Privacy

by Mike Masnick


Filed Under:
apps, control, music, privacy, privacy policy, tradeoffs, users

Companies:
spotify



Why Everyone's Totally Overreacting To Spotify's Privacy Policy (Which Isn't As Bad As You Think)

from the it's-not-what-you-think dept

As you may have heard, yesterday there was a bit of a kerfuffle over the fact that Spotify changed its privacy policy in a way that people are calling creepy and eerie. And there's a ton of chatter on Twitter from people insisting that they'll never use Spotify again because of this. The specific changes that have people up in arms sure do sound creepy at first glance. The key problems are that Spotify's new privacy policy says that it "may collect information stored on your mobile device, such as contacts, photos, or media files" and that it "may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit)." There's some other stuff about how it may share information with third party services.

I understand, instinctively, why so many people freaked out about this -- but it's a pure overreaction for a variety of reasons, which we'll dig into here. There are problems with this whole scenario, but it has a lot more to do with (1) the stupid reliance on "privacy policies" rather than "user controls" for privacy and (2) Spotify's apparently asleep-at-the-wheel PR team.

Privacy is a Trade-off Not a Thing

As we've said before, if you ever want perfect privacy, you'd never leave your house. The second you leave your home, you're giving up some level of privacy. But it's a trade-off most people think is perfectly reasonable. Privacy is always like that. It's a trade-off between the benefit you get from giving up a little privacy in order to get the thing that you want. The idea that privacy is some absolute "thing" is a weird way of looking at privacy and makes it difficult to do things in a reasonable manner. The real issue, then, is making sure that people understand the trade-offs involved (and we'll get to that below).

Spotify's Privacy Policy is Not that Crazy.

Much of the reaction is because people immediately assumed that there was some nefarious reason why Spotify was going to collect all this information on people. Yet, as a few people pointed out when everyone started freaking out -- and which Spotify eventually clarified in a blog post "apologizing" for the poor roll out, there are legitimate service reasons for each of these requests. Also, the company made it clear that before it actually accesses any of this content, it would first ask your permission. In short, it's like when various services ask if you'd like to "find friends" using a service, you have to first approve it. Same would be true here. And, note, that each of the uses would be for services that some people might actually like (personalizing cover art, voice control, etc.):

Photos: We will never access your photos without explicit permission and we will never scan or import your photo library or camera roll. If you give us permission to access photos, we will only use or access images that you specifically choose to share. Those photos would only be used in ways you choose and control – to create personalized cover art for a playlist or to change your profile image, for example.

Location: We will never gather or use the location of your mobile device without your explicit permission. We would use it to help personalize recommendations or to keep you up to date about music trending in your area. And if you choose to share location information but later change your mind, you will always have the ability to stop sharing.

Voice: We will never access your microphone without your permission. Many people like to use Spotify in a hands-free way, and we may build voice controls into future versions of the product that will allow you to skip tracks, or pause, or otherwise navigate the app. You will always have the ability to disable voice controls.

Contacts: We will never scan or import your contacts without your permission. Spotify is a social platform and many people like to share playlists and music they discover with their friends. In the future, we may want to give you the ability to find your friends on Spotify by searching for Spotify users in your contacts if you choose to do that.

The Real Problem is that We Use Privacy Policies at All

For many years, we've been pointing out that this whole system of privacy policies is broken. It's one of those ideas that people came up with years ago that sounds good, but isn't. And yet, we're not only stuck with it, we have politicians who keep pushing more requirements for more privacy policies. But that's stupid.

First: the only way you can legally get in trouble over privacy issues is by violating your privacy policy. So every company is incentivized by law to create privacy policies that are very broad and expansive, making it less likely they'll violate them in the first place. The only time such a broad privacy policy backfires is if the public suddenly has a viral panic about it, like this time, but that rarely happens because no one reads privacy policies.

In fact, one of the worst things about privacy policies is that people simply believe if you have a privacy policy it means "oh they'll keep my info private" even if the privacy policy says "we're going to share your information with everyone."

