Major Labels

Spotify Pre-Saves Give Labels Troubling Data, Control

image from www.heatonthestreet.comPre-saving an album on Spotify can give record labels and others access to personal data including email addresses and playlists, according to a Billboard study. It can also grant labels permission to manage follows, change songs in their libraries, and potentially even stream Spotify on the fans other devices.

image from

Spotify pre-saves – the streaming equivalent of an album pre-buy – are enabled by accessing Spotify API which allows authorized applications access to specific parts of the streamer's "back-end."  But the access given to labels and seeming anyone whose built or operated an authorized Spotify pre-save app goes far beyond what is needed to enable pre-saves – permission to “add and remove items in Your Library.”

Sony was the worst offender in the Billboard study, asking for 16 additional permissions to authorize a pre-save. Universal Music asked for 10 extra permissions in the test.

Why Not Fix it?

So far, neither the labels or Spotify have commented.

It's not clear that anything that the labels are doing is illegal. But why Spotify would allow this level of access and control? Why has streamer's so far failed to publicly admit the problem and fix it? As we saw with Facebook recently, users are increasingly unwilling to tolerate unauthorized access to their accounts and data. 

Spotify could also fix the problem by rolling out a pres-save tool of their own. Apple Music already has one baked in. 

MORE: Why Hasn't Spotify Rolled Out An Offical Pre-Save Tool? [Kieron Donoghue]

Share on:


  1. Move along, nothing to see here.
    Anyone, and I mean anyone can open a Spotify Developer account, get access to the API and build apps.
    I’ve been doing this for years. I drive facebook ads to my website, a landing page, where a person can playlist the song that brought them there. When they do, I get their name, email, etc.
    TO presave a song or album i HAVE to have permission to read and edit their playlists, saves, etc.
    Someone who knows nothing about APIs wrote an article that is doing nothing more than fear mongering

Comments are closed.