Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Music Media Your Rights Online

RealNetworks' RealJukeBox Monitors User Habits 236

kbrown1 was the first one to write to us with the story at the NY Times that RealNetworks' has confirmed that they do monitor some user habits. RealJukeBox is the offending program, and apparently "surreptitiously monitors the listening habits and certain other activities of people who use it and continually reports this information, along with the user's identity, to RealNetworks." RealNetworks' has said that they do gather the information, but "the practice did not violate consumer privacy because the information was not being stored by RealNetworks nor distributed to other companies," according to their VP of consumer products. Other networks are picking up the news - more details should be coming.
This discussion has been archived. No new comments can be posted.

RealNetworks' RealJukeBox Monitors User Habits

Comments Filter:
  • by Anonymous Coward
    >IMO if you have a "right" to view information on someones web page, the owners have a "right" to maintain a profile of visitors and visitors haibits.

    Feel free to tell all your book reading history (including the Porn books/mags, and The Anarchist's Cookbook ;-) along with how often you read said publications, plus where and when, along with your name, telephone number, email and real address to the company who printed the next bill (for a lewd comic stripshow) posted up on the next constuction site you accidentally read while daydreaming (this happens all the time when you wait for a bus...) to support your theory then. This is EXACTLY what RealJukebox is doing, getting targeted third party information.

    Now THAT'S a sentence! :-)

    BTW: I don't assume you read porno mags, or the Anarchists Cookbook, but I'm sure there is something you once read that would embarrass the hell out of you if you had to tell it to the world, so I had to make do with a wild guess... Sorry For The Inconvenience.
  • If the RealPlayer Jukebox put up a dialog stating what information it was going to transmit, how often, and for what purpose AND ASKED THE USERS PERMISSION at least during the install, there would be no problem.

    The problem is that they are collecting user data / actions (and who knows what else) WITHOUT THE USERS PERMISSION.
  • It's clear that people feel more strongly about pushing RealNetworks into adopting this policy, to the point of using the RBL to declare them spammers, and that's fine. I don't disagree with that stance, and I hope they're successful. But I don't think RealNetworks is particularly evil one way or the other.

    I agree with you there, but the MAPS RBL team gave them a timeline to respond back with ideas on how to secure their servers (see the Deja News articles. Nick Nichalous(sp?) is the one to look for). They didn't. Nick ran out of patence and threw their servers in the RBL.

    One side point: Real Networks threatened to sue MAPS LLC (owners of the RBL) over the listing. However, like other spammers, they didn't follow through. The tactic wouldn't of worked, from what I read, due to property issues and a few RFC's that are on the spam topic.



    ---
    Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known. -- MSNBC 10-26-1999 on MS crack

  • I realize RealNetworks puts ads out on their various pieces of software, which is perfectly fine (that's the price to pay for free software), and as far as I know, the RBL deals only with spamming-related issues.

    When you get it, but not ask for it, it is NOT fine. Period. For example, I asked for mailings from Palm Computing. I did not ask for Real Network mailings of any kind (which it says so many places but one).

    A Deja news search [deja.com] gives you the whole story, but just for the heck of it, Wired did a few stories on it: Is RealNetworks a RealSpammer? [wired.com] and RealNetworks Blacklisted Again [wired.com] . I also talked with the author before the last story about the "RealSpams" I got (and I remember not giving concent to 'em).



    ---
    Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known. -- MSNBC 10-26-1999 on MS crack

  • Posted by cookieman.k:

    That's right, a lot of people enter bogus in every registration form. It's not right that they colect information about you. It's like when someone is mumbling through you pockets. Who likes that ?
    Lets focus on the subject:
    I think that information that usualy get colected can be used to harm that person. Given the potential we must assume that this will (ocasionaly) happen.
    That "register-and-gimmi-your-name-and-address" is only an excuse to invade the peoples privacy. There's a conspiracy going on. They could design some local-stored-informacion-colection thing. But they dont want to. I'm sure they are using the data sent to them for some sort of statistical analisys. Who knows ?
    1. I'm getting paranoid....
  • If a company stores information, who cares? It is only when they identify it as you, or use your email address. Tracking the habits of non-identified users is not too much a problem.

    I think the part that makes it offending, is that in the aura of society today, everyone says we're open, and yet we always think conspiracy. Noone ever does anything for altruistic purposes anymore. Everyone is sinister. And therefore everything must be held by contract, or mutual trust.

    As mentioned elsewhere in these comments, they did it without telling anybody. And now they telling us not too worry. That makes me worry the most. What boggles the mind, is that Real Networks is a company, but as most companies, they are made up of people. Do these people need to justify it to themselves first? Have these people ever cared? Or do they believe that what you don't know can't hurt you? Without OSS everywhere, I'm glad this guy tracked this down.
  • Wow, you're right.

    And your ISP is probably logging all of your web IP packets so they can compile lists of your favorite porn sites so they can sell that to X-rated marketers, cause that's pretty valuable information..

    And your local supermarket is compiling a list of the types of condoms and personal lubricants you buy so they can run it through a neural network processor and figure out which of its customers are gay so they can sell the list to marketers who specialize in homosexual literature and products.

    Theoretically these things can happen, but they don't.

    BTW, if it wasn't interesting, why would Real bother collecting it? So they could see how many people liked country? Come on...

    Yep. I assert this is precisely why the information is useful to RealNetworks. If client #341481234 signs on and requests a new advertisement from RealNetworks to show in that nifty little advertisement banner, RealNetworks looks up client 341481234 and discovered that there's a huge preference for country music, so they're a lot more likely to select a country music-related advertisement than a techno one. This falls totally within the logical framework of RealNetworks and their posted privacy policy, their repeated statements about this entire issue, and their past behavior. The whole storing of personal information stuff was all made up by Slashdot posters and is in no way based on the facts.
  • Hmmm, perhaps to compute top 10 CD lists by various demographics

    You don't need to store the association of a preference for a particular CD with a particular user. When a user plays a certain MP3 or CD, if it's a popular one, it would likely just increment a popularity counter. No sensitive data would need to be stored in this case.

    To be able to perform this retroactively when they have a new demographic they want to check.

    Perhaps. I won't deny that this is a potential use, but it seems to me that there would have to be a tremendous amount of work building such a database for gain such as this. Plus, it runs counter to their posted privacy policy and is precisely the PR attention they'd rather avoid (see current issue).

    Having all the specific data is lots more useful than just having some aggregate numbers.

    I disagree in this case, not that it isn't useful, but for 95% of their marketing needs, aggregate statistics suffice perfectly. It doesn't seem logical for them to take such a huge PR risk and devote so much time and money to creating a database so as to squeeze out that last bit of information.

    There is every reason to believe that companies will keep as much data as they can, simply because it's cheap and it could come in useful someday. Why not keep it?

    Precisely because of the issue this thread is bringing up. People don't like it. Companies like RealNetworks can afford to hire lots of legal and PR folks. If the company is steering towards a policy that, if made public, would make the company look INCREDIBLY bad (as all of the examples you indicate would do), these paid people would step up and say, "Umm, no that's probably not a good idea."

    Not only do they have to avoid doing stuff like that, but now they have to worry about the impression everything leaves on people. You can bet the PR folks at RealNetworks are smacking their heads. They simply did not anticipate the public outcry against what they were doing, and don't know how to get the public to understand precisely what it is they were doing with that information without the public saying, "Well, you could be lying! We never trust evil corporations, and if everyone says you're evil, then you must be evil!" The privacy activists have made up their mind that RealNetworks is storing every little detail about the stuff you listen to, are planning on selling that data to people like RIAA and are generally trying to wreck your life like every other company they've shouted "Boycott!" every few weeks at, and RealNetworks is stuck with the burdon of proof. It's truly a sad state of affairs, and it's precisely this sort of knee-jerk reactionism and total faith in the mass media and your fellow privacy activists that causes it.
  • I wasn't talking about Hemos at all.. I just meant that the YRO section was frequented by a disproportionately large number of right-wing extremists.
  • And if I fail to mention that I use monosodium glutumate in my Gumbo, am I committing fraud?

