Is a Reviewer the Same as an Editor

When a handful of authors were caught reviewing their own papers, it exposed weaknesses in mod publishing systems. Editors are trying to plug the holes.

Credit: Illustration by Dale Edwin Murray

Near periodical editors know how much effort it takes to persuade busy researchers to review a paper. That is why the editor of The Journal of Enzyme Inhibition and Medicinal Chemistry was puzzled past the reviews for manuscripts by i author — Hyung-In Moon, a medicinal-plant researcher and so at Dongguk University in Gyeongju, South Korea.

The reviews themselves were not remarkable: mostly favourable, with some suggestions about how to improve the papers. What was unusual was how rapidly they were completed — often within 24 hours. The turnaround was a little too fast, and Claudiu Supuran, the journal's editor-in-chief, started to go suspicious.

In 2012, he confronted Moon, who readily admitted that the reviews had come up in then speedily because he had written many of them himself. The deception had not been difficult to fix. Supuran'due south periodical and several others published by Informa Healthcare in London invite authors to advise potential reviewers for their papers. So Moon provided names, sometimes of real scientists and sometimes pseudonyms, often with artificial electronic mail addresses that would become directly to him or his colleagues. His confession led to the retraction of 28 papers past several Informa journals, and the resignation of an editor.

Moon'south was not an isolated example. In the past 2 years, journals take been forced to retract more than than 110 papers in at to the lowest degree 6 instances of peer-review rigging. What all these cases had in common was that researchers exploited vulnerabilities in the publishers' computerized systems to dupe editors into accepting manuscripts, oft past doing their ain reviews. The cases involved publishing behemoths Elsevier, Springer, Taylor & Francis, SAGE and Wiley, as well as Informa, and they exploited security flaws that — in at least i of the systems — could make researchers vulnerable to even more than serious identity theft. "For a piece of software that's used past hundreds of thousands of academics worldwide, it really is appalling," says Mark Dingemanse, a linguist at the Max Planck Plant for Psycholinguistics in Nijmegen, the Netherlands, who has used some of these programs to publish and review papers.

But even the near secure software could be compromised. That is why some observers fence for changes to the way that editors assign papers to reviewers, particularly to finish the use of reviewers suggested by a manuscript's authors. Even Moon, who accepts the sole blame for nominating himself and his friends to review his papers, argues that editors should police force the organisation against people like him. "Of course authors will inquire for their friends," he said in August 2012, "but editors are supposed to check they are not from the same establishment or co-authors on previous papers."

Peer-review ring

Moon's case is by no means the most spectacular instance of peer-review rigging in recent years. That honour goes to a case that came to low-cal in May 2013, when Ali Nayfeh, then editor-in-main of the Journal of Vibration and Control, received some troubling news. An author who had submitted a newspaper to the journal told Nayfeh that he had received e-mails virtually it from two people challenge to be reviewers. Reviewers do not usually accept direct contact with authors, and — strangely — the e-mails came from generic-looking Gmail accounts rather than from the professional institutional accounts that many academics use (see 'Carmine flags in review').

Nayfeh alerted SAGE, the company in Thousand Oaks, California, that publishes the journal. The editors there eastward-mailed both the Gmail addresses provided past the tipster, and the institutional addresses of the authors whose names had been used, asking for proof of identity and a list of their publications. One scientist responded — to say that non merely had he not sent the e-mail, merely he did not even work in the field.

This sparked a 14-month investigation that came to involve almost 20 people from SAGE's editorial, legal and production departments. It showed that the Gmail addresses were each linked to accounts with Thomson Reuters' ScholarOne, a publication-management system used by SAGE and several other publishers, including Informa. Editors were able to rail every newspaper that the person or people backside these accounts had allegedly written or reviewed, says SAGE spokesperson Camille Gamboa. They also checked the wording of reviews, the details of author-nominated reviewers, reference lists and the turnaround time for reviews (in some cases, only a few minutes). This helped the investigators to ferret out farther suspicious-looking accounts; they somewhen found 130.

As they worked through the listing, SAGE investigators realized that authors were both reviewing and citing each other at an dissonant charge per unit. Eventually, 60 articles were found to take evidence of peer-review tampering, interest in the citation band or both. "Due to the serious nature of the findings, we wanted to ensure we had researched all avenues as advisedly equally possible before contacting whatsoever of the authors and reviewers," says Gamboa.

When the dust had settled, information technology turned out that there was one author in the centre of the ring: Peter Chen, an engineer then at the National Pingtung Academy of Educational activity (NPUE) in Taiwan, who was a co-author on practically all of the papers in question. After "a series of unsatisfactory responses" from Chen, says Gamboa, SAGE contacted the NPUE, which joined the investigation into Chen'due south piece of work. Chen resigned from his mail service in February 2014.

