Comments on: Apple criticized for embedding names, e-mails in songs

Songs available on iTunes Plus reveal users' personal information. Privacy group suspects Apple goofed.

[rthutchison]

This is like sewing my name in a shirt...

that I buy. I should be able to re-sell something that I own shouldn't I?

[skeptik]

not it's not

You should IMHO be able to resell the downloads you've bought just like you can resell a CD.

However... current licensing restrictions do not permit this, so you really wouldn't need the ability to do this.

Focus your energies on reforming the market, not fighting faux privacy issues.

[Vegaman_Dan]

Not quite

>This is like sewing my name in a shirt...that I buy. I should be able to re-sell something that I own shouldn't I?

No, it's more like having the store that sold it to you putting your name and personal information inside the shirt sleeve and then never telling you about it so you have no idea you have any sort of exposure of personal information.

Apple can easily have a class action lawsuit on their hands if they aren't careful with each and every song purchase of this format coming back to fine them. They will be quick to quietly address this situation before it gets out of hand.

I hope.

[totorototoro]

CNET, are you going to clarify this article?

Are you and the EFF still claiming the original iTunes songs encrypted personal information to protect the user, and the new ones removed this encryption?

Did you take two songs you bought, one .99 and one 1.29, and open them in someone else's copy of iTunes? Did you check "Get Info"? Did you see that both copies of the song have the person's name and email address clearly visible? So if your iPod was stolen or lost, people can get your personal information REGARDLESS if it was an iTunes or iTunes Plus song. The EFF guy is completely wrong on this issue, and this new "fear of loss of privacy", or at least this example is completely fallacious. Has he issued a retraction?

[totorototoro]

thanks!

:) Wonder if the EFF has issued a retraction too.

[MacHeads]

Well some of the comments are enlightening...

Really it shows somehow the true colors of some Cnet forum
users ... for me watermarking is necessary ... putting the
information in the clear too for the following reasons :

A) Sharing Lending your DRM-Free files breaches the articles of
fair use in a major way ... Sharing it on P2P also does break that
agreement.

B)if someone wants info on your machine ... there are MANY
easier ways than to hack into an Ipod ... Messenger Outlook and
IE do the job MUCH MUCH easier than Itunes does.

C) The privacy concerns in this matter are trivial when you know
some chat servers i would not name use BASE64 to encrypt your
conversations over the web when we all know this is easy to
break.

On a side note i would like to remind Apple users here we are
facing a distinguished audience of people that whine about
Apple constantly when they shall take their complaints to
another company that stiffle their rights of ownership and
endrangers their privacy in so many ways we cant even count.
Also to add salt to the comment i remind that a large number of
PC software is either hacked warezed etc etc .... That some of
the people posting here are not looking forward to respect the
rules of any normal software market but the ones they want for
themselves and themselves only.

I hope on a lighter note that i am wrong but some of the
comments including the one before me about the shirt shows
may be otherwise .

[Vegaman_Dan]

Baaaaaaah.

I suppose people have to judge you by your comments. In this posting alone you have made it clear that personal security and keeping your personal information private is not important.

It's that level of intentional ignorance that really makes me worried about others that share the same opinion. How many are willing sheep heading to the wolf?

[`WarpKat]

Damned if you do...

Unfortunately, because of the alleged notoriousness of P2P networks (read: RIAA Rants), Apple appears to have been walking a fine line.

Personally, if I ever download music from iTunes, or anywhere else for that matter, I'm not going to share what I've purchased with anyone - it's mine. I bought it. The last thing I want is to put it up on a P2P network where some RIAA monkey can tag my IP address and send me boatloads of junk mail. And that's not even with concern of my personal information embedded in the track that I've downloaded to begin with. I'm simply a stingy bloke and if you want a track, you'll spend $1.30 (or whatever the price is now) for it. Don't enjoy what I've bought on my dime.

One thing Apple should have done was publicly state, "we embed your personal information in the track for this and that purpose..." If it's stated somewhere that is publicly accessible, please point me to it. I really don't know that's the case, but the last two or three articles within the past couple of weeks are the first I've heard about this.

I think that would have been acceptable, it would have been common knowledge, and thus, a reasonable deterrent.

Regarding fair use of DRM content, I do believe that if you're purchasing an album online, you should be allowed to burn that album to CD a certain number of times and play it in your car, home stereo, however, re-ripping it for the purposes of playing it in a player not authorized (a non-DRM capable DAP) is against the licensing and should be discouraged unless you've paid the DRM-tax to remove the DRM.

