OneAndOneIs2

Mon, Jun 04, 2007

Naturally, I'm outraged.

I don't own an iPod, nor have an account at iTunes. Nevertheless, I am outraged, outraged to know that if I *did*, the tracks I would download would have my name and email address embedded in them, amongst other identifying information.

Make sense to you?

Me neither. But it's about as logical an argument as the furore that's been kicked up by the announcement that Apple's DRM-free iTunes tracks contain identification tags.

The fact that every DRM'd track you might have bought from iTunes will also have had this information in it has apparently gone unnoticed.

So too does the fact that DRM-free music does not equate to "Music you're allowed to share with other people" - the removal of DRM is there to allow you to move music you've paid for to other devices, not to make it easier for you to shove it onto P2P.

If you don't plan on illegally sharing your music tracks, why should you care that your details are embedded in it? Nobody but you will see them. And if you *are* planning on sharing, again, why should you care?

The information in the tracks can be easily stripped out or otherwise tampered with. Techniques for stripping the DRM out of iTunes music have been around for years. If you really want to share your music, nothing stops you from stripping out the relevant information. And you're not going to find yourself in court because somebody else maliciously put your details into a music file they then shared with other people, for the same reason that a burglar can't frame you for a crime by leaving a note saying "It was me, I did it" signed with your name.

Talk about your storms in a teacup... the only explanations I can come up with for this one are:

- Nobody's outraged, but the media thinks we will/should be and is hyping like crazy

- All the juvenile muppets that have been drooling about showing their l33tness by pirating their DRM-free iTunes music are crying to mummy because the nasty Apple store hasn't made it quite so easy as they wanted.

They've tried to make it seem ominous by pointing out that Apple hasn't said how it will be using the information embedded in the tracks. Maybe I'm just a cynic, but I suspect they'll either do nothing at all with it, or just use it on occasion to find out what percentage of music present on iPods doesn't have the owner's details in it so that they can give rough reassuring estimates to a very anxious, DRM-loving music industry.

9 comments • Categories: Omni, In The News, Technology

Comments:

Comment from: hari [Member]

· http://hari.literaryforums.org

Here's a very simple question.

Why should the name and e-mail be embedded in the music file at all?

I don't see any explanation for that.

You say it's easy to strip the info off the file. why should it be there in the first place?

Permalink 04/06/07 @ 09:47

Comment from: hari [Member]

· http://hari.literaryforums.org

From the article

The BBC has contacted Apple seeking comment but so far the company has made no official response.

At this point it is not yet clear how deeply the user data is buried in the track or how easy it is to remove.

I would be worried about this. Apple are not transparent about their technologies and they want a good, clean image at the same time. It's not going to happen. Unless they come out in the open, there will always be rumours about it.

So I suggest that your defence is meaningless unless the information provided is complete. Apple don't want to... for some reason or the other, and that isn't reassuring at all.

Anyway, on another topic I never use iTunes. I have all my music downloaded from P2P sites/illegally (sometimes there's no other way to genuinely buy music where I live) and from Audio Cds purchased earlier.

When a certain product is not available in a certain place, how else can I get it except by copying "illegally"? Recently I wanted to buy a few VCDs/DVDs of movies recently released, but guess what? They're not available genuinely in stores yet. How else do I get them except by downloading from file-sharing sites.

I sympathize with people who copy music illegally, because sometimes there's just no way of getting certain artists/bands/genres legally in a country maybe because they're not popular enough to be sold in stores.

Permalink 04/06/07 @ 09:57

Comment from: oneandoneis2 [Member] · http://geekblog.oneandoneis2.org/

> Why should the name and e-mail be embedded in the music file at all?

Another way of looking at it: Why SHOULDN'T it? Rightly or wrongly, the fact is that it is illegal for you to give anybody else a copy of this file in most countries. I personally wouldn't have a problem with them embedding name, address, and credit card details in the track if they wanted to.

It's perfectly common practice for retailers to track the products they sell you. The people I bought my laptop from know the serial number of the specific machine I bought from them - how is this in *any* way different from Apple tagging each track they sell?

Here's a screenshot, I daresay you'll recognise the source.
[Image]

Here I am, using Firefox, an open-source web browser, and it's broadcasting what software and operating system I'm using. Why should it give away this information? I didn't ask it to, and can't easily stop it from doing do. It's nobody's business but my own what OS and browser I'm using.

But it's helpful for webmasters and for various other Internet-related people to know who is using what, so it gives away my information anyway.

What's the difference between an iTunes track telling the world who bought it, and Firefox telling the world what OS I'm using?

> I have all my music downloaded from P2P sites/illegally (sometimes there's no other way to genuinely buy music where I live)

I've only downloaded two large movie files from P2P - the first episode of the series "Greatest American Hero" and the complete series of "Neverwhere"

Both of them were not available in shops, and I could only get them by illegally downloading them.

Both have subsequently become available on DVD, and I own both. The downloaded movies have been wiped - I no longer need them.

Technically, I broke the law. My conscience didn't trouble me in the slightest - nobody could claim I was depriving their creators of the royalties they deserved by downloading, because it was impossible for me to buy.

Downloading something you can't buy is, as far as I'm concerned, fair game. Downloading because you're too cheap to buy is unethical as well as illegal, and I have no sympathy for people who do it.