    Am I negligent by not disclosing the fact that the toilet paper in my office restroom is made from less-than-100% recycled material?

    Is it illegal for me to forget to mention that there are security cameras in my department store?

    Let's keep the analogies sane, please.
  • Let's say you have a hypothetical company. This company wishes to distribute free software and collect statistics about the nature of each user so you can target banner advertisements at them and generally give them good music selections when they ask for recommendations. So they come to you, ask you to design the system (disregarding any 'ethical' issues that you may have about collecting this sort of thing). Everyone knows that it'd be a big violation of privacy if they monitored and stored information about each MP3 and CD, and the resulting PR mess would be horrendous indeed, so you're instructed not to save this information and just try to make some associations about the genres and related music.

    So you go off and implement it. A while later, somebody discovers that this information is being sent back to your back-end system and starts throwing privacy fits.

    1. How would you explain to them in a believable way that you DID make every effort to ensure their privacy?

    2. Since they didn't believe your answer in #1, what would you do to try and get your clients' trust back?

    3. Would you have done any differently when implementing this system? (The cop-out answer of, "I wouldn't have agreed to do it," is not valid.)

    Answers:

    1. Try to put out statements and/or press releases that explained exactly how the data was used and how the company has had consumer privacy in perfect mind during the entire design process.

    2. Release a software update that would disable the collection of statistics.

    3. ?

    It's a lose-lose situation. Even if RealNetworks had no evil intentions to begin with, none of you are going to even acknowledge the fact that this might be a possibility. In your mind, they're just another evil corporation, and that's truly sad.
  • As the article says, every time RealJukebox is started it sends

    Sends, not stores. Please read a bit more carefully. Nowhere did the article state in any sort of factual manner that the data sent by the client was being archived at RealNetworks. According to repeated statements by RealNetworks, this information is analyzed in an aggregate form, which is consistent with all of the information we have.

    Again, the entire bit about archiving all of this information was MADE UP by posters on Slashdot, and you bought it like a loyal Slashdot sheep.

    For some reason it is custom for posters on Slashdot to automatically assume that just because a technology is available to a company, that company will exploit said technology to its fullest, regardless of the potential PR mess it would cause, regardless of the laws they would be breaking in the process, and regardless of the monetary loss it would incur because it's just not FEASIBLE to do it. This automatic assumption is what I'm trying to combat here, because it truly depresses me. I would really hate to work in PR or in an executive branch of any corporation, simply because of this type of FUD that I would have to regularly combat.

    If a company as big as RealNetworks were TRULY doing something as evil as this, don't you think their employees would think of it as evil too? Don't you think one or two of them might step up anonymously and mention that yes, RealNetworks is doing evil things? Or do you just assume that RealNetworks picks loyal employees very carefully?

    In fact, they have blatently and I'm sure even you'd agree deliberately denied that they were doing so until they got caught red-handed

    In order to deny something, they'd have to have been approached with it. This is the first I've heard of it, and the only response on RealNetworks' part is that the data is being used only in an aggregate fashion. Are they trying to "save face" and lie to everyone (at the risk of being caught by said ethical employees and exposed), or are they trying to desperately clean up their own mess because they weren't expecting the kind of response to something they considered relatively benign?

    How you could trust a single word they say after they deliberately left the little bit about the spying out of both their privacy statement and the EULA for RealJukebox boggles the mind.

    Probably because I don't think of this as spying in the least. Posted privacy statements tend to talk about how information is collected and stored. The absense of details concerning information that's analyzed "on-the-fly" and discarded (as seems to be the case here) wouldn't necessarily appear in a privacy statement, and it makes no sense at all to have it in the EULA, so I fail to see the cause of your enormous distrust here.

    Again (and I thought I had made this clear), I'm not trying to say RealNetworks isn't in the "right" here. I think they should have most certainly informed the users that this information was being analyzed, explained just how it was being used, and given users the option to back out of it (or sign up for it to begin with).

    What *I*'m trying to object to is the ENORMOUS anti-corporate bias that exists in these YRO threads. It truly saddens me that whenever a company is "caught" doing something even *potentially* privacy-invading, all of the privacy wackos come out of the Slashdot woodwork and suddenly that corporation is the most evil entity on the planet. Everyone assumes that they're doing the worst and proceeds to bash them on that basis. I am simply trying to point out what is fact here and what is sheer paranoia/conspiracy theory on the part of Slashdot kids.

    Contrary to what you may think, there *are* companies out there run by honest folks that DO have quite a lot of integrity, and I pity the day when somebody finds something mildly "interesting" about something they're doing and they end up having to fight an uphill PR battle (with the burdon of proof on them) to explain how benign that thing really is.
  • ...I'm not trying to say RealNetworks isn't in the "right" here.

    Err.. you know what I mean.
  • The only made up statement in this thread is the contention that they don't store the data. First, they have to store the data in order to analyze it, unless they are doing it in real-time.

    And what's so hard to believe about that? Read the data from the client, figure out aggregates from that data, store said aggregates. It's efficient, and precisely how I'd have designed it. And I'm not trying to speak for RealNetworks by saying they're not storing it, I'm saying the assertion that they *do* store all of this relatively private information *was* made up by Slashdot posters. This simply does not fit the facts in the article or by RealNetworks' statements.

    Second, why chance losing valuable customer data to system failure, when they can easily keep a back-up copy.

    What does this have to do with anything? I agree, database backups of customer information is probably a good thing.

    Third, how almost immeasurably profitable is individualized data on music preferences as a marketing tool?

    How much more valuable is a person's name and a list of CD's and MP3's than aggregate statistics about a given user? If it's just marketing reasons you want this data, aggregate statistics will suffice quite nicely, pointing the service to a given user's preferred musical tastes. That's all you need to market to that user effectively.

    With RN's history of aggressive product spamming...

    Looks like you've been reading Slashdot comments instead of the articles. THIS is precisely what I'm trying to combat here.

    RealNetworks was added to the RBL because they refused (or did not act in good faith) to add an authentication layer in their e-mail address collection methods. So people signing up for a RealNetworks product would put in some bogus e-mail address, and leave the checkbox marked "Send me e-mail from RealNetworks and advertisers" checked. Unfortunately, quite a few of those "bogus" e-mail addresses turned out to be in use by real people, who didn't appreciate the e-mail. "Aggressive product spamming" this is not. RealNetworks was simply sending out advertisements to people that had explicitely requested them. It's hardly their fault that other people were putting in somebody else's address, but I do understand the stance that the RBL took because RealNetworks wouldn't implement a method of checking the validity of messages before adding that address to their mailing lists.
  • Because if you are in a hurry when you install a software, or are simply not interested in all the bells and whistles, you usually skip the READMEs and trust the (Net)Etiquette of the software you use.

    If this is truly the case, then you have absolutely no right to complain. A company can only go so far in giving the user options. NATURALLY, they will have 'yes' automatically selected. If you breeze through the installation, it's your own fault for not paying attention, and it would have made absolutely no difference if Real had omitted the checkbox entirely from its program's installation.

    It's not like this is an obscure option. It's pretty plainly visible in the installation wizard. They're not trying to hide the option from you, and I don't feel they're being evil in the slightest by defaulting it to 'yes'.
  • They may "analyze" it on-the-fly and just modify aggregate statistics about your listening habits. If you regularly listen to rock music, they may have a "likes_rock_music" statistic that goes up as you listen to more rock, etc.

    Just an idea..
  • A pre-checked checkbox is kind of like a "pre-signed contract", giving you the _option_ to tear it up

    By signing said contract, you are explicitely acknowledging its contents in their entirety. This is a horrible analogy to make, since legally, you can't just say, "Well, I signed it, but they shouldn't have had that clause in there from the start!" and try to back out.

