Follow

I was asked to help conduct this research & write a report on 'Privacy in the EU and US: Consumer experiences across three global platforms' reviewing Amazon, Netflix & Spotify. It's only scratched the surface eu.boell.org/en/2019/12/11/pri I've mainly used Twitter to comment on it twitter.com/PrivacyMatters/sta but intend to use Mastodon more

· · Web · 2 · 8 · 5

Spotify engages in a lot of behavioural tracking/profiling in the name of making your account / content more personalised & advertising. It's quite something.

Here's 'Spotify For Brands'spotifyforbrands.com/en-US/aud

"We’ve found that how people stream actually tells us a lot about who they are. Our data team has identified five key streaming habits that can help you understand your audience, & better inform your planning"

Show thread

"The most exciting part? This new research is starting to reveal the streaming generation’s OFFLINE BEHAVIOURS through their streaming habits." [MY EMPHASIS]

YOUR streaming data reveals your OFFLINE behaviours. Don't forget, Spotify obtains data about YOU from 3RD parties.

BUT ....

Show thread

It is unclear precisely what personal data is obtained from what 3rd parties & the legal basis (consent or LI). Spotify publishes an Art 15 notice that is insufficient IMHO support.spotify.com/uk/account

I note the Swedish DPA is querying Spotify on Art 15 matters & that very much reflects my own challenges of unsuccessful attempts to obtain supplemental information from Spotify as per Art 15 of the GDPR. datainspektionen.se/globalasse & musically.com/2019/06/13/swedi

Show thread

Back to Spotify for Brands.

"Moms on Spotify. Moms’ streaming habits tell us a lot about them."

I note that Spotify is also trialling Spotify or Kids (Ireland) & so it will get more interesting as Moms share what kind of music they listen to while bambino is in the womb ....

Show thread

"Spotify analyzed the distinctive streaming habits of Spotify listeners, identifying variations across demographics, platforms, dayparts, music tastes, and behavioral audience segments (sourced from internal first-party data"

"To supplement this analysis, first- and third-party attributes were merged to understand how streaming habits are related to branding measures and purchase behaviors. "

Show thread

Not only is there Spotify for Brands, but also the Spotify Ads Studio adstudio.spotify.com for real time interest and context based advertising.

"Every swipe, skip, and shuffle helps power our targeting solutions so your message can be heard by the right listeners."

Show thread

So what about some of those privacy impacting default settings? Spotify desktop app (Mac OS) spotify.com/uk/download/mac

When you install the app, Spotify sets a 'privacy' default to ON for cookie tracking, hidden in 'SHOW ADVANCED SETTINGS' (bottom of settings page).

Privacy should be the default not an advanced setting.

See next Toot.

Show thread

In the desktop Mac app go to your profile. Select 'settings' scroll all the way to the bottom of the settings page. ▶️Click 'Show advanced settings' ▶️Privacy.

The Privacy setting has a slider button that is off & that = cookie tracking ON for the app installation ⬇️

Show thread

The desktop app 'Privacy' setting is hidden in 'show advanced settings' (& that individuals are not told about in any transparent way), states, "Block all cookies for this installation of the Spotify desktop app; read more details here [links to spotify.com/us/legal/privacy-p]." .. BUT

Show thread

Individuals are presented with text that may dissuade people from changing a default that supports Spotify Tracking: "Please note that enabling this setting may negatively impact your Spotify experience. Changes will be applied after restarting your app.”

Show thread

That 'privacy' default enables cookie tracking via a greyed out slider button. I wonder how many people might think as it's greyed out it's not on and so no tracking taking place?

Show thread

Slide the button to green to disable cookies. It's not clear what purpose this default setting serves. For example, the 'read more details here' takes you to the Spotify privacy policy that doesn't refer to desktop app but the Cookie policy does spotify.com/us/legal/cookies-p BUT

Show thread

Under the heading 'Cookies on the Spotify Desktop Application' in the cookie policy, it says "You can withdraw your consent to our use of cookies on Spotify’s desktop application at any time." <Consent when based on opt-out? PLUS NO transparent notice given. NO opt-in sought or obtained - consent? Hmmm

Show thread

And there's that dark pattern nudge again. "Please note that if you set the Spotify desktop application to block cookies, then your Spotify experience may be affected." 🤔 Spotify doesn't explain in what way your experience may be affected.

Show thread

But that's NOT all. From within the desktop app profile, click 'account' - this will open a web browser. Or simply log-into your account via a browser. On the left menu, click the 'apps' option - a 'Spotify Advertising Cookie' is automatically set to 'enable Spotify [tailored] ads'. This is done without an individual enabling 'access'. Consent? No.

Show thread

Also, even if an individual revokes access for the Spotify Advertising Cookie, the cookie seems to re-spawn as I have discovered

Show thread

You may also wish to visit 'account' 'privacy settings' and consider those Facebook and Tailored Ads defaults set to ON without notice or prior-choice ..... "your privacy ... will always be, enormously important to us .." but

Show thread

The language of normalising surveillance "we want to give you the best possible experience to ensure that you enjoy our service today, tomorrow, and in the future. To do this we need to understand your listening habits so we can deliver an exceptional and personalized service specifically for you." However, ⬇️

Show thread

There's extreme ambiguity over what is considered & necessary to provide 'personalised service' and what is behavioural advertising or technical functionality ...

I'll toot more later this week ... also on Amazon and Netflix.

Show thread
Show newer

@Privacymatters I wonder if premium users who pay and therefore do not get shown ads is still served this tracking cookie.

@Privacymatters
By "may negatively impact your experience", in which way this could actually be the case for the user ? As i knew, I've already had the reflex of tweaking it on all my previous Spotify installations and i haven't notice anyjdifference as an ex-3 years user.

@poorpocketsmcnewhold Indeed. It isn't explained. IMHO such language is used to dissuade an individual from taking an action that is not in the company's interest.

@Privacymatters Hi Pat - I haven't read the report yet but quickly skimmed through. Are there significant differences regarding Spotify between gratis/paid-for-subscription users?

@Privacymatters OK thanks. The report looks really good by the way - easy to navigate and well summarized - well done.

@hugo Thank you. All thanks to TACD and the Heinrich Boll EU office for asking me & the invaluable support of some folks.

@Privacymatters Unfortunately no. Couldn't find an excuse to come and get one day off the firm!

@Privacymatters Interestingly, the only platform from Europe (Spotify) ranks as the worst in many aspects...

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!