Apple, despite my dislike for the overpriced iPod, is making an effort at balance - make the music houses happy by deterring cost-consuming sharing and providing the music DRM-free at a premium for play on just about any player that supports unprotected AAC.

This is a business model, and it's a fairly sound one, IMHO. I give Apple a B+ for effort.

As for privacy advocates and the EFF, waste your energy on more pressing issues - it's doubtful Apple is going to change this anytime soon. If you don't like how they conduct their business, you could always go to eMusic and download some Don Ho.

[gthomasdirect]

Just noise to put fear into buying iTunes Plus tracks

The more I see these articles/stories show up, the more I
suspect RIAA/big content planting these. The reason, they lose
their argument if people buy DRM free tracks. They need
something to frighten the consumer.
The plot is already extending, basically suggesting that you
leave a song accidentally on someone's computer (or have your
ipod stolen) someone may post those files, but with your
account name and email attached to them, you'll be liable.
Of course that probably means, it shouldn't be too hard to
modify that info, or have someone spoof it.

Besides, that info has always been in iTunes tracks since day
one. If I remember correctly, didn't Hymn give you the ability to
remove that info?

It really doesn't make a difference. Having your email and
account name on the file is a good way to keep customers more
cautious with their music files.

[blrhead]

TAKE THAT RIAA!!!!!

Ok, so humm... if I buy DRM-free tracks on iTunes my account
information is there in case I want to share my music I can easily
be tracked. Hum... if I buy DRM'ed music, I'd still have my
information, the only thing is that I would have to burn a cd, rip
it, then share to get rid of my info. Either way they still have my
information, but what if I get like 15$, go to Best Buy, Target,
etc.. and buy a cd, rip it at home, and share the heck out of
those files...ooo...yeah I like that one, because they don't get my
information at all.....

ps. I do buy music though..heh...

[pfrabott]

some DRM may remain

If you have DRM music that you burn to a CD then rip from another computer, some of the DRM information stays with the music. It won't stop you from playing but, the about 1/3 of the DRM information is burnt to the pre-header of the disc (before Session lead-in occurs). technically someone "could" use that to track your usage but by itself, it's not enough to do a trace. Just wanted to clear that up for people that care. Find a freeware DRM viewer and use that against a music disc that you used to burn DRM content. It should show up.

[Dick Dangerman]

names/e-mails

Just out of curiosity, I checked some earlier iTune music tracks
which I had downloaded, comparing them with the DRM-free
tracks I downloaded yesterday.

In each case the same personal information was included,
regardless of whether the tracks had DRM protection or not.

This being the case, what is all the fuss about?

Perhaps Apple has become big enough to attract the attention of
the terminally paranoid.

[kojacked]

How's that medicine tasting?

It's great to see so many common sense postings about the stupidity in complaining about this. The only people who loose here are those that share their files with others. Big deal.

I only wish the same common sense would be applied by these same fanboys when Microsoft does something to improve one of their complaints about Windows or any of their products and they complain about the fix as if Microsoft did nothing. It's a sad, sad world we live in...

[dondarko]

I'm with you...

except I would like to pay for my music in a manner like allofmp3.com or similar. .99 cents is a rip off considering that there are no distribution costs (except bandwith and storage space, staff). No need to ship, print, package, store, sell, etc. so ***?

[Vegaman_Dan]

Pretty foul taste

"The only people who loose here are those that share their files with others."

Or those that have their iPods stolen or lost which is by the tens of thousands a year. Are we to assume that none of those poeple matter?

Have you never lost anything in your life? Never had anything stolen? If you can say that about your own personal posessions, then I can better understand your viewpoint, but I prefer to work with the reality of the situation.

[macgeek250]

What's the deal?

Why is this such a big deal now? The info has been in the file since day one of the iTunes Music Store. Where have you people been?

[Thrudheim]

If I lose my cell phone

somebody can get my phone number and those of everyone in my
address book. If I lose my wallet, somebody gets my IDs and credit
cards.

We deal with this kind of risk all the time. This is not worth a fuss.

Just because the DRM is gone does not mean that people are
allowed to give away song files to others. With freedom comes
responsibility.

[budinsf]

People forget or don't care now

In the old days, people bought their music on records, cassette tapes or CD's. When somebody no longer wanted the music, he gave the record, tape or CD away to a friend or sold it at a garage sale or to a used record store. Now, if you no longer want the music, you can't sell it or even give it away. People here make statements that it is illegal to give or sell music you no longer want.

