iTunes Update: Apple's Looking Over Your Shoulder · 740 words posted 01/11/2006 07:33 AM
As noted at TUAW, iTunes 6.0.2 contains a new feature: the MiniStore. It’s neat, at first. Sort of.
But not really.
Each time you play click a different song, the MiniStore features information about the artist currently playing, as well as “Listeners Also Bought…” Here’s a full size capture of Apple marketing in action: as you can see, I’m playing Mary J. Blige covering U2’s “One”, and the MiniStore shows other albums from Mary J. Blige and U2.
This means, of course, that every single time I play click a song the information is sent back to Apple. You can turn off the MiniStore at the click of a button, but it’s not clear whether turning off the MiniStore is the same as turning off the flow of data (one doubts it). And don’t bother looking for a way to turn this “feature” off in the Preference pane: it’s not there.
In fairness to Apple, I didn’t read the iTunes software license when I updated. So let’s have a look. I’ll be waiting here when you’re done.
Back so soon? Did you read the whole thing? OK, I didn’t either. But the music store receives scant mention:
This software enables access to Apple’s online music store which offers downloads of music for sale. This store is open in the United States and may be open in other select territories. Use of this store requires Internet access and requires you to accept additional terms of service which will be presented to you before you can use the store.
The iTunes software license doesn’t actually provide a link to the Music Store Terms of Service, but I do: read it here.
Here’s what Apple says about my information (emphasis mine):
Your Information. You agree to provide accurate, current, and complete information required to register with the Service and at other points as may be required in the course of using the Service (“Registration Data”). You further agree to maintain and update your Registration Data as required to keep it accurate, current, and complete. Apple may terminate your rights to any or all of the Service if any information you provide is false, inaccurate or incomplete. You agree that Apple may store and use the Registration Data you provide (including credit card and PayPal account information) for use in maintaining your accounts and billing fees to your credit card or PayPal account.
That’s it. Apple doesn’t say that it can transmit or store information about the songs I play back to the iTunes Store. In fact, the Music Store TOS expressly incorporates the Apple Customer Privacy Statement.
The Privacy Statement contains the following language:
We also collect information regarding customer activities on our website, .Mac, the iTunes Music Store, and on related websites. This helps us to determine how best to provide useful information to customers and to understand which parts of our websites and Internet services are of most interest to them.
But this caveat is cited specifically in the context of collecting billing information (such as address, phone number, and credit card).
Either the privacy statement means something, or it doesn’t. My sense is that it doesn’t: the general exceptions Apple carves out for itself in the Privacy Policy are large enough to drive a truck through, making the specific exceptions in the iTunes TOS meaningless.
What’s to be done? Probably not much, other than steal your music from file-sharing services and play it with open source players (presumably the sort of behavior Apple wishes to discourage). Either that or acquiesce as yet another corporation takes, without asking, just a bit more of your privacy.
Update 1: Thanks for all the comments. Rather than reply to each argument I’ll try to distill them in a separate post: An Update About the Update.
Update 2: I’ve also added an entry about Apple and Omniture, the third party marketing company to which iTunes 6.0.2 sends TCP and HTTP GET packets.
Update 3 (1/12/05): Several readers have contacted me to point out that iTunes sends the data in question only when you click a song, and not when any new song plays. I have corrected the language in two places to accurately describe the behavior. My original sentences read “Each time you play a different song” and “every single time I play a song.” I have now substituted the word click for play, and left the original language intact so the correction is obvious. Thanks for the feedback.
* * *
3. On Jan 11, 08:24 AM Coal Restall said:
Just tried it with Little Snitch, and indeed it makes no attempt to make a connection until you open the Mini Store. #
4. On Jan 11, 08:26 AM since1968 said:
But that’s not really the point, is it, anonymous John? iTunes launches with the MiniStore open by default. Should an end user have to install third party software to trust iTunes? How many iTunes users have Little Snitch installed? Should Apple be able to collect this information without informing its users?
Matt, thanks for the Winamp tip. #
5. On Jan 11, 08:32 AM Robert Wolf said:
“Either the privacy statement means something, or it doesn’t.”
I think it does. The whole purpose of it is to help show users familiar music that they might like. (Like with Google or Amazon.) To kill those connections, just use Little Snitch.
“What’s to be done? Probably not much, other than steal your music from file-sharing services and play it with open source players (presumably the sort of behavior Apple wishes to discourage).”
You are overreacting. #
8. On Jan 11, 08:52 AM since1968 said:
Robert says I’m overreacting. Maybe so, since the comments are running 5-1 against my points. But I’m not convinced, yet.
