Ever since the Sony rootkit debacle (http://www.mobileread.com/forums/showthread.php?t=5283) we know that music played on a connected computer is not safe from data mining. According to Marc at Since1968 (http://since1968.com/article/153/itunes-is-watching), the latest incarnation of iTunes sends information to Apple whenever you double-click on a song. Apparently Apple uses this information to find albums and tracks for sale by the artist whose song was presently playing.

This means, of course, that every single time I play a song the information is sent back to Apple. You can turn off the MiniStore at the click of a button, but it's not clear whether turning off the MiniStore is the same as turning off the flow of data (one doubts it). And don't bother looking for a way to turn this "feature" off in the Preference pane: it’s not there.

And as a user at Boing Boing stated:

I just ran a packet trace of the new iTunes - it only connects to Apple if the Mini Store is open. For regular MP3s, it'll run a full text search to find related articles, for purchased music, it searches by the original product ID. Sample query string is: /WebObjects/MZSearch.woa/wa/ministoreMatch?an=Daft% 20Punk&gn=Electronic&kind=song&pn=Discovery

The problem: Apple collects your data without your knowledge or consent. And who knows, perhaps the next iTunes will only support RIAA-approved MP3s.

[via Boing Boing (http://www.boingboing.net/2006/01/11/itunes_update_spies_.html)]

And people wonder why as a Mac user since the beginning (my first was a LCII, used an Apple IIc before that), I don't use an iPod :).

I've never trusted the RIAA and the sway they have with Apple. All of my music (even the music I buy from iTunes) is in un DRM'ed MP3 so that I can play it on anything I want. I can always go back to Maccast for my MP3 player ;) (maybe I can't, they seem to have disappeared).

The problem: Apple collects your data without your knowledge or consent. And who knows, perhaps the next iTunes will only support RIAA-approved MP3s.


Is Apple really collecting data without your knowledge or consent? I highly doubt Apple legal wouldn't put language in the iTunes EULA (http://www.apple.com/legal/sla/itunes.html), iTMS Service Agreement (http://www.apple.com/support/itunes/legal/terms.html), and Privacy Policy (http://www.apple.com/legal/privacy/) that would cover them by notifying the user that they may collect certain information when the user agrees to using their software and services.

Don't forget, when you install iTunes and use the iTMS, the user has to agree to these terms. Whether or not people read them and fully understand them before agreeing to them is another story.

Brian did you check out the Boing Boing post I was referring to? It appears that Apple did not mention that they would collect this kind of information; in fact, this Marc guy points out,

We all know that Apple uses GraceNote to grab iTunes track info. But this is precisely my point: Apple’s use of GraceNote is transparent. When you rip a new CD, iTunes tells you that it’s querying the GraceNote database. Not only that, Apple had the good sense to be clear about GraceNote in the iTunes EULA (http://www.apple.com/legal/sla/itunes.html). As of this writing (01/11/06 3:30pm EST), no publicly available Apple EULA mentions Omniture. According to Google, the only mention of Omniture on Apple's web site is a couple job openings and a copyright notice for the King Kong trailer. Apple clearly felt bound to include GraceNote in its iTunes EULA. Why not Omniture? Why one standard of transparency for Company A and a different standard for Company B?

There's also an updated post (http://since1968.com/article/155/omniture-itunes) on what's behind Omniture (http://www.omniture.com/), which appears to be some kind of marketing firm.

We know that data goes back to the ITMS to get a sales recommendation; we do not know if that data is actually 'collected' or stored in a persistent manner.

This functionality comes in an update that does not present a new EULA if it is installed over an existing iTunes version. Thus, there is no disclosure of this.

This has the potential to be more dangerous for Apple than it normally would be for other companies, given their pro-consumer image and their dominance of the portable mp3 player market. While I don't think what is actually going here is anything terrible or worrisome, it is the implications of where this approach could go and the lack of proper disclosure that will create any PR headaches this causes.

At this point in time, turning off the Mini Store solves the problem completely.

Brian did you check out the Boing Boing post I was referring to? It appears that Apple did not mention that they would collect this kind of information; in fact, this Marc guy points out,


I'm not apologizing for Apple not adding specific language in the SLA, Privacy Policy, and TOS to cover the Mini-Store sending data, but as I read all three, there are enough "catch-alls" to cover themselves in this situation.