    I can't believe people are arguing about what the default state of the checkbox should be. They're in no way obligated to provide that checkbox. It's the same as web sites that ask you the same thing. They're doing you a favor in an effort to keep people's trust and avoid bad feelings when people start getting e-mailed crap from them when they never wanted it in the first place. They would certainly like you to check the checkbox, so they leave it checked. If you're too braindead to notice this checkbox, then you deserve what you get.
  • Yes, you're right.. I missed the phrase "pre-signed" in the original comment.
  • You make some fair points, but I feel I should respond to this bit:

    "David Banisar, a lawyer...who specializes in internet law, said that RealNetworks' surveilance practices could violate various state and federal statutes..."

    That's not lack of courtesy, that's lawbreaking.


    No, it's not. It's one lawyer mentioning that there was the *possibility* of a violation of law. That's the job of a lawyer, to find possibilities and to take that to trial. Of course a lawyer's going to say that, especially if he knows his name will be in the papers. For all you know, the conversation could have gone like this:

    reporter: So tell us: are they breaking the law?
    lawyer: I doubt it, but I don't have all of the facts, so I suppose there's certainly something illegal about what they're doing.
    reporter: Gotcha!

    I would be quite surprised if this was actually the case here, and I would be very interested in how they came to that conclusion. Companies all-too-frequently collect information like this, without informing consumers, yet they are typically found to be operating within the boundaries of law. I don't see the difference here...
  • Just my pet peeve. :)

    Yours and mine. What I hate equally is trying to turn that kind of behaviour off. Sometimes it it pretty easy: there is a option within the program, or it is in the "StartUp" folder. What I really hate is when you have to hunt throught the registry to disable this "feature."

    Then again this is one of the reasons I use Linux :-)

  • I was looking for an excuse to kvetch about Real. RealPlayer is downright *invasive* as far as I'm concerned. Endless registration requests, checking for plug-ins, et cetera. Listening to the Series was like visiting the proctologist (good thing it only went four games).
  • findfast, office startup bar, little blue Real icon... all loading up 10s of megs of DLLs so that their app will load faster... all the while starving the other apps of memory while they sit there idle.

    Just my pet peeve. :)
  • If the people from Real are reading: You software just got deleted from my system. Bye...
  • Alternatives?

    Icecast.....

    I was amazed over the weekend when someone showed me his conversions to icecast to let it stream video.. they were running live coverage of a party in Finland using icecast for the audio and video.
  • mp3.com - they require an e-mail address before doing anything on their site - they are of course monitoring all the users and selling this information on.

    The record companies love to know what artists they can associate with each other - mp3.com probably gets most of it's money from analysing your listening patterns and selling this information.

    mp3.com has rubbish music anyway... they are becoming the Microsoft of the online music world with poor service,applications, and generally a bad attitude
  • Interestingly.... it was one of the biggest ISP's in Finland that arranged all this.. they're using Icecast over Real Player.

    Icecast has a couple of other big names using it.
  • Free registration required. Sounds like the pot calling the kettle black.

  • IMHO, a presigned contract would be something like Microsoft's EULA. you never actually sign the blasted thing... the only choice you have is to tear it up

    Lea
  • Real's habit of scattering bookmarks and icons and startup programs around my system without asking bugs me almost as much as this...
  • The point, my dear coward, is not the locations of the objects, but the "not asking".
  • A little offtopic, I apologize...

    I realize this thread is about RealJukebox, not RealPlayer, but what alternatives are there to RealPlayer for Linux streaming video/audio? It seems to me that there are 2 formats for streaming video; Windows media and Real. If we find both Real and MS to be unacceptable for political and/or privacy reasons, what other formats are there?

    Also, call me paranoid, but Real and the RIAA have been too close in the past for me to brush this theory aside. What if the real reason behind the collection of all this data is to trace pirated MP3s made with Jukebox back to their source? Scenario: The RIAA downloads an MP3, finds that it was encoded with Jukebox, and "asks" Real to search through their records on that particular song, bitrate, sample freq, file date and track the file back to it's source computer. It could happen, much like the global ID in Word97 documents being used to track down the source of the Melissa virus.
  • If they are not storing the info then they are definitely not maximizing shareholder value. It is a criminally negligent destruction of shareholder property, and they should be taken to task for it.

    Half-kidding.

    thad

  • ** everytime you called a store to get information, a price quote, directions to their store, etc, they asked you your name, address and phone number?


    They already can do this - some phone companies offer an extended "Caller ID" service to businesses which not only shows caller ID (or ANI for 800# calls), but also automatically does a phone directory lookup to show them your name, address, etc.
  • Point taken. Your argument however in no way lessens mine, but rather strengthens it.
  • This falls into the same category as "if you don't like this country/city/place why don't you leave?" The point is not the leaving, but the changing of a broken system.

    By being born into this world--something I wasn't ask about, take note!--I have been endowed with certain rights that the constitution etc grant me. "Venturing outside my house" as you put it is one of those inalienable rights. The point people are trying to make is precisely that I should be able to "venture outside the house" without any ill effects.

    You sound an awful lot like Scott McNealy, a person devoid of any notion of personal privacy.
  • I once read a Piers Anthony book. I even "got" the Xanth pun... and I still enjoyed it. I was only a teenager at the time, but I've never told anyone about it until now. I'm ashamed, but it's all behind me now.

    Soon after finishing the book, I went on to more constructive activities, like chronic masturbation.
  • Why does the default setting matter?

    If the deault is "Yes. Please allow RealNetworks to provide me with updated, useful information by monitoring my every move while connected to the Internet." and the cancel choice is "No. I would like to continue to live in a dark age of information technology by hording my personal infrormation and habits." the choice is still there for the user.

    If the choice is never offered or hidden in a dialog box the user never sees, then that is another matter.
  • If you can't think of any reason why they would want to keep individual data, you're not very imaginative. Hmmm, perhaps to compute top 10 CD lists by various demographics. To be able to perform this retroactively when they have a new demographic they want to check. So that they can track the effectiveness of advertising specific albums to specific groups. Having all the specific data is lots more useful than just having some aggregate numbers. It lets you run whatever analysis pops into mind on the data. Ever hear of data-mining? It's just the process of analyzing the huge amounts of random data the companies keep looking for whatever patterns or facts are interesting.


    As for how big that database would be, let's make a rough guestimate to see if it's feasable. Let's say that for each CD, we need to save it's 4 byte CDDB ID and a 4 byte counter for how often it's been played by a person. Let's also guess that the personal information is 1KB in size. Let's also assume that our database takes up twice as much room as the raw data it contains. If you are keeping track of 1,000,000 users who each have 1,000 CDs they listen to, your database will be:
    1 million 1K personal entries for 2 GB disk space.
    1 thousand 8 byte entries for each of those million users, for another 16 GB of drive space.
    Let's see, an 18 GB drive is worth what, about $200? Do you think RealNetworks has room in their budget for a $200 dollar hard drive?

    I think we all need to keep in mind that we already live in an era where it is quite affordable and feasable to keep significant amounts of data about everyone. There was a time when this wasn't feasable, but it is gone now. There is every reason to believe that companies will keep as much data as they can, simply because it's cheap and it could come in useful someday. Why not keep it?

  • The issue is not that they want to have/use this kind of personal information. What is concerning is that they distribute this program, and it *secretly* collects this information and sends it to them. Without your consent, and without warning. That they give this program away free is a misnomer, All the Real programs that I've seen lately are chock full of ads. Granted I'm a linuxhead, and rarely use windows software, but that's just my observation. I've tried Realplayer for linux and its horrible, ( ever get error 1? ) but that's another issue.
    I think of this as another argument for open sourceware. If the source for real* was open, we could have seen the offending code/behavior BEFORE using the program. I'm sure that Real is not the only company who does these kinds of things. They are just one of the more obvious ones. Sooner or later, some sw company will collect more sensitive info, and encrypt its trasmission so even if we notice it, we can't figure out what it was. That's what I'm woried about. Not just secretly collected, but intentionally made unreadable.
    -earl
  • login: cyberphunks

    It's cipherpunks .

  • The problem with /. moderation (as I currently see it) is the use-it-or-lose-it problem.

