February 22, 2011, 9:42 AM — A feature of Apple's iTunes Store that can reveal what content another person has downloaded, could be a privacy concern for users of the service, says a research scientist at MIT.
The iTunes Store allows people to gift content such as music to another user. A person can compile a list of up to 100 songs to gift to someone else, and the iTunes Store checks to see if the recipient already owns the content, wrote Andrew McAfee , principal research scientist at the Center for Digital Business at MIT's Sloan School of Management.
"This is done with good intentions -- to keep users from gifting music that the recipient already has -- but the implementation of this feature opens up privacy concerns: if the check reveals duplicates, iTunes tells the gifter about one of them," McAfee wrote.
The person who is gifting the content only needs to know the recipient's e-mail address, which McAfee argues isn't usually difficult to guess, and have a copy of the iTunes application. Apple also doesn't require givers to sign into their account or present credit card information. The recipients have no idea that their purchases are being scanned by someone else.
"This strikes me as problematic," McAfee wrote. "Of course, this is nowhere near as big a deal as privacy holes in online health or financial information would be, so we should keep this issue in perspective. But it is an issue, I think."
For music playlists, users are allowed to send up to 100 tracks, so scanning a person's library would take a while, but McAfee writes that the process could likely be automated.
McAfee wrote that the way the iTunes Store gifting procedure works could be violation of the U.S. Video Privacy and Protection Act, which bans disclosure of customer rental records without consent of the consumer. Other U.S. states have stricter laws covering the same area, he wrote.
The Video Privacy and Protection Act was the basis for a class-action lawsuit filed in April 2008 against the video store Blockbuster, which signed up for Facebook's doomed Beacon ad service. Facebook canceled Beacon due to privacy concerns. The service would report back what a user did on participating Web sites back to Facebook.
The class-action suit was later dropped, according to records for the U.S. District Court for the Northern District of Texas.
McAfee contrasted Apple's approach with that of Amazon's digital book marketplace for its Kindle e-book reader.