About a week ago, I came across a reference to the "Journal of Computer Virology" in the Worm Blog. It's a new journal about malware that looked interesting so I thought I'd try to subscribe if the rates were reasonable... and maybe submit some material since there's a CFP open.
Anyway, the short story is that I went to the Springer website and couldn't find information on individual subscriptions - so rather than giving up, I wrote to them asking how to subscribe. I went back and forth for a while with their licensing department and was ultimately sidelined to customer service. A week letter I received this email:
Thank you for your inquiry. If you would like to place a journal order, please provide complete shipping and billing address, if different, complete name of person ordering, telephone number, credit card number, expiration date, name on credit card, name of journal, specify whether for an institution or individual, and for what year.
Um... So, let me get this straight: I send all my personal account information and payment details via email in order to subscribe to an information security technical journal. Isn't that kind of like having a cigarette machine outside a 'smoke-enders' meeting? Bad customer service I can handle: the week-long wait wasn't an issue, the impersonal form letter, the shuffling between various reps over at the company. I'm used to all this stuff. But what really sizzled my bacon was the cavalier attitude about my data. And the fact that it is a form letter means they send this particular message out fairly often; how many other people get this mail and send them the data? How many people are subscribing to non-infosec journals and don't know email is an unacceptable way to harvest payment and address information?
In my opinion, the situation is compounded by the fact that Springer, the publisher, is a German company and ought to be operating under the auspices of the EU Data Privacy Directive. Isn't there something about "adequate protection" when collecting personal data?
So needless to say, I think I'll pass on this for the time being.
Posted by Ed at December 15, 2005 11:25 AM