Pandora is sending user GPS, gender, birthday and more to ad servers

April 7, 2011
10

Looks like Pandora Radio for Android has been under fire as of late. If you guys didn't hear they were issued a Subpoena recently over a few different issues, mainly regarding privacy and user data. Apparently there has now been even more information revealed from our friends over at Ars Technica that might have you all even more worried.

I know you all love Pandora Radio, as do I. So please don't get to upset as I only share the news as I see it. I use Pandora very often, but I've yet to turn it on today after reading this.
Apparently after a company named Veracode did a bit more research they found some things that are pretty scary to say the least. According to them Admob was transmitting GPS, but that makes sense as most are driving while using the app, but then they found it randomly at all different times was reporting the users GPS. Then there was other references that appear to also log user data, gender, and possibly birthday. Additionally, the app itself appeared to be sending the users Android ID, and continually access the user's GPS location for updates.

Veracode then wrote on its blog.

"The SecureStudies library accesses the android_id and directly sends a hash of the data to http://b.scorecardresearch.com while the Medialets library accesses the device’s GPS location, bearing, altitude, android_id, connection status, network information, device brand, model, release revision, and current IP address."

I don't like the idea of them accessing many of those things, one in particular being my IP Address and my gender, that is not any of their business. Pandora has mentioned in the past that they require a certain level of access to user information so that it can continue delivering personalized music streams that we all know and love. Then again, according to Veracode, they aren't just using that data for themselves, but rather for advertising purposes as well. There is no proof of this next comment, but the thought of them selling my personal information would make me not have a happy face. Ars Technica goes on to mention, "If the grand jury ends up coming to the same conclusion, Pandora (and other app makers) could be facing legal difficulties."

What do you all think, and will you be dumping your favorite music streaming app over this? Did you just uninstall Pandora like I did? What about Amazon MP3 and the new cloud player, does it just cross reference the music you already have for the music suggestions it sends you, or are they also taking more information than we would like, or they need? Only time will tell. Stay tuned.

[via Ars Technica]


Recent Stories
  • http://twitter.com/DrHotmann Jordan Hotmann

    eh pandora’s music selection is a little too mainstream for me anyways…plus way too many repeats, never even bothered installing the app

  • Tech-writer

    Don’t y’all look at the permissions before installing these things? Do you think *anything* is free? Really free?

  • EdW

    As somebody just said in my office today, “If you’re not paying for the product, YOU are the product”

  • EdW

    As somebody just said in my office today, “If you’re not paying for the product, YOU are the product”

  • Crazythunder1968

    i wonder if slacker is as guilty as pandora?

  • http://twitter.com/xguntherc Cory (xguntherc)

    yea pretty interesting information. It’s mainly to better target ads, and I guess that isn’t that bad. I’d rather see an ad I’m interested in, rather than some ad about flowers or a ford fusion. lol

  • T0ked

    How do people expect Pandora to stay in business. I think it offers a fascinating service. Something like Pandora usually requires a subscription payment or repeated commercial interruptions like over-the-air radio. I like the phrase by EdW, “If you’re not paying for the product, YOU are the product”. Nothing is free. I’m not surprised. When Pandora came back from the brink, I figured they had devised a way to pay for their overhead and licensing fees, and that had something to do with subscriber information. I’m sure Slacker does something similar.

    • http://twitter.com/JSHorwitz Joel S Horwitz

      They can stay in business by getting a rev share when people buy music… those are not small peanuts. Moreover, they can offer a paid version that does even more than what they offer. Its called a “Freemium” business model. Surprised that they would sell data to advertisers, seems simply lazy to me.

  • Joe

    T0ked,

    Your are right nothing is free and the revenu has to come from somewhere, but I just dont see why my GPS location is important or my phone id. The whole gender thing who cares they had a 50/50 shot at it anyway my age i dont careeither

  • Dmarie631

    Not for nothing- you can go onto google and find as much if not more info on a person- your cellphone company, home cable company, credit card companies etc share your personal information with 3rd parties all the time to a certain extent- privacy essentially is a thing of the past unfortunately. If you want free music you have to assume profit is being made somehow…same thing with facebook, twitter, myspace. You want to be a part of any of these things, you are surrendering your last grip on privacy.

    Did you also know that your cellphone- even if all data is erased, still stores everything you have ever done. So if you sell back an old blackberry- which you banked on, or did personal emailing- all that information can still be accessed- even including “deleted” pictures and videos.

    My point- Pandora will still be an app on my phone- because they are not accessing info that cant be found through several other means- and they shouldnt be sued for it either.