Let's face it: privacy policies are a stupid way to deal with privacy. They don't work. They fuck up incentives. No one reads them. And yet, because politicians are clueless, they're often "required." You end up with grandstanding politicians who play gotcha games on privacy policies, without caring about actual privacy practices.

The Way to Deal With Privacy is MORE TRANSPARENCY and MORE USER CONTROL

Rather than using privacy policies, the real way to deal with privacy is to give the end user more transparency into what's happening and more control. I don't have an iPhone, but I believe it already offers the ability at an individualized level to allow users to block apps from accessing certain features/data on a phone. And I know that the next version of Android is moving to a similar model, including only asking you to approve privacy permissions at the moment the app is requesting it. In other words, when Spotify wants to access your photos, the app will directly ask you for permission at that moment -- and, assuming it's for something you want to do (like customizing your cover art), you're more likely to grant permission without thinking it's creepy at all.

The Real Problem Here Was The Perception Problem

And this is something Spotify should have prepared for much better. The company probably assumed, incorrectly, that no one would really read the new privacy policy, because no one reads privacy policies. But that didn't happen. What Spotify should have done is from the beginning describe the new features it was offering -- with a direct explanation of why that feature might then require a change in the privacy policy, along with the promise that the app will ask permission directly at the time of use. Spotify eventually kind of got there, but they did it after, not before. This goes back to the "more transparency" aspect above. Do it that way, and you have less of a freakout.

So, really, to everyone freaking out over Spotify's privacy policy, I understand the gut reaction reasons for doing so. Of course, at first, it seems fucked up that a music player wants to access your contacts or your location. But there are perfectly legitimate, non-nefarious reasons for doing so. And Spotify could have cut off the freakout by being more transparent and upfront about things at the beginning. But, really, the problem here is our stupid reliance on privacy policies, rather than user controls.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 21 Aug 2015 @ 12:01pm

    So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

    Wondered what -- if anything -- you'd have about this, but I admit that "IT'S CRAZY, BUT" didn't occur to me as even possible. You decided that Spotify must be vigorously defended rather than even token chiding for too obviously violating old-fashioned privacy.

    IT'S CRAZY, BUT NO WORSE THAN OTHER SPYING CORPORATIONS SO GIVE UP YOUR PRIVACY TO BE MONETIZED, is what you mean. Instead of railing at the loss of privacy, you just say don't worry about this increment of loss.

    Readers: if you will just notice, Masnick supports the "business model" that includes SPYING, and Google most of all because SPYING is its central purpose.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Aug 2015 @ 8:17pm

      Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

      Techdirt justifying/excusing this kind of behavior by Spotify just made me realize I might need to find a replacement for Techdirt.

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 21 Aug 2015 @ 12:02pm

    So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

    Wondered what -- if anything -- you'd have about this, but I admit that "IT'S CRAZY, BUT" didn't occur to me as even possible. You decided that Spotify must be vigorously defended rather than even token chiding for too obviously violating old-fashioned privacy.

    IT'S CRAZY, BUT NO WORSE THAN OTHER SPYING CORPORATIONS SO GIVE UP YOUR PRIVACY TO BE MONETIZED, is what you mean. Instead of railing at the loss of privacy, you just say don't worry about this increment of loss.

    Readers: if you will just notice, Masnick supports the "business model" that includes SPYING, and Google most of all because SPYING is its central purpose.

    reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 21 Aug 2015 @ 12:08pm

      Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

      Read again. Every 'crazy' thing that was pointed out is purely optional and doesn't render the service useless.

      Has your time away from Techdirt double your insanity?

      reply to this | link to this | view in chronology ]

      • icon
        Marcel de Jong (profile), 22 Aug 2015 @ 6:55pm

        Re: Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

        Then why does the privacy policy itself not reflect this voluntary state of these 'crazy' things? It is very definite about most of them.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Aug 2015 @ 1:06pm

      Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

      Did you know that in most large retail stores there are cameras watching you at (almost) all times?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Aug 2015 @ 1:42pm

        Re: Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

        ...Did you know that in most large retail stores there are cameras watching you at (almost) all times?...

        How many of those cameras are publicly available for viewing, on the internet or otherwise? If you can access (insert any store name here)'s cameras without going through a VPN, a proprietary viewing program, and/or password dialog somebody screwed up.

