So, this week the code4lib journal published an article whose methods I believe to be unethical enough to deserve retraction, alongside an editorial rationalizing the choice to publish which I also believe should be retracted. Because privacy ethics in LIS publishing is a hot-button issue for me—these are far, far from the only two pieces in the LIS literature I believe should be retracted on privacy-ethics grounds!—my reaction on Twitter was Twitter-style intemperate. I reproduce the text of that tweet here because I routinely delete tweets of mine older than six months, and given the gravity of this situation, this one needs a longer lifespan:

Today’s absolute BS take, from the Code4lib Journal: https://journal.code4lib.org/articles/16208

If you cannot collect data while keeping patron information and resource use anonymous (not just deidentified), YOU DO NOT COLLECT IT.

Retract this editorial and that article. Immediately. For shame.

I don’t use “for shame” often or lightly, I should perhaps mention. It’s harsh. When I do say it, I mean it. In my estimation, both article and editorial are shameful, and their authors and editors should be ashamed of them.

Additional necessary context: my colleague and friend Becky Yoose explained on Twitter her involvement in the pre-publication deliberations. C4LJ editorial-board member Peter Murray responded on his blog.

Before I discuss the article and editorial, and the process by which they came to be, I think it will help for me to lay out both the axioms I’m working from, and my history with code4lib. The former is important if the fundamental issues this case raises are ever to be resolved within the LIS literature; the latter is important because it casts some doubt on who’s making good-faith arguments here—and to be clear, “who isn’t” may in fact be me. I don’t think it is, of course! But I don’t get to make that determination for all of you.

Axioms

Research that is unethical should not be published; if it is published, it should be retracted. The Committee on Publication Ethics concurs, by way of a rather handy workflow diagram explaining how to handle misconduct allegations, and the statement that editors should consider retracting a piece that “reports unethical research.”

Research on library patrons that contravenes library-specific ethics is unethical; it should not be published in the LIS literature, and when published there, should be retracted. The Belmont Report, and the Institutional Review Board infrastructure that grew out of it, are not library-specific and do not capture the entirety of library-specific ethics concerns. In the absence of a similar report and related infrastructure for library research, it is incumbent on editors and peer reviewers for the LIS literature to understand and apply library ethics to their editorial and review work, rejecting work that infringes library ethics. (It is not, however, incumbent on LIS publishing labor to manage ethics for other disciplines, just to be clear. Plenty of work to do cleaning up our own house, I think.)

Library-specific ethics codes hold patron privacy sacrosanct. For example:

• IFLA: “Librarians and other information workers respect personal privacy, and the protection of personal data, necessarily shared between individuals and institutions. The relationship between the library and the user is one of confidentiality and librarians and other information workers will take appropriate measures to ensure that user data is not shared beyond the original transaction.”
• CFLA-FCAB (see also): “Libraries have a core responsibility to safeguard and defend privacy in the individual’s pursuit of expressive content. To this end, libraries protect the identities and activities of library users except when required by the courts to cede them.”
• ALA (see also): “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” Note particularly that confidentiality is not a substitute for privacy; patrons are entitled to both. In the current context, last winter’s Resolution on the Misuse of Behavioral Data Surveillance in Libraries warrants a read.
• ACRL: “The privacy of library users is and must be inviolable. Policies should be in place that maintain confidentiality of library borrowing records and of other information relating to personal use of library information and services.”

Given the nationality of the article author, I did look for relevant Canadian library-ethics codes, but did not locate one. If this represents a fumble on my part, by all means point me to the relevant documents—I want to know where they are and what they say! (I do read French, though slowly.) If they don’t exist, then my sense is that IFLA ethics codes would apply. My thanks to Becky Yoose for helping me locate the CFLA-FCAB statement.

The corollary arising from the above axioms seems clear to me: Research that violates patron privacy should not be published in the LIS literature, because it is unethical per standard library ethics; when published there, it should be retracted.

Code4Lib and me

This is a lot of long stories, but I’ll try to keep it short. I found the code4lib IRC channel early in my career as a librarian, and participated there until I could no longer abide repeated, unchecked (indeed, supported and defended) sexist expression from other participants. The planning process for their initial conference was the first last straw. Repeated attempts at silencing and tone-policing me for blogging openly about the first last straw was the next last straw, and this episode was the last last straw.

Where this ties into the current saga is this tweet from Peter Murray calling for civility. As Becky has been quite civil throughout, I suspect this tone policing to have been aimed at my original tweet. Given my history with code4lib—indeed, with librarianship—I can’t be surprised, only exasperated.

Do with this knowledge what you will.