I can clearly remember having first discovered Pandora at work after a friend recommended the website as a way to help pass the monotonous workday with customizable streaming music stations, and the toe-tapping joy that instantly washed over me. Within a few weeks however, my employer started hating and made Pandora inaccessible from company workstations. As a result, my musical jubilation was unceremoniously replaced with seemingly longer work hours and daily doldrums.
Then as fate and technology would have it, the folks of the Music Genome Project got wise and developed Pandora as a smartphone application. And just like that, with the use of a Bluetooth earpiece and phone charger, I was back in melodious workday business!
But for as convenient as Pandora is while on the job, at the kids’ practices or while grocery shopping, it has crossed my mind on more than one occasion how Pandora has been able to provide such user specific music at practically no cost to the listener. I mean sure, I do realize that the advertising spots during the brief intervals between musical sets pays the Pandora bills in a big way, but that still has done nothing to negate my feelings that Pandora has always seemed to be one of those sites/applications that was simply too good to be true. Well, according to a recent Wall Street Journal Blog article, it is:
More than half of the smart phone apps tested by the Wall Street Journal found that they were sending users personal information such as location, age, gender, and a phone’s unique identifier to advertisers; often without user consent. Among the worst offenders were popular music streaming service Pandora and text messaging app TextPlus 4 from app developer GOGII.
The Journal tested 101 apps that run on Apple’s iOS and Google’s Android mobile platforms, and found that 56 of them sent a phone’s unique identifier to third parties without user consent, 47 transmitted a phone’s location, and five sent out user demographic information.
TextPlus4 sent a phone’s unique ID (UDID) number to eight different advertising companies, and also sent a phone’s zip code and user age and gender to two of them. The app is only available for iOS. Meanwhile the Android and iOS versions of Pandora sent information to eight third parties, included location data to seven of those, a phone’s unique ID to three of them, and demographic data to two.
The makers of TextPlus 4 and Pandora said that information sent to third parties is not connected to a user’s name, and that personal information such as age and gender is offered by users. However the most transmitted bit of information was the phone’s unique identifier, a number unique to every phone that can be used by advertisers to track each phone owner’s behavior.
“We use listener data in accordance with our privacy policy” a spokeswoman for Pandora told the Journal. The policy states that the company will share “non-personally identifiable information.”
The biggest recipient of user data was Google, through its AdMob, AdSense, Analytics and DoubleClick subsidiaries. And apps on Apple’s iOS app store were chattier with advertisers than on the Android marketplace, despite Apple’s more rigid approval process.
Now, unless you’ve been living under a dial-up modem, it is common knowledge that many third party apps, social networking sites and even ad supported webmail programs that require some sort of login credentials and user profiles share the information that is provided to them with advertising companies who pay for such data to target users who fit within a certain promotional mix they may be seeking. Still, the idea that sites like Pandora may be collecting user trends, activity and other information, then providing it to third-parties without user consent is just a bit unnerving. Although for the most part, this sort of data collection is designed to be processed anonymously and in batches so that advertisers can’t identify one user from the other, it only takes one cyber ne’er do well with no friends and too much time on his hands to develop some sort of archived database that links UDID and other personal information together (that a user submits through sites and apps who’s fine print relationships with ad companies are direct results of their profitable bottom lines) to really put a glitch in the matrix!
What’s funny is that I’ve oftentimes joked that with the directions that society and technology are rapidly taking, how imperative it would be for me to learn to live off the grid, but who’d have ever thought that Pandora’s privacy policy would be pushing me closer toward Morpheus and the red pill?
Tiffany's Fanny Pack 