GDPR Compliance

I have experienced several times that various companies purchased databases of e-mail addresses and other information about persons who may be potential customers of their commodities. Those companies used that information to send them their mail campaigns. Sometimes they receive information about clients that are retired, young, athletes or sorted according to various criteria. Many people asked themselves how they do now that I am retired recently or that I my kids just enrolled in secondary school. Many people felt embarrassed and confused after they realized that their privacy is not protected and that their private information is distributed to third parties without their consent.

Search engines often allowed anyone to easily find information about people that are registered in any on line system.

Sometimes journal editors while entering archives of previous issues of their journals, articles and information about authors in web applications such as OJS are faced with repetitious work of entering information about some authors.  Some of them asked developers to develop plugin which will enable that will enable them to have drop down list of users so they can easily select user and insert it in list of authors of some scientific article. They did not have any intention of making public that list or to use that feature anywhere except in administration panel of their web applications. But, their benevolent intention can in some contexts produce unpleasant consequences for some authors.  Thus, it is needed that privacy is protected by design not just by possible honest intentions of people who use data about other people.

Numerous complaints in previous years motivated legislators in the EU to pass by very strict rule that will protect data about people. The EU adopted General Data Protection Regulation.

“The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.”  It will have very strong impact on entities within EU and those which store and use information of the citizens of the countries that are the EU members. The EU General Data Protection Regulation (GDPR)  was approved by the EU Parliament on April 14, 2016 and enforcement day is May 25, 2018.  Organizations in non-compliance can face heavy fines.  It is important to read part on extra-territorial applicability which reads:

“Arguably the biggest change to the regulatory landscape of data privacy comes with the extended jurisdiction of the GDPR, as it applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location. Previously, territorial applicability of the directive was ambiguous and referred to data process ‘in context of an establishment’. This topic has arisen in a number of high profile court cases. GPDR makes its applicability very clear – it will apply to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not. The GDPR will also apply to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU, where the activities relate to: offering goods or services to EU citizens (irrespective of whether payment is required) and the monitoring of behaviour that takes place within the EU. Non-Eu businesses processing the data of EU citizens will also have to appoint a representative in the EU. ”

There is still time to be prepared and in order to do so properly please read the text of adopted text of The EU General Data Protection Regulation (GDPR).



Manuals for Open Journal Systems

I have found that many editorial boards struggle with a lack of concise instruction materials and a lack of people who can train them with hands-on approach.  They usually find some solutions in on-line forums, but it is time consuming for editorial boards to spend so much time and look for partial information. Sometimes people who write manuals do not explain each step.  Several people contacted me and asked: “What I have to do now?  Something is missing.”

System administrators, software developers assume that what is easy to them it should be easy to everyone.  They plan training to be done in one evening because “It is easy. ” In my experience, I often found out that such practice leads to misconfiguration of application, underuse of its features,  mistakes in performing workflow tasks and procedures.  Work with applications as the Open Journal Systems is not hard but it is complex and it takes some time until user is familiar with its functionality and simple procedures for configuration and efficient use.

I wrote manuals for authors, editorial boards and reviewers for scientific journals according to their needs.

You can find here manual for authors, editorial boards, and reviewers.

I will publish here soon manual that puts together some basic administrative and editorial functions aimed to successful configuration of your Open Journal Systems application for your journal.


Spellcheck-Scientific Texts

The Open Journal Systems users use embedded TinyMce editor to enter various information during publishing their articles in journals.  Some users may need for various reasons spellcheck in order to make sure that texts they enter are spelled correctly.  TinyMce developers  developed one very simple spellchecker plugin that is not configured by default in the Open Journal Systems. There is free version and Spell Checker Pro version. TinyMce developers stated on the web page for Spell Checker pro that: A TinyMCE Enterprise subscription includes the ability to download and install a spell check as-you-type feature for the editor.

If you are editor, editorial board member or administrator of the site of your journal various payment schemes for spellchecking might not be affordable.

For general purpose texts you can use spellcheck capability of your browser.

But, if you need free, easy to install TinyMce spellchecker capable to spellcheck medical, scientific and legal terms you can consider using Nanospell spellchecker.  The developers of Nanospell stated on their site  that: It is perfect for secure applications and websites where user experience counts:

  • Guaranteed dictionary availability across all browsers, including medical, scientific and legal words.
  • Never sends your secure data to any remote servers: everything is done locally.
  • Works in older browsers which do not have spellchecking capabilities of their own.
  • No popup Ads

I supported some members of editorial boards to install it and configure properly in their Open Journal Systems installations. That is very easy and straightforward process which should not last more than 5 minutes and its icon should appear in toolbar of TinyMce editor in your Open Journal Systems installation.  It is easy to install its dictionaries which can meet your editorial and authoring needs.  However, please be aware of their licensing policy.



