More on the iTunes approach to privacy

Reading more about Apple's decision to insert user's names and email addresses in the songs they download from iTunes, I came across some related information in an excellent Macworld article by Rob Griffiths:

Yesterday, Apple’s iTunes 6.0.2 update was released, and offered these features, according to the Read Me:

iTunes 6.0.2 includes stability and performance improvements over iTunes 6.0.1.

What it also offered, but didn’t bother to disclose, was the addition of a bit of potential spyware to the iTunes interface. As reported originally on, and then followed-up on boingboing and other sites, the new iTunes MiniStore, which appears directly below the song list area in the main iTunes window, watches what you click on in iTunes and sends that information across the Web to a remote server. When you double-click a song to play in your Library or playlists, the display in the mini-store changes to reflect ‘matches’ based on what’s been selected, as seen below.

In order to do this, the music store must obviously know what you’re listening to. It learns this information via a packet of information sent each time you play a song via a double-click. This data is sent without your explicit permission, and as far as I can tell, there are no Apple privacy policies that cover that transfer of information. It’s also unclear exactly what data is being sent. (Is it just song and title? Or does it include your Apple music store ID, which would tie the song info directly to your personal data?) And although Apple now assures us that the data is not collected, that information is not made clear to users when they begin using iTunes.

The MiniStore can be easily disabled—just hit Shift-Command-M, or choose Edit: Hide MiniStore, and it’s gone. Once hidden, no more data is transmitted, as confirmed by Kirk McElhearn using the Unix program tcpdump, which watches traffic sent over your network connection. Disable the MiniStore, and your private listening habits will stay just that—private.

However, this isn’t about the MiniStore itself. It’s about Apple’s attitude in rolling this change out to the millions of iTunes users, without as much as a peep about what’s going on behind the scenes. Consider, for example, if Microsoft had done such a thing with a minor Office update—say they started collecting data on the names of the files you were editing, in the hopes of selling you preformatted templates to help with future similar projects. If they did this in a minor update, and without telling anyone that the data were being transmitted, there would be universal outrage over this potential attack on our privacy. And now Apple’s gone and done basically the exact same thing.

Personally, I am quite upset with Apple’s decision-making in this case, and I hope others are as well.

No company, even one I admire as much as Apple (I did spend nearly five years of my life working there), should start transmitting personal data over the Internet without my explicit permission and a clear explanation of how it’s being used. In addition, if a company is collecting this information, I have a right to know exactly what’s being collected, and what the company plans on doing with my personal information.

The good news is, Apple tells us that the information is not actually being collected. The data sent is used to update the MiniStore and then discarded. If you think about it, this makes sense—imagine the size of the data files they would accumulate with millions of users and what must be hundreds of millions of songs played each day. But Apple should tell us as much, so that we can all relax a bit about sharing our listening habits with Apple.

Apple should amend iTunes to clearly disclose what data the program is transmitting and how it’s being used. There should be a dialog box that pops up the first time iTunes runs, explaining exactly how the MiniStore works. If Apple had just included that yesterday — or even some information in the Read Me, then I wouldn’t have even raised this as an issue. A little transparency and openness can go a long way to easing privacy fears.

As interesting as the article are the 166 comments on it. About half seem to think it's fine for Apple to collect the information without consent. Oops. I shouldn't have said “collect” – or at least that's Apple's spin on this. It seems that even though the information is sent in (through a third party), Apple doesn't actually “collect” it, since it discards the information after “processing it”. So “collect” seems to mean “retain in raw form.” The iTune supporters make it clear they “don't think” Apple would use the information to create a profile of their tastes. Customer loyalty is a beautiful thing. This is the stuff that great ads are made of.

Published by

Kim Cameron

Work on identity.