatting; they also include scenarios for sheltering in place, relocation, and personnel security operations.
The culmination of all of these efforts has resulted in an integrated Strategic Plan for Safeguarding the Collections that is updated as needed.
The OIG initiated a series of recurring audits to assess risk and randomly sample the collections. The audits establish baselines in particular functional areas such as manuscripts, prints and photographs, geography and maps, etc. A sampling technique called paneling is used to record a baseline of observations about the existence and condition of the population, drawing about 150 items for sampling. About half of these samples are then included in a subsequent audit along with an equal number of new samples.
These audits are repeated periodically to determine whether changes have occurred since the last audit, and to establish an extended baseline for future comparison. The reviews assess risk within individual custodial and processing divisions and check on the success of previously implemented security improvements. The audit process includes digital photography for assessing the condition of the collections over time. To date, the results of these reviews are very encouraging.
In 2002, the OIG also conducted an audit of several aspects of inventory, bibliographic, and physical collections security controls. The audit touched on an array of topics including tracking collections in the ILS, access methodologies in reading rooms, physical security of restricted collections, bar coding collections, the reader registration process, and even janitorial access to collections vaults, among other topics. Auditors and investigators are also mindful of security ramifications as part of our other audits and investigations, including systems reviews.
Future reviews will focus on the Library's ‘treasures’ and exit inspections. Another important consideration is security over digital-born collections. Our challenges are evolving and expanding as we move to digital content, certainly one of the biggest and most rapid changes in our history.
From 2005 to 2007, the OIG took part as an advisor in an external research group to establish policy to audit and certify digital archives. The project culminated in a February 2007 report Trustworthy Repositories Audit & Certification: Criteria and Checklist (TRAC) that built on prior efforts.
Many of our investigative leads come from book, manuscript, and map dealers. For example, a prominent book dealer alerted us to the attempted sale of several of the Library's rare books. That incident resulted in the recovery of more than thirty valuable rare books. An arrest and guilty plea were obtained after OIG investigators spent months working closely with Library staff to establish provenance for each stolen book.
The OIG has had other such success stories that have resulted from close collaboration with dealers and Library staff resulting in convictions, restitutions, and most importantly, recoveries of valuable collections. We believe that being part of the institution puts us in a valuable position to react quickly and effectively in the event of incidents based on our knowledge of the collections and the collections security program, and our collaboration with Library staff. This scenario may not always be available with external law enforcement organizations, which could impede recovery efforts.
The OIG works cooperatively with other law enforcement organizations locally, nationally, and internationally because of today's broad market. We also keep in touch with our counterparts in collections security at other libraries as evidenced by our participation in the recent Ligue Des Bibliothèques Européennes De Recherche [Association of European Research Libraries] (LIBER) conference on collections security at the British Library. The collective knowledge of threats and potential vulnerabilities in the library community will make for better protection for all of us.
Today, the Library of Congress has a comprehensive collections security program that maximizes protection while still making its collections accessible. The program includes some of the most sophisticated security systems available and the commitment to execute its broad scope. Protection ranges from internal collections management controls like reader registration, personal belongings restrictions, controlled service, marking and tagging, transit accountability, and reading room configuration. External physical controls include entrance and exit electronic screening, intrusion detection systems, closed-circuit television, electronic access controls, theft-detections devices, vaults and cages, and key controls. Collectively, these components are effective.
The Library's Office of Security and Emergency Preparedness, Library staff, and the OIG work together to secure the collections. After the long development of an increasingly comprehensive and well executed collections security program, we believe that George Washington's diary and all of the other treasures under Library of Congress stewardship are well protected to ensure that our national and international heritage is preserved for future generations.
Library of Congress, http://www.loc.gov/index.html
Office of the Inspector General (OIG), http://www.loc.gov/about/oig/
TRAC, Trustworthy Repositories Audit & Certification: Criteria and Checklist, http://www.crl.edu/content.asp?l1=13&l2=58&l3=162&l4=91
This work is licensed under a Creative Commons Attribution 3.0 License.