The music industry and Apple wants to make sure that the music stays with only the original purchaser and anybody else who wants the music must buy it either from Apple or other authorized sellers. The industry and Apple just want to increase their profits. This is greed. They finally found a way to keep people from buying or sharing used music! Doesn't anybody care? If you do sell or give unwanted music to somebody, it can be traced back to you and you will be in legal trouble for doing something that used to be legal.

[unknown unknown]

RE

There are places trying to kill off used CD sales. Utah for example wants to treat used CD shops like pawn shops and force them to be licensed as such. They also want to require that they collect personal information like name, address, phone number, and finger prints for everyone that buys a used CD.

If you really want give away tracks you bought on iTunes just find a hex editor and replace your name and email you with junk. Under first sale doctrine you're suppose relinquish all rights to the content. That is you'd have to destroy all your copies after you gave them away. It's bit fuzzy whether you can legally give away files in the first place. Certainly Apple's EULA forbids it, but EULAs aren't alway completely enforceable.

[LastRebelOnTheRoad]

We need DRM

As a writer I believe all music and video should have DRM. And that all public & government offices, businesses, restaurants, bars/lounges should require a license to play or perform any copyrighted music, photography, or video. And I would like to see some type of copy protection embedded in digital photograpy as well.

[kojacked]

DRM Oversimplified

I agree the artist need to be paid for their work but the problem with DRM is that folks like the RIAA exploit it and use it to charge you for every type of media or device you use the music on.

If I could pay for a song or picture ONCE and use it anywhere I wanted for personal use that would make sense but the RIAA doesn't see it that way. The RIAA says DRM is there to protect the artist's work but then they turn around and use it to create multiple revenue streams. For example:

1. I can't play a CD I bought on my PC because of copy protection OR I can't rip the CD to play on my iPod due to copy protection on the CD so...
2. I need to purchase a digital version for use on my iPod and...
3. In some cases I am limited on how many other digital devices I can use that digital media on.

As DRM "matures" it's easy to see how the RIAA would have the ability to start charging a "per use" fee because after all the "customer" is licensing the music and doesn't own the rights to it.

In addition what really scares the RIAA is that because of the internet and the ease in which artists can get their music marketed WITHOUT help from the recording industry they loose control of the revenue because they have little or no purpose in it's marketing and have no control over the distribution pipeline.

The bottom line is that with DRM they way it is now "fair use" is thrown out the window. Your customers are demanding to renegotiate the unbalanced deal they get from DRM today.

It would be great if the RIAA was truly only interested in protecting the artist's work but unfortunately it's all about the money.

[jdbwar07]

Where have you been?

"Lastrebelontheroad,"

Consumers also have rights to. Police will always have the authority to investigate and fight actual piracy. It's not so much the DRM I object to, but corrupt lawmakers passing laws to enforce it. Without that, at least the "free" market would provide options for people who don't want it.

I don't know what you're living in, but you pretty much already have that. Do you honestly think businesses or "government offices" can do that without a license? Even movie rental stores need to get special contracts and arrangements. Besides (normal) audio CDs, nearly all commercial music sold has DRM. All DVDs (not even to mention HD-DVD/Blu-ray) do. Most consumer electronics support DRM, and it's getting worse with Vista and HDCP. You already are required to get permission for public display of copyrighted material. I obviously doubt there is a big problem of government offices, restaurants, etc. giving public performances like this, I've never heard of it happening, but if it does they'll be charged with a crime. Again, I don't know if you mean artists should be forced to use DRM or what, but there already are watermarks and other protections for digital images. And nearly all ebooks are sold with DRM. Because of the unconstitutional DMCA law, it's illegal to remove copy protection.

More importantly, DRM doesn't work, it's only about control. Organized pirates will always find ways around it, and if not, if you can play the music or video it's always possible to copy it. It just increases consumer resentment of people who advocate it, and gives people a reason to turn to things like piracy. I'm not justifying piracy, just saying when someone has a choice between paying lots of money for a crippled song/video/etc with DRM and personal information, or getting one for free that does more, for lots of people the second will win out. There's no getting around the simple logic that it affects paying custmoers who purchase legally, but not actual pirates.

So your vision of all content being locked-down has pretty much been business as usual for a while now. And it doesn't work, it increases piracy, and consumers have shown they won't stand for it. That's the whole reason people were applauding apple's move away from it. Sorry the gov't isn't here to give you special privileges, but if you like that kind of control you're always free to move to China.

[dem0]

A little payback?

Why should it matter if you have personal info in a file that you own (at least the rights to playing it)? Maybe they decided you wouldn't be quite as generous with your (read their) music library if you were giving up something yourself as well. Nothing's free, even without DRM. In this case it's just costing you your name and email address. It's not like you are giving that info to someone who would steal, right? Think about it.

