Wow, Spotify's New Privacy Policy is Atrocious [Updated]

Illustration for article titled Wow, Spotify's New Privacy Policy is Atrocious [Updated]

Update (10:46 am) 8/21/15: Spotify has clarified exactly how it’ll use its new privacy policy, and it’s not as bad as we initially thought. You need to give Spotify explicit permission to access your personal data. Read more about it here.


There’s a new privacy policy going into effect with the latest Spotify update, and the TL;DR version is that if you’re at all concerned about data privacy you might want to jump ship now.

Here are a few of the more egregious ways Spotify plans to start snooping on you in the name of streaming music.

Going Through Your Contacts, Photos and Media Files

With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files. Local law may require that you seek the consent of your contacts to provide their personal information to Spotify, which may use that information for the purposes specified in this Privacy Policy.

Tracking Your Location

Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit).


Following You Around on Facebook

You may integrate your Spotify account with Third Party Applications. If you do, we may receive similar information related to your interactions with the Service on the Third Party Application, as well as information about your publicly available activity on the Third Party Application. This includes, for example, your “Like”s and posts on Facebook.


(This one, at least, you can disable by logging into your preferences and disconnecting Spotify from your Facebook account)

Storing (and Sharing!) Your Credit Card Information

If you sign up for a Trial (as defined in the Terms and Conditions of Use), purchase any of our Paid Subscriptions (as defined in the Terms and Conditions of Use), or make other purchases through the Service, your credit or debit card information (such as card type and expiration date) and other financial data that we need to process your payment may be collected and stored by us and/or the payment processors with which we work. We may also collect some limited information, such as your postal code, mobile number, and details of your transaction history, all of which are necessary to provide the Service.


The number one reason Spotify cites for collecting all this data? Improving your Spotify experience, of course!

We may use the information we collect, including your personal provide, personalise, and improve your experience....


Oh wait, I think they mean selling you ads:

....with the Service and products, services, and advertising (including for third party products and services) made available on or outside the Service (including on other sites that you visit), for example by providing customised, personalised, or localised content, recommendations, features, and advertising on or outside of the Service


If your definition of an “improved streaming music experience” doesn’t include asking everyone you know if you can share their data with Spotify, or letting Spotify go through your private photos and track your every movement, it might be time to think about switching streaming services. You know, Apple Music just started looking a lot better.

Update (10:15 pm): A Spotify spokesperson provided Gizmodo with the following statement regarding its new privacy policy:

“Spotify is constantly innovating and evolving its service to deliver the best possible experience for our users. This means delivering the perfect recommendations for every moment, and helping you to enjoy, discover and share more music than ever before. The data accessed simply helps us to tailor improved experiences to our users, and build new and personalized products for the future. Recent new features include Spotify Running, which matches the BPM of your music to the pace of your run, or the new Discover Weekly feature, which curates a weekly playlist based on your tastes.



Contact the author at or follow her on Twitter.

Top image via Shutterstock




Personally, I’m only concerned about the credit card storage & sharing policy. 95% of the time, my phone’s GPS is off and I haven’t connected any social media to my Spotify account. Also, they mention they dig into photos and GPS and social media “with your permission”. So, don’t give them permission... or am I missing?

On a general level, this policy of storing & sharing is like an IED for privacy. If I was using those features, I’d be thinking of jumping ship... But, where would you go? Most companies are this lax about privacy anyway and it seems like this is the norm. Even if they say they don’t store, nobody is checking whether they actually follow it. That’s what irked Impact Team to go ahead and hack Ashley Madison - ‘coz they were storing info even after saying (& charging) they deleted it.