Hot on HuffPost Tech:

See More Stories
Engadget for the iPhone: download the app now
AOL Tech

There is no privacy issue with iTunes Store DRM-free files



If absolute privacy is a concern critics are voicing against Apple's latest move with DRM-less tracks from EMI, they should have filed their complaints over four years ago when the iTunes Store first opened.

As the story goes, many users and industry pundits have announced their disappointment with the discovery that DRM-less iTunes Store tracks contain the owner's name and email address embedded in the file. Even Cory Doctorow and his merry band of EFF compatriots have added their ubiquitous $.0.02 to the mix, calling this an a privacy blunder on Apple's part. A key example cited for how bad this perceived breach of privacy can get is the theft of an iPod: if someone steals your DMP (iPod or otherwise, if you consider the fact that DRM-less iTunes Store tracks will play on any AAC-enabled device, including the Zune now), they could easily check through your files to scrape out your name and email address from any of the new DRM-less tracks. Fortunately, Geeks R Us nails the problem with this line of thinking in this So What post: "Apple embedded your personal information in content that only you should have is no different than them saving your email address in a Mail application preferences." If a thief stole a typical computer user's notebook - Mac, Windows or otherwise - they would easily have full access to quite a bit more information than the owner's name and email address. So why haven't Cory and his fellow perpetual protesters spoken out against this egregious privacy flaw in the wider scope of computing?

The fault with these complaints against Apple's latest non-DRM move runs more than skin deep, however, as this embedding of personal information didn't merely begin last week. Since the first day it was opened over four years ago, the iTunes Store has embedded an owner's email address in purchased files. You can easily verify this by importing a non-EMI iTunes Store track from a friend - iTunes will immediately notify you that your machine must be authorized to play the track, prompting you with a dialog requesting a password and the email address of the file's owner already filled in.

Watch out Cory - all your email addresses are belong to anyone who steals your iTunes Store files; just as they have been for the last four years.

The moral of the story is the same as ever, only a few of the details change this time around: While Apple certainly isn't the first to offer a DRM-free commercial digital download service (In the mainstream that title probably goes to eMusic), they are the first of the major services to take the leap of faith and offer a premium music catalog completely free of DRM. In all likelihood, if you aren't sharing your personally identifiable files over P2P networks, you don't have anything to worry about, and an email address is the last thing you have to fret over if someone steals your iPod. The thief is after your DMP because they want your gadget, not because they want to email you a great offer on viagra.

There is no more of a privacy issue with iTunes Store files (non-DRM or otherwise) than there is with the theft of your computer or mobile phone. Files bought from the store are supposed to remain just as private as the personal information embedded in them. Now, can we all go back to buying high quality, DRM free tracks - and not vindicating the RIAA by sharing them - so more record labels finally invest in DRM-free digital distribution channels like we've been asking for?

Tags: analysis, cory doctorow, CoryDoctorow, drm, drm-free, eff, electronic frontier foundation, ElectronicFrontierFoundation, emi, itunes, itunes store, ItunesStore, music, privacy

Comments

11