Users who purchase DRM-free tracks from Apple’s iTunes Plus store and then ‘accidently’ share those files with friends or via peer-to-peer networks, maybe in for a shock. Arstechnica is reporting that user account details (in form of full name and email address) are stored inside every track sold, making it possible to trace any copies back to the original purchaser — although it’s unlikely that such evidence would stand up in court, as in theory the data could be spoofed. So why is Apple doing this? The obvious answer is to make people think twice before sharing their music, and yet the company doesn’t seem to be informing customers that their details are embedded in the tracks they’ve bought.
Arstechnica suggest that another possible reason is that the company is helping the recording industry monitor so-called ‘casual’ piracy:
That said, it would be trivial for iTunes to report back to Apple, indicating that “Joe User” has M4As on this hard drive belonging to “Jane Userette,” or even “two other users.” This is not to say that Apple is going to get into the copyright enforcement business. What Apple and indeed the record labels want to watch closely is: will one user buy music for his five close friends?
Rather than being concerned with going after individual users who infringe copyright, it could be that the company wants to aggregate such data in order to analyze how much sharing of paid-for DRM-free music, actually takes place.
Either way, Apple should better inform customers of this practice, and also what they plan to use this hidden data for. It’s also worth remembering that it’s quite common for peer-to-peer file-sharing applications to ‘share’ a user’s music folder by default — so take note.