With the default uBlock and uMatrix rules I use, the article just shows a spinner. I have to enable forbesimg.com that loads article thumbnails and the main css, along with 'vendor' and 'scripts' js.
"FORBES contacted Spotify for a response and is awaiting comment."
This tells you exactly how much time they waited for Spotify to respond. This is 'iterative journalism' at its worst: publish first, investigate later! Completely disgusting.
Why should Forbes wait for comment, when Spotify didn't wait for their users?
It's not as if this is something that took Spotify by surprise, like a data hack, that would require time to formulate a legally-sound response.
They will have been planning and implementing this change for months. They could have issued a press release two weeks ago advising their customers of the upcoming changes, but didn't.
Spotify seem to like surprises, so Forbes played one on them.
> Why should Forbes wait for comment, when Spotify didn't wait for their users?
That's like asking "why shouldn't Forbes stab their users in the face when Spotify shits on their users chests?"
In other words, I don't think he's saying Forbes did Spotify dirty, rather Forbes did wrong by their readers by publishing a story without investigating it first.
Spotify does wait for the user's consent. That's the whole point of agreeing to the privacy policy. Apart from that, Spotify doesn't have anything to do with basic principles of journalism, because they are not journalists.
Any other substantive change to the terms and conditions require prior written notice. For example, slipstreaming in an app update that said 'from right now your monthly fee will be €20' would not be considered sufficient notice.
So why should privacy be Any different? In fact in this Cloud Era, privacy terms are probably of more concern to users than another dollar on their subscription.
The only reason Spotify didn't give prior notice was to put users in a bind on the spot.
If the article is created based on the update from the privacy policy, the last sentence only means that they're just awaiting response from spotify if they'd like to say something.
They're not asking anything, just showing the updates to readers; and IMHO it's a nice kind of journalism for me.
While interesting, it doesn't really matter what they had to respond. The focus was on the policy change, which was fact checked by presenting the document. Some reports don't need two viewpoints, eg as opposed to the normal he said vs she said.
Dude, that's how the real world works. Hacks do not read updates to privacy policies. They get a tip-off and summary of what to write. I don't need proof. That's how it works.
Why? Apple built your telephone; they already know about your "contacts, photos, or media files." They know your GPS location, too.
This reminds me of the quip about conservative folks threatening to move to Canada because they're unhappy about all the corrupting liberal values creeping into American politics.
Maybe that's part of the incentive. If Apple already have your data then you can't give it them twice. Better to limit the number of companies with access to your data to 1 by using the same company for everything.
This isn't a line of reasoning that appeals to me but I can see how you might want to go this route if you've already compromised on security and privacy to get a shiny new iPhone.
I am under no illusions that Apple keeps this information. I've opted out of iAds so I know that my data is not being used against me, and Apple do not sell my data to third-parties.
To be clear, Spotify using my habits and data to improve their service I have no problem with; it makes a better service for me! Same with Apple.
Maybe I should have explained clearer in my original comment (though I thought it was obvious) but I have no problem dealing with companies that I deal with; it's companies I DONT have an arrangement with who I have trouble trusting they wont use my data against me.
And now it appears that Spotify is one of those companies. And all I want to do is stream my playlists on the way to work. Now I have to consider that they may be selling my contacts lists, movements, etc;
It's a plain cash grab at my expense. And I wont do business with businesses that don't respect me or my data.
Explain please how it is ABSOLUTELY not. It must be at least a bit, because you can tick off a few from the list of the definitions:
Noun
cash grab (plural cash grabs)
1. (derogatory) product designed without love or care, with the sole intent of generating profits
2. (politics) Legislation that serves primarily the purpose of generating revenue.
3. An activity engaged in with the intention of making money quickly.
4. The money generated by a cash grab.
5. A game in which players attempt to grab as much money as possible.
You're doing exactly what Forbes wants you to do: fear mongering. Privacy policies are legal liability waivers. They are not statements of intent. There is absolutely no indication whatsoever that Spotify is harvesting your data and selling it to third parties to make some money on the side. That is a ridiculous assumption, and you need to provide damn good evidence if you expect me to even begin to consider that.
What any REASONABLE person would assume is that Spotify is simply doing what everyone else does, which is track your usage of their product in order to better target ads.
And we all know that if everyone else is doing it it's alright!
The next "reasonable" thing to do is to let them use your phone's camera 24/7 to film your life so that they can get an actually good grasp of your consuming habits.
I'm hyperbolising here of course but this trend of using niche features like syncing your playlist's BPM to your pace as an excuse to track even more data and destroy your user's privacy must stop.
I don't understand this concept. I pay $10 a month get rid of ads, to be able to use the mobile app, and to get higher quality streams. There was never any reason to believe being a paid member had any impact on the data Spotify collects from you.
I notice two things: 1) why shouldn't Apple collect the very same data? 2) apparently users are willing to pay for privacy, that's pretty cool! Something like vysk will actually have some space.
"1) why shouldn't Apple collect the very same data?"
How do we know they don't? Has anyone read the privacy policy lately?
I mean, the only reason anyone flipped about Microsoft's privacy policy is because they took the unusual step of making it understandable to the layman. And they were crucified for that.
From a juridical point of view that was really nice of them. It's a step toward Latin Law, where each man is entitled to understand what he is signing (opposed to the Anglo-saxon where you assume anything can get signed, therefore you need additional laws to protect the people - I am not commenting on such laws)
It appears that the privacy policy makes several references to advertising. I pay money so I don't receive any advertising, so Spotify make no money from me that way.
