Apple Hides Account Info in DRM-Free Music

Alvis Dark writes "Apple launched iTunes Plus earlier today, the fruit of its agreement with EMI to sell DRM-free music. What they didn't say is that all DRM-free tracks have the user's full name and account e-mail embedded in them. Is this to discourage people from throwing the tracks up on their favorite P2P platform? 'It would be trivial for iTunes to report back to Apple, indicating that "Joe User" has M4As on this hard drive belonging to "Jane Userette," or even "two other users." This is not to say that Apple is going to get into the copyright enforcement business. What Apple and indeed the record labels want to watch closely is, will one user buy music for his five close friends?'"

Trivial to remove

You can right click on the file and convert it to mp3, which would erase all tracks.

This shouldn't matter anyway.

Re:Trivial to remove

You can right click on the file and convert it to mp3, which would erase all tracks.

Its not trivial if you have a one button mouse! ;)

Re:Trivial to remove

Apple has a two-button mouse, they just hid one of the buttons on the keyboard...

How long till it's spoofed?

Someone needs to write a program that inserts Bill Gates name and email address into the tags. Only he has enough money to pay of the MAFIAA.

the acid test

Apple puts this metadata in all the iTMS songs. Unless you're actually planning to break the law by sharing the songs, I don't see what the problem is. In fact this issue seems like a good way to distinguish between those who are against DRM because it restricts their rights to legally use their music, and those who actually just want to pirate music but use rights-based DRM arguments as an cover

Apple isn't keeping tabs on anyone, and it would be trivial to remove this data from your songs. But the question remains why anyone feels violated by this

Re:the acid test

...this issue seems like a good way to distinguish between those who are against DRM because it restricts their rights to legally use their music, and those who actually just want to pirate music but use rights-based DRM arguments as an (sic) cover

Excellent point. So sad you will be yelled at for 40 posts and be called an Apple Fanboy.

Re:the acid test

Sounds like a variant of "If you've done nothing wrong then you've nothing to fear!" to me.

Re:the acid test

DISCLAIMER, to all you Apple fanboys, I'm not trying to defame your deity here; I'm merely isolating one statement of the parent's to critique it.

Unless you're actually planning to break the law by sharing the songs, I don't see what the problem is.

Ugh, Terrible Terrible logic. Consider the following statements.

"The government should be allowed to search people's home on a whim, because if they are law abiding citizens, they shouldn't mind the government searching through their stuff."
"People should not be allowed to take the fifth because if they are law abiding citizens, they should have not reason to hide information."

Privacy is actually important: saying anything of the form "people don't need privacy 'x' if they don't plan to break the law" is almost always a mistake.

Re:the acid test

> Unless you're actually planning to break the law by sharing the songs,

Or buying them for a friend, or have had your PC/MP3 player stolen, or sold the songs on after you bought them, or had your PC/Wireless router hacked and files stolen...yeah, apart from that you should be ok.

Re:the acid test

Apple isn't keeping tabs on anyone... But the question remains why anyone feels violated by this

Well I would argue that Apple is, indeed, keeping tabs on people. Whether or not they use that power for good or evil is another question altogether. Then again, it's not just Apple that we have to worry about. The world is more complex than that.

What if you lose your iPod and someone posts all your files on P2P networks? What if someone steals it? Even if "my iPod was stolen" is a valid legal defense, this still means that you are opening yourself up to legal threats (and costs) by using watermarked songs. Moreover, I don't like the idea of a portable device having thousands of internal copies of my real name and email address. (Yes, my wallet contains that information and a whole lot more--but I would still be bothered by the additional risk I incur when carrying around yet more personal information stored in a high-theft item.)

I don't know if people should feel "violated" by this watermarking of non-DRM tracks (after all, it is a whole lot better than fully-DRMed tracks)... but I do think there is some cause for concern even with watermarking. (Even for people fully compliant with the law.)

I don't have a problem with it

This doesn't really bother me. I buy music and don't give it away, which is as it should be. TANSTAAFL!

This is exactly what DRM should be.

The whole point of DRM is to stop people from pirating it. If your name is attached to it I'd say that's a pretty good deterrent. Beyond that, you can download the music, burn it, transfer it from your home PC to your office PC - you can do what you want with it... the only restriction is that you can't illegally share it online. It's focusing on punishing people who share music illegally, while at the same time not hassling the end users who just want to use their music. This is exactly what DRM should be.

More details, please

I'd like a few more details, please.

Do they "hide" it in the files, or put it into the comment fields? There's a difference there, especially if you want to accuse them of underhand dealings.

The article is also pretty crappy on the suggestion to convert to MP3. Why should I do that? A simple binary find&replace will be faster, safer and result in no quality loss or recoding troubles.

So a little more info on this before painting anyone as a devil would be cool.

