By analyzing the privacy practices of the world’s largest publisher, the report describes how user tracking that would be unthinkable in a physical library setting now happens routinely through publisher platforms. The analysis underlines the concerns this tracking should raise, particularly when the same company is involved in surveillance and data brokering activities. Elsevier is a subsidiary of RELX, a leading data broker and provider of “risk” products that offer expansive databases of personal information to corporations, governments, and law enforcement agencies.
The report—based on a review of legalistic disclosures, library agreements, and under-the-hood web tracking—is a sobering read. In particular, SPARC highlights the likely cross-product pollination from Elsevier to parent RELX Group’s LexisNexis “risk” businesses:
There is little to nothing to stop vendors who collect and track patron data from feeding that data—either in its raw form or in aggregate—into their data brokering business.