Noise Builds Over Embedding Of User Data in iTunes Plus Downloads

In the hours following Apple and EMI’s debut of DRM-free music on the iTunes Store, the blogosphere was abuzz with good cheer, but soon thereafter grew a body of dissenters to an unofficially announced measure apparently taken by Apple and EMI to ensure that media purchased within the iTunes Plus milieu are “traceable.” Upon quick inspection of the issue, one could see clear reason for the response to the Big-Brother-esque strategy Apple and EMI have employed.

The details of the discovery, reported by Ars Technica and reiterated by BBC News are that DRM-free tracks downloaded from the iTunes Store include data which includes personal information of those who’ve purchased said tracks. The buyer’s full name and account information (email address, etc.) are part of the data set that is embedded in each download from the store.

Does the inclusion of the personal data matter? Not in the way people of the anti-DRM sort worry most about, anyway.

If the full name and email address of every buyer of iTunes music tracks (and presumably music videos as well) are the only bits of personal information visible those able to read the data, consumers of the iTunes Plus catalogue shouldn’t care much at all, the reason being that nobody (no regulatory entity) looking to prosecute individuals responsible for the illicit purveyance of digital tracks across the net could prove that an individual buyer of iTunes Plus media was indeed responsible for the tracks’ proliferation. You can find a parallel in the way the recording industry has mostly failed to combat distributors and downloaders of illegally dealt and obtained music merely by documenting an IP address (or many).

Of course, no one should pat Apple and EMI on their respective backs and tell them “job well done” after hearing of this data discovery. The files include personal information that’s the corresponding persons likely do not want embedded into the files they’ve purchased. If one so happens to share the music with a small circle (as one is allowed to a certain degree as stipulated by iTunes Store legalese), one would wish to protect his or her information. Common sense tells us that. Our “fingerprints” aren’t permanently affixed to the tangible CDs we buy. They should be left off the files we download as well. But much of the hubbub of this breach of consumers’ trust is almost solely stirring over the suspected ability to track items purchased by iTunes Plus customers. What it should be about are simple, yet still very serious privacy concerns.

Unless one takes full advantage of the ability to share music purchased from the iTunes Store and is concerned about compromising personal information when now sharing iTunes Plus purchases, any worries about the existence of actors whose intention it is to monitor the digital trails of iTunes Plus consumers (which are far too vague and unsubstantiable to pursue anyhow) shouldn’t linger. So go ahead. Download those “high-quality” 256kbps DRM-free tracks. If you intend to share ‘em, do so only with those you can trust. Which is presumably what you’ve been doing up to now with your iTunes purchases anyhow. So, you know, carry on doing what you’ve been doing. You’ll be fine. Probably.

Note: The EFF, or Electronic Frontier Foundation, recently claimed that DRM-free iTunes media carries "more than just names and email addresses." We'll notify you about any new developments about this issue as they come.