A number of virtual machines on one server

I have been recently invited by high level officials of one institution to help them to publish several journals on line.  Indeed, I recommended them to use Open Journal Systems which they gladly accepted.

They showed me their server, but one of high officials said: “You know, we do not have anyone who knows Linux.  We heard that you know it. we have on our server several installations for different web platforms, but we do not have idea how to fix several small issues and how to make everything work smoothly.”  I looked at each of those GNU/Linux installations and realized that many of them are installed as desktop machines with some additional applications such as web server, PHP, MySQL etc. But, many of those installations were lacking several dependencies resulting that some modules in web applications did not work. People who installed them were elsewhere and they did not have any documentation on settings, active services, software package versions and other important information related to virtual machines with operating systems and web applications installed on them.

I suggested to them that is necessary somehow to standardize those installations and choose GNU/Linux distribution that is efficient and easy to administer and migrate web applications to newly installed virtual machines and create documentation with precise information on operating system version, versions of important applications and infrastructure requirements. Those specifications will help administrator to manage backups, upgrades, maintenance, testing instead of guessing where is which application  and with what other application is or is not compatible.  They were scared since they were not sure how to do that and how many work hours is needed for that. Well, that will save a number of work hours of saving damaged or corrupted data, misbehaving applications or consequences of compromised virtual machines due to software packages that were not upgraded when needed.

Thanking to experience and knowledge of free software developers and users of GNU/Linux and many other free software applications it is possible to plan, project and implement whole infrastructure and web applications in a way that can assure users and administrators that everything will work smooth.

It is needed to take care on:

  • scalability
  • security
  • easy of use
  • ease of quality administration
  • price
  • maintenance
  • documentation
  • backups

We can add more criteria and discuss all of them which is beyond scope of this post. But, I want to stress importance that free software, open access are not just sandbox for benevolence and good will.  It is rather, very serious activity and require a lot of work in order to make sure that users of information and knowledge we publish on web applications designed for open access publishing  will have positive experience that will help them to learn.



Backup-Simple to do?

I prepared myself to do training for the members editorial boards of two journals issued by one institute of economic sciences.

I came to the premises where I was supposed to do training, but I noticed that people who entered data in the system dedicated to on line publishing were shocked and confused. “Everything is gone!”, said one of them.  “What has gone?”, I asked.  “The data we entered in the last two months!”, she replied sadly.  I started to examine what has happened and discovered that some bad backup was restored over our virtual machine hosted on their server.  “Hmm, did anyone restored some wrong backup?”, I asked.  ” I do not know how to do that and even our administrator is away. He left a couple of weeks ago.”, she sad hopelessly.  Well, another person was invited  to examine what has happened and we determined by checking logs and possible scenarios and we have found that former system administrator assumed that so-called bare-metal backup was sufficient. In addition, he did not check whether back was complete or not and what software vendor suggests to perform backup of guests on Hyper-V. Well, too much mistakes resulted in complete loss of data that two persons entered in the period of two months.

So, when you plan hosting and backup of your data please check carefully documentation, test your methods of backup and after checking of various possible disaster scenarios implement it on production (virtual) machine with open access application and samples of data entered.

History of Science Communication

Journal of Science Communication published in their special issue (Issue 03, 2017) articles on history of science communication.

Authors from various countries wrote articles and essays about history of science communication in thier respective countries.  Readers can learn about history of science communication in Japan, Australia, New Zealand, Spain, United Knigdom, Estonia, Mexico, South Africa.

Authors of editorial emphasized that: “The papers published in this issue are organized in three groups, though with diffuse boundaries: geography, media, and discipline. The first group contains works that deal descriptively and critically with the development of PCST actions and either general or specific public policies for this area in specific countries. A second set of papers examines aspects of building science communication on TV or in print media. The third group of papers presents and discusses important PCST cases in specific areas of science or technology at various historical moments.”

I strongly recommend all readers of this blog to read those articles and follow study in this are since this will help authors, editors, reviewers, system administrators to collaborate efficiently and make informed choices that put forward advancement of science communication in theory and everyday practice.

Licensing – Open Access

In my work with editorial boards of scholarly journals I found often that they support idea of open access in general. But, it is not clear always that licensing itself from the legal point of view may be quite complex.  Heads of scientific libraries and editorial boards sometimes discuss for long time issues related to licensing issues.  Sometimes that takes too much time since their lawyers sometimes say:  “That license gives you framework for implementation of open access ideas, but in our legislation it will be hard to make defense at the court. ” Well, it might be quite useful to have close cooperation with lawyers, NGOs and other people involved in the development of legislative efforts and translate Creative Commons license and do necessary steps so it can be accepted and accepted in legislation in your country.

In some countries people register their work in national copyright agencies, but absence of registration does not imply absence of protection and copyright.