[pfrabott]

DRM way better then my info!

Although my name and email address isn't that hard to find (business web site), I still prefer DRM over the alternative. expecially when Apple didn't even tell customers that it was there. (check the EULA, it's not listed). I have no real problems with DRM. yeah I may have to type my password or something but I have never had any problems with it (used for 3 years now). really it's just making sure I use it the way I am allowed to and not doing something I'm not. (even when you by CD's in the store you are buying a license to use the music, you do not own it-read your copyright laws for proof). My biggest question is, if Apple has been doing this behind our backs, what else are they doing and why? I would rather have DRM then anything else.

[mattumanu]

This info was there from the get go...

And it makes sense to have property you purchased marked with your name and email, since your email is your account name under iTunes.

Why are people so up in arms over this?

[psedog]

Good job Apple

This is way better than having your music stuck to one device. This also helps to find mass sharers, although I don't see it working that way. It would be very easy to remove this information. There are programs that will let you change all of your files with a few simple keystrokes.

[Vegaman_Dan]

It shouldn't be there in the first place

You shouldn't have to take extra steps and third party applications to remove data that had no right to be there in the first place.

This is inexcusable by any company.

[luomat]

CNet jumping on the FUD bandwagon

If you lose your iPod, someone gets your name and your email address. Big fat hairy deal.

If you aren't dumb as toast, you knows why this information is in there, because a bunch of people equate "No DRM" with "I can give this to anyone I want." No shock, no surprise, no conspiracy.

Wil Shipley has "outed" Adobe as doing this too.

http://wilshipley.com/blog/2007/06/news-flash-adobe-hides-customer.html

You register software, your name goes into a file.

Let's cut out the crazy "Well what if I was walking along and a dog stole my iPod and put all my music on a P2P network, then Apple would look real bad!" nonsense.

If your "friend" is dumb enough to put your music from iTunes on P2P, then you need smarter friends.

[luomat]

CNet jumping on the FUD bandwagon

If you lose your iPod, someone gets your name and your email address. Big fat hairy deal. If you aren't dumb as toast, you knows why this information is in there, because a bunch of people equate "No DRM" with "I can give this to anyone I want." No shock, no surprise, no conspiracy. Wil Shipley has "outed" Adobe as doing this too. http://wilshipley.com/blog/2007/06/news-flash-adobe-hides-customer.html You register software, your name goes into a file. Let's cut out the crazy "Well what if I was walking along and a dog stole my iPod and put all my music on a P2P network, then Apple would look real bad!" nonsense. If your "friend" is dumb enough to put your music from iTunes on P2P, then you need smarter friends.

[MSSlayer]

It might make sense

But, with a hex editor you can easily change the information.

So who is this going to stop?

Please give me your name and email address, and I will download on of these spyware files masquerading as a music file, put your name in it, and upload it to various sites.

While I am at it, I will give your email to a bunch of spammers.

Then call the RIAA and report you.

Maybe then you will figure out what is wrong with this.

People these days are so dense it takes a sledgehammer to get them to understand simple concepts.

[Vegaman_Dan]

Why are you blaming your friend?

Why is this information in the files in the first place? It has no legitimate reason whatesoever.

Blaming your friends for Apple's lack in judgement is curious.

[parkerpato]

Good idea, bad implementation

I agree with the idea of watermarking songs so that people who
share them can be identified, but I think there are better ways to do
it. Instead of including a user's name and email, why not include an
id number that Apple stores in a private database that links to the
user? Then, your information is still protected from general users
but Apple can track people breaking the agreement.

[freemarket--2008]

Disagree

I think it was smart of Apple to make the info obvious. Why would they want to have to act like the RIAA or to be forced to give up customer info to them?

This way they can give the music companies what they want to help curb casual file-uploading and also make the info obvious to customers without publicly announcing it is there.

Sharing a couple of songs with family and friends is not going to cause problems and may lead them to buy more. Uploading to P2P sites without taking precautions may be risky, as it should be.

The privacy issue is a red herring IMO.

[Douglas W. Goodall]

I would want to know

If my machine was hacked and my files were floating around, I
would want to know. It doesn't make you guilty of pirating, it just
indicates you have a problem to solve. If it happens over and over,
maybe you need to be a candidate for the darwin awards.

[inachu]

I have a cure for this.

Just use an ID tag stripper freeware program.
If they put email name in the song you might as well use your SSN.

[TucsonAlexAZ]

a simpler cure

just unplug yourself from the net. No more iTunes, no more email address, no more paranoia.