    I had moderator points yesterday, but I didn't have much time for reading articles. So I used 1 point (well spent, I think). Today, when I'm at "work" and have lots of time for reading, I don't have moderator points. They must have expired.

    On those rare occasions when I have points, I always feel like I have to find something, anything to use them on, quickly -- lest the points suddenly vanish, unused. Like they did today.

    Moderator points should not expire! If I still have points left when I'm randomly chosen for getting points, then don't give me more (I don't need to stockpile hundreds of them) -- but dammit, at least give me enough time to use them wisely!

    New /. moderation slogan: "speed kills".

  • Isn't it amazing how often the people who do stuff like this spam?

    FWIW, Real is in the RBL for continued spamming and address harvesting.
  • the practice did not violate consumer privacy because the information was not being stored by RealNetworks

    This cant be true. Why would they bother having the program send them info on what the user is listening to if it's not stored somewhere on their computers? What, do they have someone over at realnetworks who watches the info come in? "Hm, this person is listening to nine inch nails. Hm, this person is listening to NOFX."
    Real can be so annoying sometimes.
  • > If they are not storing the info then why is it being sent to them in the first place. ... Come on Real Networks people aren't dumb.

    I dunno... Micorsoft got away with claiming that their automated data collection was "a bug".

    The big lie is always best.

    --
    It's October 6th. Where's W2K? Over the horizon again, eh?
  • There are plenty of good free solutions. The Sajber jukebox is one. There are even packages like mpserv that will allow you to distribute your archive over many machines. There's no reason to involve big business here.

  • Wouldn't this be a great store of data for the RIAA to mine in their anti-piracy campaigns?
  • by Coda ( 22101 )
    Because I live in a house you built does not mean that you get to want what I do in it.

    This should read "Because I live in a house you built does not mean to get to monitor what I do in it."

    Remember kids, sleep and/or the Preview button are your friends...
  • I see that RealNetworks's privacy statement [real.com] has a TRUSTe [truste.org] seal at the bottom. Think TRUSTe will now sanction RealNetworks for failing to fully disclose what information they collect from their users?

    Me neither.

    -- R.

  • No, your other choice is to click 'I Agree' and then do whatever the hell you want.

    The EULAs are *not* valid.

    For a contract to be valid, both parties have to get something out of it (however minor, hence the cliche of $1...)

    If you buy a software package, you have all rights except for those which violate the copyright. You don't have to accept a contract offering you those rights because you already paid for them at the store.

    The only way the EULAs could be valid would be if they offered you something truly optional (ie, not affecting your ability to use the program if you decline) such as a free service contract, or something.

    Not only that, but changing a program from a 5 user, to a 50 user license by using a binary patch or modifying registry settings, like for a web server or NAT/Firewall, doesn't violate any laws either. If you didn't sign a license agreement saying otherwise in the store before they let you buy it, then you have the right to modify it. Just like you could buy a piece of art and then take an exacto(tm) knife and make make any desired alterations.

    This whole thing is a scam. It really should be illegal to use these legal scare tactics.
  • Or, maybe Radio Shack just decided to demand personal information, knowing that only a few people wouldn't choose to avoid the confrontation by just buckling in and giving their information.

    Then they not only sell the information for mailing lists, but spam it with their own junk.

    I personally assume (because they did send junk mail to the fake name I gave them at my address) that they use it for junk mail. No idea though, how all those other companies decided to send that same fake person junk mail. They must have been telepathic.
  • Oh yeah, Quicktime, the proprietary player is just so cool. I mean, who cares about the fact that it's ugly, sucks CPU like a cheap whore, and is no better than mpeg for movies.

    Here's a good link about the great Quicktime user interface. [iarchitect.com]

  • Summing up what a lot of people have said, the real issue here is about closed-source software. Since most people are connected to the Internet at least part of the time, any piece of software could take advantage of this to communicate information to anyone.

    Before this near-ubiquitous networking, it mostly didn't matter what software you were running did. The worst that would happen is that it didn't work or screwed up your machine... and even then there were fears, mostly unfounded, that people like Microsoft or AOL were gathering data on computers.

    Now any piece of code run on your computer can send (or receive) data from anywhere in the world and it is natural to begin distrust anything you run, whether it be the latest installation software from Microsoft, some k3w1 internet utility like Real, or a hidden trojan in that dancing baby program your best friend sent you.

    To me, it is becoming more and more important to be able to know everything the software you run might possibly do. It is also becoming easier and easier for someone to release software that could wreak any amount of havoc privacy-wise in your life. And let's face it, law enforcement, if it becomes relevant, can only happen after the damage is done.

    Repeating a common slashdot theme, OSS is the only sure way to resolve this distrust.


  • To be perfectly callous, the issue isn't just privacy. The difference is the extent of information they can get without my direct consent, and the potential revenue this accrues to them. If they want my personal info they should PAY for it, because they're going to make money off of it one way or another. I have a legal right to my information, and if people want to send me advertisements, or even use my info for statistical purposes, I have a right to demand some sort of compensation. By them covertly secreting info, they are, in effect stealing it. Now, of course, I'm being completely silly here, because currently it's very little info that's available, and they aren't doing anything with it (not to mention that I don't use RealJukebox- I use the much sleeker various AMPs). But these sorts of efforts by software companies are just testing the waters- you can't tell me that they wouldn't LOVE to someday be able to sell my personal info, spy on my activities, or profit off of it some way without my knowledge or paying me for it. Why shouldn't I raise my voice now so to determine how things will go in the future?
  • Hey moderators- I'm getting REALLY irritated when I see people with unpopular or uncommon opinions rated as flamebait. And this isn't "offtopic" either- it's a comment on the silly moderation done to the above post.
  • by Anonymous Coward
    Augh. They're not talking about a web page JukeBox. They're talking about a piece of software you purchase from RealMedia that allows you to make and listen to music databases.
  • by Anonymous Coward
    This is definitely a trend. Close-source apps will ALL eventually do something like this - look for Win2k and the AOL browsers to do this type of thing as well - gotta check up on the customers.
    What vendors do YOU trust?
  • I fail to see the issue. If you dial an 800 number, the company is footing the bill for you to call. I think that if they're paying for your call, you can expect them to want to know who you are.

    As for non-800 numbers, you can generally (in parts of US and Canada anyway) block the information from being sent on a per-call basis by dialing *67 before the number.

    Businesses have a hard time understanding that the ability to do something does not justify the validity of doing something.
  • RealNetworks' has said that they do gather the information, but "the practice did not violate consumer privacy because theinformation was not being stored by RealNetworks nor distributed to other companies," according to their VP of consumer products.

    YEAH. RIGHT...

    This is from a company who spewed ads from their servers and is so far still on the MAPS RBL [mail-abuse.org] for doing it. It's already been proven that Real Networks will gather and spew out anything and everything. Real Networks has a security problem on the scale of the Goths invading Rome durring it's downfall.

    Love the technology. Don't love the problems tacked onto it.



    ---
    Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known. -- MSNBC 10-26-1999 on MS crack

  • A)Automatically trust him to be telling the truth and
    B)Say "ah, that's all right then" and wander away without even wondering WHY they were practicing, and more importantly, why on you?


    I would do neither. I'd investigate, certainly, but I'd hold short of trying to beat the crap out of him or call my local legislature and ask them to pass laws that forbids people from taking photographs of me in public. If I asked him and he said he was a photographer for the Daily News, and was just out checking how popular the new restaurant that just opened was, I'd believe him, certainly.

    we have something at the same level as MS's "UID" namestamp from Office97, and most people agree that that was beyond the allowable.

    I guess this is just a difference of opinion here. I agree that this is somewhat similar to the Office GUID thing, but I disagree that either issue merits the attention.

    Companies keep clients by keeping the client's trust. If they abuse that trust, or do something pretty stupid (as seems to be the case here), they lose clients. It's not good business sense to act in a way that alienates your very clients, and it *certainly* doesn't pay to do so with evil motives, because things like this always get exposed in the long run (by faithful privacy "activists"). THIS is why I give companies the benefit of the doubt in these cases. Yes, I agree that RealNetworks should have somehow disclosed the fact that this data were being sent back for the purposes of aggregation and analysis, but I do NOT agree that RealNetworks was acting with malicious intent. It was probably just a communications problem or poor decision-making between their various departments.

