DRM Screws People Yet Again: Book DRM Data Breach Exposes Reporters' Emails And Passwords

from the was-that-really-worth-it? dept

I have a few different services that report to me if my email is found in various data breaches, and recently I was notified that multiple email addresses of mine showed up in a leak of the service NetGalley. NetGalley, if you don't know, is a DRM service for books, that is regularly used by authors and publishers to send out "advance reader" copies (known around the publishing industry as "galleys.") The service has always been ridiculously pointless and silly. It's a complete overreaction to the "risk" of digital copies of a book getting loose -- especially from the people who are being sent advance reader copies (generally journalists or industry professionals). I can't recall ever actually creating an account on the service (and can't find any emails indicating that I had -- but apparently I must have). However, in searching through old emails, I do see that various publishers would send me advance copies via NetGalley -- though I don't think I ever read any through the service (the one time I can see that I wanted to read such a book, after getting sent a NetGalley link, I told the author that it was too much trouble and they sent me a PDF instead, telling me not to tell the publisher who insisted on using NetGalley).

It appears that NetGalley announced the data breach back in December on Christmas Eve, meaning it's likely that lots of people missed it. Also, even though I'm told through this monitoring service that my email was included, NetGalley never notified me that my information was included in the breach. NetGalley did say that the breach included both login names and passwords -- suggesting that they didn't even know to hash their passwords, which is just extremely incompetent in this day and age.

So, from my side of things, this means that the company put me and my information at risk for what benefit? To make my life as a potential reviewer of a book more difficult and annoying, and limiting my ability to easily read a book? DRM benefits literally no one. And in this case, has now created an even bigger mess in leaking my emails and whatever passwords I used for their service (thankfully, I don't reuse passwords, or it could have been an even bigger problem). For those who say that the DRM is still necessary to avoid piracy, that's ridiculous as well. If the book is going to get copied and leaked online, it's going to get copied and leaked online. And once one copy is out, all the DRM in the world is meaningless.

Rather than focusing so much on locking stuff up and making it impossible to read, while putting people's personal info at risk, just stop freaking out, recognize that most people are not out to get you by putting your stuff on file sharing sites, and focus on getting people to want to buy your books, rather than putting their data and privacy at risk.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: advance reader copies, data breach, drm, emails, galleys, hacked, passwords
Companies: netgalley


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    That Anonymous Coward (profile), 25 Feb 2021 @ 1:21pm

    Are you looking forward to your choice between an elephant & another 10 yrs of useless credit monitoring?


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.