You've Been Warned: Spotify Wants To Spy On You In Every Way Imaginable

Submitted by Mike Krieger via Liberty Blitzkrieg blog,

I clearly remember the moment several years ago when my closest friend from NYC was at my place pleading with me to download and use Spotify. The pitch was compelling and I was open minded about the concept, until I learned that you had to login through Facebook to use it (no longer the case I believe). I immediately found this creepy and refused to use it.

Fast forward to 2015, and Forbes has come out with a very important article highlighting the incredible creepiness factor in Spotify’s new “privacy policy.” Here’s some of what it found:

Music streaming market leader Spotify has decided that it wants to know a lot more about you. It wants to be able to access the sensor information on your phone so it can determine whether you’re walking, running or standing still. It wants to know your GPS coordinates, grab photos from your phone and look through your contacts too. And it may share that information with its partners, so a whole load of companies could know exactly where you are and what you’re up to.


This has all been made apparent by a rather significant update to the Spotify privacy policy, pushed out to users today. Upon opening the Spotify app up this morning, your reporter was greeted with a request to agree to the new conditions. A quick comparison with the previous privacy policy using the Wayback Machine showed some major changes had been made. I’m now considering whether the £10 I pay for a premium membership is worth it, given the amount of privacy I’d be giving away by consenting. 

Here are a couple of the key updates found by Forbes:

3.3 Information Stored on Your Mobile Device

           With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files. Local law may require that you seek the consent of your contacts to provide their personal information to Spotify, which may use that information for the purposes specified in this Privacy Policy.

3.4 Location and sensor information

            Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit).


3.8 Spotify service providers and partners

             We may also receive information about you from our service providers and partners, which we use to personalise your Spotify experience, to measure ad quality and responses to ads, and to display ads that are more likely to be relevant to you.

And here’s how Spotify says it shares information with advertisers and third parties, which provides some comfort on how identities are linked to the data that’s shared:

5.2.1 Marketing and advertising

We may share information with advertising partners in order to send you promotional communications about Spotify or to show you more tailored content, including relevant advertising for products and services that may be of interest to you, and to understand how users interact with advertisements. The information we share is in a de-identified format (for example, through the use of hashing) that does not personally identify you.


What’s equally perturbing is that it does not appear to matter whether you’re a paying customer or a freemium user. It should now be apparent to most that no web service is free – if you’re not paying in money, you’re paying in personal data. But Spotify doesn’t believe those who pay deserve a more private service. It seems there’s little option either to quit Spotify or accept the conditions of a company that has not only been questioned over its ethical treatment of musicians but will now face questions over its respect for customers’ private lives.


Anyone upset by these changes can send complaints to  or send a letter to the company’s privacy representative by sending a letter to Spotify, Attn: Privacy Officer, Legal Department, 45 West 18th Street, 7th Floor, New York, NY 10011, United States.

You’ve been warned.