    There isn't some dark room back in the basement of the RealNetworks headquarters with a dozen executives sitting at a table saying to themselves, "Drats! Foiled again by the privacy activists! We must find another way to invade the privacy of our 'loyal' customers so we can continue to be an evil company!" More likely, people are being scolded for not having mentioned this "feature" of the software to consumers. It's a PR mess, certainly, and I can only hope that RealNetworks and similar companies will learn from their mistake.

    So it seems to me that if you guys want this issue resolved, inform RealNetworks of your opinion (though I imagine they're already aware of it), and wait for RealNetworks to respond.
  • Secrecy?

    There is a difference between failing to mention something and keeping something a secret. Unfortunately, most privacy activists fail to realize this difference, and so it becomes the custom to assume that whenever somebody fails to mention something, it automatically means they are attempting to keep it a secret.

    I'm not saying this isn't the case here, but it just seems like everyone reads the headlines and immediately jumps on the anti-RealNetworks bandwagon without really doing much investigation on their own...
  • but you don't normally expect him to ask you questions about who you are and where you have just come from, and you definitely don't expect the manufacturer of the jukebox to have the right to do so....

    Everyone is making the dangerous assumption here that RealNetworks is *combining* this information for their evil spying practices. Most all major products I download from the Internet ask me for my name, and bits of other information. Most (if not all) give me the option to decline sending this information in.

    SEPARATELY, RealNetworks is allegedly collecting information about your listening habits (tied to a userID not necessarily tied to your contact information). I'm not going to try and defend this, since I lack information one way or the other, but it seems like a great many of you are just assuming that RealNetworks uses this information together somehow.

    Further extending the music store analogy, let's say you get one of those FrequentListener discount cards there. You give them your name, address, phone number, etc., and shop there every week or so. Now, the clerks know you by face, but that does NOT mean remotely that they automatically know your name and are linking every purchase in their head with your address and phone number. Yes, they collect the information, but that doesn't mean they're using it together.

    Again, I'm not trying to defend RealNetworks here, but I do think many of you are taking this to an unfair level...
  • egregiously does NOT mention the fact that they log every CD and mp3 you play from your own computer--we can pretty easily conclude that this is a deliberate secret.

    Did you ever stop to consider that this isn't listed on their privacy notice because they DO NOT, IN FACT, DO THIS?

    This whole bit about logging every CD and MP3 played was MADE UP BY UNINFORMED SLASHDOT KIDDIES in this thread. There is absolutely no basis in fact for this assumption that I have read. In fact, RealNetworks goes so far as to point out that this information is NOT stored. It is simply sent, analyzed, and whatever aggregate information (genre, for instance) is gleamed from it.

    What possible motive would they have for logging every single CD and MP3 you download and listen to? It doesn't serve them a single bit, except to waste VOLUMES of hard disk space. The only thing useful out of this information is the aggregate information such as the type/genre of music people listen to, which is most likely what they use it for. Now, whether or not this in itself is a violation of privacy is an entirely different debate, and one I'm not going to get into.
  • This is from a company who spewed ads from their servers and is so far still on the MAPS RBL for doing it.

    Do you have more information on this? RealNetworks actively spams people unsolicitedly? What IP blocks are listed under the MAPS RBL? I've never received unsolicited e-mail from RealNetworks (but then I've never checked the checkbox that indicates my desire to have this happen, either)...

    I realize RealNetworks puts ads out on their various pieces of software, which is perfectly fine (that's the price to pay for free software), and as far as I know, the RBL deals only with spamming-related issues.

    Do you have more information (like, say, proof) of these allegations?
  • if you do not want them to do it, you do not register on their site. real networks chose to HIDE the fact that they are collectitng this information from users of their software.

    No, they chose not to DISCLOSE the information to the public. There's a difference between not mentioning something and deliberately trying to keep it a secret. Let's not jump the gun here.

    I'm not trying to defend RealNetworks here, as I disagree with what they're doing, but I'm getting kind of annoyed at everyone's assertions that they're doing this maliciously. Let's wait until we hear a few more *unbiased* takes at the situation before we start spreading misinformation about their intentions.
  • What a legal tightrope - we're not storing your info for very long. Yeah, not storing my personal info, but I'm sure you're saving the results of what CD's are listened to, how often, and whom by just getting rid of my GUID and replacing it with a demographic.

    A more likely scenario is that they're storing information in an aggregate fashion, perhaps numerical values corresponding to the music genres you tend to like.

    I can think of zero reason whatsoever that they would actually be interested in the actual titles and artists you listen to. It does make sense for them to want to know what *types* of music you listen to, which can be pretty easily gleamed from data like bands/albums that doesn't require it to be stored.

    Just an idea, but it does seem logical...
  • Doubtful.

    RealNetworks asserts that this data isn't being stored. The likely scenario is that they're taking the information, finding the genres associated with it, and storing aggregate information about those genres in an attempt to find your approximate music interest. This is still quite useful information, but suddenly RealNetworks doesn't look so evil, so the people that read these YRO pieces are less likely to mention it.

    I can't think of any reason they'd be interested in storing all of the artists and songs you listen to. Do you have any idea how large a database would need to be to store this information? Aggregate trends, however, can be represented with a few small numbers and fits RealNetwork's likely needs perfectly.

    Now, again, I'm not defending RealNetwork's practices here, but I feel I do need to step in since so many people like you keep spreading this misinformation.
  • Something like RealPlayer, web pages, checkout counters, etc. No. I don't believe there is any "right to privacy" either implied or expressed.

    Agreed. If you're that concerned with your privacy, it's up to you to protect it. Don't give private or confidential information to people you do not trust. Period.

    I'm choosing conciously to use their product.

    I think the crux of the issue is that you are choosing to use the product, yes, but you aren't making the concious choice to consent to their "monitoring".

    What people fail to realize is that, in all likelyhood, this "monitoring" only ends up adjusting small numerical values that represent your aggregate interest in the various musical genres. The specifics about what albums and artists you listen to are likely forgotten immediately.

    The point? I'm convinced that the whole "privacy" issue is getting blown way out of proportion especially in areas where it shouldn't really apply. YRO articles like this add to media congestion and hype, and only cloud the real issues: things like encryption laws, misuse of wiretaps and warrants, things that truly matter.

    Exactly. These YRO pieces are frequented by privacy "activists" (a.k.a. whackos), and the authors themselves tend to throw in an IMMSENSELY heavy bias in their introductory description of the issue, so it is only natural to expect that the entire tone of the comments will follow that bias to a T.

    Unfortunately, this has made my life a bit harder, as I am compelled by some unknown forces to try and keep things rational, based on the unbiased facts and not on the rabid reactions of people without knowledge of actual facts. It's tough work in YRO articles.
  • Nope. Everyone is pissed because the information is being gathered without your consent!

    I'm not disputing this, and it doesn't have anything to do with the message I was responding to.

    I totally agree with you that RealNetworks should have provided more disclosure about what it's collecting from you, but I'm seeing posts that are unfairly bashing RealNetworks because they are assuming that this information is automatically being stored in its full, verbose complete form and tied directly to your name and address, which isn't necessarily the case at all.

    I'm not saying RealNetworks isn't the bad guy in this case, but they aren't acting quite as evilly as some people are saying, and it distresses me when people jump on the anti-something slashdot issue-of-the-week without doing any research on their own.
  • When you get it, but not ask for it, it is NOT fine. Period.

    I was talking about ads via their software (equivalent to banner ads), not e-mail. "Period."

    I did not ask for Real Network mailings of any kind (which it says so many places but one).

    Neither did I, and I never get them.

