Across our community, efforts to help users manage their identity and access personalized services are growing steadily. Academic institutions and their libraries, scholarly publishers, standards bodies, discovery services, and other intermediaries have developed dozens, perhaps hundreds, of user identifiers and accounts. Each attempts to serve the needs of faculty members, students, and other users, in the context of a single organizational setting or service offering. Collectively, they present several difficult problems for academia and scholarly research. The best solution for research, teaching, and learning would be a single account for each user, controlled by that individual, and accepted portably across services and platforms.
In recent years, a number of services have been developed or expanded to help scholarly identity, and user accounts, become more portable and powerful. ORCID offers a standard way to track the scholarly contributions of an individual, provides an interchange across proprietary author services products, and serves as the basis for a growing array of new services. Through Eduroam, scholars and students visiting universities where they are not affiliated can use their own university credentials for seamless internet access. The Shibboleth federated identity service improves offsite access to licensed e-resources. And in a more proprietary but surely no less powerful move, Elsevier is linking Mendeley user accounts with those on Scopus and ScienceDirect, which should allow more effective services by tracking scholars across these important platforms. Each of these initiatives is generating real value, but none solves the underlying problem.
The underlying problem is straightforward: Academics’ expectations for user experience are set not by reference to improvements relative to the past but increasingly in comparison with their experiences on consumer internet services and mobile devices.
Social login, the use of an identity service provided by Facebook, Apple, Google, or Twitter to personalize features of a third party service without requiring a separate username or password, is a common and relevant example. The providers of these identity services (and associated wallet functionalities) are delighted to learn more about user preferences and activities to drive their advertising and platform businesses. Users have one less password to remember. Social login – the ability to use some kind of account portably to login elsewhere – ideally would provide access to licensed e-resources but at a minimum would provide personalized services. Social login is a base-case user expectation – one where academic libraries and scholarly publishers fall unambiguously short.
Personalized discovery is another remarkable growth area, driving Facebook and Twitter but also a variety of Google services. Scientists are busy creating a raft of personalized and anticipatory discovery services for themselves – such as ScienceScape and Sparrho. They are acting to fill a void that publishers (which typically provide TOC and keyword alerts) seem unable to address, perhaps because even the largest publishers lack the required scale needed. Library discovery systems may have the scale but have not yet offered such services. Even so, anticipatory discovery is emerging as a requirement for researchers as sure as social login.
Today, Google is finally moving into what has long seemed to me to be the inevitable addition of social login to its apps for higher education business, allowing seamless offsite login to Gale resources through the Gmail directory information.
This development should catch the attention of librarians and publishers alike. Social login is a convenience for users, to be sure, but social login to scholarly resources controlled by an advertising company should raise concerns about privacy. Moreover, depending on who controls social login and how it is offered, it can provide an unprecedented understanding of user practices and behavior that would provide an enormous competitive advantage for discovery, alt-metrics, content editorial, advertising, and more. Google’s steady inroads into higher education through Scholar, Books, and Apps (including Classroom), provide important context for those who would be concerned about supporting the competition.
Far better than a single user account controlled by Google or Elsevier (should the rumored use of Mendeley accounts for certain types of social login purposes be realized) would be a single user account controlled by users themselves. Such a user account could have several key characteristics:
- Affiliation: It could be paired with not only a single institutional affiliation but would recognize the multiple affiliations so many of us carry concurrently, maximizing our legitimate authorizations to content, while providing a vehicle for Maintaining Relationships with Readers as They Cross Affiliations
- Appropriate copy: By moving beyond the idea of a single institutional affiliation, it would necessarily moot the notion of an institutional link resolver and could allow individual users to express their own preferences for preferred sources among authorized content.
- Authorization: It would carry login credentials to whatever platform a user would wish to access, allowing for seamless access and vastly improved workflows and interfaces.
- Personalization: It would carry usage data and preferences, allowing services to deposit data into this account that could (with permission) be carried across platforms, allowing for personalized discovery experiences, commenting and annotation, and a variety of other sophisticated research support services, which only make sense for users if they can be offered on a cross-platform basis
- Opt-In: The user would choose whether to use this account at all. While some providers might require it for off-campus access, it can co-exist with traditional IP-based authentication for on-campus access.
- Control: The user would have the ability to see transparently what is inside the account, to determine what components of that account would be shared with any service provider (publisher, library, discovery service, etc), and to delete any components permanently at any time, yielding far more robust privacy protections than any balance likely to be set through formal policy.
- Choice: Users could select from a number of different trusted partners to provide their account, rather than relying on an agent presuming to act on their behalf, providing greater assurance that their interests would be protected.
Taking on the work to develop such a system would be extremely beneficial. Compared with the numerous on-platform user accounts and the challenges researchers face in accessing these platforms from off campus, it would substantially improve the researcher experience. It would change the ownership and control of user data, empowering individuals rather than institutions, and as such is highly user-centric. And it would thereby provide a vehicle for offering a variety of advanced personalized services, which libraries, publishers, and intermediaries have been generally unwilling to do, either for fear of tackling privacy issues or because their scale is too small. In this sense, it would push back against the powerful scale effects of data, providing a level playing field for smaller content platforms and services. It would also provide a stronger framework for gathering the massive aggregations of data about academic activity are increasingly important to universities’ efforts to improve undergraduate success.
Others have attempted or considered open user accounts systems in other settings (my thanks to Peter Murray for calling my attention to this post). Keyrings and certificates were explored for such purposes in the past, but other approaches may be available for such an initiative today. There is much good work and infrastructure that could be leveraged.
This proposal might be daunting for a variety of reasons. New systems architecture would certainly be required, and although this approach offers real benefits from a privacy perspective, further vetting of privacy implications are needed. Perhaps the greatest challenge, however, is the need for trusted parties to define, if not actually manage, the user accounts themselves. Nevertheless, given the potential to create value for users and the alternatives that otherwise may take hold, it is a vision worthy of consideration.