Print this article  |  E-mail this article  |  Comment on this article

New iTunes Prompts Privacy Concerns

By Ed Oswald, BetaNews

January 11, 2006, 2:40 PM

Web sites and Internet forums are abuzz with news that a new feature recently added in version 6.0.2 may be communicating information on the song you are listening to Apple, raising privacy concerns from some users.

A "Mini Store" pane has been added to the main iTunes window that provides more information on the song being played, as well as additional available tracks from the artist, and a list of other songs that users who own the track have bought.

Cory Doctorow of the Boing Boing Web log posted about the issue early Wednesday. "At the very least, Apple must deliver information about whether iTunes gathers and transmits your data when the Mini-Store is switched off, and about what it does with the data the Mini-Store transmits when it's loaded," he wrote.

At the current time, Apple provides no information as to how the information is gathered or used, which is sure to anger privacy advocates. An option is available to turn the new feature off, which stops iTunes from transmitting information, according to reports.

According to tests, iTunes calls 2o7.net when the Mini Store is open. The domain is registered to Omniture, a company that uses cookies to "generally improve the user experience on the Web."

Marc Garrett of the since1968 Web log, who initially broke the story, says Apple has some explaining to do. "Apple says nothing about this practice in any of the relevant licenses. Apple should be clear about its information gathering practices," he said.

"The core issues are trust and transparency: I want to do business with companies that respect my privacy; I want them to tell me clearly when they’re collecting my data; and I'd prefer to opt-in to data collection programs rather than opt-out," Garrett argued. "Is that so much to ask?"

Add a Comment (16 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By spiked

posted Jan 12, 2006 - 11:46 AM

Although I don't like this, it's consistent with Apple's entire attitude. iTunes never bothers to tell you that it is installing an iPod Service which runs automatically whether you ever use an iPod or not. Setting it to Manual start doesn't prevent iTunes from forcing it to start, and it doesn't matter if you don't launch iTunes because it quietly sticks iTunesHelper.exe in the Run key of your registry. Set it to Disabled? Sure, but the next iTunes upgrade will re-enable it without asking.

It also installs an ATAPI upper filter (Gear ASPI) to support its CD burning, even if you never want to burn a CD with iTunes. There's no option to tell it not to. In fact, if you manually remove this driver, iTunes will complain at every launch with a dumbed-down message about the installation being damaged (because Apple's target users can't understand right-click, much less ASPI) and there's no option to suppress the error. If you're a savvy Windows users who understands that filter drivers can conflict with certain things or that unnecessary services can waste CPU/RAM, that's too bad because Apple knows best about how you should be using your computer.

I don't mind having default settings for lusers, but Apple apparently doesn't feel that anybody should be given advanced options to control their own destiny. Ironically, 1984 turned out to be just like 1984...thanks to the Macintosh.

Score: 0

By Floodland

posted Jan 12, 2006 - 8:39 PM

iTunes want to be fool proof, Mac users ussually don't even know about the beast they work with. Daemons are absolutely unknown for 98% of Mac OS X users, as services are for NT users.
If you are a power user and want a powerfull audio player use foobar2000. It consumes very little resources, and have the best audio quality you can expect from a player. Highly configurable, and it has more plugins you can dream of, including superb DSPs and even a plugin to sync with an iPod, if you need to.
I think iTunes start services because of their fool proof design (if ipodservice is stopped and you plug an ipod, iTunes never find it, that's because it start the service when you load it and also change the service type to automatic when upgrading).
Most people don't know what a computer is and Apple is aware of that. Now, tracing users is a different matter. They are wrong there and I hope they understand that ASAP because if they don't, my next player will be from another company that understand what privacy is. This last version of iTunes is not the first that open connections silently, on background. Spyware behaviour, but now it get even worse.

Score: 0

By ben1680

edited Jan 12, 2006 - 10:40 AM

People here who say they only collect statistical info about the song or the band they listen to, simply too naive.
I definitely agree to deadmonkey. These data collection can be misused by the company, unless they say what data they collect, for what purpose, etc.
The way Apple responded to this by saying nothing, can means that they hides something. If Apple collect benign info, why they don't just say it?