Here's one section that has some catch-all language, as mentioned in post #9 to this story (http://since1968.com/article/155/omniture-itunes) (Emphasis is mine):


“There are also times when it may be advantageous for Apple to make certain personal information about you available to companies that Apple has a strategic relationship with or that perform work for Apple to provide products and services to you on our behalf. These companies may help us process information, extend credit, fulfill customer orders, deliver products to you, manage and enhance customer data, provide customer service, assess your interest in our products and services, or conduct customer research or satisfaction surveys. These companies are also obligated to protect your personal information in accordance with Apple’s policies. Without such information being made available, it would be difficult for you to purchase products, have products delivered to you, receive customer service, provide us feedback to improve our products and services, or access certain services, offers, and content on the Apple website.”

That Apple would retain data on what you purchase from their store is reasonable.

That Apple would accumulate data on what you are playing in iTunes, even material you did not purchase from from the ITMS, is not reasonable. That's what people are getting irritable about.

That Apple would retain data on what you purchase from their store is reasonable.

That Apple would accumulate data on what you are playing in iTunes, even material you did not purchase from from the ITMS, is not reasonable. That's what people are getting irritable about.

"Reasonableness" is highly subjective. What one person may find reasonable and agree to in an EULA might be unreasonable and objectionable to someone else.

I really think this is being blown out of proportion. It's fairly obvious to the user that information about the song that is currently being browsed in the Library is being received by Apple in order to display "More from" and "Listeners Also Bought" (See attached thumbnail). Don't like it, shut off the Mini Store and no data is sent. Still don't like it for ideological reasons, don't use iTunes.

I am not sure if this is indeed blown out of proportion. Fact is Apple is sending data of every song you click on to a 3rd party's server, and didn't explicitely mention it nor ask for your permission. Take Microsoft's Media Player, for instance. The following dates back to 2002 (http://news.zdnet.com/2100-3513_22-955514.html):

The changes follow a recent FTC settlement, in which Microsoft agreed to 20 years of government oversight of consumer privacy policies and procedures. Last year, 14 consumer and privacy groups filed a complaint with the FTC, alleging that Microsoft's online Passport authentication system violated Section 5 of the Federal Trade Commission Act... Windows Media Player 9 Series may be one of the first new Microsoft products so clearly putting privacy policies and controls in the hands of consumers. Unlike competing products or earlier versions of Microsoft's media player, the privacy policies and settings option is the first thing a consumers sees the first time the product is started... Privacy and media players are an increasingly hot item--and not just for U.S. regulators. The European Union, for example, is looking into regulating media players with respect to privacy. Microsoft's increased emphasis on privacy could help the company in Europe, particularly since the EU last year expanded an ongoing antitrust investigation to include media players."

It was a big deal to Microsoft, and it should be a big deal to Apple if they doesn't want to get into the same kind of trouble.

Fact is Apple is sending data of every song you click on to a 3rd party's server, and didn't explicitely mention it nor ask for your permission.

Is that a fact? From what I've read and from what you quoted from a user at BB, it sounds like only the Product ID or artist/title/genre/kind of the track is going directly to Apple, not a 3rd party server, and ONLY IF the Mini-Store is visible, ONLY when a track is clicked, NOT for every song played.

And as a user at Boing Boing stated:

I just ran a packet trace of the new iTunes - it only connects to Apple if the Mini Store is open. For regular MP3s, it'll run a full text search to find related articles, for purchased music, it searches by the original product ID. Sample query string is: /WebObjects/MZSearch.woa/wa/ministoreMatch?an=Daft% 20Punk&gn=Electronic&kind=song&pn=Discovery

Is that a fact? From what I've read and from what you quoted from a user at BB, it sounds like only the Product ID or artist/title/genre/kind of the track is going directly to Apple, not a 3rd party server...
This screenshot (http://since1968.com/article/155/omniture-itunes) doesn't look faked, so yes, I believe it's a fact. A whois on 207.net reveals:

Organization:
Omniture Inc.
Omniture DNSAdmin
550 E. Timpanogos Circle
Orem, UT 84097
US
Phone: 801-722-7000
Fax..: 801-722-7001
Email: dnsadmin@omniture.com

And from what I can tell, Omniture is not a subsidiary of Apple, so yes, it's a 3rd party.

