DRM Screws People Yet Again: Book DRM Data Breach Exposes Reporters' Emails And Passwords

from the was-that-really-worth-it? dept

I have a few different services that report to me if my email is found in various data breaches, and recently I was notified that multiple email addresses of mine showed up in a leak of the service NetGalley. NetGalley, if you don’t know, is a DRM service for books, that is regularly used by authors and publishers to send out “advance reader” copies (known around the publishing industry as “galleys.”) The service has always been ridiculously pointless and silly. It’s a complete overreaction to the “risk” of digital copies of a book getting loose — especially from the people who are being sent advance reader copies (generally journalists or industry professionals). I can’t recall ever actually creating an account on the service (and can’t find any emails indicating that I had — but apparently I must have). However, in searching through old emails, I do see that various publishers would send me advance copies via NetGalley — though I don’t think I ever read any through the service (the one time I can see that I wanted to read such a book, after getting sent a NetGalley link, I told the author that it was too much trouble and they sent me a PDF instead, telling me not to tell the publisher who insisted on using NetGalley).

It appears that NetGalley announced the data breach back in December on Christmas Eve, meaning it’s likely that lots of people missed it. Also, even though I’m told through this monitoring service that my email was included, NetGalley never notified me that my information was included in the breach. NetGalley did say that the breach included both login names and passwords — suggesting that they didn’t even know to hash their passwords, which is just extremely incompetent in this day and age.

So, from my side of things, this means that the company put me and my information at risk for what benefit? To make my life as a potential reviewer of a book more difficult and annoying, and limiting my ability to easily read a book? DRM benefits literally no one. And in this case, has now created an even bigger mess in leaking my emails and whatever passwords I used for their service (thankfully, I don’t reuse passwords, or it could have been an even bigger problem). For those who say that the DRM is still necessary to avoid piracy, that’s ridiculous as well. If the book is going to get copied and leaked online, it’s going to get copied and leaked online. And once one copy is out, all the DRM in the world is meaningless.

Rather than focusing so much on locking stuff up and making it impossible to read, while putting people’s personal info at risk, just stop freaking out, recognize that most people are not out to get you by putting your stuff on file sharing sites, and focus on getting people to want to buy your books, rather than putting their data and privacy at risk.

Filed Under: , , , , , ,
Companies: netgalley

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “DRM Screws People Yet Again: Book DRM Data Breach Exposes Reporters' Emails And Passwords”

Subscribe: RSS Leave a comment
ECA (profile) says:


And how to make money from nothing.
There are special people in this world, and last I heard they called them ‘A’ types.
This type of person Loves to focus on things, and Just Do them.
Meeting a few is interesting, and Never try to counter/dissuade them in what they WANT to do.
I knew such a person that wished to count to 1 million, by writing in Pencil on paper. He even asked me how long it would take. 1 number at a time I saw him again after 6 months, and he got into the 100 thousands.
He had a problem 1 time and had a Mogul Light socket, and wondered HOW WELL a 300 watt bulb would do while he was doing Puzzles. I suggested that in a while, he might have some Eye problems. About a month later, he came back and mentioned he Didnt like that light. Even on a 10 foot ceiling, it was To bright.
The thing about such persons, is Finding the one that can MATCH your business/hobby needs. AS they will fulfill it Very easily.
THERE ARE ‘A’ type computer people, most are Collectors. But if One had the idea to Copy any book that they wanted, to make it easier to read on Digital. IT WOULD BE DONE, as soon as it hit the shelves. Many of these people WILL do anything just to Do’ what they LOVE to do.

What is the Best security for a Book writer? Pay 1 person, enough money to get your book delivered Anywhere you want it delivered.
DRM is abit stupid, and can be broken. ANd Companies as mentioned above are ONLY TAKING YOUR MONEY, and the proof is their Own security.

Four-entry Sexbot says:

Re: DRM -- Dare anyone to summarize ECA's comment!

*IF you dare — I’m not responsible for your brain damage! — read ECA through and try to summarize in your own words. Nowhere is there a thought connected to topic.

ECA has done the exact same random capitalizing and incomprehensible pomposity schtick for 13 years now! It’s dropped the runs of periods, but that’s the ONLY change in 13 years!

No one has ever been able to get a cogent response from it. Won’t even show a flicker of annoyance at this dig.

"ECA" is UNAWARE of self. INHUMAN, I tells ya. My bet is an early AI they keep going just for curiosity.

AND there’s a ZOMBIE with huge gap:
Zos or aperson or MikeP: 621 (53 overall but < 5 last 2 years), 45 month gap from RIP Sep 13th, 2016, 15 mo gap early; 28 Aug 2009 https://www.techdirt.com/user/zos

PaulT (profile) says:

"DRM benefits literally no one."

Indeed, it’s actually a detriment to all parties. For the consumer, it presents a set of problems that will never be seen by any actual pirates, and the risk that they will one day lose access to what they paid for. For the publisher, it presents additional reason to would-be customers not to buy their product, either on principle or because their preferred device doesn’t support that specific DRM flavour.

Samuel Abram (profile) says:

This is why I've gone cold turkey on eBook DRM.

I have a story to tell…

I found out one of my old high school teachers who I admired was now living in Canada, and wrote an interesting book. However, I asked if there would be a DRM-free version of the book, and someone who was either his agent or publisher said that no, the book will have DRM on it and there would not be a DRM-free version of it.

That was the end of it. You could be an old friend of mine who wrote something cool and I still wouldn’t read it if it had DRM on it.

While he kept inviting me to his e-launch-party and I kept declining because I clearly didn’t want to read his e-tome because the fact it had DRM on it meant that I couldn’t put a similar copy on my Barnes & Noble Nook in addition to my iPhone (among many, many other reasons).

Meanwhile, my friend and partner-in-music Raheem "Mega Ran" Jarbo released a quasi-self-published book (rather, he got a publisher that did all the duties publishers do but none of the gatekeeping) and it included a DRM-free PDF of the book, if not an EPUB or MOBI/AZW of the book. Since it was technically DRM-free, I’ve been reading it, and I’ve been enjoying it!

It just shows you that the key to my heart is to release something without Digital Rights Management; it shows that the author actually respects their customers!

For UK serfs, hugs are off until June 21 says:


As ever, you appear unaware of all prior to your birth: that publishers have required reviewers to keep manuscripts / galleys secret for over a hundred years that I’ve seen noted — though can’t dig up links you won’t read to prove it.

That LEAK is a LEAK.

NOT about your mania of DRM, it’s about a LEAK.

Nothing like this happened before "teh internets".

It’s your fault for getting on the email list, and that you forgot doing so proves it doubly foolish.

Besides that, what harm has been done you? Gave you safe premise for yet another dull piece. — And you got an entirely appropriate response from "ECA" — DRIVEL!

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...