But at least it asks you....
...not very nicely ... but it asks you...
New terms and conditions popping up on Spotify users screens give the music-streaming company sweeping new rights. The “What we collect” section of the new terms seems scary enough: By using or interacting with the Service, you are consenting to: the collection, use, sharing, and processing of information about your location …
All the streaming services do similar stuff, there's not really that much difference. See this comparison for example. Excerpt;
"Apple, meanwhile, wants to:
...collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location."
I may be old-fashioned, but I'll just stick to buying my music, thanks.
Why do people try to make an argument for something by stating that someone else does it too to a lesser or greater extent?
So if I slice your arm with a knife it's OK because some other mugger would stab you in the stomach or chest. Please just state why something is good or bad on its own (de)merits. I was once told that smoking was good because they could be smoking harder stuff. Childish logic that proves nothing.
I cannot wait for someone to hack the shit out of all the data miners and spread it on the net, or just abuse the fools who give up everything because its 'Free'.
I cannot wait for someone to hack the shit out of all the data miners and spread it on the net, or just abuse the fools who give up everything because its 'Free'.
As we all know (or should know), it's not "if" a site gets hacked and the data released into the wild, but "when". I believe you'll have your wish. The problem is that the 'Net is a target-rich environment and it may be awhile before they (Spotify) get their hack.
Why do people try to make an argument for something by stating that someone else does it too to a lesser or greater extent?
I made no such argument. The person I replied to was suggesting that the bad Spotify terms would make Apple Music a good option. I pointed out that Apple Music also wants to collect and use all sorts of personal data, and so might not actually be a much better option. I didn't say it was OK in either case, quite the opposite, if you read what I wrote.
I had read some other reports on the new terms before wandering round to El Reg and it seems Spotify's 'defence' is they will only collect / use / exploit the information they acquire under some particular circumstances, where the user / victim has granted permission, but that's not quite what the terms themselves say. It appears to give them virtually unlimited scope to do whatever they damn well please.
I accept that it is sometime difficult to come up with terms to allow something without appearing to allow more than is intended but that can usually be clarified by having some statement of "but only when the user explicitly allows us to".
Spotify doesn't seem to have any of that. Just saying they won't doesn't mean they won't and particularly once given permission to do so.
It's the "you won't be able to use our service but we're still going to bill you" that cracks me up. There's no technical problem, but we just feel like doing it.
I suspect spotify is going to learn how fickle Internet users of free services are. Perhaps not straight away, but it will happen. Someone will accidentally allow spotify to tweet or advertise on fb that they are listening to Celine Dion, the newspapers will pick it up and the userbase will disappear.
To which you may "choose" to accept and continue using the service, or refuse and be banned from using it any more.
That is not a choice.
I think it is high time for this EULA/T&C issue to be brought to court. The users who signed up for the service in the beginning did not sign up for this, and there is no right to foist it on them now under pain of banishment. Feels very much like a bait-and-switch argument to me. Come on in, we'll allow you to listen to music, in exchange for money. Oh, now that you're in, you have to agree to selling your soul and that of all your acquaintances, else you can't listen to anything anymore, but we keep your money until you cancel explicitely.
Not acceptable.
It is time to oblige companies to respect the contractual obligations of Commercial Law. If payment is required for a service, then it is a contract. If it is a contract, then one side cannot change the conditions without consent from the other side.
That means that Spotify should not be allowed to change its T&Cs without user consent. No banishment should be possible if users refuse, Spotify should continue to provide the service that users initially signed up for.
"It is time to oblige companies to respect the contractual obligations of Commercial Law. If payment is required for a service, then it is a contract. If it is a contract, then one side cannot change the conditions without consent from the other side."
Most contracts contain a "subject to change at any time" clause, sometimes including a "without notice" disclaimer. Since it's part of the contract, it's enforceable unless there is a specific law which forbids the practice (and last I checked, no such law exists). It's like with laws themselves. Laws can be changed to make things illegal and so on. It's just that (in some jurisdictions like the US), the law cannot be retroactive and must only apply to anything going forward.