As I said in a post I made quite some time ago, I'm all in favour of "watermarks" as an anti-piracy measure, and nothing annoys me more than pro-FOSS people who scream when people violate the GPL and yet are perfectly happy to violate copyright themselves any time they can't be bothered to pay for the music or movies they enjoy.

Permalink 04/06/07 @ 10:49

Comment from: hari [Member]

· http://hari.literaryforums.org

Is the nature of the information the same? Is my publishing the browser and OS you use endangering your privacy in any way? Do I use your personal information in any way to threaten you in any manner.

No.

To me, that is the test of the difference between the two.

The test is the extent to which the information could be used to track you personally. Can anybody track you using your browser + your OS? What is unique about that information and in what way could anybody actually track you down using it?

Can you equate "what browser I use" = "credit card details" for your example?

I am really upset that you didn't understand my post in the spirit of which it was intended. You know me fairly well and yet you choose an example which you know is intended to hurt me and make me look like a fool.

I'm sorry to post that comment on your blog at all.

Permalink 04/06/07 @ 11:08

Comment from: oneandoneis2 [Member] · http://geekblog.oneandoneis2.org/

If I offended you, I apologise unreservedly - no offence was intended.

But I made a number of separate points in that comment, and you appear to have linked them all together in a way that wasn't intended.

I made the point that, since nobody else is supposed to have a copy of copyrighted music that is downloaded from iTunes, I wouldn't have a problem if credit card information was put on it - because the only way that can cause any harm is by acting illegally in the first place.

That's got nothing to do with the other points such as browser information. iTunes DOESN'T put such sensitive information as credit card details, and I was by then equating what iTunes DOES do with what Firefox DOES do. That's a totally separate point.

Is the nature of the information the same?

Yes, I think it is - it's information about me that I haven't chosen to reveal to the world.

Is my publishing the browser and OS you use endangering your privacy in any way?

I wasn't trying to argue that - I was arguing that FIREFOX is broadcasting information, not that YOU are. I was just using as 'proof' an example that was familiar to us both.

But it could easily be argued that Firefox violates my privacy far more than iTunes does, which was the point I was trying to make: iTunes puts information about me into a file that nobody else should be given access to whilst Firefox gives information about me to every web server I happen to connect to with it.

Do I use your personal information in any way to threaten you in any manner.

No. But there's no evidence that Apple does either. How many lawsuits has Apple brought against people for pirating iTunes music?

Last I heard, the answer was still "zero"

Permalink 04/06/07 @ 11:34

Comment from: hari [Member]

· http://hari.literaryforums.org

The only thing I wish to state is that Apple have a far greater opportunity to harm people (legally or not) using their personal information on iTunes than I have to harm anybody with the knowledge of their browser and Operating System... Their being a large corporation with adequate resources (funds, lawyers etc.) make them potentially more dangerous in this regard.

So the example you gave is still invalid in my belief. It's not just about whether you chose to reveal it or not. It's also the nature of the information that I'm concerned about.

Permalink 04/06/07 @ 11:43

Comment from: Vincent Povirk [Visitor]

Ok, credit card details? I have to call you on that. Would you seriously want anyone who has access to your iPod to also have that? What if it's stolen? What if it's lost? What if someone sneaks by when you're not looking and grabs songs from it without your knowledge?

I don't understand why Apple would embed a user's name and email address in the file, when they presumably have that, rather than something that can personally identify the user only to them. I also don't see why this information is potentially harmful at all, especially given the kind of use that Apple expects.

Permalink 04/06/07 @ 23:59

Comment from: sokuban [Member]

I always thought you were the one who supported watermarks. I didn't realize you were being sarcastic.

It seems everyone is confessing. I used to pirate Japanese anime and manga. However that was when I didn't know Japanese and I lived in Antarctica.

Now I have come to Japan and learned Japanese and have started buying the real ones.

I'll admit I didn't feel bad about what I did, because it is impossible to find English versions of those titles, let alone find them in stores outside of Japan.

I still think watermarks are bad, but they are much better than DRM. DRM hurts the good people and hurts the bad people. Watermarks only hurt the bad people.

Permalink 05/06/07 @ 13:38

Comment from: oneandoneis2 [Member] · http://geekblog.oneandoneis2.org/

> Ok, credit card details? I have to call you on that. Would you seriously want anyone who has access to your iPod to also have that? What if it's stolen? What if it's lost?

Yep. Because I know my own habits and I know that a mass storage device like an iPod is something I would automatically install Firefox on. And if somebody gets hold of my Firefox, he's got my passwords and bank details and credit card details and all manner of other information right at his fingertips.

If somebody steals any storage device from me, they've got a shedload more information about me than mere numbers on plastic. That's why I'm very careful with with storage devices.

It's also another reason why I don't own an iPod, because I know just how targeted by thieves they are...

> I don't understand why Apple would embed a user's name and email address in the file, when they presumably have that, rather than something that can personally identify the user only to them.

One could make a convincing case that Apple putting in such recogniseable identifiers is a way to make sure that people realize that their data IS in the tracks and they aren't bluffing when they say "We know who we sold this file to"...

> I always thought you were the one who supported watermarks.

That's right, I do.
[Smiley]