Robert wrote:
The whole purpose of it is to help show users familiar music that they might like. (Like with Google or Amazon.)
Maybe—but when I go to Amazon, I know I’m going to the Amazon web site. When I open iTunes I don’t know (and haven’t agreed) that I’m constantly sending data to the iTunes store.
And that’s what bothers me more than the loss of privacy: the idea that just by using Apple’s software I’ve implicitly agreed, contrary to Apple’s privacy policy, to send pretty much whatever information Apple wishes to collect without my consent or knowledge.
It would bother me much less if a) Apple were to make this clear on installation, or b) Apple were to make this clear in their privacy policy—I still think the privacy policy implies that they don’t collect this sort of information, or c) Apple turned off this feature by default, and allowed me to turn it on if I chose to do so. #
9. On Jan 11, 08:55 AM since1968 said:
banton, have a look at the language I quoted from the iTMS TOS—I think the information they’re collecting is pretty clearly beyond the scope of the information they claim to collect. But I may be misreading. Again, here’s the link. #
10. On Jan 11, 09:01 AM Tone said:
This is much ado about nothing. You close the mini-store, and nothing about your listening is sent. That is exactly as one would expect.
I don’t understand at all why this would change the level of trust you have in iTunes. It could have been feeding your playing to Apple for years and you wouldn’t have known it without using Little Snitch or something.
Note also that iTMS has been tracking your buying (with a very visible option on the front page to turn it off) for many months now.
Scandalmongering is all this is. #
11. On Jan 11, 09:30 AM Mr. Nosuch said:
I agree Apple should be clear about whether they store this information or not. However, since this data is only sent when the functionality is turned on (and clearly, the functionality could NOT work without some data being sent) this is hardly something to get ones knickers all wadded up too much.
Apple should be forthright about if the data is kept, or merely used to update the Ministore. My guess, frankly, is that they don’t store it, but we shouldn’t have to guess. #
15. On Jan 11, 09:58 AM peter said:
i also find that behaviour more than a little disconcerting. this is not good business practice. features like that should clearly be “opt-in” instead of “opt-out” – this is a very important difference.
it is a question of mutual trust; i start losing trust in apple if they start enabling such features by default and forcing me to opt-out if i don’t want it. it makes me VERY uncomfortable, feels like i have to watch my back all the time and lookout for auto-enabled opt-out features, thus destroying my trust in apple not to be evil.
as it turns out, maybe you have to be evil in order to stay successful… #
16. On Jan 11, 10:20 AM cw said:
I’m not sure I understand the complaint. When I click on a track the information about that track is obviously being sent to the ITMS and information is returned about similar music. That doesn’t mean any information ABOUT ME is being transmitted. How is this any different than my RSS agregator going out and returning information I’m interested in? Or an auto-updater telling me there’s a new version of the software?
The fact that there is no mention of personal information being collected or sent in the ULA could just mean that there isn’t anything going on…not that they’re trying to hide something. #
18. On Jan 11, 10:39 AM Dan said:
Can anyone clarify exactly what data is being sent to apple with the ministore turned on? I have no time to be tinkering with ethereal / tcpdump here at the moment.
I’m guessing it would be the artist name and track name. May be some other mp3 tags. Of course apple might go as far as logging your IP address against that request – as would any web server you visit.
I would be very suprised to find that your appleid, name, phone number, listing of installed apps, bank account balance, show size or other such personal data would be being sent. If this were some other company in question I might be a whole load more paranoid…
There’s enough conspiracy theories out there already, it would be nice to see some more research being done before crying wolf… at least I really hope that this is a case of crying wolf! #
19. On Jan 11, 10:59 AM Steve said:
I am running 6.0.1. It does not have the mini-store but when I go to the iTMS it has a “Just for You” section with surprising entries. I worry that they are not basing that just on what I have purchased.
I am about to install Little Snitch to see what’s up. I may or may not upgrade to the 6.0.2. (At least not yet.) #
20. On Jan 11, 11:06 AM Julian Bond said:
When iTunes reports back to base what you’re playing it’s evil. When Last.FM reports back what you’re playing it’s really neat.
You gotta larf, right?
Of course what Apple should really do is to copy all that juicy last.FM functionality (perhaps by buying them) and make a big noise about the benefits rather than skulking around getting the data without telling anyone. #
21. On Jan 11, 11:37 AM Mike Cohen said:
I’m listening to an album not in iTunes Music Store (“Orientation” by Thione Seck) and I just get random stuff in the ‘mini store’. #
22. On Jan 11, 11:39 AM banton said:
since1968 You’re absolutely right on the case of the TOS. The only comments on user information and its responsibilities were concentrated on the user posting or submitting . I’ll do tcpdump when I get home and try to see what’s going on. Still, there has to be a reason why the ministore is only functioning whilst registered and logged in to iTMS. #
23. On Jan 11, 11:58 AM Steve Borsch said:
**********
I submit that what you’re describing is already being done by Apple, is pretty simple, and more could be going on than what you wrote about today. In fact, the collaborative filtering they’re doing in the Mini Store is ostensibly to add value to the shopping experience and upsell and cross-sell music.
