Single quotes are used for a string literal. Double quotes are used for identifiers. So you're asking if the string literal 'author' is equal to the tag value, not if the column with the name "author" is equal to the tag. Be sure that the input is coming from a trustworthy source, otherwise you could get a SQL injection attack: [](https://xkcd.com/327/) Some libraries will include a function that will return the appropriately quoted form of an indentifier for you, but I don't _think_ Python's sqlite3 module has that. I could be wrong. Edit: My bad, I misread the quotes and got mixed up which were for Python and which were for the statement.