    The articles you quote all talk about how people keep putting bogus e-mails in their RealNetworks registration, and real live people that receive mail at those bogus e-mail addresses are complaining. If nothing else, you should be blaming the people that are putting YOUR e-mail address in the box instead of their own. THEY'RE the ones that are signing you up for e-mail from RealNetworks. RealNetworks has a little checkbox that I always uncheck that says "Send me mail about stuff." Rather than uncheck this box, they leave it checked and just put in somebody else's e-mail address.

    I'm afraid I'm going to have to side with RealNetworks on this case, though I do think (as the article suggests) that they should adopt a better policy of validating e-mail addresses. I hardly think it's fair to bash them because people are putting in other people's e-mail addresses. It's clear that people feel more strongly about pushing RealNetworks into adopting this policy, to the point of using the RBL to declare them spammers, and that's fine. I don't disagree with that stance, and I hope they're successful. But I don't think RealNetworks is particularly evil one way or the other. It's all about buying into the mass media.
  • Good point.

    I meant to refer to the "free beer" model - there's plenty of high-quality free and commercial software, and there's commercial software that's open out there too. And plenty of people create "Free Software" without asking for anything in return, but commercial software will take something from you as payment - even indirectly. That's the nature of the game. It's OK if they tell you up front, and even the model of "give away the sucky version and charge for the slick version" is OK by me. Caveat Emptor.

    Sendmail's not as good an example because they give away and still maintain/enhance their core product which is still open. They are an example of doing the Right Thing. Good old Sendmail, despite it's hairyness, is good enough for most users. The "Pro" version gets you extra goodies and a slick GUI, but the core is the same. Real (or Apple's QuickTime) are better examples of crippleware. Apple, though, just makes you see an irritating banner ad. They don't (as far as I know) send my personal information to Apple without my consent every time I play an MP3 or video. But they do generally ask permission to do such things first.

    Giving up privacy without consent is Wrong. Period. But be prepared to have it made an up-front condition for using more and more "free" commercial programs. They have to make money from something to pay the bills...

    - -Josh Turiel
  • ...they only stated up front what data they were collecting, and why. Real is a company that needs to make a profit (despite being a player in the Internet space, where profits are pretty much just baggage!), and isn't going to when they don't charge for software. Sure, you pay for their "plus" packages, but I think most users stick to the free stuff - remember, very few things in life are free, and commercial software is not one of them. Ultimately, Real needs to be able to sell demographic and targeted advertising information to companies if they want to make money - I sympathize with that need and don't have an issue with selling demographics at all. Most companies (Real included) aren't run as charities and need to make money somehow.

    Anyhow, Real is entitled to the data so long as they ask for it, and make it clear that they are collecting it. If a user doesn't like it, they're welcome to not use RealJukebox or RealPlayer, there's plenty of alternatives out there. But collecting data without informing the user is the Wrong Thing.

    - -Josh Turiel
  • I can't believe that no one is getting upset about this -- if microsoft was doing this you'd all be shitting your pants!

    I find it absolutely unbelieveable that RealNetworks has the gall to send information that ISN'T authorized (this is NOT the checkbox for sending your registration information) wihtout any notification or ability to opt out whatsoever.

    There is a BIIIIIG difference between sending an email address and constantly tracking what a person is doing. this software tells RealNetworks how many audio files you have on your system, how frequently you listen to them, etc, etc -- this is not some innocent marketing crap!

    This is nothing like watching people's online activity, where you know your packets are being sent all over for anyone to grab. This is you, sitting at your personal computer that you paid for, providing Real with all the information they could ever dream of without them ever telling you about it. This is spying, and I sure as hell hope someone DOES sue the idiots as the attorney in the article suggested miught be possible.
  • I wonder if YRO and the whole "privacy online" thing isn't starting to get blown out of proportion... at least to the degree where we're missing real issues and turning any "violation" into an issue.

    On a public mononpoly, or a service intended for personal communications, (i.e. the net, the phone company, cellphones, postal mail, etc) I wholly agree. Privacy is a "right" that is implied (note, not contracted, but only implied) by use of that system.

    Something like RealPlayer, web pages, checkout counters, etc. No. I don't believe there is any "right to privacy" either implied or expressed.

    Simple examples: I monitor my box and my web server. I use caller ID to see who's calling me. I look through the peephole in my front door.

    Is monitoring the issue here? Ok, it's not "necessary" for use of the system, it's strictly for their marketing departments own good, but then again... I'm choosing conciously to use their product. There are alternatives, I could use them. If I were a better programmer, I could write one.

    The point? I'm convinced that the whole "privacy" issue is getting blown way out of proportion especially in areas where it shouldn't really apply. YRO articles like this add to media congestion and hype, and only cloud the real issues: things like encryption laws, misuse of wiretaps and warrants, things that truly matter.

    mindslip
  • Also, with the CDDB thing, it sounds like they are doing the right thing to protect peoples' privacy. i.e. they aren't allowing CDDB to rob the privacy of the Jukebox users. As long as they aren't abusing the info (which should be independantly confirmed), there is no problem.

    Okay, firstly, Real lied about CDDB.

    When you request data from the CDDB server, you send info about the CD you are looking up. That's it. No e-mail address gets sent at all in any way when looking up a CD, and Real damn well knows it. You do send an e-mail address to CDDB when you make an update or an addition of a CD. Naturally. The whole CD info is just e-mailed to the CDDB system so of course they have your e-mail... That's for an addition or update only, however.

    Real was obviously caught with their pants down on this one.

    Face it, this information that was being sent is EXTREMELY valuable. The whole damn world is wanting to go to digital distribution of music, and anyone with actual good stats on music tastes, music preferences, digital listening habits, etc, stands to make one hell of a lot of $$$... Later, no doubt, Real would introduce a system where they would e-mail the users of the RealJukebox suggestions based on their listening habits and, of course, based on how much the record companies pay them...

    Actually, I have no problem with this. It's a damn good idea. But, it should have been:
    a) told to the users...
    b) optional
    c) defaulted to off, like any privacy reducing feature...

    If they'd couched it in nice language, hell, I might even have gone for it (excepting the fact that RealJukebox is a bloated POS program, along with everything else Real still makes)...

    Well, that definitely ends my association with Real. MPeg is the only way to go from now on...


    ---
  • What happens when you listen to a real jukebox? I'll tell you what doesn't happen:
    • The establishment where jukebox is located doesn't know what songs you played there on past occasions (unless they recognize you and feel like noting what your selections were...unlikely).
    • The jukebox manufacturer has no idea who has requested the songs, or what your playlist history is, or what your e-mail address is or your name, etc. etc. They can't build a marketing profile on you.
    I like the analogy another respondant to this thread used: according to your view, it's ok if every time you browse in a shop, buying something or not, they require you to fill out a registration card and they follow you around, making notes about what things you're looking at.

    Plus, your "they should be allowed to monitor you" attitude brings up this scenario: would you find it acceptable if, everytime you called a store to get information, a price quote, directions to their store, etc, they asked you your name, address and phone number? People's desire for some anonymity and privacy is not silly, like you seem to paint it, and interacting in society does not demand that we surrender our privacy. Some things strangers have no right to know about us.

  • No, I see this as a violation of privacy.

    Because I live in a house you built does not mean that you get to want what I do in it.

    If they provided the content, then yes, they would have a right to see who accesses it. They don't provide the content, however, they provide the music player/manager.
  • Do you think because TurboTax sent you email they have the right to know every time you read it, your email address, your current IP address, and the usual stuff sent during an HTTP transfer?

    A few weeks ago they tried that. They sent email to customers telling them about the new version of their program. Look at the bottom of the source of the email and you see a URL for a transparent pixel image, with a key being sent to info.turbotax.com.

    Because you used to use their program, they provided you with new information about it, and you tried to read the mail, do you think they are entitled to know that? Would it have been okay if they used an email Return-Receipt instead?

  • CDDB has been doing this quite openly - their web page has top ten [cddb.com] list (top 100 also) based on what people are playing and accessing CDDB's servers for.

