That's not how it works in the real world. That would be a fraudulent request and I suspect they'd invite legal trouble by impersonating someone else to access a computer system.
Furthermore, if the author could demonstrate to arXiv that the request was fraudulent, the paper would be reinstated. The narrative would also switch to people being angry at MIT for impersonating a student to do something.
I've done it for people who used my email to sign up for Facebook and Instagram. Presumably now they have a more rigorous verification flow but they used to let people use any email without checking. I can't have a potential criminal using a social account connected to me, so password reset and disable the account is the only rational solution. Obviously this is slightly more problematic for an institution.
> I've done it for people who used my email to sign up for Facebook and Instagram.
That's an entirely different situation though. MIT controls the domain and mail server but not necessarily the account. By this reasoning gmail, outlook, or apple could close many people's accounts on other platforms due to them being in custody of the account.
Maybe MIT does technically have full control and technically the legal right, but if they acted in that way there would be potentially larger consequences. Employers might start preferring other emails or contact methods which would make it harder for MIT to comply with certain regulations. While academia may have been turned into a business there are still high expectations that faculty have high freedom of expression. Every move to limit this, or even imply limiting it, is met with opposition. It jeopardizes the ability to do one's job as a researcher. So I'm not surprised if MIT would never act on "their right".
They can disable the email account but that does nothing to stop an arxiv account. Again this also has risks as academic emails are traditionally preserved. Your correspondence is on a physical piece of paper and changing institutions and affiliations is common. Almost every grad student does this, and nearly every professor was once a grad student.
There's just too many downsides to MIT making such a request. Unless the email was institutional, as in impersonating the institution ( e.g. "info@mit.edu"), or impersonating someone else then they really won't act that way and really shouldn't
It's infuriating that Instagram, Facebook, etc send a "Email Verification" that has NO option to say "Nope, not me, don't want it, don't do it".
Worse, I'd like to create my own Instagram now, but cannot, because somebody else tried to use my email a decade ago and now all I get is a very very confused loop.
I'm sure these systems make sense to somebody, there's detail and nuance and practicality I'm horribly ignorant of, but they just seem insanely unprofessional to me as an outsider :-/
> Worse, I'd like to create my own Instagram now, but cannot, because somebody else tried to use my email a decade ago and now all I get is a very very confused loop.
Why not use a different email address? Nothing about that would make it less your “own” Instagram account.
The email is attached and always has been to my personal Facebook account. But it's also now attached to not-mine instagram account. And because two are kind of independent but kind of integrated, it generates a lot of weirdness I'd like to remove by having my own properly owned and integrated and tagged Facebook and instagram accounts.
It'd take 12 seconds for a human being to figure out but of course that's not an option.
What happens when you submit a password reset? If they're using your account does this not get sent to you?
I understand it might be a bit hostile but it seems there should be some means to transfer the account. I'd try contacting them first, but if they're non responsive or the account is abandoned then do a take over. They impersonated you anyways. If necessary delete the account and recreate after the cooldown period
>That's not how it works in the real world. That would be a fraudulent request and I suspect they'd invite legal trouble by impersonating someone else to access a computer system.
Emails are not people. You can impersonate a person, but you can't impersonate an email. If I own a company and I issue the email dick.less@privateequity.com but then have to fire him... using this email address to transfer company assets back to someone who can be responsible for them isn't fraud (for that purpose, at least). How is this not the same issue?
This would be a coherent argument if the paper was submitted by an email address. Instead the paper was submitted by a person. The email address serves to identify the person. Only the person can redact the paper.
If you misrepresent that you are dick.less then yes that would be fraud. They say only the authors can submit withdrawal requests, so you would have to present yourself as the author even though you aren't. That's fraud.
Although not explicitly stated, i read previous comments as using dick.less@privateequity.com to cancel his personal Netflix account. (Let's say that privateequity.com allowed personal usage of company email.)
I see a difference between accessing an email account and impersonating the previous account holder.
Edit: this comment was only partially serious, not meant as legal advice to MIT.