The takeaway I'm getting from this is, as with other websites, the attempt to fund streaming music indirectly via targeted advertising is hopelessly unable to keep up with ever-more-clever click fraud. At best, we end up with an arms race of more and more powerful "criminal" botnets and more and more heavyweight advertising tech crowding out the original content. I'm becoming very sympathetic to the viewpoint of backing out towards either completely untargeted advertising (which, paradoxically, can be far more effective) or -- and, admittedly, I'm going crazy out on a limb here -- paying for content.
"What do you mean people can use their computers to listen to music and copy things infinitely? There's no money in that! We should try and kill this Napster thing to protect selling CDs for $20 a pop and never support online distribution no matter the customer demand!" - The Music Industry (paraphrased for sarcastic effect)
That depends! Are you on the side of Cliff Burton era Metallica as a band that encouraged tape trading as an avenue for exposure, or are you on the side of Lars Ulrich era Metallica that feels people sharing music without paying money are enemies of the band?
If you believe in the latter, then that's a perfectly reasonable position for record labels and publishers who invest in "startup" acts hoping they get enough ROI to cover the failures, and then give the successful bands only what they're contractually owed after recouping. Sure, that's a business model. The only number that matters is the number of people paying for the recording.
If you're in the camp of the former, you might think that organic growth and demand for your supply means getting to hit as many ears as possible is a chance to broaden the base of people willing to pay for more. Just because somebody can get a recording for free doesn't mean they aren't interested in giving you money for a live show or a t-shirt or a sticker. The bigger the fan base, the better the income potential.
I'm going to assume you didn't live through the same era that I did, when Napster was more prevalent in dorm rooms than illegal booze. After that window got slammed shut, the industry narrative (backed by an ignorant Judge's opinion that "the computer is not an audio device") was that anybody who didn't buy retail was a criminal. Ever buy a used CD? That was another target.
There was a huge opportunity to embrace technological evolution. Not until Steve Jobs and iTunes worked out the mechanics of DRM and "buying a license" did the industry decide to get on board. It seemed like the industry had their cake and could eat it too...until Eminem looked at his contract and saw that digital downloads were being paid out at the "sale" rate of (est) $0.25 per track, but the words on the page said any "license" should be paid out at $0.50 per track. He took them to court, for himself, and also for clarity in the rules of business. He won. A lot of money. Other artists started to notice this...
There's an alternate reality where more forward people would've been thinking about consumers as audiences instead of wallets, but that didn't happen, and here we are, arguing over the table scraps that Sony/Warner/Universal leave for the independents.
> I'm going to assume you didn't live through the same era that I did
You're incorrect.
And... Jobs DID come along, iTunes DOES exit, it ate album sales without providing similar revenue, now Spotify et al are eating iTunes' market share while providing even less revenue, and it's a race to the bottom.
Everyone loves to talk about what would've happened if all the various content industries had been more forward looking, and it's all ridiculous. One of my favorite, quantifiable examples is the newspaper industry and the classifieds. Yes, I guess the newspaper companies could've been Craigslist instead of Craigslist being Craigslist. To what end, though? Look at Craigslist's revenues. Look at what the newspaper classifieds' revenue was before Craigslist came along. We're talking orders of magnitude difference. And that's Craigslist's business model, right? Low overhead, passes the savings onto the customer, skims a little cream off the top and it's more to pay their bills because they're not using their cut to subsidize journalism, they're just doing the whole Bezosian "your margin is my opportunity" thing and making money where they can. If you split all of Craigslist's revenue up among every newspaper in the country that lost classified revenue when Craigslist hit the market and they could afford to pay everyone a few dollars more in their severance packages as they keep laying off journalists.
The world changed. We think we've figured out where the world is landing, but we're pretty much just all sitting here in the post-apocalyptic wasteland scavenging -- all the big names we think of when it comes to new media -- iTunes, Spotify, Netflix, Hulu -- are just selling us media produced under the old business model at marginal cost. When Spotify and iTunes and all them finally do get around to killing the music industry we're going to be in a very, very different world. Maybe it's better! Maybe it's worse! I only really trust people who say they don't know.
