Produced in collaboration with Becky Yoose of LDH Consulting Services, Navigating Risk in Vendor Data Privacy Practices: An Analysis of Elsevier’s ScienceDirect documents a variety of data privacy practices that directly conflict with library privacy standards. The report raises important questions regarding the potential for personal data collected from academic products to be used in the data brokering and surveillance products of RELX’s LexisNexis subsidiary
By analyzing the privacy practices of the world’s largest publisher, the report describes how user tracking that would be unthinkable in a physical library setting now happens routinely through publisher platforms. The analysis underlines the concerns this tracking should raise, particularly when the same company is involved in surveillance and data brokering activities. Elsevier is a subsidiary of RELX, a leading data broker and provider of “risk” products that offer expansive databases of personal information to corporations, governments, and law enforcement agencies.
As much of the research lifecycle shifts to online platforms owned by a small number of companies, the report highlights why users and institutions should actively evaluate and address the potential privacy risks as this transition occurs rather than after it is complete.
While the report raises serious causes for concern, libraries still have the power to shift the marketplace to once again reflect librarianship’s commitment to patron privacy. Concerted action now during this period of transition can greatly impact the future, so the report closes with suggested actions that libraries can take over both the short and long term to address vendor privacy risks.
This page will be updated as additional analysis and resources are available.