In 1998, Ask Ars was an early feature of the newly launched Ars Technica. Now, as then, it's all about your questions and our community's answers. Each week, we'll dig into our question bag, provide our own take, then tap the wisdom of our readers. To submit your own question, see our helpful tips page.
Q: Will Apple's iTunes Match service be used to find out who has pirated music?
In the fall, Apple will launch its iCloud service for Macs and iOS devices. It includes two iTunes-related services: free access to previously purchased songs via any authorized device, as well as a $25 per year option to store up to 25,000 songs in iCloud. The latter feature, dubbed iTunes Match, will scan a user's library and give immediate iCloud access to any song that "matches" a corresponding track in the iTunes Store library. Songs that don't match will be uploaded to a user's iCloud storage.
The benefit of iTunes Match over competing services from Amazon and Google is that users with libraries that consist of the most popular content will only have to upload a small percentage of music. This makes the process much faster than uploading each and every track, especially given the relatively anemic upload speeds available to most US broadband users. The US iTunes Store boasts over 18 million tracks, so if your tastes don't depend heavily on obscure, independent, or foreign music, there's a good chance that a significant proportion of your library will match up.
Little is known about the exact method Apple is using to match users' libraries, but we know that it will likely use some kind of metadata analysis derived from its purchase of Lala. Gracenote also revealed via its Facebook page that iTunes Match will use its MusicID technology, which can often identify tracks that have missing or incorrect metadata. Gracenote declined to explain exactly how MusicID works, but we believe it must use some kind of content analysis to identify tracks with no artist, title, or album information.
Considering that iTunes Match uses at least some kind of metadata analysis and content analysis, we are left with two questions. Could Apple reliably identify pirated music? And what would it do with that information?
According to an industry expert we spoke with, the answer to the first question is yes—at least in many cases. This expert, who requested not to be named, explained that digital music retailers do in fact embed information in the IDv3 tags of song files. For instance, we know that Apple has been embedding the name and Apple ID of those that purchase DRM-free iTunes Plus tracks for at least few years. Amazon also embeds a unique code in the DRM-free purchases from Amazon MP3. This information is easily viewed in iTunes.
But other metadata can be embedded which isn't so easily detectable or edited by IDv3 tag editing software. Our source explained that even something like an embedded hashed time stamp could be used to identify the original purchaser. If iTunes Match scanning reveals 1,000 copies of a track with an identical time stamp hash, it would be evidence of illegal copying or file sharing.
Labels could also leak tracks with embedded digital watermarks to file sharing services, which could later be detected with content analysis. Apple could potentially scan for such watermarks, then turn over any matches to record labels or the RIAA.
Of course, all these scenarios assume cooperation on the part of Apple. The company would not comment when asked if iTunes Match does any sort of analysis to determine if tracks are legitimate purchases or not. This lack of denial leads us to believe that Apple is doing some kind of analysis along these lines for its own purposes. However, the company told Ars that it definitely does not share any iTunes Match information with third parties beyond aggregate information reported to record labels and music publishers for determining royalties. Apple's privacy policy also states that it doesn't share any personally identifiable information with third parties unless required by law.
To answer our second question, we consulted some legal experts to better understand these particular issues. For instance, Apple may have internal reasons for trying to understand where users get their music from. "There is likely some value to Apple to know where people get files, for marketing purposes, and that same information could potentially be used to determine if files were pirated," Julie Samuels, staff attorney at the Electronic Frontier Foundation, told Ars. "I don't think connecting those dots serves any useful purpose for Apple."
Chicago-based intellectual property attorney Evan Brown agreed that outing users as pirates serves little purpose for Apple. Doing so would merely alienate users and keep them from paying the yearly $25 fee, and could keep them from coming back to the iTunes Store to make additional legitimate purchases. "It doesn't seem like Apple would be the one with any incentive or reason to ferret out pirates," he told Ars.
There is some speculation that Apple might use the information to attempt to convert users' pirated tracks into legitimate iTunes Store purchases. That line of thinking suggests Apple, as the largest digital music retailer in the world, is concerned that it "loses billions of dollars annually to illegal music file sharing," according to computer forensics expert Daniel Nolte. However, Apple generates a very small percentage of its revenue from iTunes Store sales. We believe Apple is more concerned with selling iPods, iPhones, and Macs that people use listen to music—pirated or not—which generates far more revenue.
If Apple has the information at all, though, it could be subpoenaed by law enforcement, the RIAA, or some other interested party filing a lawsuit. "One thing in particular that I would point out is that RIAA or record labels might not necessarily try to get this information," Samuels said. Apple has agreements with all four major labels, so it seems unlikely that RIAA or labels would approve of the service and then later try to use it to sue its users. "It seems to many people, and we think to record companies, that Apple's service acknowledges how the Internet works and that there will always be some amount of file sharing. It's a way to make some amount of money and still compete with 'free,'" Samuels said.
"But," Samuels noted, "copyright trolls filing massive lawsuits might try to get at Apple's data. Those cases in particular seem set up to make a quick buck, and we see this as the most likely scenario where someone would attempt to subpoena the information."
Getting a subpoena, though, wouldn't necessarily be easy. "I don't know under what grounds a subpoena could be issued," Samuels said. "You would need a prima facie case that there is a possibility that a particular person downloaded or possessed an infringing file, then you can request that person's identity."
Brown explained that iTunes Match doesn't have any sort of publicly accessible information that an investigator could use to demonstrate such prima fascia evidence of infringement. "It's hard to see what files a user is storing in the cloud unless there is a social layer on top of the service, so the makeup of an individual's library will be pretty opaque to an outsider, including investigators for the labels," Brown said.
"That opacity will go a long way toward protecting users from anti-piracy snooping, and being the targets of subpoenas," Brown said. For this reason, it seems very unlikely that a user's iTunes Match data could be subpoenaed under most scenarios. "The opacity of one's collection, plus the good faith hope that Apple will abide by its own privacy policies should give reasonable assurances of safety, even if there may be a few tracks up there with questionable provenances," Brown said.
reader comments
141