Score: 0

By brucethebear

edited Jan 12, 2006 - 8:19 AM

God forbid these privacy advocates listen to music TOO loud so their neighbours can hear... what a bunch of BS. Who cares? It's just music!

Are you afraid that people will find out you listen to New Kids on the Block or something?

Get over yourself.

Score: 0

By Banquo

posted Jan 11, 2006 - 7:24 PM

"Oh my God, they might find out what bands I listen to! My life is over!!" Jeez who cares, people like to make such big things out of absolutely nothing.

Score: 0

By deadmonkey

posted Jan 12, 2006 - 5:16 AM

I agree that the data they may be collecting is trivial to you however it is getting people used to the idea of their personal data being collected that companies want. Start with something people don't really care about (yet is still personal data) and they will give it up in return for something, next time ask for something more important and offer something the user wants again and most will blindly give it away not even thinking about it.

I also feel that if this data is helping Apple make money (directed advertising to is more likely to result in a sale, therefore making money) then they should pay me for the data. Its pretty simple business, they want the data then they can pay for it.

Score: 0

By Hao

edited Jan 11, 2006 - 5:16 PM

Websites do the same thing, heck, the very website you are at right now has an access_log of some kind on it matching what you looked at to your IP Address.

You simply can't get data online without giving some first, end of story!

Score: 0

By rijp

posted Jan 11, 2006 - 3:58 PM

OK, here is where I have a problem.

Tivo, Cable boxes, Telephones, and iTunes, collect data about you. So what? It doesnt' show that John User living at 1122 Hook drive, somecity ND 11111 USA downloaded or watched channels, it only says that some cable box, tivo unit, telephone, or itunes watched, made a phone call, or downloaded this song. That's all thats in those data collections.

So what if they have anonymous info about your viewing downloading habits? Who cares? That's called marketing. they build a profile based upon what people do, its a cross section, and if the electronic units don't do it, people don't give reliable, accurate info. I don't see a problem, especially since they have been doing it for years, and its only when people find out that it happening do they get upset.

Cameras, in public places, to catch criminals, I don't give a flip if you have a problem being photographed or pictured, we are not looking for you. We are trying to catch criminals and terrorists, and video recognition software is a great idea, get over your self conscious behavior and get over yourself. Its just data, get used to it.

They are going to target you, you become a simple statistic, big deal. It happens, its called progress.

We can't rely on those 12 families in Omaha to send in their nielsen ratings, because that's how my shows get cancelled, because people lie about what they watch, and they "think" its cool to report on trendy stuff. The only way this information is going to be kept accurate is to actually monitor, everyone.

if iTunes can actually watch that you downloaded eminem a million times, that's real world data. if however some billboard top 10 list says "my hump" is the favorite song in america, I am going to have a problem, because I know its not the case.

Statistics don't lie, people do. You don't have a right to privacy, which its not even private data they are after. Watching a public station, on a public broadcast, over public cable, coming into your home, doesn't make it private, you are still utilizing public information, so they can watch what you do with it.

Score: 0

By deadmonkey

posted Jan 12, 2006 - 5:31 AM

If you were actually anonymous I could almost see your point however the fact remains that you are not anonymous. It is very easy for Apple to work out who is who be it by IP logging and cross referencing with ISPs using new laws introduced after 9/11 that are designed to catch terrorists but really just make it easier for corporations to harvest data from multiple sources.

Also, and while this is off topic I still wanted to reply, I guess you have not read much information on facial recognition systems have you? One of the primary reasons they fail (yes they fail) is that they don't work how you would expect them too. I assume you expect them to always detect the face of a terrorist loaded into the database? In theory you are right however in the real world it doesn't work like that. Wear a wig or grow a beard and most systems cant find the terrorist. Always stand at certain angles to the cameras and they fail. Wear different shaped glasses and they fail. They fail so much that the chances of catching a terrorist a very small. Some argue that the small percentage is worth it (and they might be right) however another issue is the huge number of false positives. Take a system that is 99.99% correct (which is about as good as they get at the moment). That means for every 10,000 people it sees it will ID one person as a terrorist, incorrectly. Now look at the number of people in an airport (1 million a day+) and you have 10 people who are incorrectly picked up as a terrorist and the terrorist just grows a beard and wears some glasses to avoid being detected.

