LISTSERV - LIBLICENSE-L Archives

From: Peggy E Hoon <[log in to unmask]>
 Date: Thu, 9 Aug 2018 18:43:38 +0000

Our Springer-Nature license was negotiated before the GDPR went into effect
so we do not have those terms in our license.  As far as I know, the GDPR
really only protects EU citizens, but companies are trying to figure out a
one-size-fits all solution since their business is world-wide.  Having said
that and understanding that S-N is trying to figure out how *they* can
comply with the GDPR, I still would refuse this clause because the burden
is theirs, not ours.  As I understand it, there are severe penalties for
not complying but I don’t think they would be penalized for not complying
with it with respect to U.S. citizens.

As I said, the burden is theirs, not ours.  We have 35,000 Authorized Users
and I am not going to agree to get consents from all of them.  What if we
fail to get “all necessary approvals and consents” - what is that anyway?
Do we then become liable instead of the company?  What if our users refuse
or don’t respond.  It is unacceptable to shift this work to your customer.
I don’t agree to ensure that my users follow the terms and conditions of
the license (how can I promise that prospectively?), we don’t monitor or
police, so we certainly aren’t going to take on this burden.

I would take it to your legal counsel.  The license is with the
institution, not the library so the failure and/or obligation would be on
the institution.  I doubt they will allow you to legally obligate them in
this way.

Best,
Peggy

[image: LSU] <http://www.lsu.edu/>

*Peggy E. Hoon, J.D.*
Director of Copyright Policy and Education
LSU Libraries
Louisiana State University
295 Middleton Library, Baton Rouge, LA  70803
office 225-578-2218 | fax 225-578-6825
lsu.edu <http://www.lsu.edu/>


From: "Donley, Leah" <[log in to unmask]>
Date: Tue, 7 Aug 2018 12:37:09 +0000

The latest SpringerNature T&C has a section on personally identifiable
information (copied below).  Has anyone successfully changed it or do you
have standard language that you use instead?  I haven’t come across
language like this in any of our other agreements and so far am not having
luck negotiating changes.  My main issue is with the first sentence.  It
seems unreasonable that we would be responsible for obtaining approvals and
consent for a publisher to receive/process pii from our users, not to
mention it’s something that I don’t want to get involved with for a variety
of reasons.  I would appreciate any suggestions that you may have!





In the event that Licensor’s performance of its obligations under this
License Agreement requires that Licensor receive or otherwise process any
personal data of Authorized Users, then Licensee shall obtain, if
applicable, all necessary approvals and consent from Authorized Users for
transfers of personal data to Licensor.  Personally indentifiable
information collected or retained by the licensor is confidential and shall
not be released without the prior written and explicit consent of the
patron and the licensee





Thank you,

Leah Donley





Leah Donley
Research Library
Brookhaven National Laboratory
Tel: 631-344-7469
Email: [log in to unmask]