RealNetworks' RealJukeBox Monitors User Habits

kbrown1 was the first one to write to us with the story at the NY Times that RealNetworks' has confirmed that they do monitor some user habits. RealJukeBox is the offending program, and apparently "surreptitiously monitors the listening habits and certain other activities of people who use it and continually reports this information, along with the user's identity, to RealNetworks." RealNetworks' has said that they do gather the information, but "the practice did not violate consumer privacy because the information was not being stored by RealNetworks nor distributed to other companies," according to their VP of consumer products. Other networks are picking up the news - more details should be coming.

Hmm.. just checking, but..

Doesn't RealPlayer's install program actually ask you if you want to send information to Real.com?

I know for a fact that there's an option to send "connection statistics" to the content provider. Isn't this what the hoo-ha is all about? Seems a bit silly that people are consenting to send in information about what they're watching/listening and then bitch about it happening.

Just my two pennies.

Re:so what?

really, so what? i wish slashdot would stop banging on about this. IMO if you have a "right" to view information on someones web page,the owners have a "right" to maintain a profile of visitors and visitors habits.
Interesting opinion - so tell me, when you go into shops to look around, do you expect to fill in a card with your name, address, and the names of the last five shops you visited? You don't have a "right" to view people's websites - they have chosen to display them publicly. If they didn't, then they would be password-protected. Most of the arguments about tracking and cookies revolve this idea.

anyone who visits a "jukebox" site and thinks that his/her listening habits is being not being monitored is naive. i mean, what happens when you listen to a real jukebox?
Normally, you walk in, sit down, maybe by $PRODUCT the place sells, and listen. You might expect the owner to recognise you if you have been there before - but you don't normally expect him to ask you questions about who you are and where you have just come from, and you definitely don't expect the manufacturer of the jukebox to have the right to do so....

if you dont want your privacy "violated" then dont browse the net, shop, venture outside your house or pretty much anything.
Why? why should my life be restricted to sitting in a shuttered room just to prevent a private company from gathering Valuable, Resellable market data from me? If they sent someone to folloy you from shop to shop, noting which shops you visited, what you looked at, and what you actually bought, I imagine you would get paranoid in pretty short order. why should this be any different if you are on the internet?
--

Re:It's "free"

It's "free". That about says it all.

There's a free version, but there's also an enhanced version (RealJukeBox Plus) that costs $29.99.

Whats wrong with the provider of a service/good/program knowing what you do with it.

I do have a problem with the "provider" of a program knowing exactly what I do with it. What makes this worse is that the user is never informed that the "provider" is harvesting data on what they are doing, as well as what interesing files they have on their system (the article says it actually collects data on all the realmedia and mp3 audio files on the user's drive) If I chose to use Visual C++ , would Microsoft be entitled to grab a copy of my source code, or even of the names of my source files without telling me? Maybe they could better serve the market if they had some idea of exactly what every single copy of their software product was being used for. No thanks.

joe

Fair enough

I think this is to be expected as software becomes more intelligent. In many ways this is quite a useful function, a site tailored to my needs is better than a general purpose site. The only request I make is that sites make it clear what data is collected, who the data is seen by and how it is used. How dose this fit in with the various laws (for example if I use the site from the UK does the site need to be registered under the Data Protection Act)?

Re:so what?

The bigger issue is not the collecting of data, but the secrecy with which it is done. In fact, it would almost seem that Real is deliberately misinforming in their own privacy and license statements. And it's one thing to track IP's or cookie s/n's as a user clicks around your website, I think it's something else entirely when you entice that user to install s/w on their system which then surreptitiously monitors their activities. As one person is quoted as pointing out, that's a damn trojan!

Other things that Real might be doing (100% OT)

Has anyone ever noticed that Realplayer G2 always starts at startup...
Now I wonder what that little blue speech bubble icon is doing

Slashdot poll perhaps?
What is the Realplayer G2 really doing while it's not running?
a) Watching what we listen to
b) Boosting a Real.com attempt at cracking RSA (or SETI depending on what you want)
c) Watching us (only valid if you have a camera)
d) Waiting for us to use it, so that it'll "Load" quicker than anything else.
e) Rob/Iain/Everyone sucks.
f) Dead writeins.

News.Com Story

News.Com has just posted a story on this also.

http://news.cnet.com/news/0-1005-200-1425866.htm l?tag=st.ne.1002.thed.1005-200-1425866

Re:Overreaction, this is fine

I agree to an extent. Personal information is a valuable commodity as is software. It is fair to exchange one for the other and unreasonable to expect that all organizations will produce free software without something directly in exchange for it.

The problem here is that Real was not informing anyone of the monitoring. The actual terms of the exchange were never stated anywhere. That prevents the user from being able to make an informed decision as to whether the exchange is fair to them and whether they wish to enter in to the deal.

If I sell you a nice car for $10 I can't sneak into your house later to collect more money on the basis that the car was worth more and you really owe it to me. Those terms must be stated up front and at the time of the initial transaction. The only reason this isn't treated as theft is that our archane laws still don't treat personal information as property. All sorts of other data is, after our data is compiled into someone's database it is, but while we're in possession of it, nope! Not poperty, available to anyone for free.

People need to be made at least marginally aware of how their information is being used. HTTP is an open standard, so we can accept the fact that any tracking being done via that protocol is known to the user since they have the same access to the RFC's that anyone else does. In this case, Real is enticing users to install a trojan on their system which is not open source code, but required the efforts of a hacker to determine just what it was doing.

Overreaction, this is fine

It doesn't sound like RealNetworks is actually doing anything bad... just moronic.

Adjusting the program to users based upon their data is a Good Thing(tm), it allows more knowledgable people to access more features. As they use the app more (aquiring more files) more features. Should this be server driven? No, that should be kept internal. I'm assuming it is, otherwise it is moronic, not dangerous.

As far as aggregate users, that's fine. It lets them store information on people and figure out what people are doing with their software.

It sounds like they are doing things fine, but that their press handling flubbed up. Before we jump on them, we should learn if they are actually storing this information about people and making it available, or if they store the information so the ads are tailored towards people. We can't have it both ways. We can't demand that everything be free (free beer), ad driven, and then demand that they not store information.

In the real world, information like this is always available. The problem is that online we can store it all. In a CD store, people can see you buying CDs... In the online world, logging is automatic.

Also, with the CDDB thing, it sounds like they are doing the right thing to protect peoples' privacy. i.e. they aren't allowing CDDB to rob the privacy of the Jukebox users. As long as they aren't abusing the info (which should be independantly confirmed), there is no problem.

I'm assuming that there are consumer advocates who certify privacy issues. They should be brought in to independantly confirm that everything is Kosher.


Alex