        How many of those cameras actually work? You'd be surprised how many cameras are non-functional, either because they're 'drone' cameras and never worked in the first place, or the camera(s) has malfunctioned and the store hasn't gotten around to fixing or replacing them.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 Aug 2015 @ 2:54pm

          Re: Re: Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

          What is your point?

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Aug 2015 @ 2:39pm

      Re: So you're going with "CRAZY BUT NOT TOO CRAZY"? How exactly did you determine this degree of crazy is okay?

      Exactly. If it was M$ or another "evil" company, TD would have scolded them beyond belief.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Aug 2015 @ 1:37am

      Re:

      I determine that you're crazy. How I determined this degree: everything you post.

      Enjoy the DMCA vote, asshat.

      reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 21 Aug 2015 @ 12:04pm

    The Way to Deal With Privacy is MORE TRANSPARENCY and MORE USER CONTROL

    This cannot be stressed enough. Really. The main problem with privacy nowadays is that the companies don't have to give full control to the user so said user can veto any points he/she doesn't like. Companies shouldn't need any privacy policy. They should specify what they do with the information in the open and the user should be able to use their product with those points turned off. Or have the option not to buy if it renders the device useless.

    Google is one example of failing utterly hard in this privcy aspect with their permissions system. It's way past time they allow users to individually allow (or deny) what the applications have access to. (They do fail in other aspects too but that's the worst because they could have given such control fairly easily already. Any rooted device can do it.)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Aug 2015 @ 1:02pm

    Spotify's Privacy Policy is Not that Crazy.

    Much of the reaction is because people immediately assumed that there was some nefarious reason why Spotify was going to collect all this information on people. Yet, as a few people pointed out when everyone started freaking out -- and which Spotify eventually clarified in a blog post "apologizing" for the poor roll out, there are legitimate service reasons for each of these requests. Also, the company made it clear that before it actually accesses any of this content, it would first ask your permission. In short, it's like when various services ask if you'd like to "find friends" using a service, you have to first approve it. Same would be true here. And, note, that each of the uses would be for services that some people might actually like (personalizing cover art, voice control, etc.):


    Bullshit

    reply to this | link to this | view in chronology ]

  • identicon
    jimb, 21 Aug 2015 @ 1:05pm

    It's bad enough

    Why is that so hard for businesses and others to understand? If it is bad it is bad enough.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 21 Aug 2015 @ 1:20pm

    The reaction is not so crazy.

    I agree that the underlying problem is the system of privacy policies, but Spotify's "clarifying" blog post doesn't do anything to resolve the problem.

    The problem is that the privacy policy allows the company to do nefarious things. Even saying (in a post rather than a legal document) that they won't do anything without your "explicit permission" fails on two important points:

    1) It could be argued that you gave such permission when you accepted the privacy policy.

    2) It's saying "trust us". Maybe Spotify is trustworthy right now, maybe not (I honestly have no idea about their corporate personality), but the second that someone buys Spotify, all of that can change.

    I don't think any of that is an overreaction at all. I'd like to see a lot more products and services eliciting the same overreaction.

    reply to this | link to this | view in chronology ]

    • icon
      Mike Masnick (profile), 21 Aug 2015 @ 4:59pm

      Re: The reaction is not so crazy.

      I don't think any of that is an overreaction at all. I'd like to see a lot more products and services eliciting the same overreaction.

      I don't really see why. Thing is, if Spotify were actually going to do those evil things, then there would be legit reasons to worry about the service. Changing the policy has little to do with the actual actions by the company.

      That's why focusing on *the policy* is so ridiculous. The policy is meaningless. The actions are what matters.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Aug 2015 @ 5:37pm

        Re: Re: The reaction is not so crazy.

        But policy shapes what the actions are that may follow.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Cowherd, 22 Aug 2015 @ 1:10am

        Re: Re: The reaction is not so crazy.