Hmmm. Hard to understand the posters who downvoted this accurate appraisal of an unacceptable situation.
I wonder what the courts would make of this kind of tactic. When I try to explain to cynical friends (Oh! It doesn't matter etc.), I use "real life" analogues. Driving into a garage to buy some petrol and having your car searched "to serve you better". Being frisked when you walk into a shop and having your pockes turned out "to serve you better".
If that still doesn't convince them I ask how they'd feel if someone was following their teenage children around, taking notes on where they went, who they talked to and taking photographs and videos of them. That usually gets their attention.
Still, with MS getting on the bandwagon with Win 10 it's becoming an arms race to see who can be the biggest snoop.
Everyone's doing it these days. AdvancedInstaller (who, apart from the following, make a very good product), recently added "Analytics" that phones home with all the details every time you install an MSI built with their software. See http://www.advancedinstaller.com/analytics/.
You don't even need analogues.
I refused to accept a change to PayPal's T&Cs a while back so they blocked the account. I couldn't even delete it without accepting the new T&Cs. By itself, this wasn't much of a problem as I only ever used it on eBay and I'd abandoned that pile long before.
However, since that incident, PayPal has become a generic payment processor. And what I've come to find out is that they now block my use of any of the credit cards I'd attached to my PayPal account with merchants that happen to use PayPal as their payment gateway.
B*stards!
(Maybe this will resolve itself as the cards expire, but as the number stays the same, maybe not. Anyhoo, let's just say anyone using PayPal as their only gateway is not going to get any business from me anytime soon...)
"he users who signed up for the service in the beginning did not sign up for this, and there is no right to foist it on them now under pain of banishment."
Um... yes, there is. They can refuse to deal with you if you refuse the T&Cs. This also applies when, just for example, your bank sends you a letter informing you that they've changed the T&Cs on your bank account. Try writing back to them saying they've no right to do so and that you'll take them to court about it. In fact, try asking your legal representative if he thinks you'd have a case.
Just because you signed up to a service at one point on one rate does not mean that you have a legal right to receive it at that rate forever after. And that's a GOOD thing - otherwise, your employer would never need to give you a pay rise. Ever.
Please explain how the conditions of use have anything to do with the rate at which the service is charged.
Real-life analogy : you rent an appartment. After one year and one month, your landlord tells you that, in order to continue living in that appartment, you have to give him your Facebook pwd and the names of all your friends. if you don't, he'll throw you out.
Apparently, you think that that is normal. Congratulations, you are part of the problem.
"Real-life analogy : you rent an appartment. After one year and one month, your landlord tells you that, in order to continue living in that appartment, you have to give him your Facebook pwd and the names of all your friends. if you don't, he'll throw you out."
It may be weird in context, but is it forbidden by law? Probably not. As the property owner, he's allowed to set his own terms unless restricted by law. It's like a lot of the landlords I know that hassle you about personal checks to pay the rent (they prefer money orders) on the risk that one will bounce.
> It may be weird in context, but is it forbidden by law? Probably not.
I suspect that in all of Europe that landlord could land in legal trouble. Here in Krautistan he'd almost certainly receive the best of legal hell we have to offer, even attempting to breach the privacy of personal communication is something that judges tend to get quite irate about.
"personal communication", because not all of farcebook is completely in the open, at least nominally.
The landlord (and tenant) can only do what the contract (and, in my case, English law) allows. If the tenancy agreement allows the landlord to vary the terms of the contract in this manner with no agreement from the tenant then he can, and the tenant would be a bloody idiot for having signed a contract like this. More likely, a tenancy agreement will not allow such changes and if the landlord wanted to change the terms he'd either have to get the agreement of the tenant to a change in the agreement (and the tenant would be at liberty to negotiate consideration for the change - e.g. a rent reduction) or give the tenant notice IAW the existing contract terms and then try to get them (or new tenants) to agree the contract with the Facebook, etc, terms in it.
The important thing is that either party can only do what the in-force contract (legally) allows. I suspect (can't be bothered to check) that the original Spotify terms allow Spotify to change the Ts&Cs at any point and the only rights the user has in this circumstance is either to accept or to stop using the service.
