I was asked to help conduct this research & write a report on 'Privacy in the EU and US: Consumer experiences across three global platforms' reviewing Amazon, Netflix & Spotify. It's only scratched the surface https://eu.boell.org/en/2019/12/11/privacy-eu-and-us-consumer-experiences-across-three-global-platforms I've mainly used Twitter to comment on it https://twitter.com/PrivacyMatters/status/1205221211350933507?s=20 but intend to use Mastodon more

Spotify engages in a lot of behavioural tracking/profiling in the name of making your account / content more personalised & advertising. It's quite something.

Here's 'Spotify For Brands'https://spotifyforbrands.com/en-US/audiences/…

"We’ve found that how people stream actually tells us a lot about who they are. Our data team has identified five key streaming habits that can help you understand your audience, & better inform your planning"

"The most exciting part? This new research is starting to reveal the streaming generation’s OFFLINE BEHAVIOURS through their streaming habits." [MY EMPHASIS]

YOUR streaming data reveals your OFFLINE behaviours. Don't forget, Spotify obtains data about YOU from 3RD parties.

BUT ....

It is unclear precisely what personal data is obtained from what 3rd parties & the legal basis (consent or LI). Spotify publishes an Art 15 notice that is insufficient IMHO https://support.spotify.com/uk/account_payment_help/privacy/gdpr-article-15-information/

I note the Swedish DPA is querying Spotify on Art 15 matters & that very much reflects my own challenges of unsuccessful attempts to obtain supplemental information from Spotify as per Art 15 of the GDPR. https://www.datainspektionen.se/globalassets/dokument/ovrigt/skrivelse-till-spotify.pdf & https://musically.com/2019/06/13/swedish-data-protection-spotify-gdpr-investigation/

Back to Spotify for Brands.

"Moms on Spotify. Moms’ streaming habits tell us a lot about them."

I note that Spotify is also trialling Spotify or Kids (Ireland) & so it will get more interesting as Moms share what kind of music they listen to while bambino is in the womb ....

"Spotify analyzed the distinctive streaming habits of Spotify listeners, identifying variations across demographics, platforms, dayparts, music tastes, and behavioral audience segments (sourced from internal first-party data"

"To supplement this analysis, first- and third-party attributes were merged to understand how streaming habits are related to branding measures and purchase behaviors. "

Not only is there Spotify for Brands, but also the Spotify Ads Studio https://adstudio.spotify.com for real time interest and context based advertising.

"Every swipe, skip, and shuffle helps power our targeting solutions so your message can be heard by the right listeners."

So what about some of those #Spotify privacy impacting default settings? Spotify desktop app (Mac OS) https://spotify.com/uk/download/mac

When you install the app, Spotify sets a 'privacy' default to ON for cookie tracking, hidden in 'SHOW ADVANCED SETTINGS' (bottom of settings page).

Privacy should be the default not an advanced setting.

See next Toot.

In the desktop Mac app go to your profile. Select 'settings' scroll all the way to the bottom of the settings page. ▶️Click 'Show advanced settings' ▶️Privacy.

The Privacy setting has a slider button that is off & that = cookie tracking ON for the app installation ⬇️

The desktop app 'Privacy' setting is hidden in 'show advanced settings' (& that individuals are not told about in any transparent way), states, "Block all cookies for this installation of the Spotify desktop app; read more details here [links to https://www.spotify.com/us/legal/privacy-policy/]." .. BUT

Individuals are presented with text that may dissuade people from changing a default that supports Spotify Tracking: "Please note that enabling this setting may negatively impact your Spotify experience. Changes will be applied after restarting your app.” #SpotifyPrivacy #DarkPattern

That 'privacy' default enables cookie tracking via a greyed out slider button. I wonder how many people might think as it's greyed out it's not on and so no tracking taking place? #SpotifyPrivacy

Slide the button to green to disable cookies. It's not clear what purpose this default setting serves. For example, the 'read more details here' takes you to the Spotify privacy policy that doesn't refer to desktop app but the Cookie policy does https://spotify.com/us/legal/cookies-policy/…… BUT

Under the heading 'Cookies on the Spotify Desktop Application' in the cookie policy, it says "You can withdraw your consent to our use of cookies on Spotify’s desktop application at any time." <Consent when based on opt-out? PLUS NO transparent notice given. NO opt-in sought or obtained - consent? Hmmm

And there's that dark pattern nudge again. "Please note that if you set the Spotify desktop application to block cookies, then your Spotify experience may be affected." 🤔 Spotify doesn't explain in what way your experience may be affected. #DarkPattern #SpotifyPrivacy