Yesterday, a persistent Austrian developer named Peter Steinberger managed to get his entire data archive from Spotify, revealing immense tracking of every possible interaction…down to how you resize the app’s window.
Since the GDPR was implemented in May, many tech companies are now required to respond to user requests for data which is stored about them on the company’s platform. Spotify is one of these companies.
They even store the brand of headphone I use. How do you even get that data, digging deep in CoreBluetooth? pic.twitter.com/LnuDKxtW6v
— Peter Steinberger (@steipete) August 2, 2018
Data tracking is commonplace, and most tracking is done to improve user experience, develop new products, provide better support, and establish new revenue channels. In addition to things you might expect Spotify to track, like how long you listen to a song how many songs you skip, there were some notable and surprising things which Spotify keeps track of.
- What brand of headphones you listen on
- What point within songs the volume was changed
- Every conceivable user interface interaction, even the resizing of windows
Like Steinberger says, the sheer mountain of data Spotify collects is “nothing particular[sic] interesting, just every-freaking-thing.” While the GDPR is ostensibly meant to curtail some of these “kitchen sink” data collection practices, there are large carve-outs in the legislation for potentially-useful data. Other developers have also received similar data dumps.
99% of this data Spotify collected is useless, they probably didn’t even look at it. So often the strategy is “let’s just collect everything about what our users do and we’ll figure out what to do with it later”. I’m so glad GDPR happened. https://t.co/IlZ4IjYrZf
— JaviAir (@Javi) July 1, 2018
It shouldn’t be a surprise that Spotify, along with every other music app (read: every other app), collects so much user data, but it is shocking and somewhat entertaining (or scary) to see just how deep the well goes.