Thanks for updating us, Péter
I have a few questions about the extra editorial, and I hope it comes across that I am asking this in good faith because I think these are important discussions to have.
The editors have stated that they "will not accept or publish papers that utilize individuals’ personal data". The issue arose in this most recent instance because you were not aware that the files contained personal data. It's unclear to me how this will be assured not to happen again. Are you saying you will not accept papers where the topic relates to personal data?
I am also slightly bemused that even a basic understanding of PowerBI files was beyond the expertise of the entire editorial committee of a coding journal.
You ask for colleagues to recommend sustainable guidelines. There have been a number of blog posts and commentaries on data security issues in the Code4Lib journal going back to at least 2020. I understand that editing this journal is a volunteer role and all good things rely on community input, but is this not something the editors can initiate themselves with some research? There are many resources available online for basic guidelines. What do the editors plan to do if colleagues do not contribute to developing guidelines?
I think Code4Lib journal and associated community is a really valuable resource.
But the response from the editorial committee feels like it falls short, especially given patron data issues have occurred on multiple occasions - this is not the first instance of this happening in Code4Lib. Clearly something that we as a library community also need to put front and centre in our work and our research.
Cheers,
Katherine
Katherine O’Brien (she/her<https://pronouns.org/what-and-why>)
Application Administrator, Online Services
University Library | ND13
The University of Notre Dame Australia
19 Mouat Street (PO Box 1225) Fremantle WA 6959
T +61 8 9433 0703 | [log in to unmask]<mailto:[log in to unmask]>
MS Teams<[log in to unmask]" target="_blank">https:[log in to unmask]> | Zoom<https://notredame-au.zoom.us/my/kobrien?pwd=d2pkTVg4OU5HWUVPTk15QjFUdE9YQT09> | Library<http://library.nd.edu.au/> | AskUs<http://askus.library.nd.edu.au/> | notredame.edu.au<https://www.notredame.edu.au/>
CRICOS Provider: 01032F
I respect and acknowledge the Traditional owners of the land on which I live and work as the First People and Custodians of this country.
________________________________
From: Code for Libraries <[log in to unmask]> on behalf of Péter Király <[log in to unmask]>
Sent: Tuesday, 6 February 2024 3:01 PM
To: [log in to unmask] <[log in to unmask]>
Subject: Re: [CODE4LIB] Code4Lib Journal Issue 58 now available
Dear Code4Lib community,
we the editors of the Code4Lib Journal just published an extra
editorial to summarize the patron data breach incident in our latest
issue, and the measures we introduced in the editorial workflow to
prevent similar future events:
https://journal.code4lib.org/articles/18040<https://journal.code4lib.org/articles/18040>
We invite colleagues who are knowledgeable in establishing relevant
policies and procedures to support the Code4lib Journal by using their
expertise to recommend sustainable guidelines that are informed by
existing best practice, either independently or in the form of a
journal article.
We are grateful to all of those who worked to raise this important
issue and look forward to collaborating with the community on best
practices going forward.
In accordance to this, we modified the Call for submission as well:
https://journal.code4lib.org/call-for-submissions<https://journal.code4lib.org/call-for-submissions>
Best,
Péter Király
On Sat, Dec 9, 2023 at 5:47 PM Péter Király <[log in to unmask]> wrote:
>
> Dear all,
>
> as one of the editors of Code4Lib Journal I would like beg your pardon
> for the security incident.
>
> Since the journal is edited by a group of volunteers and we do not
> have any formal organizational structure, we as a journal do not have
> yet an common answer, but I can tell you my private opinion. Right now
> we are considering the suggestions of the open letter. Some of them
> could be implemented and there is a high chance that will be
> implemented. In this particular case we made a couple of editorial,
> communication related and technical mistakes, but we are aware of the
> importance of the problem, and I personally disagree that the data
> breach happened because we did not take care of the ethical concern.
> In this case - and again speaking only from my part - I did not have
> the necessary knowledge to check the content of files in a particular
> (Power BI) format, and thus I was not aware of the real content of
> that files (the article itself doesn't tell details about the content
> of the attached file).
>
> It is sure we are taking care of this issue and the open letter, and
> we act accordingly. I hope that in the following days we will also
> have a better statement than mine, that will reflect the opinion of
> all editors.
>
> I beg your pardon again,
> Péter Király
--
Péter Király
software developer
GWDG, Göttingen - Europeana - eXtensible Catalog - The Code4Lib Journal
http://linkedin.com/in/peterkiraly<http://linkedin.com/in/peterkiraly>
Disclaimer
The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.
This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.
|