Jump to content
N-Europe

CBS Gives Last.fm Data To RIAA


Dante

Recommended Posts

A couple of months ago Erick Schonfeld wrote a post titled “Did Last.fm Just Hand Over User Listening Data To the RIAA?†based on a source that has proved to be very reliable in the past. All hell broke loose shortly thereafter.

 

Before posting Erick reached out to the RIAA, Last.fm and parent company CBS for comments. The only response was from CBS - “To our knowledge, no data has been made available to RIAA.†The CBS spokesperson, Katie Gunion, subsequently emailed us to say “would you please attribute the statement to Last.fm, it is currently reading as though CBS issued the statement†Gunion’s email lists her title as Public Relations, CBS Interactive, and her first statement did not name Last.fm (this is important, see below). A subsequent statement by Shannon Jacobs, VP of Communications at CBS: “this is a last.fm issue, as far as I am concerned. It is not a corporate issue. This is a last.fm issue, not a corporate issue. The posting represents last.fm’s response.â€

 

After the story broke all concerned parties had no problem commenting publicly.

 

Last.fm cofounder Richard Jones said “I’m rather pissed off this article was published, except to say that this is utter nonsense and totally untrue.†He followed up with a blog post “Techcrunch are full of shit, “I denied it vehemently on the Techcrunch article, as did several other Last.fm staffers. We denied it in the Last.fm forums, on twitter, via email – basically we denied it to anyone that would listen, and now we’re denying it on our blog.†One blog called us a “tabloid masquerading as a legitimate news outlet.†Lots of others piled on.

 

Apart from updating the original post we’ve been quiet on this story. The person who first leaked the news was terminated from CBS for the leak, says our original source, and threatened with legal action. He understandably went very quiet. But the outrageously shrill denials by Last.fm just didn’t ring true. Once you got past the personal attacks, the denial language itself was too carefully worded.

 

Now we’ve located another source for the story, someone who’s very close to Last.fm. And it turns out Last.fm was telling the truth, sorta, when they said Erick’s story wasn’t correct.

 

Last.fm didn’t hand user data over to the RIAA. According to our source, it was their parent company, CBS, that did it. That corresponds to what our original source said in conversations we had after our initial post and before CBS lawyers became involved. But we didn’t want to update until we had an independent source for that information, too.

 

Here’s what we believe happened: CBS requested user data from Last.fm, including user name and IP address. CBS wanted the data to comply with a RIAA request but told Last.fm the data was going to be used for “internal use only.†It was only after the data was sent to CBS that Last.fm discovered the real reason for the request. Last.fm staffers were outraged, say our sources, but the data had already been sent to the RIAA.

 

Here’s an email from the original source, partially redacted. A screenshot of this email is here.

 

Re: touching base

 

From: [redacted, a CBS employee]

Sent: [redacted]

To: [redacted]

 

[ _____] We provided the data to the RIAA yesterday because we know from experience that they can negatively impact our streaming rates with publishers. Based on the urgency of the request they probably just wanted to learn more about the leak but who knows. Seriously, can you blame them? [______] Our ops team provided the usual reports along with additional log data including user IP addresses. The GM who told them to do it said the data was for internal use only. Well, that was the big mistake. The team in the UK became irate because they had to do it a second time since we were told some of the data was corrupted. This time they transferred the data directly to them and in doing so they discovered who really made the request. Shit really hit the fan, I even got a call [______] Obviously, I can see their POV but what they don’t understand over there is that we are in the analytics business and it’s not like this is the first time we’ve provided this data to a third party. Someone over there should be more forthright with users about the data policy instead of complaining about BD to upper management like I’m here trying to destroy the business. We’re just trying to help them stay afloat here it’s not like Pro memberships are earning any revenue! [______________] So if you hear of anything, I’m even open to possibly moving West now for the right opportunity, let me know.

 

Our new source, which hasn’t seen this email, says much the same: that Last.fm didn’t know the nature of the CBS request until after the data was sent and that the data was in fact subsequently sent by CBS to the RIAA. This source’s information comes directly from Last.fm employees who he has spoken with.

 

It’s important to note that while sources are in agreement that it was the RIAA that made the request, it may have been one or more music labels acting independently. The suggestion in the email above that the compliance was made because of the ability for the requester to negatively impact streaming rates suggests it was a label request. But the end result is the same. So if CBS/Last.fm deny sending data to the RIAA but don’t say anything about the labels, they’re being shifty again. Also, there are whispers that someone may have put a stop to the data transfer before it left CBS - that gives them a denial out if they paint with broad strokes. Much better would be if they simply, honestly, told us what really happened and we could move on.

 

We believe CBS lied to us when they denied sending, or at least intending to send, the data to the RIAA, and that they subsequently asked us to attribute the quote to Last.fm to make the statement defensible. Last.fm’s denials were strictly speaking correct, but they ignored the underlying truth of the situation, that their parent company supplied user data to the RIAA, and that the data could possibly be used in civil and criminal actions against those users. We believe that the outrage they aimed at us for reporting the story, which was materially correct, should have been aimed at CBS instead. But Last.fm never spoke publicly of the real facts of the story.

 

We believe Last.fm and CBS violated their own privacy policy in the transmission of this data. We also believe CBS and Last.fm may have violated EU privacy laws, including the Data Protection Directive, and should be investigated by the appropriate authorities.

 

And to the CBS employee who was fired and threatened based on this story - we believe certain U.S. Whistle Blower laws may protect you from retaliation from CBS in this matter. We’d like to provide you with legal counsel at our cost.

 

www.techcrunch.com

Edited by jayseven
Quote the quote when it's a quote.
Link to comment
Share on other sites

No, the company, can see more than just what you're listening to. They can see who you are, where you are, they can track you and trace you. I say company, and I speak in present tense, that's regarding last.fm. The RIAA now has this information as of when the data was sent. It isn't just them seeing 'S.C'G listened to F.C.P.R.E.M.I.X'. THEY can use the information garnered from your last.fm lists to bring litigation against you for copyright infringement if they so suspect it. They can trace your IP to your provider, and request disclosure of your details and find out who you are, where you live, and various other bits of information your ISP may hold on you. I may be mistaken in my post, but I believe this is what the issue is.

Edited by Rummy
Link to comment
Share on other sites

So the upshot of this is, some company can see what we've been listening to? the same as the rest of the internet can ... :blank:

 

and they have our IP addresses :o

 

What can they do with our IP addresses and listening data anyway? It's not like they can prove we don't legally own the music without hunting every last.fm user down and checking their music collection.

Link to comment
Share on other sites

The RIAA have been somewhat persistant in picking on the little guy when it comes to copyright infringement, and that's why this worries me. Admittedly, it might be insignificant for us Brits as I'm not sure how many people outside of the US they have brought cases against, but they are still bringing fresh cases even though they apparently stated that they were going to cease that practise. It's also been said that they might be working off evidence that might be a few years old now, and so to get all this information, well...who knows what they might do with it? Or how they might apply it to their existing cases/use it to bring new ones? All they'll need is one simple IP search in this new infromation, with the old 'infringing' IPs that they have, and they've got alot of new info they could potentially use.

 

 

EDIT:Coincidentally, an article about them and their cases is front page on Slyck atm - http://www.slyck.com/story1853_Who_is_Still_Being_Sued_by_the_Music_Industry

Link to comment
Share on other sites

×
×
  • Create New...