The part that concerns me is that my data can now be sold to someone else, with ever more excruciating detail about me. Thats the part that concerns me; I don't have an arrangement with those third parties.
My experience with panic about privacy policies is that they virtually always sound far worse than they actually are. For example, access to local files (contacts, photos, music) tends to be an all or nothing thing, and Spotify of course needs access to your local music files.
I also don't think they are selling your data to generate revenue. That's a baseless assumption at best and reckless fear-mongering at worst. The one area where many agree Apple Music has got the leg up on Spotify is music discovery. It's pretty obvious, to me at least, that Spotify wants to gather as much data as possible about what you listen to and how you listen to it, then have the freedom to pass that on to third-party data analysis companies who might be better than they are at identifying your tastes. The Discover Weekly playlist, for example, has been a big hit and was created by a company they acquired.
I'm sure the privacy policy is the same for everyone whether you're paying or not. As far as i remember, a huge part of spotify users don't pay, but listen to those awful ads (i have no idea how one can enjoy music with ads).
So i'm pretty sure, they won't show/play us (paying) customers any ads. Because if they would, many people will cancel their subscription (me included).
To be fair, I opened the privacy policy from Spotify just now (I think I updated to a newer version yesterday?) and I don't see any of these things mentioned in the privacy policy, so might wanna hold your horses.
Or, use the money to buy albums (the old fashioned way) and put them on your device or dropbox or whatever. Then you don't spray your private information around the galaxy.
> GPS and motion sensors. Why could they want this? Maybe they will switch up your play list when you go for that run. Seems plausible.
They introduced a running feature a few months ago that does, indeed, attempt to match the bpm of a playlist to your running cadence.
> Contacts. Ok, everything is social, so maybe they want to send your current track to other spotify users in your contacts. Seems plausible.
Share a playlist with a contact. Share a track with a contact. Etc etc. I'm surprised this wasn't already in there if it's really a new addition.
> Photos. Not sure about this one.
Might be related to running. Strava, fr'instance, lets you add photos taken on your run. Or might just be to let you adorn a playlist with your chosen photo.
> Sharing your information with partners.
Doesn't everyone? Isn't this standard boilerplate? Spotify are attempting brand tie-ups in many areas so I can't see this as something out of the ordinary.
The photo one stumped me as well, but I figured it was something innocuous. I remember similarly misguided outrage over the Facebook app's 'new' permissions just a few months (I think) ago.
Side note: these features make me think I should probably switch from Rdio, though I guess some of those use cases are satisfied by Songza...
I THINK, and I could be totally wrong, but I THINK that on at least some platforms, when an app requires access to information stored locally on your phone, it's an all-or-nothing thing. So if Spotify needs permissions to local media files (which it obviously does) then there's no way to grant that without also giving it access to your local photos, for example. Could be totally wrong, I don't know, but I remember hearing that several times.
Awhile ago there was some major app, I think Facebook, that updated its Android version, and everyone freaked out because the new version required a seemingly-outrageous level of access. Some kind soul went down the whole list and explained by everything it requested was critical to the functionality of the app, and I seem to recall one of those explanations involving access to local files.
Also, people need to take a step back and look at these privacy notices for what they really are: legal liability waivers. When Spotify says they are allowed to give your data to third parties, they are not saying "we are selling your data to third party marketers as we speak." They're saying, "if this data ends up in the hands of someone other than Spotify, you cannot sue us." That's it.
Companies need to take a new approach to the permissions they request - especially on Android where these are explicitly shown to the user. Often there are innocuous purposes behind them, but it's rarely immediately clear and results in people jumping to conclusions. Companies should be more explicit as to the reasons they request permissions.
Apps can ask for permissions only if/when they are actually needed for a niche feature, and the user can reject or revoke each permission individually.
> Local law may require that you seek the consent of your contacts to provide their personal information to Spotify
Uhm so how does that work?
I'm not a Spotify user, but quite a few people who have me in their contact list definitely are.
Let's say I don't consent. Which I don't.
Will they have to cancel their Spotify subscription?
Doesn't that responsibility fall with Spotify just as much?
Because in that case, I'll gladly provide my contact list, for Spotify's one time exclusive usage with which they can cancel all the subscriptions of everybody on it.
Sensor data could make sense to pick appropriate music based on activity. Perhaps the idea with the GPS is the same, although personally I'd still prefer not to share that.
I would guess that the new sensor usage and GPS data is for the Spotify Running feature which was announced a while back. From what I remember, it changes your songs based on your running speed. Makes sense to require this additional data.
ok lets say this is true. If I want to continue using Spotify, how do I block them from looking at my pictures and contacts on a stock nexus 5 running a stock android 4.4.3 ?
Apple are just getting dirty in the music business now. They're telling their favorite journalists about Spotify's new privacy policy - like a journalist would ever investigate such a thing!
"Upon opening the Spotify app up this morning, your reporter was greeted with a request to agree to the new conditions."
So Apple hacked the Spotify app to pop up a message announcing the new privacy policy? On iOS, Android, or both? Either way, that's quite an extraordinary claim.
I find the idea that Spotify made the change itself and that tech journalists routinely check for changes in privacy policies searching for something to write about much more plausible.
So, please give some evidence that this is what happened.
Think you misunderstood that aspect of jamesblonde's comment. He's suggesting the journalist is pushing Apple's PR for them. It does happen, journalists often use content PR firms send them. I have no idea if it happened in this case.
Not really. Brews is covering topics like privacy, so the updated policy and the additional permissions might have peeked his interest. http://www.forbes.com/sites/thomasbrewster/
I have no problem with journalists pointing out flaws, but especially forbes likes to know a lot about its readers.