In May, Nayfeh resigned over the scandal at his journal, and SAGE contacted the authors of all 60 afflicted articles to let them know that the papers would be retracted. Chen could not be reached for annotate for this story, just Taiwan'south land-run news bureau said in July that he had issued a statement taking sole responsibility for the peer-review and citation ring, and admitting to the "indiscreet practice" of adding Taiwan'south education minister equally a co-author on five of the papers without his knowledge. That minister, Chiang Wei-ling, denies any involvement, only however resigned "to uphold his own reputation and avert unnecessary disturbance of the work of the didactics ministry", according to a public argument.

The collateral harm did non terminate there. A couple of authors have asked SAGE to reconsider and reinstate their papers, Gamboa says, but the publisher's conclusion is final — fifty-fifty if the authors in question knew nothing of Chen or the peer-review ring.

Password loophole

Moon and Chen both exploited a feature of ScholarOne'due south automated processes. When a reviewer is invited to read a paper, he or she is sent an east-postal service with login information. If that communication goes to a simulated e-mail account, the recipient can sign into the system under whatever name was initially submitted, with no boosted identity verification. Jasper Simons, vice-president of product and market strategy for Thomson Reuters in Charlottesville, Virginia, says that ScholarOne is a respected peer-review arrangement and that it is the responsibility of journals and their editorial teams to invite properly qualified reviewers for their papers.

Nature Publishing Grouping (NPG) owns a few journals that use ScholarOne, only Nature itself and Nature-branded journals use unlike software, developed by eJournalPress of Rockville, Maryland. Véronique Kiermer, Nature's executive editor and director of author and reviewer services for NPG in New York City, says that NPG does not seem to have been the victim of any such peer-review-rigging schemes.

Free Podcast

 An interview with Ivan Oransky from Retraction Sentry.

But ScholarOne is not the merely publishing system with vulnerabilities. Editorial Manager, built by Aries Systems in North Andover, Massachusetts, is used by many societies and publishers, including Springer and PLOS. The American Association for the Advancement of Scientific discipline in Washington DC uses a system adult in-house for its journals Science, Science Translational Medicine and Scientific discipline Signaling, but its open-access offering, Scientific discipline Advances, uses Editorial Managing director. Elsevier, based in Amsterdam, uses a branded version of the same product, called the Elsevier Editorial Arrangement.

Editorial Manager's main issue is the manner information technology manages passwords. When users forget their password, the system sends it to them past e-postal service, in plain text. For PLOS One, information technology actually sends out a password, without prompting, whenever information technology asks a user to sign in, for example to review a new manuscript. About modern spider web services, such as Google, hibernate passwords under layers of encryption to prevent them from beingness intercepted. That is why they require users to reset a password if they forget information technology, often coupled with checking identity in other ways.

Security loopholes can do more than compromise peer review. Because people frequently use the aforementioned or similar passwords for many of their online activities — including banking and shopping — east-mailing out the countersign presents an opportunity for hackers to do more than than damage the research record. Dingemanse, who has published in a number of journals that use Editorial Manager, including PLOS ONE, says: "Information technology'due south quite amazing that they haven't got around to implementing a safe system." Neither Aries nor PLOS ONE responded to several requests for comment.

Rubber measures

Lax password protection has resulted in breaches. In 2012, the Elsevier journal Optics & Laser Technology retracted 11 papers after an unknown party gained access to an editor's account and assigned papers to fake reviewer accounts. The authors of the retracted papers were non implicated in the hack, and were offered the chance to resubmit.

Elsevier has since taken steps to prevent reviewer fraud, including implementing a pilot programme to consolidate accounts across 100 of its journals. The rationale is that reducing the number of accounts in its arrangement might assistance to reveal those that are fraudulent, says Tom Reller, a spokesperson for Elsevier. If it is successful, consolidation volition roll out to all journals in early 2015. Furthermore, passwords are no longer included in most e-mails from the editorial system. And to verify reviewers' identities, the organization now integrates the Open Researcher and Contributor ID (ORCID) at diverse points. ORCID identifiers, unique numbers assigned to individual researchers, are designed to track researchers through all of their publications, even if they move institutions.

ScholarOne also allows ORCID integration, but it is upwards to each journal to determine how to use it. Gamboa says that non enough scientists have adopted the system to make it possible to require an ORCID for each reviewer. And there is another problem: "Unfortunately, similar any online verification organisation, ORCID is too open to the risk of unethical manipulation," says Gamboa — for example, through hacking.

