The amount of pearl-clutching in this Twitter thread is barely short of astounding. People have some quaint assumptions about how software services collect and use usage data that originates inside the platform. What service wouldn’t want to measure how people use it? What company Spotify’s size got there without measuring things?
Spotify’s discovery weekly playlist, trending charts, song/album-based radio, daily genre-based playlists, “popular in this location” charts, artist suggestions, playlist auto-extend - all of these would not be possible without data collection. And these are actually things I use and help me find music from around the world I wouldn’t otherwise. The main thing is that there be enforcement inside Spotify that none of the employees are peeking at the data of a particular user. We need regular inspections and certifications for this sort of a thing. I’m fine with anonymized data analysis. (And de-anonymization falls under “not being able to access the data of a particular user”.)
You must be a creator! Please don’t disdain the consumers’ responses. Just… observe. This is important.
To my eye, a good outcome of these GDPR Data Extracts will be that consumers/users demand control of their devices!
I’ve been trying to tell people for years what it means, what actually happens, when they use ‘free’ services every waking moment. They use them casually, and excitedly, and while in mourning, and on that day they fell in love.
Spotify knows when you’re drunk. (Well, they might, if they figured out how to extract that.)
Google knows when you’re aroused (Well, they might, if they figured out how to extract that)–and if you use their communication services, or Android, they might even put two and two together and figure out if you have a crush on any specific person in your contacts list…
Don’t get me started on politics!
I remember, about exactly twenty years ago, I got in the habit of running tcpdump constantly, and through that I identified which programs would talk on the network. In those days, my system didn’t generate a constant stream of traffic when it was idle, so it was easy. I was offended to see some apps “phone home” when there was clearly no benefit to me, the user. Since I had full control of my PC in 1998, I could block it, intercept it, delete the app, hexedit the app, whatever I liked.
You know what I mean? It’s one thing for Spotify to tell their app to tell your phone to send all that data. It’s a whole different thing that your phone DID it and does not offer you an audit mechanism!
Did anybody determine if it contains scroll events with timestamps?
What is that kind of data called? The kind of data Facebook and Google have… They get a constant stream of scroll events, mouse movement events, etc, so they can tell when your attention lingers over certain images or themes, even if you don’t ‘click’ or ‘tap’ anything in response.
Let’s call that attention data, for now… I want to see what kind of attention data Google and/or Facebook have on me, even if–especially if!–they collected it while I was on third party sites.
The amount of pearl-clutching in this Twitter thread is barely short of astounding. People have some quaint assumptions about how software services collect and use usage data that originates inside the platform. What service wouldn’t want to measure how people use it? What company Spotify’s size got there without measuring things?
Spotify’s discovery weekly playlist, trending charts, song/album-based radio, daily genre-based playlists, “popular in this location” charts, artist suggestions, playlist auto-extend - all of these would not be possible without data collection. And these are actually things I use and help me find music from around the world I wouldn’t otherwise. The main thing is that there be enforcement inside Spotify that none of the employees are peeking at the data of a particular user. We need regular inspections and certifications for this sort of a thing. I’m fine with anonymized data analysis. (And de-anonymization falls under “not being able to access the data of a particular user”.)
You must be a creator! Please don’t disdain the consumers’ responses. Just… observe. This is important.
To my eye, a good outcome of these GDPR Data Extracts will be that consumers/users demand control of their devices!
I’ve been trying to tell people for years what it means, what actually happens, when they use ‘free’ services every waking moment. They use them casually, and excitedly, and while in mourning, and on that day they fell in love.
Spotify knows when you’re drunk. (Well, they might, if they figured out how to extract that.)
Google knows when you’re aroused (Well, they might, if they figured out how to extract that)–and if you use their communication services, or Android, they might even put two and two together and figure out if you have a crush on any specific person in your contacts list…
Don’t get me started on politics!
I remember, about exactly twenty years ago, I got in the habit of running tcpdump constantly, and through that I identified which programs would talk on the network. In those days, my system didn’t generate a constant stream of traffic when it was idle, so it was easy. I was offended to see some apps “phone home” when there was clearly no benefit to me, the user. Since I had full control of my PC in 1998, I could block it, intercept it, delete the app, hexedit the app, whatever I liked.
You know what I mean? It’s one thing for Spotify to tell their app to tell your phone to send all that data. It’s a whole different thing that your phone DID it and does not offer you an audit mechanism!
On the other hand some consumers give their data knowing that it’s an exchange for features they want.
Many people like FB’s targeted ads!
This data is pretty ‘high resolution’.
Did anybody determine if it contains scroll events with timestamps?
What is that kind of data called? The kind of data Facebook and Google have… They get a constant stream of scroll events, mouse movement events, etc, so they can tell when your attention lingers over certain images or themes, even if you don’t ‘click’ or ‘tap’ anything in response.
Let’s call that attention data, for now… I want to see what kind of attention data Google and/or Facebook have on me, even if–especially if!–they collected it while I was on third party sites.
Another successful export: https://twitter.com/mikarv/status/1012386696934182912