What Spotify and Tinder aren’t telling you: New study plays personal data detective


AUCKLAND, New Zealand — We watch our phones, and our phones watch us. All of your favorite apps are constantly collecting your personal data to help form algorithmic recommendations just for you. From the next song on your workout playlist to potential dates for Friday night, these suggestions hold real-world implications. So, what type of data exactly is being collected, and how is it being used?

The companies doing the gathering are often reluctant to answer those questions. Now, researchers at the University of Auckland decided to analyze the Terms of Use and Privacy Policies of both Spotify and Tinder for clues.

Spotify is a music service boasting over 180 million premium subscribers. Tinder is a dating app available in over 190 countries. Many users consider both to be the premier companies in their respective fields. Study authors say companies collecting personal data are usually very resistant to academic scrutiny.

“Despite their powerful influence, there is little concrete detail about how exactly these algorithms work, so we had to use creative ways to find out,” says Dr. Fabio Morreale, School of Music, in a university release.

Spotify taking more of your information?

Researchers chose Tinder and Spotify specifically because both platforms rely heavily on recommendation algorithms.

“They have been largely overlooked, compared to bigger tech companies such as Facebook, Google, Tik Tok etc who have faced more scrutiny” Dr. Morreale explains. “People might think they’re more benign, but they are still highly influential.”

Over just the past decade, Spotify and Tinder have re-written their legal documents numerous times. Researchers analyzed all the versions. Companies are facing more and more requirements to inform users about personal data collection, but study authors say even the current iterations of the documents are hardly user-friendly.

“They tend toward the legalistic and vague, inhibiting the ability of outsiders to properly scrutinize the companies’ algorithms and their relationship with users. It makes it difficult for academic researchers and certainly for the average user,” Dr. Morreale adds.

The research did produce interesting findings. For example, Spotify’s Privacy Policies reveal the company collects much more personal information than it used to years ago.

“In the 2012 iteration of its Privacy Policy, Spotify’s data practices only included basic information: the songs a user plays, playlists a user creates, and basic personal information such as the user’s email address, password, age, gender, and location,” Dr. Morreale says.

The current policy written in 2021 permits Spotify to collect users’ photos, location data, voice data, background sound data, and even additional varieties of personal information. The current version also states, “the content you view, including its selection and placement, may be influenced by commercial considerations, including agreements with third parties.”

That’s a whole lot of legal lingo, but researchers say what it really means is Spotify has afforded itself plenty of room to legally highlight content to specific users based on commercial agreements.

“Spotify promises that the ‘playlist is crafted just for you, based on the music you already love’, but Spotify’s Terms of Use detail how an algorithm could be influenced by factors extrinsic to the user, like commercial deals with artists and labels,” Dr. Morreale notes. “In their recommendations (and playlists for that matter) Spotify is also likely to be pushing artists from labels that hold Spotify shares – this is anti-competitive, and we should know about it.”

What about Tinder?

Study co-author Matt Bartlett, School of Law, describes the dating app as “one big algorithm”.

“Tinder has previously stated that it matched people based on ‘desirability scores’ calculated by an algorithm. I don’t think users fully understand or know about how Tinder’s algorithm works, and Tinder goes out of its way not to tell us,” Bartlett explains. “That’s not to say that this is an evil thing – the problem is that they’re not transparent about how the matching occurs. In my opinion, the Terms of Use should specify that.”

Ultimately, the team at UA didn’t completely uncover how the platforms’ algorithms function. However, their work highlights the magnitude of this problem in general. These two companies, and many more, aren’t being transparent about their data collection practices.

“With these powerful digital platforms possessing considerable influence in contemporary society, their users and society at large deserve more clarity as to how recommendation algorithms are functioning,” Dr. Morreale concludes. “It’s crazy that we can’t find out; I think in the future we’re going to look back and see this as the Wild West of big tech.”

The study is published in the Journal of the Royal Society of New Zealand.


Leave a Reply

Your email address will not be published.