That is a common refrain. "Equally yous make the arrangement more technical and more than automatic, there are more ways to game it," says Bruce Schneier, a reckoner-security expert at Harvard Law School's Berkman Center for Cyberspace and Lodge in Cambridge, Massachusetts. "There are almost never technical solutions to social problems."

" As you lot make the organization more technical and more than automated, in that location are more means to game it. "

Information technology ultimately falls to editors and publishers to be on the alert, particularly when contacting potential reviewers. Carefully checking e-mail addresses is 1 way to ferret out fakes: a non-institutional e-mail address such as a complimentary account from Gmail is a red flag, say sources. But at the same time, it could as well be a perfectly legitimate address.

Jigisha Patel, associate editorial managing director of BioMed Central in London, says that it is definitely possible to grab cheaters past being on the alert for dubious e-mail addresses. "We've had some cases where nosotros've caught them tweaking the e-mail addresses to try to steal someone'due south identity," she says. But such screening is imperfect. In September, the publisher retracted a paper in BMC Systems Biological science, stating that information technology believed that "the peer-review process was compromised and inappropriately influenced by the authors".

Some scientists and publishers say that journals should not allow authors to recommend reviewers in the first place. John Loadsman, an editor of Amazement and Intensive Intendance, which is published past the Australian Society of Anaesthetists in Sydney, calls the exercise "bizarre" and "completely nuts", and says that his journal does not permit it.

Information technology is unclear exactly what proportion of journals allows the exercise, but every bit fields get more specialized it provides an easy way for busy editors to find relevant expertise. Jennifer Nyborg, a biochemist at Colorado Country Academy in Fort Collins, says that most of the journals to which she submits articles asking at least five potential reviewers.

For nigh of the 60 manufactures retracted by SAGE, the original peer review had used only author-nominated reviewers. Despite this experience, the Journal of Vibration and Control still allows authors to advise peer reviewers (and provide their contact e-mails) when they submit a manuscript — although more than safeguards are now in place, says Gamboa.

The Committee on Publication Ideals (COPE), which serves equally a kind of moral compass for scientific publishing (merely has no dominance to enforce its communication) has no guidance on the practice, but urges journals to vet reviewers adequately. Good practice is always to check the names, addresses and electronic mail contacts of reviewers, says Natalie Ridgeway, operations managing director for COPE in London. "Editors should never utilize merely the preferred reviewer."

NPG journals do allow authors to suggest contained reviewers. "But these suggestions are not necessarily followed," says Kiermer. "The editors select reviewers and the selection includes checking for the absence of conflict of interests." On the flip side, authors can ask an editor to exclude reviewers who they believe to have unmanageable conflicts, such as competing research. The publisher usually honours such requests, as long equally authors do not ask to exclude more than iii people or labs, Kiermer says.

Sometimes, recommending reviewers can backfire. Robert Lindsay, one of two editors-in-chief of the Springer-published journal Osteoporosis International, says that his publication allows authors to recommend up to 2 reviewers — but that he ofttimes uses this information to rule those reviewers out. This is based on past experience, in which he has seen authors recommend their own contacts, or worse: "We have had family members, folks in the same department, postgraduate students being supervised by an author," he says. The periodical by and large uses suggested reviewers — who have passed screening — just if information technology runs into problem finding other scientists to perform the job.

But screening can be difficult. Usually, editors in the United States and Europe know the scientific community in those regions well enough to catch potential conflicts of involvement between authors and reviewers. But Lindsay says that Western editors tin can find this harder with authors from Asia — "where oft none of usa knows the suggested reviewers". In these cases, the periodical insists on at least i independent reviewer, identified and invited past the editors.

In what Lindsay calls the worst example that he has seen, an writer suggested a reviewer who shared her commencement name only not her surname. Some investigation revealed that the surname was the author's maiden name — she was recommending that she review her own paper. "I don't call up she is going to submit anything to us once more," says Lindsay.

Author information

Affiliations

1. True cat Ferguson, Adam Marcus and Ivan Oransky are the staff author and two co-founders, respectively, of Retraction Watch in New York City.

   Cat Ferguson, Adam Marcus & Ivan Oransky

Related links

Rights and permissions

About this commodity

Cite this commodity

Ferguson, C., Marcus, A. & Oransky, I. Publishing: The peer-review scam. Nature 515, 480–482 (2014). https://doi.org/10.1038/515480a

Download commendation

• Published: 26 November 2014

• Consequence Engagement: 27 Nov 2014

• DOI : https://doi.org/ten.1038/515480a

Farther reading

graylikerseld.blogspot.com

Source: https://www.nature.com/articles/515480a