That means that Spotify should not be allowed to change its T&Cs without user consent. No banishment should be possible if users refuse, Spotify should continue to provide the service that users initially signed up for.
Not just Spotify but everyone else. Seems like all the players are doing this including the OS types.
This post has been deleted by its author
None of the information they want to collect is relevant to my music taste (and generated playlists).
Subscription cancelled straight away. Thanks El Reg for the heads-up. (I haven't seen a prompt for the new T&C yet, but I might have done what most of us do when confronted with lengthy legalese...)
On the desktop at least, you can work around most of this tracking if you use a despotify based client like Clementine, which certainly isn't passing this information along.
OTOH, they have to put in their T&C the things that they do. Their newest feature is running music, you start running and it plays appropriate beat music for your speed, which obviously requires tracking how fast you are going, which requires logging where you were and how long ago. If you aren't using the running feature, I don't think spotify will be doing that extra work, but because they might (if you ask them to do it!), it has to be in the T&C.
END USER AGREEMENT
What you may collect
This section is intentionally left blank.
Interaction Management
By using or interacting with the Service, I am aware that you will attempt, without notice either in advance or at the time of attempt, to harvest every bit of data you can about me, including, but without limitation to, my location, contacts, email addresses, Facebook account details and friends lists, LinkedIn account details and friends list, plus any documents that have passwords set on them, with the express intention of selling such data for the purposes of flooding my inbox with spam, watching where I go on the Web and shoving unwanted ads at me without caring at all that you're using up my monthly allowance.
Given such awareness, you agree to my employing such measures that I in my absolute discretion see fit to counteract this activity, including, but without being limited to, the provision of false credentials, blocking advertisements, re-routing your traffic through servers located in countries that will interest the CIA and NSA, and taking any and all steps that I may deem necessary to poison your data collection to the extend of rendering it worthless. Furthermore, I reserve the right to publicise both the extent of such poisoning and the methods employed to achieve it, so that your customers may be deterred from making further data purchases and other interested parties may have the ability to poison further data collection attempts. Such method release(s) will be in accordance with the GNU Public License.
In addition to the foregoing, I reserve absolutely the right to levy distress for any and all unsolicited traffic originating from yourselves that may pass through my device(s), and will either invoice you at the rate applicable at the time of traffic reception (currently £350 + VAT per kilobyte) or may retain such intellectual property of yourselves that I in my absolute discretion consider adequate compensation for the unlawful abstraction of computing resources from my device(s).
TL;DR
I don't use Spotify and won't ever do so now. But I decide what leaves my system and will do whatever's necessary to block unwanted traffic. If these arrogant data hoovers can't take the hint, I'll liberate their music and video content as compensation for their theft of my computing resources. Seems a fair exchange to me.
I'm sure horseshit statements that start "Throughout, the privacy and security of our customers' data is – and will remain – <our> highest priority." were plentiful in the marketing guff from Ashley Madison.
Sort of reminded of this: "Why Richard, it profits a man nothing to give his soul for the whole world... but for Wales?" from "A Man For All Seasons"
"Why Richard, it profits a man nothing to give his soul for the whole world... but for Wales?"
An outstanding line from an outstanding movie! In fact I'd have to list it as one of the all-time great movie quotes. (I have read the play too but don't recall if that line was in it.)
I don't suppose this is linked to El Reg's 9th May story: 'Spotify springs bloody leak as losses grow to $197m – report'?
They wouldn't be embarking on such a massive data grab merely to explore new ways to deliver users to the marketing industry, would they?
Not on Spotify nor on Facebook so watching from the sidelines with a smug grin.
"Local law may require that you seek the consent of your contacts to provide their personal information to Spotify, which may use that information for the purposes specified in this privacy policy"
Wow. So they're even admitting what they're doing may be illegal for their customer user without action from the customer?
I don't use spotify, but to know one of my friends has signed up for it, and because my friend has signed up, spotify now has my details through facebook I find rather offensive.
One thing for me to sign over stuff to facebook. But that is my choice, this is just bollox. Do I get a say in whether or not spotify can data mine me as well???