... and ONLY IF the Mini-Store is visible, ONLY when a track is clicked, NOT for every song played.
iTunes launches with the Mini-Store open, and either way, this does not address the issue of privacy transparency.

This screenshot (http://since1968.com/article/155/omniture-itunes) doesn't look faked, so yes, I believe it's a fact. A whois on 207.net reveals:

Organization:
Omniture Inc.
Omniture DNSAdmin
550 E. Timpanogos Circle
Orem, UT 84097
US
Phone: 801-722-7000
Fax..: 801-722-7001
Email: dnsadmin@omniture.com

And from what I can tell, Omniture is not a subsidiary of Apple, so yes, it's a 3rd party.


OK, so it's a third-party partner of Apple's. They're bound by Apple's privacy policy, and in their privacy policy, Apple states this:

“There are also times when it may be advantageous for Apple to make certain personal information about you available to companies that Apple has a strategic relationship with or that perform work for Apple to provide products and services to you on our behalf. These companies may help us process information, extend credit, fulfill customer orders, deliver products to you, manage and enhance customer data, provide customer service, assess your interest in our products and services, or conduct customer research or satisfaction surveys. These companies are also obligated to protect your personal information in accordance with Apple’s policies. Without such information being made available, it would be difficult for you to purchase products, have products delivered to you, receive customer service, provide us feedback to improve our products and services, or access certain services, offers, and content on the Apple website.”

Bottom line: Should Apple make this clearer ? Yes, and they probably will, especially after this. Are they violating their own privacy policy, SLA, and TOS? In my opinion, no.

Apple has told Macworld (http://www.macworld.com/weblogs/editors/2006/01/ministore/index.php) that the data is discarded after the Mini-Store is updated.

The good news is, Apple tells us that the information is not actually being collected. The data sent is used to update the MiniStore and then discarded. If you think about it, this makes sense—imagine the size of the data files they would accumulate with millions of users and what must be hundreds of millions of songs played each day. But Apple should tell us as much, so that we can all relax a bit about sharing our listening habits with Apple.


Apple should amend iTunes to clearly disclose what data the program is transmitting and how it’s being used. There should be a dialog box that pops up the first time iTunes runs, explaining exactly how the MiniStore works. If Apple had just included that yesterday — or even some information in the Read Me, then I wouldn’t have even raised this as an issue. A little transparency and openness can go a long way to easing privacy fears.

Agreed.

Bottom line: Should Apple make this clearer ? Yes, and they probably will, especially after this. Are they violating their own privacy policy, SLA, and TOS? In my opinion, no.
Nor was it ever implied. The criticism lies in the fact that Apple did not address this "specific feature" nor did they explicitely allow the user to opt-out.

I am partial to as "how bad" the "spying" behavior in iTunes 6.0.2 really is. According to heise.de (http://www.heise.de/newsticker/meldung/68245), however, Apple is at least violating German privacy laws.

It doesn't matter if it is a third party or not. I don't think most people would make the assumption that iTunes is sending data back to someone else's computer about what tracks you're playing.

I have not given Apple permission to gather data on my listening habits. My buying habits - yes, IF I buy from ITMS. But not my listening habits, AND I HAVE NEVER BEEN ASKED IF I WANT TO OR NOT.

PR nightmares are about perceptions, not facts. The perception here is not a good one, and given Apple's dominance of the legal download market this makes them a bigger target for litigious-happy lawyers be they government or private.

I have not given Apple permission to gather data on my listening habits. My buying habits - yes, IF I buy from ITMS. But not my listening habits, AND I HAVE NEVER BEEN ASKED IF I WANT TO OR NOT.


This apparently isn't the case, and they aren't collecting data on listening habits. According to Apple, the data is discarded after it is used to show "More From" and "Listeners Also Bought" information in the Mini-Store.

I think the "issue" will be solved relatively quickly... Apple has already stated that they are not using the data for anything but showing related information in the Mini-Store. And if I was Apple, I'd release an iTunes upgrade to add more transparency (i.e. inform the user).

Small update: According (http://www.boingboing.net/2006/01/11/steve_jobs_apple_dis.html) to various Boing Boing readers every click on a song transmits not only the song title and artist but also your personal Apple ID.

