Apple's iTunes raises privacy concerns
Computer experts say software transmits information about playlist content, attached to ID number, back to Apple.
The new music software includes a "MiniStore" window, which provides recommended links to Apple's music download service when a listener actively clicks on a song in their personal playlist, including songs that haven't been purchased from the iTunes store.
To provide those recommendations, the software sends information about the selected song, such as artist, title and genre, back to Apple. But the software also transmits a string of data that is linked to a computer user's unique iTunes account ID, computer experts have found.
Because iTunes users typically sign up for the music store with an e-mail address and a credit card number, the account ID number could in theory be linked to that information, as well as a user's purchase history, said Apple expert Kirk McElhearn, who has published several books on Macintosh computers. The same number is also used for other Apple products, such as the Apple Developer accounts and the online .Mac accounts, he added.
"I'm an Apple user and an Apple supporter, but this isn't what we expect Apple to do," said McElhearn, who published details about the iTunes data transfer on his Web site. "If this was Microsoft or RealNetworks, people would be screaming and calling for heads to roll."
In a statement, an Apple representative said the company "does not save or store any information used to create recommendations for the MiniStore."
The issue has raised eyebrows particularly high in the community of Apple computer users, though the new feature is also included in the Windows-based iTunes. Macintosh users have typically not been exposed to many of the advertising-supported or adware programs that are common in the Windows world, and which routinely raise privacy concerns through poorly disclosed data exchanges.
Indeed, in 1999, RealNetworks was sued for releasing a version of its RealJukebox that included a "Global Unique Identifying Number," which identified a listener's specific copy of the player without initially disclosing this feature in a privacy policy. RealNetworks said it had added the identifying feature as a way to "offer valuable personalized services" but later removed it after lawsuits and customer criticism ensued.
As of Thursday morning, the license agreements distributed with iTunes did not disclose the exchange of any data tied to song information or users' personal accounts. Information included with the software said the new 6.0.2 version "includes stability and performance improvements" but does not mention the addition of the MiniStore.
The company has posted an article on the Apple Web site that discusses the MiniStore. It says data about the song selected in iTunes is sent to the iTunes Music Store in order to provide relevant recommendations. It provides instructions for turning this feature off and says no data is sent, once turned off.
The article does not mention the transfer of any uniquely identifying information about the user.
The exposure of the data transfer has been dismissed by some bloggers and online sources as a typical feature of music-playing software. However, some bloggers are calling for a more specific disclosure of exactly what data the iTunes software is sending back to Apple--and what it is being used for.
"I wish they had told me what they were doing before I installed it," said Marc Garrett, an independent programmer in Washington who was one of the first to identify the iTunes issues. "I think Apple should disclose that in their end-user agreement."