The Unofficial Apple Weblog (TUAW)

The extremely vocal arguments against the user name and email tags are completely hypocritical. Let's see some examples.

You buy your songs; you burn them on CDs for your car, your kitchen, bathroom(s), bedroom(s), garage; you put them on your iPods, cellphones, you bring them to your office PC(s), etc. No matter how many time you play these files, no entity in the world will know what you did with them.

Now, let's say, you make copies of your files and give them to your girlfriend. Her brother finds the files on her Mac, burns them on a CD, takes them home and puts them on LimeWire. If we are talking about 15 songs, probably nobody would bother. However, if the number is 1,000 (for which you paid $1,290, by the way), RIAA police my come knocking on your door. You would say: 'No, I didn't do it!'; they'd say, 'Well, it's your signature!'; so you 'd think 'OK, who else might have these files?' and would be able to figure this out. Much like prescription drugs, or licensed commercial software, it is your responsibility to control access to it.

Let's also explore another scenario; someone who hates you, and knows that you have a nice iTunes Plus library of songs, and also knows your name and e-mail, decides to play a nasty prank on you. They buy a bunch of iTunes Plus songs; they crack the tags and change them to your name. They upload them to P2P. Now, RIAA finds them; goes to Apple to check against your user account purchases and finds out that none of those songs were purchased by you at the time the tags show they have been purchased; however, another user has purchased the exact same songs, at the exact same times. Now, instead of coming after you, RIAA police is coming after your friend, charging him not just for copyright infringement, but also for DMCA violation (circumventing a copy control mechanism).

There is absolutely nothing sinister in this system. It is the same as the money you have in your wallet; if you took it out of an ATM, the bank can track that bill back to you as the last person who took it from them. This is the perfect solution for all those who cried how DRM was hobbling them and their fair-use rights.

Reply

↓↑report

Seriously, if it's such a problem, buy the CD. No one is forcing you to be convenienced with not having to leave your computer to buy music.

Reply

↓↑report

The user account name appears in DRM as well as non-DRM files. It never mattered before because sharing your DRM'ed file was useless.

Replacing with other characters is trivial and effective. I would not be surprised, though, if other information relating a file to its original purchaser is inserted into the binary.

See: http://en.wikipedia.org/wiki/Steganography

By the way, as a matter of principle, you agreed not to distribute the music when you agreed to the terms of service. Whether or not you abide by your agreement is an ethical question, not a technical one.

Reply

↓↑report

@Vasic

In theory, you are right. Reality is different. An example about downloaders: The RIAA is sueing people in Switzerland who download music. The vast majority of law experts agree that downloading is legal even if the source is illegal. Until now, no court has ruled on the matter, because most sued users paid - the risk for them of going to court is bigger than paying 5000$.

Reply

↓↑report

It hardly seems draconian to me. Since the file is not now copy-protected, you can a) make a copy and b) change that string before you put it out there in pirate land. Put "stevejobs" there if you want. Or "kimjongil" or "georgebush", for that matter.

Reply

↓↑report

I bought some drm-free dean martin. As an experiment, I did "export to mp3" in itunes. It did it without any complaints and added it to my itunes library (leaving the original there). The original has my email in the info, the mp3 does not (according to itunes).

Reply

↓↑report

Can you say, "Album art?"

Reply

↓↑report

Yes as rm said, just because MP3 can't store any additional tags doesn't mean there isn't any user data hidden in the file. Steganography makes it trivial to store a small amount of watermarked data within an MP3 and most music stores who operate a non-DRM system will still implement some sort of watermarking system. Generally it is impossible to retrieve this watermarked data yourself and destroying it would require re-encoding the file which of course leads to degredation of quality.

I have worked personally on a music download store and know that artists and labels are not happy to put their music up on such sites unless there is some sort of protection, which makes sense. If people break the law and share their music on P2P then this gives them a means of tracking that user down and being compensated for their losses.

I hate DRM and I think watermarking is a great alternative solution that is better for everyone.

Reply

↓↑report

The thing is: What happens when somebody changes the metadata to someone else's name. Then, they could be framed for internet piracy.

Also, in some countries, "file-sharing" music isn't illegal. In which case, customers will want to have privacy in thier 100% legal activity

Reply

↓↑report

@Paul-Michael

"I don't think that word means what you think it means."

Inconceivable!

Reply

↓↑report

I prefer my name be in the file that I buy than having to install a DRM spyware/malware/lockware (Is there another word to name something that send your identity each time you change your computer and you buy music? And that may erase files without your consent?).

As said in earlier posts, what you do in public is public record.