>it ate album sales without providing similar revenue
Similar revenue for WHO? If you've studied the music industry then you know that artist compensation - whether a physical sale or digital sale - are equivalent from a practical standpoint. Of a $.99 sale on iTunes, Apple takes the first $.30 for their role, and the rest is at the mercy of label and artist agreements. Whether it was a CD or a digital sale, an artist was only entitled to a certain defined compensation.
It's kind of funny you mention Craigslist, because you're citing it as a reason that the predominant distributors - PRINT DISTRIBUTORS - should not have to compete with a technological innovation with less overhead. It's a middle man of the highest order. And you assert they should be propped up because why?
Craigslist exploited a loophole of eliminating the friction between seller and buyer without skimming a bunch of revenue in the process. Why are you trying to argue that systems which benefit sellers and buyers should compensate legacy entities which refused to adapt and change? In a digital realm where rights management matters, the only people who argue for additional payout layers are people I don't trust. I don't like the old business model, so that's why I refuse to buy in and push for a new one.
>Look at Craigslist's revenues. Look at what the newspaper classifieds' revenue was before Craigslist came along. We're talking orders of magnitude difference... they're not using their cut to subsidize journalism...
If you want to support a middleman business model, that's your prerogative. If I want to support a direct-to-customer-as-much-as-possible one, then that's mine. I don't want to support a label, I want to support myself.
Not sure I understand the Craiglist part correctly, but in my book a business that does something without trying to make as much money as possible is a better than the one that tries to monetize every single thing.
I wondered about this, I figured someone had figured out they could use pretty standard click fraud techniques to milk money out of the pay-per-play ecosystem.
No doubt someone in operations over at Spotify spends their nights trying to detect these kinds of patterns. It would be interesting to hear their take on it.
Considering how much discussion there has been regarding transparency in the music business - the leak of confidential information via the Sony hack being one of the few instances where numbers are exposed - I think this could be a viable avenue for Spotify to make their case better to artists.
Also, I'd hope it's one of the few areas where Spotify and other services can legitimately have "free reign" to discuss their operations without being handcuffed by non-disclosure clauses in contracts.
Isn't there potential here for a much more nefarious plan than merely earning revenue from fake listens?
If you could do the same thing across a few services, spreading the number listens out on a viral pattern, based on a bit of investment in highly marketable songs, it sounds like you could create a bedroom-singer rags-to-riches superstar story and potentially make millions upon millions.
YouTube has had this problem, with people buying and selling video views. I remember that at one point YT did a sweep to remove fake views and quite a few videos uploaded by professional music studios did in fact drop a lot of views all at once. Whether they were actually purchasing views or whether they were innocent is an interesting question.
Anyway I wouldn't worry. De-spamming websites is a well understood problem by this point. Spotify can build an anti-fraud team if such practices become widespread.
>> "Gracia was selected to represented [sic] Germany in the Eurovision Song Contest with the song "Run & Hide", produced and composed by David Brandes. After the German national pre-selection for the Eurovision Song Contest it was revealed that Brandes had bought thousands of his own CDs to ensure chart placement, a requirement of the ESC"
Yes, I think you're on point with how the exploit could work. Just as reference, I do think the notion of "payola" is similar in practice - using avenues to represent an organic growth of interest, but achieved through alternate means.
"For example, Spotify says that its average payout for a stream to labels and publishers is between $0.006 and $0.0084 but Information Is Beautiful suggests that the average payment to an artist from the label portion of that is $0.001128 – this being what a signed artist receives after the label's share."
This would make it much more expensive to run a botnet through AWS than any potential profits it could generate.
Some other thoughts after reading more closely:
- It's surprising that the minimum listen time required for payout is 30 seconds when average song length is 3 minutes (or even higher? A reported 3m 45s: http://www.statcrunch.com/5.0/viewreport.php?reportid=28647&...). Is listening to 3/18th of a song really enough to warrant payout? Maybe.
