Navigating Risk in Vendor Data Privacy Practices: An Analysis of Elsevier’s ScienceDirect documents a variety of data privacy practices that directly conflict with library privacy standards, and raises important questions regarding the potential for personal data collected from academic products to be used in the data brokering and surveillance products of RELX’s LexisNexis subsidiary. By analyzing the privacy practices of the world’s largest publisher, the report describes how user tracking that would be unthinkable in a physical library setting now happens routinely through publisher platforms. The analysis underlines the concerns this tracking should raise, particularly when the same company is involved in surveillance and data brokering activities. Elsevier is a subsidiary of RELX, a leading data broker and provider of "risk" products that offer expansive databases of personal information to corporations, governments, and law enforcement agencies.
Elsevier, Taylor & Francis, Springer Nature, Wiley, and SAGE: Many researchers know that the five giant firms publish most of the world’s scholarship. Fifty years of acquisitions and journal launches have yielded a stunningly profitable oligopoly, built up from academics’ unpaid writing-and-editing labor. Their business is a form of IP rentiership—collections of title-by-title prestige monopolies that, in the case of Nature or The Lancet, underwrite a stable of spinoff journals on the logic of the Hollywood franchise. Less well-known is that Elsevier and its peers are layering a second business on top of their legacy publishing operations, fueled by data extraction. They are packaging researcher behavior, gleaned from their digital platforms, into prediction products, which they sell back to universities and other clients. Their raw material is scholars’ citations, abstracts, downloads, and reading habits, repurposed into dashboard services that, for example, track researcher productivity. Elsevier and the other oligopolist firms are fast becoming, in other words, surveillance publishers. And they are using the windfall profits from their existing APC-and-subscription business to finance their moves into predictive analytics.
This report highlights and contextualises four cross-cutting interventions with a strong potential to reshape the digital ecosystem:
- Transforming infrastructure into open and interoperable ecosystems.
- Reclaiming control of data from dominant companies.
- Rebalancing the centres of power with new (non-commercial) institutions.
- Ensuring public participation as an essential component of technology policymaking.
Farahany paints a picture of a near future in which every office worker could be fitted with a small wearable that would constantly record brain activity, creating an omnipotent record of your thoughts, attention and energy that the boss could study at leisure. No longer would it be enough to look like you’re working hard: your own brainwaves could reveal that you were slacking off. . . . A Coworker.org database of bossware found that more than 550 products are already in use in workplaces. Everywhere you look, workers are being tracked, watched, measured, scored, analyzed and penalized by software, human overseers and artificial intelligence, with the aim of wringing every last cent’s worth of productivity out of the flawed and fragile flesh-and-blood units of labor who must, regrettably, be used as employees until the robots get a little bit more manual dexterity.
Now is a good time to take steps to lock down your Twitter account, grab what data you can, review where you’re using Twitter to sign in to other online services, and delete anything you’d rather not live on a site that may be on its last legs. Taking these steps could protect you from identity theft or private messages being made public
For basic security, instances will employ transport-layer encryption, keeping your connection to the server you’ve chosen private. This will keep your communications safe from local eavesdroppers using your same WiFi connection, but it does not protect your communications, including your direct messages, from the server or instance you’ve chosen—or, if you’re messaging someone from a different instance, the server they’ve chosen. This includes the moderators and administrators of those instances, as well. Just like Twitter or Instagram, your posts and direct messages are accessible by those running the services. But unlike Twitter or Instagram, you have the choice in what server or instance you trust with your communications. . . . Two-factor authentication with an app or security key is available on Mastodon instances, giving users an extra security check to log on. The software also offers robust privacy controls: allowing users to set up automatic deletion of old posts, set personalized keyword filters, approve followers, and hide your social graph (the list of your followers and those you follow). Unfortunately, there is no analogue to making your account "private. . . . Mastodon users can mute, block, or report other users. Muting and blocking works just as you’d expect: it’s a list associated with your account that just stops the content of that user from appearing in your feed and prevents them from reaching out to you, respectively."
Just a few companies dominate most of our critical informational resources. Often self-identifying as "data analytics" or "business solutions" operations, they supply the digital lifeblood that flows through the circulatory system of the internet. With their control over data, they can prevent the free flow of information, masterfully exploiting outdated information and privacy laws and curating online information in a way that amplifies digital racism and targets marginalized communities. They can also distribute private information to predatory entities.
"Written by library privacy experts and based on input and guidance from a wide cross-section of stakeholders, The Ultimate Privacy Field Guide: A Workbook of Best Practices is structured to give library workers the tools needed to create and be advocates for privacy-protecting practices and policies. Published by ALA Editions in collaboration with ALA’s Office for Intellectual Freedom (OIF), it’s designed for use in school, public, and academic settings of all types and sizes."
"This white paper presents the case of using openly licensed photographs for AI facial recognition training datasets. . . . The case creates an opportunity to ask fundamental questions about the challenges that open licensing faces today, related to privacy, exploitation of the commons at massive scales of use, or dealing with unexpected and unintended uses of works that are openly licensed"