However, I think it should not be used as an evidence, but as a hint to find pirates: You can have made repaired your computer by an unscrupulous employee. If you share a file with a friend and if he publishes over Bittorrent, then you are seen as the main responsible.
Using legal files should not be more risky than illegal sharing p2p networks.

Reply

↓↑report

why is everyone so sure that the naem and the email are the only info stored by apple within the file? if i´d be apple i´d stroe a customer id or something simmilar somewhere hard to be found.

Reply

↓↑report

I don't use itunes, or normally follow the bullying tactics of the major music cos, but this is dnew, if your name is embedded in a music file, what happens when you download these files as a gift to a third party? Is giving downloaded music to someone as a present illegal? If so why?
Why is it ok to lend, sell, buy,give away, a copywrite book but not music? I live in the UK, I saw a Sinatra CD with stuff recorded over 30 years ago being sold for 15£ (30$) by EMI....am I answering my own questions here?!

Reply

↓↑report

What if two persons dl the same track and use "diff" to see what's different, then "strings" on the patch?

Reply

↓↑report

Your name stuck to a piece of software is like your cellphone logging your position. Well, it doesn't log your position, it logs the position of the phone! Phones and iPods get stolen, after all.

A file with your name on it circulating around could be a mistaken case of the same name (hope their system is more reliable than the "no fly lists"), something ripped by someone who hacked your account (partial identity theft), or your kids' deliquent friends fault who messed with your computer while you were at work. If someone steals your car, you don't deserve to have to pay the speeding tickets. Let's make sure the presumption of innocence remains intact here, and make the company prove you did something illegal.

Identity theft has been the greatest boon to privacy since the 4th Amendment was ratified... thanks to it, the constant demand for your SS# is abating, personal data is slightly better protected, etc... Hope the trend continues (for privacy, not ID theft!) Too bad it had to start happening the hard way.

To people who take the "I have nothing to hide so go ahead and tag me with a radio collar" mentality, just remember that many people throughout history thought they had nothing to hide, but suddenly that changed, like what religion you belong to, for example. Also, your raging case of herpes, porn collection, and that terible drunken karaoke performance might not be "wrong" but many would prefer those things be kept private. Having sex (in the missionary position only with your spouse) is OK, too, so you won't mind if I watch through your window, right? It's just to make sure you aren't doing anything illegal, like oral sex (which is still illegal in Virginia even with your spouse!).

THINK!

Also, if tracking is employed in a process, that should be made explicitly clear at the outset, so consumers know what they're getting. And if you can't open it, you don't own it, so to hell with digital music. My friends get together and play actual instruments, which I think is the real wave of the future (old school, baby!) as everyone gets fed up with all this B$ just to hear some canned second-rate music.

Reply

↓↑report

RickertB, tell me how MP3 files can't store ID3 tags. I'm all idle ears!


Hint, check this: http://www.id3.org/id3v2.3.0#head-3c67d23d7cfecadd0253293fada37fbba5c6f1e1

Reply

↓↑report

"Much like prescription drugs, or licensed commercial software, it is your responsibility to control access to it."


What? No, its not like that at all. I fully agree that this name thing is no big deal, but you are making it sound like owning a computer makes it your automatic solemn responsibility to keep your computer locked to your wrist and safe from unauthorized users at all times, when that is pretty damn far from the truth.

Even if you deliberately share your 1000 purchased songs on Limewire yourself, how could they possibly prove you are the one who shared them? It could have been hackers. It could have been your brother-in-law. It could have been elves for all you know.

Reply

↓↑report

Does ANYONE want to PAY for anything anymore?
Not $24.95 for a crippled CD or album download, but just something reasonable...
So Apple put your acct info on a download.
If you share it in public it's public record.
If you share it with your own private devices,
it's not. Get over yourselves already.

Reply

↓↑report

unlike what some people here said, this isn't at all like DRM or like the government tapping phones. DRM restricts the ability to redistribute, while this doesn't. tapping means observing what your doing in private, while this only lets them know who did what if the actions are made in public. it's more like a fingerprint. think about when you went one a long time ago to a physical music store and bought a CD. you touched the CD, thus leaving your fingerprints on it. now if you illegally pass the CD to someone else you can be identified as the source by the fingerprints you left.

Reply

↓↑report

So much trouble to do this: Just look at GetInfo (Ctrl+I) from itunes to see your personal info.

I am reminded of the old maxim...never attribute to malice what can be adequately explained by stupidity.

First of all it is a cinch to remove or modify this information, thereby closing any chance of going after the identity embedded in the copy in the wild.

Second, if Apple really wanted to do this (why???), they could have easily embedded a much more inscrutable watermark.

I'll bet that the folks at Apple just didnt think about this when they blithely moved all the m4p tags to m4a.

Reply

↓↑report