- The opening sentence isn't all that truthful. It's implying that an average user is just going to open Spotify, mute it, and go to sleep. That means they won't be there to skip every 30 seconds. So, we fall back to the 3 minute average. Assuming you sleep for 8 hours that means you're only going to get 160 plays or ~12 cents not 72.
Woah, woah, woah. Just because a guy hasn't finished his morning cup of coffee yet doesn't put him on the level of Verizon employees. :) But yes, definitely the same mistake.
I'm not a liar when I say Spotify has expanded my global listener base beyond any other service I've used in the past. Through DistroKid, I can actually examine where, when, and how my music gets to listeners. That includes country of origin.
Yes, the prospect of worthwhile income is shit, but it always has been whether on the radio or signing over a license just "for exposure." Or, yeah, Spotify is shit for people who signed a shit contract with a shit label who doesn't do shit for their artists other than point the finger elsewhere. I'll give you that.
So I guess this is a matter of perspective, because I'm not a liar and I don't think it's shit for artists.
It's not a matter of perspective. The numbers you would need to be pulling on Spotify are huge to sustain yourself on a decent level. By that point, you're already big enough where you wouldn't need Spotify's income because you're big enough to have other sources.
Okay, I'll give you one more response after you "moved the goalposts" so quickly: The only perspective that Spotify or iTunes is an avenue to make a living is straight up delusional. Getting a hit song on the radio, on iTunes, or Spotify is about opening up opportunities where there is a demand for the commodity - the music - and gives the artist a better bargaining position. Making a living in music is about having other sources as a fundamental rule of the industry. One good contract for a license to a commercial on broadcast television likely would dwarf the income one would receive from an entire year of streaming income. Selling t-shirts will make more than streaming income.
I've made more money busking with an acoustic guitar on a busy corner in 2 hours than I've made from streaming. This is how I use Spotify - it's a street corner that pays in pennies. However, I can't afford to travel the world to get in front of people. Thus, while it's very close to the "exposure" concept of compensation, at least there's an exchange of monies as a matter of principle.
As a music purchaser who doesn't torrent music, I like that Spotify lets me try new music in a convenient & legal way. It's a step in the purchasing process, not the final destination.
There's a German metal/rock band called Unheilig that I heard about in 2013. After seeing a YouTube clip [1], Spotify / Rdio let me try more of their songs & add them to my playlists. That hooked me enough to add the album to my Spotify offline downloads so I can listen on the train.
At that point, I'm a committed fan who doesn't want to lose the album... so that's when I buy the CD. Two years later, I've bought all their albums, 2 limited Super Deluxe editions, t-shirts & hats & merch, and been to two of their concerts. Unheilig probably got nearly nothing from me via Spotify, but it was an important step in getting me hooked & ultimately spending hundreds of dollars.
Just wanted to say thank you for sharing this personal story, as I really think there are a lot of "music consumers" who think - and act - like you. The funny thing about music is that it, well, has no "inherent value" as soon as it's created. It's a matter of finding an audience that values the music enough to want more. I feel culinary art is sort of similar - there's no "perfect recipe" for a successful restaurant. If there's an audience, there's demand, and just because, in theory, somebody could make the same dish at home (i.e. download a pirate / clone recipe) doesn't mean the original loses all its merit.
I'll admit that Napster, to me, was an avenue to find things that I couldn't get my hands on otherwise. My favorite search term was "remix" and I got unreleased / international tracks that I still love to this day. I'm a consistent Beatport Pro customer, about $20 a month, and I buy physical CDs for artists to both help their traditional sales metrics and simply for nostalgia. I can't tell you how happy I was to buy the last Columbia release by Weird Al and be a part of giving him his first #1 album release of his career. Yeah, it's kind of hokey, but that's what's so fun about music - from cradle to grave, there's no shame in loving what we love.
Nah, I think sustainability is a non-sequitur when talking about recorded material, whether physical, digital, or streaming revenue. Would I like for it to be different? Sure! But going back to the Bards who had to go from town to town, singing their songs for food and shelter, it's unreasonable to expect the synthetic protection of copyright to put more than peanuts on the table.
It's either make something, embrace the income potential, and keep creating, or whine with whisky an die in the gutter, figuratively speaking.