    I don't see the harm in this type of "aggregated" information. Where it does become intrusive is where individuals/organizations are identified, such as in amazon.com's short lived "aggregated" data that identified corporate book sales.
  • If they are not storing the info then why is it being sent to them in the first place. Does someone just look it over and then delete the message. Come on Real Networks people aren't dumb. Maybe they are storing it with some other company is that just as illegal?
  • But I'm sure this has been going on for a while. MS, Intel, and others have all been suspected of such activities (all the technology was in place) but have never admitted it.
    I don't mind if a company tracks my music listening habits or internet traffic etc, but they should tell me it's happening and reward me for the data that I am providing them. A nice stereo for the music survey, or a top of the line PC for the net info or something like that. If they are going to profit from my information then I deserve a piece of the action (Hmmm, stock options maybe?)
    v2k
  • really, so what? i wish slashdot would stop banging on about this. IMO if you have a "right" to view information on someones web page, the owners have a "right" to maintain a profile of visitors and visitors haibits.

    anyone who visits a "jukebox" site and thinks that his/her listening habits is being not being monitored is naive. i mean, what happens when you listen to a real jukebox?

    if you dont want your privacy "violated" then dont browse the net, shop, venture outside your house or pretty much anything.
  • Doesn't RealPlayer's install program actually ask you if you want to send information to Real.com?

    I know for a fact that there's an option to send "connection statistics" to the content provider. Isn't this what the hoo-ha is all about? Seems a bit silly that people are consenting to send in information about what they're watching/listening and then bitch about it happening.


    This post is offtopic, guys. This story is not about RealPlayer. It is about RealJukebox. I realize lots of you are confused because they only thing Real makes for Linux is RealPlayer, but that's not what we're talking about.

    RealJukebox is an mp3/CD player/ripper for Windows. That is, it's like Winamp (but it also rips). It is not used to play content from the internet, and there is no reason for it to compile "connection statistics" or any such thing. The big deal here is, it is sending information on mp3s you are playing off of your own hard drive, CD's you are playing from your own CD drive, and, presumably, mp3s you are making from your own CD's. The information they are taking from you is of absolutely no use in improving their product; the most benign possible interpretation of it is that they are using it to market information in aggregate. However, the fact that their privacy policy and EULA (neither of which mention this logging) have been revealed to be blatant lies tends to make me not believe the most benign interpretation.

    In any case, in absolutely no way is the user asked or informed about this. The best they can do is refuse to register (which they are not informed is an option) so that the information logged on them can only be tied to an IP address, not an email address and name. Oh wait--no, that's not true either, as you have to input an email address and name before you download the software.

    This is scary, folks. If you don't think it is, it's because you don't know the facts.

  • really, so what? i wish slashdot would stop banging on about this. IMO if you have a "right" to view information on someones web page, the owners have a "right" to maintain a profile of visitors and visitors haibits.

    anyone who visits a "jukebox" site and thinks that his/her listening habits is being not being monitored is naive. i mean, what happens when you listen to a real jukebox?

    if you dont want your privacy "violated" then dont browse the net, shop, venture outside your house or pretty much anything.


    Do you even know what RealJukebox is? It's a program that works like WinAmp and other Mp3/CD playing programs, except that it sends the information about what you are listening to on your computer to the marketroids at the REALnetwork or wherever. Do you REALLY think it's any of their business what you are listening to?

    Kintanon
  • To be brutally frank with you kintanon, i really couldn't give a flying f**k who is interested in the trivial minutae of my life. there are plenty more meaningful things in this world to be bothered about.


    Oh, well in that case, mind if I install a couple of cameras in your house? I'm sure you won't mind me analyzing the trivial minutae of your life in order to make sure we can properly advertise the correct brand of toilet paper, condoms, bed sheets, shampoo, orange juice, toasters, etc...
    Just imagine, one day a Light Bulb blows in your house and we already have a salesman on your doorstep with your preferred brand, plus 3 behind him offering competing brands. Wouldn't that be GREAT?!

    I personally don't think it's anyone elses business what I choose to listen to on MY computer in MY free time. Which is why I don't use RealJukebox.

    Kintanon
  • What a legal tightrope - we're not storing your info for very long. Yeah, not storing my personal info, but I'm sure you're saving the results of what CD's are listened to, how often, and whom by just getting rid of my GUID and replacing it with a demographic.

    The best part of this whole problem is that record companies are dying to buy this kind of info to make 'artists' like Mariah Carey and Britney Spears that much more accessible and profitable.

    After years of study we have realized, "Teenagers like crap."

  • Well, it's offtopic as it relates to the story, but it's not offtopic with regards to this thread of conversation (sort of). Honestly, what's with damn near every post on this article having been moderated? Sure, I've got moderator access right now, but you know, I don't think everything everyone has to say is worthy of 2 - 5 points of being ``insightful'', ``informative'', and ``interesting''. I thought the moderation system was meant to find the few, rare gems. If every post gets moderated, it's the same as if none of them had gotten moderated. That is, it's counterproductive. Perhaps a little more thought and care should be put into this procedure? Urk.

  • Your information is worth money to firms who want to sell you things. So, ANY way this information can be gathered is 'a good thing' as far as the companies are concerned.

    In the case of programs, the only way to go is with Open Source. Think of it...a trojan is all about allowing others to see your data. Be it the whole system, or just other misc. bits. With Open Source, you can see what is going on. And if you WANT information to be sent back to somewhere, you know it.

    There is no such thing as a free lunch.

  • What is the purpose of this "un-docummented feature" if all they do with the info is monitor it?
    How could they achive any valuble info without actually saving and analyzing all of this data? this looks weird to me...
    If its only for "consumer-tendencies", its pretty stupid...

    Anyone got some more info on what specific details are we talking about here?
  • I just unisinstalled it, and I'll keep uninstalling software that reports, collects and analyzes what I eat, where I am, what I listen to, what I watch, what I buy and when I go to the water closet. Analyze that!

    I refuse to use the Kroger (grocery store) discount card, and have not shopped there since their stores adopted it. A friend went in to buy soem stuff at a store near here. The cashier didn't know what to do when he didn't present the card. After calling the manager, she said it was ok to buy the stuff, but that he REALLY SHOULD sign up. I pay cash yes CASH for stuff I need at other places. I fear the day when we don't have the option buy without being recorded.

    I read a few weeks ago about safeway threatening to use the fact the a customer bought alcohol against him in a suit. They got it off his "customer card". I heard about a Cal. woman who was suing her husband for custody of the kids and after a search of his grocery habits pointed out that he fed them to much junk food. I don't want my insurance comapny, or anyone else to know a bout the herbs I buy, the red meat I eat, the fact the I like matzo ball soup, the fact that I like tacos, tha fact that I (may) use rogaine, that fact that I haave allergies, have dandruff and wear depends undergarments.

    I'm sick of being marketed and pitched to.

    Now back to real player.

    I read somewhere ( and wish I could remember so I could give credit to this person) that "if I buy a Sony cam-corder and took it home, and then i found out that camcorder sent pictures back to Sony and they were looking at them" ... and I say yeah and they were selling them, well I would be calling Johnny Cochran and Sony would be selling stock and to pay for that one!!! (I by the way love SOny products, and I have no knowledge that they are doing something like this)

    The point is this. The food we eat, the groceries we buy, the movies we watch, the tv we listen to, the music we listen to, where we go, what we do are all things that however small, MAKE UP OUR LIVES. When someone takes the pleasure out of them by making us wonder who is wathcing us, what are they going to do with this information, it ties us down, it makes us less free. Where is the line drawn? What line?

    I have suggestion. I want to know if we can copyright our personal information. Why not? We created it. We wrote it. Do we not have ownership of the things that make up as indiviuals? Why not license your info out. Perhaps then I can attach a message that sys something like :

    "Use of my personal information and storeage thereof means that you accept this license agreement. This license allows you to use and store my personal information for one month subject to a $1 charge per copy. You can renew the license on a monthly basis by sending me another $1. You may copy and/or transfer my personal information to another entity by acquiring written approval 30 days in advance. Failure to comply with this agreement will result in criminal charges and /or a fine. blabh blah blah".

