The emergence and development of automated library information systems and the accelerated development of library services using information technology has led to growing doubts about ensuring privacy and effective protection of personal data in libraries. Library systems are affected by algorithms, artificial intelligence, augmented reality, big data, blogs, video surveillance, cloud computing, data analytics, radio frequency identification (RFID), Internet of Things (IoT), learning analytics, mobile technology, social networks, Wi-Fi access points, where libraries not only collect significantly more personal information about users than before, but also share it with various service providers (Pedley, 2020). Risks to users' privacy are increasing as a result of the use of new technologies, and the emergence of a recent legislative framework in the European Union, notably the adoption of the General Data Protection Regulation, raises many issues specific to the library community. The first part of the theoretical part of the dissertation explores why privacy in libraries is worth protecting. To answer this question, the types and concepts of privacy and what kind of privacy in libraries should be provided are explored. It further answers the question of what risks to privacy and personal data breaches in libraries arise with regard to the use of technology. In order to reduce the risk of breaches, it is necessary to adequately understand the legal framework of personal data protection and its implications for library activities, so a review of scientific literature, library associations guidelines and national laws in the field of personal data protection provide a basis for further discussion. The empirical part of the dissertation investigates the factors influencing the provision and acceptance of personal data protection measures in Croatian library community. vi The content of the doctoral dissertation is treated in nine chapters. The first, introductory chapter provides a brief description of the research topic and context, the research problem, research methods and the scientific contribution of the dissertation. In the second chapter, the notion of privacy is placed in the broader theoretical context of the notion of privacy and the right to privacy and protection of personal data. The first part presents the definitions and conceptualization of the concept of privacy and presents the types of privacy. The second part presents information privacy, explains the existing theories of information privacy and information privacy of the Oxford philosopher Luciano Floridi. The third part of the second chapter aims to show the development and delimitation of the right to privacy and the right of protection of personal data, as well as the emancipation of the right to protection of personal data. The chapter presents and analyzes existing professional associations' guidelines and other documents related to the right to privacy in libraries. This is followed by an explanation of the value of privacy, especially in a data society and platform society, a presentation of theories of the value of privacy and the relationship between privacy and intellectual freedom. The third chapter is divided into three sections and provides an overview of privacy risks in general and specifically in libraries. The first part states the taxonomy of risk for (information) privacy with respect to different contexts according to current research. The privacy risks with respect to the information lifecycle are presented in the second section. The third section discusses the impact of ICT development on privacy risks in libraries. Privacy as a value of the library profession and its importance and role in the realization of intellectual freedom are discussed in the fourth chapter. Ensuring privacy in libraries is essential so that users can make free inquiries as this allows them to use information without fear of scrutiny or condemnation. The theoretical basis for the ethical codes of library communities lies in information ethics, which refers to all the good that can be achieved by information, but also in all the ways that can be used to harm someone. Because the concept of human rights influences information ethics while supporting its objectives, personal data protection management and privacy are inextricably linked, and their quality can only be achieved by combining and adapting to and adapting codes of ethics and legislation. The fifth chapter is dedicated to the legal framework for the protection of personal data in libraries. An overview of the implications of the recent legislative framework on data protection vii in libraries is clarified, the principles of personal data processing, the legal basis for data processing in libraries and user rights. The sixth chapter discusses reducing the risk to privacy and the risk of personal data breaches of library users. The management of data protection in libraries at the organization level is explained in the first part, which includes all activities that reduce the risks of privacy and personal data breaches. The second part discusses personal data breaches and risk assessment, and the third part explains the relationship between the library and the data processor. The fourth part of the sixth chapter explains the organizational and technical measures for personal data protection which enable the effective application of the principles of data protection with regard to the development of technology. This subchapter also provides a systematization of risks to the privacy of users according to the types of activities that include the processing of personal data. The seventh chapter is dedicated to the information privacy culture and presents the existing conceptual models for information privacy research with special emphasis on the APCO Macro Model and an explanation of the constructs that make this conceptual model suitable for empirical research. The eighth chapter presents the subject and problem of the research, purpose and expected contribution. The methodology and course of empirical research conducted within this doctoral thesis are described, hypotheses are presented, and the conceptual model of research is presented and described. The measuring instrument is described and then the research results are presented. Hypotheses are tested at the end of the chapter. The ninth chapter concludes the doctoral dissertation. The aim of the research was to determine the relevant factors influencing the adoption of organizational and technical measures to ensure information privacy in Croatian libraries, starting from the constructs of the APCO Macro Model. Two data collection methods were used: the online survey questionnaire method and