        Of course the policy is meaningless. But that's what people see. The actions are all invisible, the app can do whatever it wants whenever it wants and an ordinary user will never know. At least on Android, app permissions are always-on and not user-controllable by any means other than uninstalling.

        reply to this | link to this | view in chronology ]

  • icon
    Groaker (profile), 21 Aug 2015 @ 1:58pm

    The proper interpretation of "may" in such documents is "will." As in buried deeply in certain ISP agreements is that the ISP "may" (sure as hell will) interpret unlimited as meaning capped.

    reply to this | link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 21 Aug 2015 @ 2:04pm

    It may be an overreaction, but not entirely. And it is very much because of transparency and control. These things should be explained so people can actually make an informed choice (or reaction).

    Here is part of the problem: That tone-deaf language they used? That's what every damn app in an app store sounds like. We may collect data type x. "For what?," you may damn well ask. But most of the time, no one is asking, not at this volume displayed over Spotify. And frequently, there is not other website or anywhere to click through to find out what app dev and service is really using that data for. And then there are those with some explanation, but contain clauses like, "but not limited to". Well fuck you very much.

    And part of the problem behind that is consumers either did not care for a long time, or let these things stand unchallenged, or both. Because very few companies or devs are going to go out of their way to explain, even if they are being good stewards of your personal data. And the rest, well, they'll vacuum and monetize every bit of data they can get, and don't want you to know exactly what they take or how they might use it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Aug 2015 @ 3:34pm

      Re:

      It is quite clear from a nuanced reading of Spotify's new policy that it can be summed up as "Fuck you. We will take what we want, when we want, and do with it as we will". Yes, it's cloaked in legalese, and yes, their blog posting makes soothing noises, but this is all just camouflage. Spotify has learned well from Google and Facebook and Twitter and other operations: users are stupid, ignorant sheep and will simply agree rather than give up the convenience. And of course no matter what Spotify says about controlling collection/access, that will all be rendered moot when they're hacked. (Which, at this point, seem inevitable for every operation of interest.)

      What's broken are not privacy policies. What's broken is that operations are collecting all kinds of data that they should never attempt to collect because their chances of protecting it adequately are zero.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Aug 2015 @ 2:06pm

    On-demand permissions

    And I know that the next version of Android is moving to a similar model, including only asking you to approve privacy permissions at the moment the app is requesting it. In other words, when Spotify wants to access your photos, the app will directly ask you for permission at that moment -- and, assuming it's for something you want to do (like customizing your cover art), you're more likely to grant permission without thinking it's creepy at all.
    It's a good idea, but that's still a broader permission than necessary. They don't need access to your photos, they need access to one photo. A "powerbox"-type model is the (theoretically) standard way to do this in a capability-based OS. For example, when the user drags a photo from their photo-management application onto Spotify, the OS could automatically grant it access—then the user doesn't even see a permission prompt (although for legal reasons, the app should prompt the user the first time if it plans to upload it somewhere).

    One could take this further: let the app reference a photo and paint it on the screen without ever being able to read the data. I think iframes in the web security model work kind of like this (the enclosing page can't read the embedded one). But it's likely overkill.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Cowherd, 22 Aug 2015 @ 1:26am

      Re: On-demand permissions

      Yes. Unless the user can restrict through OS functions the app's access to the specific resources the user wants it to access, a careful user must assume the app will access everything it can.

      The OS should also provide the option pretend to give access without actually providing any data (i.e. allowing an app access to "photos" then returning an empty list). Because some apps will fail to run if overtly denied, either intentionally or because of poor programming.

      reply to this | link to this | view in chronology ]

  • icon
    saulgoode (profile), 21 Aug 2015 @ 3:01pm

    Will do.

    “If you don’t agree with the terms of this Privacy Policy, then please don’t use the Service.” – Spotify

    Done, and done.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Aug 2015 @ 3:41pm

      Re: Will do.

      Yep, cancelled and uninstalled from multiple devices today. We read you loud and clear Spotify, even after the attempted clarification, I don't agree and I will no longer use the service. Someone else who respects user privacy will get my money.

      reply to this | link to this | view in chronology ]

  • icon
    PopeRatzo (profile), 21 Aug 2015 @ 3:21pm

    "clarified in a blog post"

    Since when does a clarification "in a blog post" carry the same weight as a published privacy policy?