Apple ID's are unique to every individual and are used for all of Apple's services -- iTunes, .Mac, Apple Care, OS X registration, pro application use, the online Apple Store, the Apple Developer Connection, and so on.

Small update: According (http://www.boingboing.net/2006/01/11/steve_jobs_apple_dis.html) to various Boing Boing readers every click on a song transmits not only the song title and artist but also your personal Apple ID.

Apple ID's are unique to every individual and are used for all of Apple's services -- iTunes, .Mac, Apple Care, OS X registration, pro application use, the online Apple Store, the Apple Developer Connection, and so on.

That's sad...I'm glad that I don't have an Apple ID...

Hi guys,

I'm Marc A. Garrett, the person who originally reported the iTunes privacy issue on since1968.com. I came across your forum when it appeared in my referer logs. Sorry I'm coming a bit late to your discussion.

Brian, I think some of your skepticism is warranted: some of the blog discussion has moved beyond the initial assertions I've made. Still, I'd push back on a few points made you made:

First, your reading of the TOS [there are three documents covering iTunes, iTMS, and Privacy; for the sake of brevity I'll refer to them all as the Terms of Service] is so expansive that I wonder what you think it prohibits? I would argue that the plain language of the various agreements covering iTunes and iTMS is designed to reassure the user that the type communication going on between iTunes and Omniture is prohibited.

Second, if this type of behavior is clearly contemplated in the TOS, why try to obfuscate it? I haven't had one person defending Apple's behavior -- not a single one -- explain to me why an HTTP GET call to 2o7.net should be buried behind a 192.168[etc] prefix that's designed to look like traffic on the local network. I concede there could be a perfectly good explanation, but no one has come up with one.

Third, I was restrained in my initial coverage because I couldn't be sure that Apple sent uniquely identifying information to a third party -- what I mean to say is that I knew iTunes was sending data, but I did not want to make public claims about the nature of the data until I could confirm it for myself. But it turns out that the reporting about unique IDs is correct: iTunes sends your X-Dsid to Omniture. This X-Dsid is unique; not unique in the sense of a PHP session variable, but unique in the sense that it is the numeric equivalent of your Apple ID. It is the number that Apple uses to retrieve your contact and billing data, and it is the same number which Apple sends to Omniture in clear text.

Finally, let's assume Apple is telling the truth about "Apple doesn't collect data." That doesn't address whether Omniture collects that data. No one has answered this to my satisfaction either: why does iTunes send your unique ID to a data analytics firm if that data is not used or stored?

I'd be happy to share all of my data and methods with you guys. It looks like you have a good community here and I'm glad I stumbled across it.

Best,

Marc A. Garrett
since1968.com

Hi guys,

I'm Marc A. Garrett, the person who originally reported the iTunes privacy issue on since1968.com. I came across your forum when it appeared in my referer logs. Sorry I'm coming a bit late to your discussion.

Thanks for stopping by and sharing your thoughts.


Brian, I think some of your skepticism is warranted: some of the blog discussion has moved beyond the initial assertions I've made. Still, I'd push back on a few points made you made:

First, your reading of the TOS [there are three documents covering iTunes, iTMS, and Privacy; for the sake of brevity I'll refer to them all as the Terms of Service] is so expansive that I wonder what you think it prohibits?


That's my point. There are enough catch-all phrases that, although it isn't specifically stated, I think the language does cover the type of activity going on in the case of the Mini-Store.


I would argue that the plain language of the various agreements covering iTunes and iTMS is designed to reassure the user that the type communication going on between iTunes and Omniture is prohibited.

While there is plain language and specific examples of activity cited in the TOS/SLA/PP, again I'd argue that certain catch-all language technically/legally covers them. From Apple's Privacy Policy, for example:

There are also times when it may be advantageous for Apple to make certain personal information about you available to companies that Apple has a strategic relationship with or that perform work for Apple to provide products and services to you on our behalf. These companies may help us process information, extend credit, fulfill customer orders, deliver products to you, manage and enhance customer data, provide customer service, assess your interest in our products and services, or conduct customer research or satisfaction surveys. These companies are also obligated to protect your personal information in accordance with Apple’s policies. Without such information being made available, it would be difficult for you to purchase products, have products delivered to you, receive customer service, provide us feedback to improve our products and services, or access certain services, offers, and content on the Apple website.

