Spotify is one of the world’s most successful and largest music streaming platforms. Established in 2006, since then, the service has grown to host over 82 million songs and podcasts, has 182 million paid subscription listeners, 422 million active users, and is available in over 180 countries and 184 markets worldwide. Not only that, but it’s free for everyone: as long as you don’t mind ads interrupting your music enjoyment every now and then, or as long as you don’t mind being limited to a certain amount of song skips. Those are only available with the premium membership. Other than that, any song or artist is available at your fingertips, free for download. But that’s a lot of data to keep track of.
While Spotify might seem like paradise for premium listeners, for music artists Spotify is only worthwhile as a music platform if you’re a well-known performer. The blog ‘Free Your Music’ reports that “Spotify pays less than a cent: about $0.003 to $0.0084 per stream, with an average payout of $0.004 per stream” (Free Your Music, 2021). Not only that, but it’s split several ways between the artists, the producers, songwriters, labels, and of course, Spotify takes the biggest cut. Ben Sisario from The New York Times also reported that between Spotify’s “seven million artists […] Spotify’s figures show that only about 13,000 of them generated $50,000 or more in payments last year [2021] (The New York Times, Ovide). So why does any of this price gouging matter?
It’s because as more songs and artists are released on downloadable streaming platforms, the higher the risk of that data being hacked or “leaked” earlier than the artist’s planned. When the song is released unofficially, the song loses profits that could have been made if it were released properly. Most people assume that leakers are a disrespected employee who’s sticking it to the man, or simply an overly-obsessed fan of a particular musician, but in actuality, “leaking” songs is a high-paying industry. Leakers can claim ownership or copyright of any music they leak, upload the tunes, and accept the pay off on PayPal by using independent distribution businesses like DistroKid and TuneCore. “One hacker who leaked tracks by Playboi Carti and Lil Uzi Vert claims to have made over $60,000 in streaming royalties” (Graves, 2019). While it must feel pretty rotten if you’re someone like Beyonce or Rihanna to know that someone is making bank off of your tracks, it must feel even worse to artists that are making less than a cent in profit to have a song leaked and make no profit whatsoever.
Instead of stealing physical data like CDs or records, hackers are exploiting network security flaws to steal online files saved to the cloud or even on physical devices, cloud vulnerability being the biggest target of cybercrime and malware (Dov, 2022). Many musicians are now incorporating cybersecurity training and engineers into their entourages to protect their tracks and data from malicious hackers and notorious leakers. For example, Andrew Lang, a cybersecurity major at Penn State Altoona, says that famous rap artist Wiz Khalifa “does not keep his files of music on a cloud storage or on a laptop. He stores them on an external hard drive that is shared between him and another person who keeps it safe while he is away from the studio; this is because he doesn’t want his music to be stolen” (Lang, 2020). But even having someone own a physical copy of a harddrive with data could still result in a data leak if that person decided to retaliate.
Yotam Dov names the four biggest types of cybersecurity threats that music artists face today as phishing, malware, Distributed Denial of Service (DDoS), and man-in-the-middle (MITM) attack). According to Merriam-Webster, phishing is “the practice of tricking Internet users (as through the use of deceptive email messages or websites) into revealing personal or confidential information which can then be used illicitly” (Merriam-Webster, 2022). It is one of the most prevalent, effective, and harmful forms of attacks that hackers use to gain access to accounts, steal data, and defraud businesses. It has been increasing in frequency as work and business systems turn remote in the wake of COVID19. Malware is software that infiltrates a private or public system and can either wreak havoc, or sit quietly like a sleeper agent, siphoning confidential information or being triggered by a certain user command. Malware is a common practice used by hackers in exchange for a ransom reward.
SteelToad CEO Dean Rock describes Distributed Denial of Service or DDoS as “when someone sends a bunch of network traffic to an individual service and it floods the service to the point that the user is overloaded and can’t respond”. This prevents users from even attempting to interrupt the attack as it occurs. “Man in the middle” or MITM, is “Just like eavesdropping,” Mr. Rock explains. “Someone listens to conversations or exchanges of information between different parties, and then changes the data exchanged. If you’re on a phone call with another person and someone listens in, for example, they can then tell someone else false information about what was said. The same events can occur in cyberspace.”
The best defense for attacks such as these, whether you’re a famous musician or an ordinary person who wishes to secure your data, is prevention. Software such as Norton Secure VPN, CyberGhost VPN, Cisco AnyConnect, and Express VPN are some of the highest ranking cybersecurity softwares on the market. Browsers such as Chrome and Firefox also have free downloadable extensions that can act as VPNs and tools to prevent malware advertisements, tracking, and phishing from occurring as you surf the web. These are just a few of the ways to keep you and your data safe from cybersecurity threats.
Sources
Dov, Yotam. Why cybersecurity is so important for musicians. We Rave You, 12 April 2022. https://weraveyou.com/2022/04/why-cybersecurity-is-so-important-for-musicians. Accessed May 14, 2022.
FreeYourMusic. How much does Spotify pay per stream? Streaming payouts comparison [2021]. FreeYourMusic.com, 21 June 2021. https://freeyourmusic.com/blog/how-much-does-spotify-pay-per-stream. Accessed May 14, 2022.
Graves, Wren. Leakers make upwards of $60,000 by posting unreleased or fake tracks to Spotify, Apple. Consequence Sound, 22 August 2019. https://consequence.net/2019/08/report-streaming-royalties-leakers-fakes. Accessed May 14, 2022.
Lang, Andrew. How Musicians Can Lose Their Own Music. Penn State, 4 October 2022. https://sites.psu.edu/aflang/2020/10/04/how-musicians-can-lose-their-own-music. Accessed May 14, 2022.
Ovide, Shira. Streaming Saved Music. Artists Hate It. The New York Times, 22 March 2021. https://www.nytimes.com/2021/03/22/technology/streaming-music-economics.html. Accessed May 14, 2022.
Witts, Joel. How To Stop Phishing Attacks. Expert Insights, 6 April 2022. https://expertinsights.com/insights/how-to-stop-phishing-attacks. Accessed May 14, 2022.