    Were they lying then or are they lying now?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Aug 2015 @ 7:09pm

    Transparency in data-rape is not the solution for the simple reason that these companies cannot be trusted to actually provide WORKING user controls (for example, you disable an option, yet a company gets caught red-handed harvesting the data anyway). These companies will NEVER be trust-worthy in this regard, and if public perception of that fact is inconvenient to your ability to rake in the dough - that's tough.

    reply to this | link to this | view in chronology ]

  • icon
    trparky (profile), 22 Aug 2015 @ 8:24am

    Windows 10...

    Someone should do one of these articles on Windows 10. There's a lot of FUD being spread around regarding Windows 10.

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 22 Aug 2015 @ 8:40am

    Daniel Ek of Spotify yesterday shortly after my brilliant comment here, yanked the rug from under Msnick and abjectly apologized for violating privacy of users.

    Read comments to follow-up at The Register: Msnick's "it's crazy, but surrender your privacy" would not be welcome there.

    Of course Ek is lying: that'll all be put back in place slowly because Spotify is STILL losing money even with over 15 million paying and 50 million freeloaders subject to advertising! Spotify is clearly ready to monetize the hell out of even paid subscribers, but found that most people agree with me: streaming is not "social media"; just send me data, don't steal mine.

    One of these days, as with NSA, the corporate spying will reach even the dimwits and they'll be sort of vaguely outraged. I don't claim that will stop it any more than NSA is even slowed, BUT as with Trump suddenly popping to top, there's a burbling undercurrent of common sense that elitist lurbles like Masnick simply don't understand, and it can suddenly form solid and lasting anger.

    reply to this | link to this | view in chronology ]

  • icon
    Marcel de Jong (profile), 22 Aug 2015 @ 6:53pm

    I don't agree that I'm overreacting.

    Just because the CEO says it is all opt-in, the privacy policy should reflect that, and it doesn't.

    The policy basically says: "Don't like these terms, don't use Spotify", also the settings page of Spotify doesn't allow you to opt in or out of anything, except the sharing with third parties, which had been there for a while.

    I don't care what this CEO says. I canceled my Spotify account, because this was a giant breach into my privacy.

    If it's opt-in have the privacy policy say so. This is clearly them backpedalling after the unanticipated backlash that Spotify received. If there hadn't been that backlash, do you really think they'd be saying "no worries, we meant it all as opt-in. Promise!"? Of course not.

    reply to this | link to this | view in chronology ]

  • identicon
    lew, 22 Aug 2015 @ 10:03pm

    Users have to own their data

    I own my data. I may allow Google or Amazon to use my data for our mutual benefit, but no company can do ANYTHING with my data that happens to be in their database without my permission. Likewise, the data structures that Google builds from my email are jointly owned, my data and their processing, and neither of us can do anything with it without the other's permission.

    Having data without permission is certainly a sin, should be a crime. Using it without permission is certainly a crime.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Aug 2015 @ 12:04pm

    I think it's entirely reasonable to assume the worst. If the privacy policy had scope for data to be collected and sold on, that's probably the intention.

    If you give companies the benefit of the doubt and they betray that trust, there is no way to uncollect the data - the cats out of the bag and the horse has bolted. So if you care about the data that's collected you have to assume the worst.

    With recent (and not so recent) data breaches, collection of any unnecessary data should be a concern.

    I'd normally expect Techdirt to take a more cautious/paranoid approach.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Aug 2015 @ 2:46am

    Never heard about this story, dont use spotify, but my imediate thought is,

    They conciously paid someone to spend alot of time to program these features in.......its not a thing you have to program out............that alone, with whats being programmed, tells me that spotify doesnt give a shit about privacy, nor two shits about security and unforseen security exploits..........spotify and any other company who do or have shown this mentality, would have been better off releasing an advert theming it around this one line "dont buy me"

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Howard, 24 Aug 2015 @ 5:01am

    Sorry Mike, but a blog from a company in damage control mode is worth diddly shit.

    If Techdirt has taught me anything, it's "assume the worst".

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.