In my opinion, that covers the Mini-Store sending data to provide a service by "assessing your interest in our products and services" and Overture is bound by Apple's Privacy Policy as a strategic partner.


Second, if this type of behavior is clearly contemplated in the TOS, why try to obfuscate it? I haven't had one person defending Apple's behavior -- not a single one -- explain to me why an HTTP GET call to 2o7.net should be buried behind a 192.168[etc] prefix that's designed to look like traffic on the local network. I concede there could be a perfectly good explanation, but no one has come up with one.

That is potentially worrisome, but I wouldn't automatically attribute it to an attempt at obfuscation.


Third, I was restrained in my initial coverage because I couldn't be sure that Apple sent uniquely identifying information to a third party -- what I mean to say is that I knew iTunes was sending data, but I did not want to make public claims about the nature of the data until I could confirm it for myself. But it turns out that the reporting about unique IDs is correct: iTunes sends your X-Dsid to Omniture. This X-Dsid is unique; not unique in the sense of a PHP session variable, but unique in the sense that it is the numeric equivalent of your Apple ID. It is the number that Apple uses to retrieve your contact and billing data, and it is the same number which Apple sends to Omniture in clear text.

You're initial and subsequent coverage and questions are all responsible and valid in raising potential privacy concerns, but not everyone has been as responsible or level headed in their coverage.


Finally, let's assume Apple is telling the truth about "Apple doesn't collect data." That doesn't address whether Omniture collects that data. No one has answered this to my satisfaction either: why does iTunes send your unique ID to a data analytics firm if that data is not used or stored?


As I mentioned above, as a strategic partner with Apple, they're bound by Apple's privacy policy. You do raise several legitimate questions that should be addressed, but as I pointed out earlier, the way I read their policies they're covered.

Transparency is the best policy, and in this case, I agree that Apple has fallen short.


I'd be happy to share all of my data and methods with you guys. It looks like you have a good community here and I'm glad I stumbled across it.

Thanks again Marc,

Wow, thanks Marc for joining and making your point clear to us! Having read your initial post, and the various responses, including Brian's, I come to the conclusion that

a) Apple has covered their ass by including the necessary details in their TOS/SLA/PP policies

b) Apple is not 100% true about why and how they collect the data through iTunes; after all, transmitting the X-Dsid/Apple ID would not be necessary for finding context-related music material on Mini-Store.

Thanks to Marc's original article that brought this issue to light, it appears that Apple has responded to ease privacy concerns about the Mini-Store. Marc just posted this (http://since1968.com/article/158/itunes-privacy-fix) on his blog (http://since1968.com), with details about how Apple has partially fixed the Mini-Store privacy issue in iTunes:

Now, when you attempt to open the iTune MiniStore you are prompted with the following language:

The iTunes MiniStore allows you to discover new music and videos right from your iTunes Library. As you select items in your Library, information about that item is sent to Apple and the MiniStore will show you related songs or videos. Apple does not keep any information related to the contents of your music Library. Would you like to turn on the MiniStore now?

You don’t need to download any additional software to see the new Privacy language. Thus, Apple has addressed two of my primary concerns:

* The MiniStore is now opt-in instead of opt-out; in other words, a user can choose whether she wishes to use this feature but by default the feature is turned off.
* The interface now states in unambiguous language that some of your information is sent to Apple.

Apple should be commended for updating iTunes within a week of my original article.

Brian, that was the good part. Apple did respond in quick manner. However, transmitting your Apple ID still seems important to them:

Packet inspection with Ethereal indicates that—assuming you use iTunes on a Mac—iTunes still includes your Apple ID in the header of an HTTP GET sent to Omniture, a third party marketing, data collection, and web analytics firm. It’s up to Apple’s customers to decide whether Apple should update the licenses governing iTunes and iTMS to disclose its use of third party software and services as it does with GraceNote and Kerbango.

I think the "issue" will be solved relatively quickly... Good call Alex! Brian and Mr Saint are on top of the news. It's also at Boing Boing (http://www.boingboing.net/2006/01/18/apple_changes_itunes.html) now as a post called "Apple changes iTunes, now obtains consent before collecting info". He refers to the new message Apple included and makes the following comments That's pretty good news, but I'd still like to know why Apple is transmitting my Apple ID number with the data collected.
Still, this is the right thing for Apple to have done (and what they should have done in the first place) -- good job, Apple.