What a great system face racognition systems are. Sign me up today!

While I agree that we need to put in place security systems to help avoid terrorist attacks I do not think we should change our way of life and give up freedoms that make our countries great.

I love in London and even though we have more CCTV cameras than any other country in the world we were still attacked, in several different locations. How did this happen? The terrorists looked at the system and figured out its faults. Terrorists can adapt to the environment much easier than we can adapt London to the ever changing threat of terrorism. IMHO CCTV cameras just cause more work for the authorities with information overload and I have never seen an incident when CCTV was used to stop terrorism.

Score: 0

By qbert444

edited Jan 12, 2006 - 9:12 AM

Got something for all of you:
Any society that would give up a little liberty to gain a little security will deserve neither and lose both.
Ben Franklin

Score: 0

By deadmonkey

posted Jan 14, 2006 - 6:11 PM

I couldn't agree more :)

Ben knew what he was talking about.

Score: 0

By Floodland

posted Jan 11, 2006 - 6:14 PM

Wow, warning there. Your thinking is dangerous. Privacy is a right, and unless you think as president Bush (remember? "bill of rights are just a damn piece of paper"?) users should not be traced. That's could be labeled as marketing activity, but I prefer calling it spyware activities.
You call progress to reduce privacy and seize freedom? No way! Tech resources should be used to help people, not find what are you doing (listening in this case), in BACKGROUND.
Cameras in public can be used to catch criminals, or whoever you are trying to catch. It depends on who drive them.
Read George Orwell novel: 1984, We are TOO CLOSE of that world, only 20 years later. Beware of civil rights!

Score: 0

By Banquo

posted Jan 11, 2006 - 7:25 PM

Privacy might be a right, but iTunes is not. If you want to use the service you do so on their terms. This isn't even important, it's not like anyone cares who you listen to.

Score: 0

By tenebrusmke79

posted Jan 11, 2006 - 3:55 PM

Why can't people learn to turn the option OFF? It's a shame that people don't use their brains.

Score: 0

By RobertM

posted Jan 11, 2006 - 3:38 PM

"I'd prefer to opt-in to data collection programs..."

Who says they're collecting any data? It's far more likely that they're just sending information about the current song to the server to display other music that you might like. I'm sorry, but stop being so paranoid. Or just hide the darn mini-store.

Score: 0

By rickya100

posted Jan 11, 2006 - 3:15 PM

Ok this has been poping up all over the place.

Bottom line : People have tested their traffic and itunes only sends data to the servers when the ministore is enabled, ie being displayed.

and god forbid some people might actually like this feature.

It's good people pick up on this stuff cause it could be a sly move.

Score: 0

Dec 5 - 1:45 AM ET Shazam: eight million songs of the eternal Now

Dec 4 - 7:30 PM ET Comcast to offer bandwidth consumption monitor

Dec 4 - 5:37 PM ET Counterfeiters sing the 'Blue' as Microsoft lawyers up

Dec 4 - 4:40 PM ET Opera 10 alpha shows off new Presto rendering engine

Dec 4 - 2:29 PM ET Apple: Psystar clone-maker is working with unnamed collaborators

Dec 4 - 2:21 PM ET Windows Live rollout sketchy, team apologizes

Dec 4 - 2:20 PM ET Stinging from a revenue shortfall, Adobe to shed workers

Dec 4 - 11:47 AM ET The storm hits AT&T, with a five-digit headcount reduction

Dec 4 - 11:42 AM ET TV sports adopts Web coverage, plays with iPhones

Dec 4 - 11:24 AM ET Microsoft seeks 'community' help to make IE8 Standards Mode work out