In November, I posted “iPod, iTunes and what Apple knows about YOU” (URL: http://borsch.typepad.com/ctd/2005/11/ipod_itunes_and.html ). My post talks briefly about sort of “Data Mining 101” possibilities that Apple—with their 10 million plus credit cards on file required in order to have an iTunes account—could simply compare data about what’s listened to, what’s skipped, with data about the listener.
Having worked with dozens of companies during the dotcom heyday (was at Vignette), five years ago I saw firsthand the analytics and data mining happening with clickstream data, personalization based on surfing, and reporting. (We had the tools and sold ‘em and I know the capabilities). The last two years I worked with business intelligence partners at the company for whom I ran strategic alliances ( e.g., Business Objects) and what I described in my post is so brain-dead-simple to do that I’d be stunned if Apple WASN’T doing it—and much, much more.
Building awareness of how our “attention data” is being captured and used fits the mission of AttentionTrust.org. Check ‘em out as we all need to educate people of what’s going on (like your post) as well as making sure that guardrails are put around what companies can and cannot do with our clickstream data. Otherwise, when the IP address database offerings are matched with credit card profiles and married with our choices (think Google wrapping ads around our searches that are LOCATION specific since they’re aware), these companies be better able to predict our behavior than we will.
And God forbid they get together to share one another’s data!
********** #
24. On Jan 11, 03:46 PM Robert Wolf said:
It’s like audioscrobbler, which is useful, though they should have made it disabled from the start. If Apple had done that, this would have been more positive I think.
“It would bother me much less if a) Apple were to make this clear on installation, or b) Apple were to make this clear in their privacy policy—I still think the privacy policy implies that they don’t collect this sort of information, or c) Apple turned off this feature by default, and allowed me to turn it on if I chose to do so.”
I agree. #
25. On Jan 11, 06:24 PM cw said:
I don’t think you have to double click on a song. I’ve got a playlist that was ripped from “Paste” magazines CD. I can single click on each song in the playlist and be presented with links to that artists titles on ITMS.
I still don’t get how this is violating my privacy. Amazon.com does the exact same thing when I look for books. #
26. On Jan 11, 06:39 PM Nick Normal said:
i’m definitely not a apple fan to begin with, but i’m forced to work on one at work, and i’ve never liked iTunes either, and there are plenty of other freeware players out there, i use mp3 dock here:
http://www.softwarium.com/mp3dock.html
use it, it’s clean which is all you mac users are fussy about right? it’s low-profile and pretty intuitive. #
28. On Jan 11, 10:31 PM Gavin Cooney said:
I just spent 10 minutes looking for a way to turn off the mini store before reading this blog… as you said, no mention of it in preferences. The mini store is a pain.
I don’t mind the privacy issues… i wish they’d just upload my entire library and stop suggesting albums I already have in my iTunes.
Hey, where did you get U2 & Mary J Blige doing One? I can’t find it in iTunes (i’m using the irish iTunes store which has less music than the american one). If it’s an MP3, i don’t suppose you could email it to me?! please! #
29. On Jan 11, 10:52 PM since1968 said:
Sorry Gavin, you’re on your own with the Mary J. Blige/U2 MP3. Here’s a link to the iTunes track, but I don’t know whether this will work in the Irish store.
I saw them perform together @ Madison Square Garden and the song really smokes. #
30. On Jan 12, 07:24 AM Sarah said:
The difference between iTunes and Amazon is that Amazon is a STORE that you specifically have to visit and provide information to before they can collect and link information to you personally. (I know they can track cookies and the pages anonymous browsers look at, but that’s not the same as linking it to names, credit card numbers, etc.)
iTunes is a media player, a tool that comes with the computer, that happens to have a store built in for our convenience that you can clearly turn on and off – a BIG difference. The average user simply does not expect iTunes to automatically send data on their personal libraries without their permission. They just want to hear their music.
With both stores, I fully realize when I decide to buy something that I’m going to be providing them with personal data.
However, I didn’t know this iTunes mini store had sent any data to Apple until AFTER it happened. At first I thought it was something as equally static as the Quicktime Player “Content Guide” which I always turn off after installing. Then I noticed the display was changing based on what I selected. By that time, it was too late and I’d already sent this information without my permission.