Until one can identify the markets for which there may be demand, e.g. foreign countries out of reach otherwise, then being a minstrel or court bard means being anchored to one location.
Look, my perspective is that music is supposed to be made for two reasons: 1. the personal compulsion to create something that reflects the individual, and 2. sharing those products with a limited expectation of fiscal reward. This is not to downplay the desire to make a living from art, but an informed historical perspective doesn't infer that technology and modern business has changed the nature of the relationship between artists and consumers very much.
I thought that their rates are comparable to radio stations (in countries where radio music is licensed, e.g. UK) The rate per listener is tiny, but there are lots of listeners.
You're not wrong from what I understand of the U.S. system - it's a constant point of contention between labels and the streaming industry regarding how much is paid out. For radio airplay in the U.S., the songwriter gets paid while the performer does not. It's a convoluted system definitely measured in cents, not dollars.
The difference between a "bot" and a real person is that the real person have money to spend. Now, how do you figure out if someone is a real person or not?
What if the bot had an allowance and periodically bought music (on iTunes, if they were using Apple Music) OR if the bot had a 'premium' Spotify account.
What is the difference then?
Also, what is worse? A bot with a premium account or a human with a free account?
Damn, that's a stone cold divergence based on priorities. I think asking a "label" versus an "artist" might yield different results, depending on priorities. Nice food for thought on that logic tree.
"Botnet" almost always refers to compromised computers, that's not what this article talks about.
The article describes a ridiculously ineffective approach of buying a bunch of EC2 instances to run 50(!) copies of spotify each, when you should be able to easily support thousands of instances of spotify running on a single server.
There's no need to do this using a botnet, there's no point in doing this using a botnet... It's utter nonsense. The only reason they talk about one is to make the whole thing sound far more nefarious than it is.
And to reiterate my point once more, nobody ever refers to remotely managing their own computers as a "botnet".
It'd be ridiculously stupid to have a botnet do this instead of running it on your own hardware. Again, you can easily run thousands of spotify clients on a single computer.
Fair enough. I think his assertion that using an exploit to compromise Spotify Premium account users (via targeted malware) is kind of the extreme example to justify the term botnet. Unless I'm mistaken, running thousands of clients on the same computer would take a lot of effort to 'distribute' over enough IPs as to cloak the operation? I get that you have some beef with the phrasing used, but I think for the sake of practicality calling "a network of robots posing as humans" a botnet is fine and not click bait at its core. Not to belabor the point but I'm pretty sure I could scold you about some improper music terminology usage when you'd be trying to make a point.
As long as Spotify doesn't make a loss on the payout per streamed listen event and the pay-in from advertising, I don't see any problem.
Spotify has a pretty much working monetization model, they could just tell advertising to fuck off. Their free model is like classic radio, where advertisers pay without knowing if there is one listener tuned in or millions (literally).
In the end I feel we need better captcha options.. images for most people with options for the impared. In the end stuff that's relatively easy for a person (click the picture of a cat), but harder for a computer to do...
Another option might be regular challenge-response that makes interaction harder and more costly for a fake listener.. having to run a pbfdk, scrypt or other result on a given input at regular intervals... (the service could have a pre-computed pool to randomly serve out, so they wouldn't have the same costs).
They could also flag accounts that get my than N hours of play in a day, or number of days that's much higher than a typical listener... or who plays more artists/songs outside the top 10k songs the previous month. Asking them to login to their account, or validate their email address at that point... Anything that makes the process much more complicatied to automate but would affect a very low number of real people.
Yes, it's an arms race, but there are a lot of things that could be done that could keep the barbarians out of the gates... Not to mention other suggestions that split per-user royalties to artists, instead of the pool as a whole... That combined with other models could go a long way here.
Except this would be infinitely more traceable and would still require quite a bit of development work, whereas bitcoin mining is really easy.
And using a botnet to do this offers no benefits from just running it on your own hardware. Unlike bitcoin mining, running spotify clients isn't resource intensive.
