Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Academic Journal Claims it Fingerprints PDFs for ‘Ransomware,’ Not Surveillance

Vice: “One of the world’s largest publishers of academic papers said it adds a unique fingerprint to every PDF users download in an attempt to prevent ransomware, not to prevent piracy.  Elsevier defended the practice after an independent researcher discovered the existence of the unique fingerprints and shared their findings on Twitter last week.  “The identifier in the PDF helps to prevent cybersecurity risks to our systems and to those of our customers—there is no metadata, PII [Personal Identifying Information] or personal data captured by these,” an Elsevier spokesperson said in an email to Motherboard. “Fingerprinting in PDFs allows us to identify potential sources of threats so we can inform our customers for them to act upon. This approach is commonly used across the academic publishing industry.” When asked what risks he was referring to, the spokesperson sent a list of links to news articles about ransomware.  However, Elsevier has a long history of pursuing people who pirate or share its paywalled academic articles. In 2015, Elsevier sued SciHub, the “Pirate Bay of Science,” which hosts millions of journal articles, including those from Elsevier. In the past, the company has faced criticism for acquiring other academic platforms that distributed papers for free in an attempt to corner the market. Some universities have boycotted Elsevier in the past, and the company has used legal threats against other sites that host academic papers online. The company has had cybersecurity issues before. In 2019, it left a server open to the public internet and exposed user email addresses and passwords…”

Sorry, comments are closed for this post.