It’s the circumvention of asking my permission that I’m pissed about. Sure I can turn it off NOW, but it’s too late. Apple has managed to retrieve at least a few pieces of data from me. That may not seem like much, but every single person who just installed iTunes has had the same thing happen to them, without their permission.
Even if they correct the software next week by putting up a disclaimer, all those little pieces of data that will have already been sent will amount to a sizable chunk, and I bet it’s quite a nifty overall look into their average user’s libraries, all without asking any permission. That’s just wrong. #
31. On Jan 12, 12:18 PM muktuk said:
You’re not over-reacting, if I’m reading correctly. It isn’t so much that you’re saying iTunes shouldn’t be allowed to have this feature, but users need to be made aware in case they mind.
Privacy Policies need to be complete and honest. That’s the point of having them. #
33. On Jan 12, 01:07 PM Daedala said:
Oddly, when those few users who already have iTunes use Software Update to download and install the 6.0.2 update, we get two different EULAs. Neither of which mention this. Nor does the update description. The EULA I got before I downloaded and installed was different from the web page you linked to; the EULA I got when I first started it appears to be the same.
All this stuff about looking at the original download page is pretty specious, given the installed user base. I don’t check out changelogs for .02 updates. How is someone who wouldn’t want to send information to Omniture supposed to know and close the ministore before that first click? #
34. On Jan 12, 01:20 PM since1968 said:
Daedala, as nearly as I can tell none of the EULAs available when I wrote this article mentions Omniture. I expect this to change. Also:
All this stuff about looking at the original download page is pretty specious, given the installed user base.
I agree. I don’t know what most people do, but I download updates from the Software Preference Pane, not from the iTMS or Apple’s site.
In Apple’s defense, they’re clearly advertising the MiniStore as a feature on the new iTunes page, but this does nothing to address the Omniture issue. As you point out, that first click sends data to Omniture before you have the option of closing your MiniStore. #
35. On Jan 13, 09:08 AM ChrisS said:
I personally think this is a ridiculous and pointless argument.
Unless Apple start using my credit card and downloading content automatically to my machine based on what I might like, I really couldn’t give a monkeys. At the end of the day it’s just another feature you can switch off (which I have but purely based on it’s UI positioning, which I find more offensive).
You don’t have to update and you don’t have to use iTunes and you can switch it off at the end of the day. #
36. On Jan 13, 11:04 AM Andrew said:
I personally don’t have an issue with this particular data being collected but that is not to say that I don’t want to be told or that Apple should not disclose this.
To say that Apple should be cut some slack as one previous poster stated is being overgenerous. Why should Apple have the slack not afforded to other companies. It is true the data is this instance is not particularly sensitive but it is a level playing field Apple should be playing on, and should operate by the same rules. Sure, gather the data, but disclose this upfront – simple. #
37. On Jan 13, 01:27 PM Andrew M said:
You lot feeling OK? Sounds like you have way too much time to complain about things. Its not as if Apple is covertly gathering your tax and national insurance details!
My music collection might be shameful in places, but will I be losing any sleep about a server recomending me some tunes I might like? I Think not! #
38. On Jan 13, 02:41 PM David Hambric said:
You are not overreacting,... at least not nearly as much as those defending Apple’s boneheaded move with 6.0.2. I still have 6.0, and when I go to iTMS, I expect there to be some give and take of information/services, but once I close that connection, I want the flow of data to cease. I (hesitatingly) believe it does in 6.0, but apparently not without additional action on the user’s part in 6.0.2 Not cool.
Apple/Jobs have finally made inroads with the broader consumer market, they’re coming in from the cold, so to speak. But like the previous incarnation of Apple/Jobs, they seem tragically destined to screw it up again by spitting on the goodwill of new and potential customers. A choice made based on products/services offered is potentially more lucrative than one that is simply the ‘lesser of two evils’ (Bill, Steve, you know who I’m talking about…) #
39. On Jan 13, 03:04 PM James said:
Havnt you ever noticed that Windows Media Player does exactly the same thing? Also the fact the Windows stores every action you make on the Internet and within the computer on a small hidden file that you cant delete?
Judging by your screenshot you are using an Apple Mac, so you must be aware that these machines are far safer and secure than Windows will ever be; shouldnt you be spending more time critising (or actually doing something about) the blatent privacy invasion that Microsoft has done for years, rather than overreacting to a small feature that Apple has introduced to try and encourage the user to try out more music? Okay it is also a marketing thing to try and make more money, but its obviously not stealing your personal information! #
40. On Jan 14, 01:21 AM since1968 said:
Sorry to be slow to approve the last round of comments; I was on the road today.