the analysis of the websites of independent libraries in the Republic of Croatia. The website analysis was conducted in February 2022, and the sample of libraries over which the website analysis was conducted contains data from 173 libraries. Privacy statements were requested on the library's website, and the data was then compared with data on the number of employees and users. Data collection in the survey was conducted in the period from March 15 to April 15, 2022. The population coverage for the survey consisted of directors and librarians of user departments of independent libraries in the viii Republic of Croatia, and the sample consists of 341 respondents, of which 86 library directors and 255 librarians working directly with library users. Two survey questionnaires were developed in which most of the questions were the same, and a smaller part of the questions were designed depending on whether the survey is intended for library directors or is intended for library staff working in user departments. The survey questionnaire consisted of 31 questions divided into seven groups of questions. The first group of questions concerned demographic characteristics. The following groups of questions were gathered to examine the variables from the conceptual research model, so the following were researched: privacy experiences (personal and workplace), privacy awareness, percieved privacy regulation knowledge, culture, confidence towards data protection authorities, acceptance of technical and organizational measures for the protection of personal data. Descriptive statistics methods are used to analyze the research results, while simple linear regression, correlation coefficients, t-test, chi-square test are used to test hypotheses. Explaining the impact of ICT development on library services has expanded knowledge about the risks of privacy violations and intellectual privacy of library users. The answers to the research questions in the theoretical part of the dissertation were intended to contribute to the scientific understanding of the implications of legal regulations and the development of ICT on ensuring privacy. Practical knowledge of risks and technical and organizational measures for data protection also indirectly contributed. The dissertation proposes a new understanding of the topic of ensuring privacy in libraries in such a way that the acceptance of data protection measures by librarians is seen as an expression of the culture of librarians. The basis of this approach to privacy lies in Adele Da Veiga's (2017) definition of information privacy culture, according to which a culture in which employees display attitudes, assumptions, beliefs, values and knowledge that contribute to data protection and privacy in data processing results in ethical behavior in accordance with legal frameworks. Due to the complexity of the research, 5 main and 31 auxiliary hypotheses were set. Auxiliary hypotheses in the first two main hypotheses examining the constructs from the adapted APCO Macro Model are set with regard to whether they are intended to library directors or to librarians. The testing of the first two hypotheses aimed to establish the predictors of the acceptance of technical and organizational measures for the protection of personal data according to this model. ix The results of the research show that, when analyzing the answers provided by library directors, that one of the predictors, privacy experiences are not statistically related to the acceptance of technical and organizational measures for the protection of personal data, and that privacy awareness, percieved privacy regulation knowledge, culture and confidence towards data protection authorities are positively and statistically significantly related to acceptance of technical and organizational measures for the protection of personal data. The results of the research show that the acceptance of measures by a library director is mostly influenced by perceived privacy regulation knowledge, while culture and confidence have a positive correlation of moderate strength. Privacy awareness has a positive correlation of low strength. For librarians working in the user department, the correlations of independent variables with the acceptance of certain measures for personal data protection were examined, and it was found that providing information on data processing as needed, intent to act correctly in handling personal data and ensuring physical security of personal data all have a positive correlation with privacy awareness, percieved privacy regulation knowledge, culture, and confidence towards data protection authorities, while not correlating with privacy experiences. Privacy experience, percieved privacy regulation knowledge and confidence towards data protection authorities are not correlated with disclosing reading information to another user, while privacy awareness and culture are negatively correlated, which means that increasing awareness and culture will reduce the disclosure of reading habits to other users. The third hypothesis seeks to determine whether there are statistically significant differences in the acceptance of technical and organizational measures in the library with regard to demographic indicators age and work experience in the profession. The results showed that there is no statistically significant difference in the acceptance of technical and organizational measures for the protection of personal data with regard to age and work experience in the profession in the sample of library directors. The results of the sample of librarians show that librarians aged 46 to 65 are more likely to provide users with information on the processing of their data when necessary, while the results for the remaining three claims concerning acceptance of measures did not show a difference in acceptance of measures between age groups of librarians. It was also found that there is no statistically significant difference in the acceptance of technical and organizational measures in the library with regard to the work experience of directors and librarians. x The fourth hypothesis examined the perception of the importance of protecting information privacy in libraries and confirmed that the perception of the importance of protecting information privacy in libraries was high, and was found a high degree of agreement with claims that point to the importance of protecting personal data in libraries and promoting privacy awareness in libraries. The fifth hypothesis was proved, which established that there is a statistically significant correlation between compliance with the principle of transparency and the size of the library according to the number of library staff and the number of active users.