I think user privacy gets used a lot in libraries as an excuse to not do something. I hear users ask constantly whether we can tell them what they read last year and most of the time they can't believe it when I say that we don't keep records of what they read.
More often than not libraries suggest that it would infringe the user's privacy to keep those records. I don't buy it. If users must opt-in to keeping their borrowing history where is the problem? I would be swayed by the "we can't afford the server space" argument well before the privacy one.
Anyway, I wrote a short post about this idea on the RISG blog, which was based on another blog post I read called, What Libraries Can Learn from Facebook.
