It’s time to move on from institutional repositories | Times Higher Education (THE)

"The “bad guys” [who attacked the British Library and EThOS repositories] are, of course, after IP from universities in general, but what sells best is individual or financial information. Our requirement that people set up accounts before they can use services like EThOS or university repositories means we have tens/hundreds of thousands of “people” records, with registered email addresses and passwords that customers are likely to have used elsewhere, too. So we find ourselves the accidental custodians of extremely valuable information – but we have never really managed it (Shush! Don’t tell anyone!).

Why do we ask for all this? Academics tell us they must know who is using their materials, yet very few look at the unaggregated data. With EThOS, registration is required to digitise and print a thesis, but, again, very few individual citizens request this service: it tends to be institutions who fund digitisations.

Will the sale of our user data on the dark web stop people accessing our open access materials because they have lost trust in us? Have we opened up our institutions to “interest” from the Information Commissioner’s Office? For me, those are the greatest potential impacts of this security breach....

UK Research and Innovation keeps talking about creating “transformational infrastructure” to reshape the research journey, including making research open. Why not be brave? Why not move from institutional repositories to a UK knowledge store, developed – Shock! Horror! – with a commercial partner, using Software as a Service (SaaS) tools built to maximise the power of modern technologies and hosted in safe and secure data centres?..."