Spotify pre-save links may allow labels to track, change users' data
Pre-saving an upcoming release from your favorite artists on Spotify could be causing you to share more personal data than you realize.
In a recent report from Billboard, it was revealed that Spotify users were giving a band’s label data use permissions that were much broader than typical permissions.
Read more: ‘Punk Goes’ returns with acoustic classics from Taking Back Sunday, more
When a user pre-saves a track, it adds it to the user’s library the moment it comes out. In order to do this, Spotify users have to click through and approve certain permissions.
These permissions give the label more access to your account than Spotify normally gives. It allows them to track listening habits, change the artists they follow and potentially control their streaming remotely.
A lot of the time we click through these permissions without really knowing what we’re agreeing to.
Read more: Spotify claims it “overpaid” songwriters in 2018 and they want it back
This could soon spark some concern considering these permissions grant access to data normally used exclusively by Spotify themselves.
For example, Billboard points out Little Mix track “Bounce Back” pre-saves prompted giving Sony Music specific permissions. Among them were “view your Spotify account data,” “view your activity on Spotify” and “take actions in Spotify on your behalf.”
The exact permissions were only visible if the user clicked through the corresponding submenus.
Read more: Spotify introduces Your Library redesign, splits music and podcasts
John Tinker, a media analyst with Gabelli & Company, explains, “I’m not sure if most people realize that. There’s nothing they’re doing that’s illegal – it’s just that no one ever actually realizes when they sign off on these things what they mean.”
“Add and remove items in your Library” is the only permission pre-save links really need. While permissions vary depending on label, Billboard reviewed dozens of campaigns to learn that Sony Music asks for the most.
Warner Music Group and Universal Music Group ask for an additional 10 permissions.
Read more: Ticketmaster fined $4.5 million for misleading sales practices
“These permissions strike me as expansive and beyond what a reasonable consumer would expect,” says Frank Pasquale, a law professor at the University of Maryland who studies the ethical implementation of technology. “On the other hand, the larger picture is that as the Facebooks, Googles and Amazons of the world get so much data about people, every other company is just going to do the same. I can see why [the labels are] doing it: because they fear if they aren’t as aggressive as Google and Facebook they’re going to lose a competitive advantage.”
Back in May, The Washington Post reported that Spotify was one of the iPhone apps that used data trackers to send info about users and devices to third parties in the middle of the night while users slept.
Read more: Spotify enhances commute experience with Your Daily Drive playlist
“I think Spotify could do a lot better. And they ought to be clearer about the nature of consent,” Pasquale says. “Individual consumer action will change nothing. Most people are just too busy to hear about this problem and act on their own. Regulators have to step in and be aggressive in terms of punishing things that are clearly unfair or deceptive and making sure there are some basic standards that are met.”
Do you check the permissions on Spotify before you accept them? Sound off in the comments below!
See more: 10 most iconic music video looks
[envira-gallery id=”186695″]
