Dear all,

Frequently my colleagues and myself receive invitations to review articles submitted to journals or conferences. Very often, corresponding editors create an account for us in a certain submission system to foster the review process.

However, the editor needs to enter my personal data into these submission systems, most often my email address, name, and maybe also information about my personal expertise, or conflict of interests.

According to my experience, some editors do not ask in advance whether I’m confident with submitting these personal data into a submission system (maybe some system I’ve never heard about). I have then no idea about how the system processes my data. I’m wondering whether creating an account by using my personal data without my active consent (i.e., permission or instruction to do so) actually violates the GDPR requirements?

While I highly acknowledge that a thorough review process is fundamental for the scientific community, I have some concerns regarding the practice of using my personal data without permission. If my assumptions are correct (at least to a certain degree) than editors should be more cautious because creating accounts without permission can then fire back to them.

Do you have any thoughts on this issue? Maybe some legal experts can comment on, or substantiate or reject my assumptions.

All the best

Sebastian

More Sebastian Lins's questions See All
Similar questions and discussions