One of the clear results of Sci-Hub’s mass piracy has been the recognition across the scholarly publishing community that our authentication systems are no longer fit for purpose. Journals and other academic products still rely on IP ranges for authentication, a system that most other internet products long ago replaced with better, more secure methodologies.

Modern authentication systems are coming soon to scholarly publications, have no doubt. But with them come questions about user privacy. Methods like two-factor authentication involve a much more granular identification of the user, rather than just knowing that someone at University X is looking at a paper. While journal marketers and advertisers are both very excited about the new possibilities this will open up, they are in opposition to policies of academic libraries, which put great stock in the anonymity of resource usage. There is likely a battle ahead, and a balance will need to be struck between the new services that can be offered and the library’s desire to keep user records secret.

Outside of academia, however, this ship has sailed. Those same academics whose privacy is being carefully guarded by their library stewards constantly give up much more detailed information about their lives to the online services that rule most of our lives, mainly Google and Facebook. These services are so ubiquitous, that as the video below notes, it’s pretty amazing what people are willing to give up for as little as the price of a cup of coffee.

Given that we live in a surveillance society, and that the closest hope for a viable business model that companies like ResearchGate and Academia.edu have requires spying on researchers and collecting information on what they’re reading and discussing, is this still a fight worth having?

David Crotty

David Crotty

David Crotty is the Editorial Director, Journals Policy for Oxford University Press. He serves on the Board of Directors for the STM Association, the Society for Scholarly Publishing and CHOR, Inc. David received his PhD in Genetics from Columbia University and did developmental neuroscience research at Caltech before moving from the bench to publishing.

View All Posts by David Crotty

Discussion

10 Thoughts on "Coming Soon: Battles Over Academic Privacy — But Is This Fight Already Over?"

This sentence seems to me exactly the point – “those same academics whose privacy is being carefully guarded by their library stewards constantly give up much more detailed information about their lives to the online services that rule most of our lives.” There is quite a difference between an individual making the choice to trade their information for a service they value and a library/university giving that information away (for something that the individual may or may not value). Privacy is one part of this complex environment – another is agency/self-determination.

I guess my question is whether there’s value in blocking publishers from this sort of information when it is readily available for purchase by those publishers from the likes of ResearchGate, Mendeley, ReadCube, etc.?

Hmmm… is this a complaint that a publisher would have to purchase such information from those organizations and you think libraries should provide it for free?

More the idea that we would be forced to dumb our systems down to prevent them from collecting information that we would then purchase from Elsevier or Springer Nature, fattening their coffers and resulting in higher prices for libraries and in the end, accomplishing nothing in terms of privacy.

I’d be extremely interested in any specific examples where a publisher is having to “dumb down” their systems to prevent information collection. Given the contracts libraries have with database providers, it would strike me as very surprising that publishers are experiencing push-back that database vendors are not.

I’m not talking about current IP range systems, more the new authentication systems likely to come online in the next few years.

Libraries subscribe to systems that require users to create personal accounts to use them so it doesn’t seem like any other authentication system could be more non-private than that? And, even now when IP ranges are used to authenticate, individual IPs are captured by the database providers and tracked so that isn’t particularly private either.

So, weirdly, what I’m saying is that I think you are wrong that there is a battle ahead … because what is ahead is already in use?

I’m certainly no expert on authentication systems, but from what I’m told, the abilities to identify and track user behavior using newer, more modern systems (like single sign-on via your Google or Facebook account) are superior to those already in place. Regardless, as those systems are put in place over the next few years, even if they’re at the same level of granularity, I suspect the questions will be raised. If the same data is completely available elsewhere, is this still important, particularly if it results in higher costs for libraries.

MONITORING THAT PROJECT GOALS ARE BEING FOLLOWED!

“When I applied for the first time for a grant from the NIH and asked one of the directors how to go about it, he said, ‘Write something, and then forget it. You know, there are always nosy congressmen, and we must be covered by a piece of paper.’ This was sound philosophy which brought two Nobel Prizes to the NIH.”

These words of Nobelist Albert Szent-Gyorgyi (1974) remain true today, at least for researchers of his stature. Allowing snooping into his reading would have had allowed today’s more focused NIH bureaucrats to closely monitor his day-to-day activities. Goodbye real progress in research!

Comments are closed.