One of successful and viable licensing practices is to choose appropriate Creative Commons licenses for article, data set, images or other article components.  Scientists who would publish source code of software used and created in research may use free software licenses. Please note that license does not relate to the content on images, video in terms of privacy and other potential legal issues.  For example, video showing a woman doing breast self-exam can be from the point of video authoring protected by Creative Commons. But if video shows face of the woman showed in video recording her privacy is violated if she had not given clear consent for that previously.

Editorial boards and librarians should often visit the website of EIFL.  They made very useful Handbook on Copyright and Related Issues for Libraries.  Those who would like to learn more on use of Creative Commons and what users can do with Creative Commons licenses please visit page with information on webinar related to that topic.  Knowledge acquired from those resources can help you to be more efficient, productive and safe in your publishing efforts. Your administrator can insert appropriate licensing information in published content.

The Open Journal Systems can insert licensing information in the article metadata  automatically and save your effort and time.


Web Site Certificates

If you work a lot with web applications that you use to publish your journal, repository of scholarly publications you probably heard about web security, certificates, eavesdropping.

If you are scholar or member of the board being much more involved in social sciences, arts, culture all those technical terms and theories may be quite confusing for you.

I have got recently message from one faculty member that study political sciences that their site is not accessible due to security certificate issue.  “I use Firefox”, he said and I have got warning message about certificates and it does not allow me to see my site.

Well, in majority of cases such warning message is not necessarily bad nor it does prevent you from seeing your site.  Indeed, it is good to learn more about web site certificates.  A good resource of information is here.

The Firefox team published their own article about web site certificates and relations with Firefox browser.

In additional article about technical error and message “Your connection is not secure”  Firefox team explained possible reasons.

In the case of journal published in the Open Journal Systems there was not issue with the Open Journal Systems web application.  Actually, their certificate expired as on image below:

certificate expired


Since they are sure that they trust their site they added exception to their browser.  They contacted their hosting company, checked certificates and solved issue. That is not hard.  Your administrator can keep notes on certificates and remind you on renewals and keep communication with hosting company and/or other certification authority and renew certificates in a timely manner.


CrossRef, DOI, XML, easy to do?

Many people from editorial boards asked me various questions about registering their journal with CrossRef. What is DOI? Is that XML thing too complicated?  Do we need someone with PhD to do that?

CrossRef is a not-for-profit membership organization for scholarly publishing working to make content easy to find, cite, link, and assess. We do it in five ways: rallying the community; tagging metadata; running a shared infrastructure; playing with new technology; and making tools and services to improve research communications.  The Digital Object Identifier, DOI is special number assigned uniquely to publications such as article, issue, galley, dataset, book, database etc.  There is interesting Wikipedia article about DOI for those who do not have much time to go into details.

People from CrossRef created a series of training materials which you can find on their Youtube channel.

I found very useful to watch their training on content registration and maintaining metadata information.  You can find a lot of useful information in that video training.  If you prefer slide presentation CrossRef published on Slideshare presentation about the same topic.

I always suggest to those who do not want to spend a lot of time in technical work in process of metadatadeposit and xml formatting to use the Open Journal Systems.

It is very easy to use Open Journal Systems and assign DOI numbers. Easy to use interface and pretty automatized process of metadata deposit save you a lot of time and effort.   There is special plugin for DOI assignment to your articles or other article/publication components. The users of 2.4.x branch of OJS can find information on assigning DOIs here.

The users of 3.x branch of OJS can do that even easier in less than 2 minutes configuration of plugin.  Huh, you will see that DOI and XML exports are not so hard thing. After using OJS you can ask yourself why you have had a lot of anxiety while thinking on things that are so easy to do.


Admins, Authors and Editors: An Important Relationship

laptop with headphones

Many times, I have experienced situations where people try to draw
lines between authors, editors, and system administrators. True, they
do have very different roles. But they should understand each other
beyond awareness of their role differences. Technically speaking,
system administrators do not care whether an author makes spelling
mistakes or not. Editors do care about spelling and grammar errors,
but they do not know much about server infrastructure.

If we really want to be productive, then we have to go beyond
polarized communication. Working together, authors, editors, and
technical people can create articles with clarity, cohesion,
concision, and precision. The more they understand the basics of
communication, the faster and smoother the process of creating a
quality document is.

I came across a very interesting book that will be helpful to authors
and editors, and will make life easier for system administrators too.

Roy Jensen, M.Sc., Ph.D., is a chemistry instructor and author of
Communicating Science and Exploring Chemistry. It is Communicating
Science that I recommend to authors here so they can acquire skills
that will help them to convey messages efficiently. His book is an
introductory communication guide that provides learners with a
foundation for writing, reviewing, and presenting technical
information to academic and public audiences.

His site, Rogue Publishing, contains useful information on these and
other topics.