Published: October 26, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
We can now add Spotify to the list of info-grabber apps that rivals Facebook’s collection of our PII (personally identifiable information). No one likes the idea of an app collecting our personal data and that’s especially true when it’s gathered without our knowledge. Some users believe having their PII up for grabs is simply a part of online life, with many willing to shrug their shoulders and move on. But how could listening to music and podcasts on Spotify gather so much data about us, and is there anything we can do about it?
Spotify collects over a million new data points on its users every day. With 365 million users monthly, 200 million agree to allow advertising on the app, and 165 million pay extra to avoid the ads. When it comes to collecting PII for advertising, the same data is harvested for all Spotify customers, regardless of advertising choice. That data translates to big money from advertisers who purchase it to better pinpoint their targets with highly tailored ads.
Spotify “Friends” With Facebook
Once Spotify has your contract agreement to harvest your PII, they can also gather information from your third-party companies and service providers like Facebook. Once you log onto those, Spotify can import your PII from it, including your Facebook user ID. Other service providers give up data that includes IP addresses, which are used to map your location. It’s always advised to limit the PII you post on Facebook, and now we know that when Facebook collects it, Spotify does too.
Making Spotify More Secure
As unfettered and invasive as Spotify’s data collection is, there are a few actions users can take to limit their data exposure.
Go to Spotify’s Account page and click on Privacy Settings. There you can also opt-out of Tailored ads, which removes ads targeting you with your own PII. You’ll still get ads, but they won’t be tailored to you specifically. Under the same privacy setting, you can turn off Facebook data. This prevents Spotify from using PII from Facebook other than shared login data. Other settings allow you to see the apps that also have access to your Spotify account, and you can remove them. If other apps don’t need that PII to function, they don’t need access to Spotify’s data. In addition, remember to use unique login credentials for each and every website you log into. This means, not using your Facebook, Google, or other credentials to access services like Spotify. Overall, limiting the data Spotify collects as well as what it shares with other apps can help make your listening experience more secure, and that’s a beautiful thing to hear.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org