I suppose, but the thing with doing something like this on a botnet is you need to put that bit of spotify listening software on all those infected computers. Once spotify got their hands on the software they could come up with ways to defeat it.
I feel like the writer of this article has a fundamental misunderstanding of Spotify's business model. The number of plays influences how much money Spotify brings in from advertisements. As far as they are concerned fake and real plays are not much different beyond maintaining credibility with their advertisers.
"beyond maintaining credibility with their advertisers"
This may come as a surprise to you, but advertisers are deeply concerned with click-fraud and impression reliability/value. So it's not important to Spotify... except for this one reason that actually makes it super important.
I feel like you're misunderstanding the situation to be honest...
>As far as they are concerned fake and real plays are not much different
This is flagrantly false given that they do care whether plays are legitimate because they do want to be able to verify with advertisers that plays are served to credible clients...
Are you implying that Spotify would expect that advertisers are stupid/inept enough to not notice when a large number of ads are served to fake/bot consumers?
Spotify as a company has the prerogative of acting with integrity in these situations if only for future maintainability/acquisition of relationships with advertisers.
Even if an advertiser was inept enough to not notice their ads were served largely to bots the value of those ads would still ultimately be lowered by them being served to bots. e.g. if 1000 ads are served and 500 are sent to bots, the overall value of each clicked ad is eventually lowered by 50%. This is assuming an advertiser is so inept they aren't measuring clicks per served ad, which doesn't even occur.
I think you're fundamentally misunderstanding why spotify _does_ have to maintain the credibility of those ad clicks/listens/etc...
Advertisers may or may not care. Many are indeed both stupid and inept. Their clients should care, but may not be technically savvy or aware enough to care. Fragmentation in advertising also makes accountability a lot harder.
Spotify definitely has to care in the long run, but it may be better for their chances of making it through that IPO window to see no evil, hear no evil, and speak no evil until someone forces it upon them. If it worked for Facebook and Twitter, why wouldn't it work for Spotify?
Honestly, this is one of the reasons why 'free' services provide such low value to advertisers unless there's world class fraud fighting capability at the company. If the service is paid, it's significantly more expensive to generate fake traffic. But that'd be bad for the loosey goosey user numbers (AKA 1990s era 'eyeballs') that so excite momentum investors.
Sure, maybe they could get to an IPO without addressing the issue, that doesn't in any way invalidate the legitimacy of the posted article.
There is a vulnerability. It is exploitable. In the long run spotify _will_ be negatively affected if it isn't addressed.
Honestly surprised that there is any arguement whatsoever to the contrary.
If it was, 'well they can make it to IPO before addressing it' as you've stated, sure, that's valid. The parent was saying, 'it's not an issue, it's a matter of perception'.... Which is extremely naive and shortsighted. Perception is the very thing that drives advertisement cost.
Nope, doesn't invalidate what he did. Everyone would be better off if this was either cleared up or if other streaming services with models less prone to fraud could pop up.
Yes the parent comment you were replying to was off base and you were right to correct him. You didn't seem rude to me. I was being a little bit sarcastic about Spotify riding a fraud-wave to a public offering based on inflated numbers.
> As far as they are concerned fake and real plays are not much different beyond maintaining credibility with their advertisers.
No real desire to argue the semantics of what I wrote. This is bizarre. Anyhow, the difference is that one situation is an issue of perception and the other is of actual fraud. Not sure why you think perception and reality are identical things.
That it's not immediately identified is obviously not an issue. E.g spotify isn't affected by the fact that the steps outlined in this post occurred. They are however affected by the fact that this is possible on a larger scale.
The post has demonstrated that the cost of server time for generating 'listens' is less than the amount of royalties paid out. Therefore any artist with the appropriate technical ability could code up a botnet that generates him more revenue then he is spending whilst having literally 0 legitimate fans/listeners.
Are you seriously not able to understand why this is an issue?
Yes; In isolation, this singular post isn't a problem. But when freemoneyforbadmusic.ru pops up offering 10000000 listens for 5$ spotify will have a real problem.
What are you not understanding about this?
There's nothing really semantically wrong with what you've said. It's just factually incorrect.
