Shine a light on tech’s hidden impacts. Triple your donation.
Skip navigation

Hello World

Librarians Are Waging a Quiet War Against International "Data Cartels"

Digital collections put library patrons’ privacy at risk

Wide-angle interior photograph of students studying in a college library
The Bancroft Library, on the campus of the University of California, Berkeley Jay L. Clendenin/Getty Images

Hi all, Tara here, The Markup’s education reporter. You may have read my story about how college students are tracked by one system or another near constantly as they study and move around campus. I focused on a community college in Southern California and a student there who is particularly troubled by the digital privacy sacrifices required to pursue a degree. One part of campus I barely touched on was the library, and that’s why I’m back in your inboxes today. 

Libraries have long been bastions of privacy. In fact, the American Library Association first put a right to privacy into its Bill of Rights in 1939. Librarians have since stood up time and again, refusing to keep records of what people borrow and thwarting occasional government interest in obtaining that sort of information. 

Yet while privacy is at the heart of many librarians’ work, it is becoming increasingly difficult to guarantee. 

At a university today, someone doing research through a library is just as likely to access materials in digital as in physical form. And, Markup readers, you know that means new avenues for tracking. 

Eliza Bettinger, a librarian at Cornell University, is among those with concerns. 

“For intellectual freedom, you have to have some degree of privacy to explore ideas,” Bettinger told me. She is a member of the Library Freedom Project, a coalition of librarians focused on patron privacy in an era of digital surveillance. 

At Cornell, international students have asked Bettinger how they can keep their home governments from finding out what they’re reading on campus. Lucky for them, and any other students worried that their interests could be exposed, circulation records aren’t saved or shared at Cornell. This means students can check out physical books and keep their browsing habits private. They can also browse the web and many library databases from library computers without needing to sign in. The university has even taken steps to preserve their privacy when they log in remotely to access digital library resources like academic journals and databases—a harder task, on the technical side. 

For intellectual freedom, you have to have some degree of privacy to explore ideas.

Eliza Bettinger, librarian, Cornell University

Bettinger and two co-authors described why and how to follow Cornell’s lead in a recent paper for the Licensing Privacy Project, which advocates for securing library patrons’ digital privacy through contract negotiations with vendors. Most universities don’t. They share personally identifiable data like usernames and email addresses with companies that sell databases of academic journals and other library resources, one of the practices Bettinger and her co-authors say cedes ground to “corporate data cartels whose interest is less to support rich discovery experiences than to enclose the research process within siloed and surveilled profit-making systems.”

Sounds extreme, right? Well, companies that got their start as academic publishers have spent the last several decades transforming themselves into hugely profitable data analytics firms. Elsevier, for example, owns ScienceDirect, the premier database of peer-reviewed journals. It is a subsidiary of RELX, a global data broker that also owns LexisNexis and collects massive databases of personal information it then sells to government agencies and businesses to use in algorithms for things like policing, insurance, and banking. There are concerns the company could add library data directly to that mix. (If you want to go further down this rabbit hole, check out Sarah Lamdan’s book, Data Cartels, which delves deeply into the web of surveillance and data analytics at the heart of both RELX’s and Thomson Reuters’ business models.)

Like the Licensing Privacy Project, the open-access advocacy group SPARC has also focused on contracts as a source of leverage. A paper SPARC commissioned analyzing contracts with Elsevier noted that “user tracking that would be unthinkable in a physical library setting now happens routinely through publisher platforms.” 

Nick Shockey, SPARC’s director of programs and engagement, told me this sort of tracking has been allowed to spread because higher ed administrators haven’t shifted to see publishing companies like Elsevier for what they are now: tech companies. 

“With the largest tech companies, there’s an increased level of awareness of privacy risks,” Shockey said. But academic publishers don’t yet get the skepticism they deserve. SPARC is among those trying to set the record straight.

Stay tuned for more from me on privacy and surveillance in the education space. And reach out if you have any tips!  

Tara García Mathewson

P.S. Hello World is taking a break next week for Memorial Day Weekend. Look for us in your inboxes on Saturday, June 1.

We don't only investigate technology. We instigate change.

Your donations power our award-winning reporting and our tools. Together we can do more. Give now.

Donate Now