Of course I don't. Time to rethink my friends on facebook.
Twitter client does this aswell; lots of friends have come on Twitter and I recieved emails letting me know x is now on twitter...do you want to follow.
I guess most social media & contected companies with social media aspirations have realised that the direct tap into a person's phone gives the richest data for building a more accurate web of who is really connected with whom. I assumed this is why FB bought Whatsapp. Plenty of people on my FB who I don't actually talk with or see which generates noise.
while the 99% of the rest will keep grazing happily ever after, as is the case with EVERY data grab, be it facebook, google, microsoft, your local and national gov. They know it, we know it, they know that we know it, so what.
I think the enforced sharing of data that is not even your own, for a paid service (i.e. its not even to keep it free) is getting a bit out of hand...
Its to a third party, likely to be in a different country, with a defintion of use of data so broad there may as well be no definition at all. It certainly seems to be moving away from the basic provision of selling or streaming music.
You think too highly of them - that statement is just meaningless bot-response you hear from every company. They lost data of 6 bilions customers? = "care deeply about privacy and make every effort to secure it". They sell your data to all and sundry and just got exposed? = "we respect our users' privacy and strive to communicate our policy as best we can". etc. Every time they (i.e. google, apple, facebook and their minion pals) move the goalpost ("to serve their customers better"), there's a howl of indignation, 5-minute media storm, empty threats about closing down this or that account and then - business as usual.
Use the web version of Spotify so you're not using the desktop version which can get much more information from your computer, in a private window so it can't get to your Facebook profile, deny location information, and log in with a Spotify login instead of a Facebook log in.
Log into Facebook from a non-private window and change your Facebook password. If you use a Spotify account linked to a Facebook account then unlink it, if you log in directly with Facebook and want to carry on using the free service then open a new Spotify account.
In the longer term, look for another service.
And those of us who never linked their Spotify account to Facebook or used a Facebook account to log in can sit back feeling smug.
This is obviously ridiculous, and everyone should dump Spotify right away. It's "vote with your wallet" time. Hopefully enough people will dump it that their bottom line will be affected. I've always been leery of them.
I love to listen to music a lot, as well, but I use Rok Mobile which, although it has its own problems, doesn't seem to be as intrusive.
Spotify can try to collect all that data like GPS location, contacts etc. but unless you specifically allow it there's no way the app can do so. You're safe, regardless of what their T&Cs claim they you're agreeing they have the right to do. On Android if it requires those permissions to install, then you're stuck as you can't later reduce its permissions.
Though on second thought, the best idea is to stay the hell away from any app that claims such broad rights just so you can hear music. There are plenty of alternatives in that space, fortunately.
Then Android M can't come soon enough, as M is supposed to finally introduce ubiquitous user-controllable permissions.
PS. What's to stop an app balking when it detects you've blocked access to something, along the lines of, "We need this permission to function properly. Please enable the function to continue using this app"?
I don't give a shit what my "friends" listen to the fact that colleague Brian is listening to Patsy Kline, Mrs D is listening to Elvis, and neighbour is listening to AC-DC impacts me not - (I have a CD of Tallis, Byrd , Ockeghem etc) on at the moment so you can guess why - so keep out of my friends list !.
I don't run(or exercise much for that matter) , so I don't need "running" music - s leave my gps/accelerometer alone !
My friends and I already know what we look like .so I don't need a photo (if they went trawling they would find lots of photos taken on my last prototype finding information expedition to the Hunter Valley, photos of signal boxes, coal wagons, old colliery buildings, track, cuttings, sleepers, ballast etc etc with nary a human in sight). so keep out of my photos
Account cancelled.
I HAD an app to monitor permissions of all other apps. That is until "mypermissions" decided to add several NEW permissions to their own app,(which they conveniently Don't scan) . They wanted access to sms/mms, Nfc, and ALL three location permissions. All so they could add a new parental monitoring service,AND make app recomendations. All of which I now consider spyware and adware. They completely changed the nature of the app,and now wanted to utilize the user base to spy and spam you in real time! How nice,right?