James, of all the counterarguments I’ve heard yours is my least favorite. I’m sorry buddy, but I’m going to award you the booby prize. ;-)
You wrote:
Havnt you ever noticed that Windows Media Player does exactly the same thing?
No, I haven’t noticed that because I don’t use Windows Media Player. I buy Apple machines and run Apple software because it’s well designed, easy to use, built on Unix, and has a much better reputation for security and privacy than Windows. And James, it will only stay that way if people speak up when they catch Apple’s hand in the cookie jar. #
41. On Jan 14, 11:46 AM Dantheman said:
Why have I-tunes got it intergrated in, so to turn off the ministore you need to turn off the music store. This seems like some secret marketing ploy to me so to actually turn the mini store off you have to turn the music store off which means you cant buy music.-it just seems like another marketing ploy and a way to keep tabs on your spending to me. Tell me what you think? #
42. On Jan 15, 08:29 PM Ramon Leonato said:
We are in the times in which the people have to protect
each other. And we all are the people, and the ones that are against the people are
the powerful that will not take into consideration peoples rights.
What NSA is doing is an abuse, but the people that
communicate through the internet are very vulnerable to abuse, not only by the
governments, but also by mafias and groups of a diversity of allied criminals,
some of them acting with white gloves.Internet is today the field
for criminal activities. In the last few days I have been receiving an enormous
amount of emails which were fake from ebay, pay pal, the Netherlands Lotto
etc… trying to get from me my password to this accounts. And some of them
looked so good that could be mistaken by the real thing, but users of the
internet that engage in criminal activities disguise themselves in anonymity
that internet provides.
Our communications throuh the internet are surveiled since
time immemorial by NSA, and a wealth of information about us can be collected
and may be collected. And this is a great danger to the people, and no law
protects us these days.
What about an internet between authenticated and
identified users… so that the majority of internet users that don’t mind to be
identified because they live in a free country and at the same time, not being
engaged in fraudulent activity or criminal activity don’t mind to
inter-communicate with other identified and authenticated members of the net.
Why should anyone want to be anonymous if not engaged in criminal activity?
This is my point. We should suport the institutions,
companies and private people that support the target to bring privacy and security within identified
users when using the internet to communicate This is the case of a company called
Amteus.
Now, once in communication with an identified user, which
is properly authenticated, then you provide privacy, so… unless you want to
make it public, nobody can access your communication because it is properly
secured and encrypted. i.e. it travels in a closed envelope and it is
unlawful
to open it, and it is being between identified and authenticated users that
trust each other. Otherwise, not only the governments with their
NSAs involved in their own
practices will snoop on us, but gangs of gangsters will easily intercept our
communications, phishing like the email I have received will only be the
beginning. I am starting a website to support
this kind of approach.
This requires legislation, but also requires technology.
Like the one developed by
Amteus. But
there are many
other.
I hope that the people with vision that have given to the
internet a view that will promote freedom and cleanliness, like
John Perry Barlow will help this
company to succeed in a very honorable project.
It is very distressing these days what is going on with
the Internet. Hopefully companies like Amteus
Plc that are bringing a technology to overcome this problem of snooping,
spam, phishing etc.. will survive attacks from those that hide behind anonimity.
Ramon Leonato #
43. On Jan 16, 03:38 AM Lampie said:
1968 has it right. this is not only wrong of Apple, and bad PR for Apple, but a foot in the door for other worse transgressions.
Proof?
All the people who are posting that it’s OK because others have been doing it before Apple.
By the way, while what songs I play may be trivial, so are most things, by themselves. A credit card number is trivial without other information.
Data mining uses the fact that if you put enough trivial information together, the results are not trivial.
When you add the fact that your Apple ID is one of the things transmitted, I don’t think “paranoid” is the right label.
If Apple has nothing to hide, why no answer from them? Why no answer from Omniture? Why does Omniture hide behind a fake local IP address?
They collect our info while hiding their info.
Hmmm. That can’t be good.
Lampie #
47. On Jan 24, 05:16 AM Rod Pascoe said:
This is the sort of feature that we’re all getting used to in our apps now. It’s making the whole experience a better one for all of us. As has been said before it’s not credit card info etc being sent. This is a genuinly useful feature and I’d be happy wether it was Apple or M/Soft that was doing it. They are trying to make the app BETTER guys! (P.S this is the FREE app that they gave us remember ;-) ) #
1. On Jan 11, 08:12 AM john said:
Or you could do 20 seconds of research, because that’s all it takes to realize that when the ministore is turned off, itunes no longer sends this data. Verified with ethereal and little snitch. #