    How unreasonable is that? Microsoft does it everyday! WE'RE paying THEM to collect all this stuff on us. I think it's time for some payback. And I don't mean 5 cents off some tofu burgers, I want cold hard cash for being subjescted to all this interrogation. So to you real player, If you don't want to pay, I'll get another MP3 player. (The software sucked anyway.)




  • Unlike the US, the EU has strong laws (the data protection directives) which require informed consent before any computerised data is gathered or analysed.

    IANAL, but it seems to me that Real have made just themselves wide open to an injunction to forbid any distribution of Jukebox in Europe. Failure to comply with such an injunction would lead to them being sued big time if Real have any corporate presence anywhere in the EU.

  • regardless of what Real says about it not being a privacy invasion due to the fact that they dont keep the information, it still is clearly an invasion because there is the Potential for there to be a privacy invasion. How do we know that real isnt storing all this info in some big database somewhere then giggling gleefully and telling the public"oh we dont keep any of the information" Real has got to be stopped, as do anyone else who does anything like this.

  • by Makali ( 13158 ) on Monday November 01, 1999 @02:37AM (#1573171) Homepage Journal
    Doesn't RealPlayer's install program actually ask you if you want to send information to Real.com?

    I know for a fact that there's an option to send "connection statistics" to the content provider. Isn't this what the hoo-ha is all about? Seems a bit silly that people are consenting to send in information about what they're watching/listening and then bitch about it happening.

    Just my two pennies.
  • by DaveHowe ( 51510 ) on Monday November 01, 1999 @02:40AM (#1573172)
    really, so what? i wish slashdot would stop banging on about this. IMO if you have a "right" to view information on someones web page,the owners have a "right" to maintain a profile of visitors and visitors habits.
    Interesting opinion - so tell me, when you go into shops to look around, do you expect to fill in a card with your name, address, and the names of the last five shops you visited? You don't have a "right" to view people's websites - they have chosen to display them publicly. If they didn't, then they would be password-protected. Most of the arguments about tracking and cookies revolve this idea.

    anyone who visits a "jukebox" site and thinks that his/her listening habits is being not being monitored is naive. i mean, what happens when you listen to a real jukebox?
    Normally, you walk in, sit down, maybe by $PRODUCT the place sells, and listen. You might expect the owner to recognise you if you have been there before - but you don't normally expect him to ask you questions about who you are and where you have just come from, and you definitely don't expect the manufacturer of the jukebox to have the right to do so....

    if you dont want your privacy "violated" then dont browse the net, shop, venture outside your house or pretty much anything.
    Why? why should my life be restricted to sitting in a shuttered room just to prevent a private company from gathering Valuable, Resellable market data from me? If they sent someone to folloy you from shop to shop, noting which shops you visited, what you looked at, and what you actually bought, I imagine you would get paranoid in pretty short order. why should this be any different if you are on the internet?
    --

  • by joe52 ( 74496 ) on Monday November 01, 1999 @03:03AM (#1573173) Homepage
    It's "free". That about says it all.

    There's a free version, but there's also an enhanced version (RealJukeBox Plus) that costs $29.99.

    Whats wrong with the provider of a service/good/program knowing what you do with it.

    I do have a problem with the "provider" of a program knowing exactly what I do with it. What makes this worse is that the user is never informed that the "provider" is harvesting data on what they are doing, as well as what interesing files they have on their system (the article says it actually collects data on all the realmedia and mp3 audio files on the user's drive) If I chose to use Visual C++ , would Microsoft be entitled to grab a copy of my source code, or even of the names of my source files without telling me? Maybe they could better serve the market if they had some idea of exactly what every single copy of their software product was being used for. No thanks.

    joe
  • by zero-one ( 79216 ) <jonwpayne@gma[ ]com ['il.' in gap]> on Monday November 01, 1999 @02:39AM (#1573174) Homepage
    I think this is to be expected as software becomes more intelligent. In many ways this is quite a useful function, a site tailored to my needs is better than a general purpose site. The only request I make is that sites make it clear what data is collected, who the data is seen by and how it is used. How dose this fit in with the various laws (for example if I use the site from the UK does the site need to be registered under the Data Protection Act)?
  • by snopes ( 27370 ) on Monday November 01, 1999 @02:41AM (#1573175) Journal
    The bigger issue is not the collecting of data, but the secrecy with which it is done. In fact, it would almost seem that Real is deliberately misinforming in their own privacy and license statements. And it's one thing to track IP's or cookie s/n's as a user clicks around your website, I think it's something else entirely when you entice that user to install s/w on their system which then surreptitiously monitors their activities. As one person is quoted as pointing out, that's a damn trojan!
  • by Nodatadj ( 28279 ) on Monday November 01, 1999 @02:53AM (#1573176) Journal
    Has anyone ever noticed that Realplayer G2 always starts at startup...
    Now I wonder what that little blue speech bubble icon is doing

    Slashdot poll perhaps?
    What is the Realplayer G2 really doing while it's not running?
    a) Watching what we listen to
    b) Boosting a Real.com attempt at cracking RSA (or SETI depending on what you want)
    c) Watching us (only valid if you have a camera)
    d) Waiting for us to use it, so that it'll "Load" quicker than anything else.
    e) Rob/Iain/Everyone sucks.
    f) Dead writeins.
  • by jcrouthamel ( 19187 ) on Monday November 01, 1999 @02:29AM (#1573177)
    News.Com has just posted a story on this also.

    http://news.cnet.com/news/0-1005-200-1425866.htm l?tag=st.ne.1002.thed.1005-200-1425866
  • by snopes ( 27370 ) on Monday November 01, 1999 @02:58AM (#1573178) Journal
    I agree to an extent. Personal information is a valuable commodity as is software. It is fair to exchange one for the other and unreasonable to expect that all organizations will produce free software without something directly in exchange for it.

    The problem here is that Real was not informing anyone of the monitoring. The actual terms of the exchange were never stated anywhere. That prevents the user from being able to make an informed decision as to whether the exchange is fair to them and whether they wish to enter in to the deal.

    If I sell you a nice car for $10 I can't sneak into your house later to collect more money on the basis that the car was worth more and you really owe it to me. Those terms must be stated up front and at the time of the initial transaction. The only reason this isn't treated as theft is that our archane laws still don't treat personal information as property. All sorts of other data is, after our data is compiled into someone's database it is, but while we're in possession of it, nope! Not poperty, available to anyone for free.

    People need to be made at least marginally aware of how their information is being used. HTTP is an open standard, so we can accept the fact that any tracking being done via that protocol is known to the user since they have the same access to the RFC's that anyone else does. In this case, Real is enticing users to install a trojan on their system which is not open source code, but required the efforts of a hacker to determine just what it was doing.
  • by alexhmit01 ( 104757 ) on Monday November 01, 1999 @02:36AM (#1573179)
    It doesn't sound like RealNetworks is actually doing anything bad... just moronic.

    Adjusting the program to users based upon their data is a Good Thing(tm), it allows more knowledgable people to access more features. As they use the app more (aquiring more files) more features. Should this be server driven? No, that should be kept internal. I'm assuming it is, otherwise it is moronic, not dangerous.

    As far as aggregate users, that's fine. It lets them store information on people and figure out what people are doing with their software.

    It sounds like they are doing things fine, but that their press handling flubbed up. Before we jump on them, we should learn if they are actually storing this information about people and making it available, or if they store the information so the ads are tailored towards people. We can't have it both ways. We can't demand that everything be free (free beer), ad driven, and then demand that they not store information.

    In the real world, information like this is always available. The problem is that online we can store it all. In a CD store, people can see you buying CDs... In the online world, logging is automatic.

    Also, with the CDDB thing, it sounds like they are doing the right thing to protect peoples' privacy. i.e. they aren't allowing CDDB to rob the privacy of the Jukebox users. As long as they aren't abusing the info (which should be independantly confirmed), there is no problem.

    I'm assuming that there are consumer advocates who certify privacy issues. They should be brought in to independantly confirm that everything is Kosher.


    Alex

Brain off-line, please wait.

Working...