Beats the hell out of DRM.

I find it a little hard to get worked up over this. I don't find the idea of watermarking particularly offensive, as long as it's not done in such a way as to degrade the content (which all "analog preservable" watermarking does), and it's not part of a DRM scheme (e.g. 'no copy' flag). Watermarking that only identifies a user and can be used to track down someone sharing files after the fact ... I can live with that.

The difference to me is that it's not trying to stop someone from doing something illegal, before they even do it. That I find very offensive, and is the whole point of DRM. I believe that the computer should let you do anything you damn well please, even if it's illegal, but that you should take the consequences later. Trading DRM for watermarking would be a huge step up, since the watermarking really doesn't affect anyone who isn't putting their tracks on P2P networks. However, we also need to realize that watermarks can't be viewed as inherently trustworthy -- what's to keep me from framing you by putting your account information on a bunch of music and then sharing it? Practically, I'm not sure how useful watermarking really is. But if it's the price for getting rid of DRM -- which treats everyone like criminals, regardless of whether they're doing anything illegal or not -- it's OK by me.

I Don't Care

Some will be pissed about this - there will be wailing and gnashing of teeth. Personally, I don't care if they put my name in the file.

I want DRM-free media. I've wanted it for a long time. I want to play my music where I want, how I want, on as many devices as I want. And the whole time I've wanted that - it's never been so I can give it away to people on the internet. No one who wants to pursue this as a way of doing business is going to believe any differently.

I love buying my music via downloads. I wish I could do that with movies (not the 320x240 video iPod stuff - I mean movies for my TV), but I run Linux, I have a non-iPod player, so I need platform-independent, DRM free media.

They want to put my name in it? Go ahead. I'm not putting it out in the wild - and with any properly run computer - accidental release shouldn't be likely either.

jhymn?

Correct me if I'm wrong, but isn't this exactly how jhymn and other similar programs leave your files? IIRC, jhymn will remove the DRM from the file, but still leave your AppleID, etc in the file. It seems that the only people complaining about this are the ones who want to pirate music.

Cool

An easy way for me and my 1,203,382 roommates to keep track of what belongs to who ;)

Re:The advantage then of buying real CD's

How does having my name associated with a file I paid for prevent my friends from playing my purchase?

Re:The advantage then of buying real CD's

So what happens when you just replace the name and email address? Or blank it out? Does the file not play? At best this might discourage casual copying or allow them to "punish" those who do it. It pretty obviously won't discourage anything, since they're not making it known and most "casual" copiers won't even know their name and email address are in the file. Serious "pirates" (AAAAAARRRR) will just replace the names anyway. Or rip from a CD like they do now anyway. How is this even news?

Re:The advantage then of buying real CD's

Or if your mp3 player or laptop are stolen.

Re:The advantage then of buying real CD's

Giving the songs to five of your friends has never been the problem. They haven't really cared much if you made a mix tape or mix CD and given them away to people you know. You certainly have the right to do that and no one has really tried to stop that. In fact, they encourage that by distributing blank media and recording hardware.

Even selling used CDs hasn't come under fire. There are plenty of record stores that buy and sell CDs.

No, the problem has been uploading the songs to some P2P network and allowing millions of your "friends" to download the song. That is what they're really trying to stop. The difference between the five and the million has to do with the numbers. You are likely to have five friends, not a million. Five copies don't hurt the companies, but a million copies do. That never came up before since you would never buy a million blank CDs to copy and pass around to complete strangers.

You got that motto wrong :)

"There's an old saying in Tennessee - I know it's in Texas, probably in Tennessee - that says, fool me once, shame on...shame on you. Fool me...you can't get fooled again."
--The Decider, 2002

Re:Apple, Sony, Microsoft..

I dunno... Finger printing a media file ain't even close to a root kit on the evil scale.

Re:Apple, Sony, Microsoft..

Why should I be outraged? Why do I care if my name is in a file that I purchased? Please explain.

Re:So?

What happens when your computer or mp3 player gets stolen and 6 months later there's files all over the p2p nets with your name on them. How could you prove you weren't the one that put them on there in the first place?

First, why would you have to prove that you did not put them there? Your name on them is not proof that you did, and if you can show that a device that may have had the files was stolen you'll walk unscathed from even a civil suit.

This whole thing seems a bit weird to me. Apple's license forbids them from sending the data back to headquarters for analysis to catch casual pirates. They've been including this data in all the files they've sent for a long time. This is in the mp4 format so nothing stops a freeware program from erasing or changing them. Heck I can grab your e-mail address from a dozen places now and add it to mp4 files on P2P networks. That doesn't prove you put them there.

So, it is 100 times easier to grab these files from P2P for purposes of piracy than it is to steal a player or get them some other way. Who is planning on uploading files they have purchased anyway? That's just dumb.