Editor’s Note: Today’s post is by Sari Frances. With over 15 years’ experience in the publishing industry, Sari Frances, Manager of Digital License Compliance, has successfully managed IEEE’s IP Protection Program since 2008. IEEE is the world’s largest organization dedicated to advancing technology for humanity. Sari’s responsibilities include collaboration with legal, IT security, IPR, and sales to address worldwide concerns about digital piracy and copyright infringement.
Any article today regarding digital piracy of scholarly literature needs to start with the most egregious threat: Sci-Hub. As many readers know, there have been numerous articles written not only in The Scholarly Kitchen about Sci-Hub, but also for the broader public interest, including in The New York Times, Science Magazine, and the Chronicle of Higher Education. These articles discuss how Sci-Hub works, the various perspectives of use, the impact it is having on copyrighted content, its popularity, and even comparisons to Napster. Regardless of your viewpoint on these and other issues surrounding Sci-Hub and similar sites, I can sum it all up with one straight fact – it’s illegal.
I first began managing the Institute of Electrical and Electronic Engineer’s (IEEE’s) intellectual property Protection Program approximately ten years ago and never envisioned an infringing site so big that it could possibly disrupt the entire STM publishing industry. At IEEE, we had previously been dealing with illegal resellers, file-sharing sites, torrent sites, and IEEE mirror sites that were something of a ”whack-a-mole” game. For the most part, our efforts were successful. However, Sci-Hub, and similar sites, changed the game and require us to adapt. As Christopher Dodd, MPAA Chairman and former US Senator, suggests, “We are successful at [managing piracy] every day. We make great inroads, but it is a problem that isn’t going away.” Today, I am enthusiastic to share the recent progress IEEE and its peers in the publishing and academic community have made to adopt a multi-pronged approach to manage this threat.
In 2014, IEEE — along with other publishers (through initial efforts with the Association of American Publishers) — began notifying and educating subscribers about Sci-Hub so that they could be proactive in helping to mitigate the harm we were both experiencing. With new detection tools, in late 2016, known Sci-Hub activity increased significantly as depicted in the chart below.
Publishers are fortunate in one regard — virtually all librarians and research management professionals within institutions respect intellectual property rights and try to prohibit misuse. They know their own role is made much more difficult when their patrons distort usage of content to which they subscribe by accessing it on a piracy site. Many of these compromised institutions have now, with our help, begun to understand that the vulnerabilities lay within their own authentication systems and how these risks can be mitigated.
Understanding how Sci-Hub differs from previous threats is key to developing our new approach. The dangers of Sci-Hub and other similar illegal sites are found in the way they operate: leveraging authentication technology, using stolen user credentials, phishing attacks. We even had an institutional subscriber tell us that Sci-Hub was registering new cellphone numbers via stolen user credentials in order to maintain access to the account. We have seen all of this first-hand at IEEE. Sci-Hub’s attacks are directed at end users to compromise their security rather than attack the publisher directly. Beyond the collecting sites such as LibGen, there are others who help facilitate and enable the pirates so that they remain undetected. Sci-Hub has also employed alternative distribution models like the Tor network — a free software tool to help users disguise their location and identity.
IEEE has seen very positive results from the communication and education regimen conducted in collaboration with our institutional partners. The universities with whom we’ve spoken have been committed and creative in their problem solving. But what about other universities that have not yet been compromised? Education about the threat needs to continue. A crucial element of this communication is trust and clarity of messaging. Accusing library subscribers of a failure to act would be counter-productive and, in many cases, unfair. Instead, we try to assist by promoting awareness of the best methods for securing licensed content for which they have made a significant investment. The resources available to universities are limited and we would like to help them be maximized.
Several publishers, including IEEE, are also working with organizations such as PSI and OCLC to develop tools and technical solutions to ensure the security of customers. These initiatives to help protect both the academic and publishing community from digital piracy are not only necessary to maintain the credibility of peer-reviewed and updated content but also enable protection against potential harm to end users and the research institutions that serve them.
Unfortunately, many researchers appear to be less concerned with protecting intellectual property rights than their librarian colleagues. According to a 2016 survey published in Science Magazine, a depressing 87.8% (9,526 of 10,841 participants) responded negatively to the question “Do you think it is wrong to download pirated papers?” So, if researchers themselves are willing to make use of the criminal sites or at least are willing to condone the activity, where does that leave us? Again, greater education about the dangers of these illegal sites is imperative — not only for other publishers and libraries, but end users as well. Rick Anderson’s letter to university faculty in The Scholarly Kitchen from 2016 describes how Sci-Hub is illegally acquiring user credentials and the consequences in doing so.
Taking steps to secure access is a responsibility of both institutions and the end users. For example, institutions providing access to licensed content should consider:
- Requiring that user names and passwords are changed at regular intervals (e.g. new passwords must be created every semester or month)
- Requiring stronger passwords
Similarly, users need to be advised that they should:
- Not share username/passwords, including with family members or friends.
- Not reuse passwords out of convenience.
- Be cautious of emails or sites that request confidential information. If something looks suspicious, double check the source or URL.
Additionally, IEEE strives to provide secure and seamless access and therefore aligns with efforts like RA21 so that legitimate users are not impeded by our IP protection program.
Meanwhile, Elsevier and the American Chemical Society (ACS) have progressed through well-reported litigation. As a result of their actions, we saw a decline in infringing activity on IEEE Xplore®. The legal actions were successful in having Sci-Hub removed from web extensions like .org, .cc, and .io. More recently, STM publishers are also working together on initiatives to better (and more collaboratively) manage these challenges that both publishers and subscribers face.
Overall, this battle has to be fought and won on several fronts: legal, technical, and educational (repeated as often as necessary). If all three are not in play, digital piracy will continue unabated. Developing and building this strategy to challenge Sci-hub is important to not just the publishers but the community at large. Such disruption could compromise publishers’ ability to develop and maintain their highly valuable journals and conferences and thereby do significant harm to the larger scholarly publishing research cycle.
A multifaceted approach that allows publishers to be dynamic and flexible in our strategies is critical to our success and continued existence. It will be a significant challenge to keep up with Sci-Hub and other emerging piracy sites and will require us to make changes much faster (and smarter). However, we feel that if we can continue to work together, we can accomplish our goals and be more effective in combatting digital piracy – as we’ve already proven through our recent successes.