Spotify is Defective by Design

The music streaming service Spotify uses Digital
Restrictions Management (DRM); push back by saying NO to
Spotify's invitations.

After being available in Europe for some time, Spotify has
launched in the United States with a publicity campaign
inviting people to use the service.

Our conclusion: Spotify is using DRM to prevent things
legally permitted even by overly strict US copyright law,
making Spotify defective by design.

Spotify works by having users register, choose a plan
ranging from $0 to $10 a month and installing a piece of
proprietary software used to enforce DRM

Spotify's software does all the things DRM usually does. Music is streamed to its users -- and cached on the user's drive -- in an encrypted format, which is then decrypted by the proprietary client. Spotify uses this control to enforce arbitrary rules on its users. For
example: you can't save music to listen to it later or
elsewhere, you can't take a snippet of a song and use it for
something else like a presentation or review. And while
Spotify makes a fanfare of the fact that users can opt out
of the otherwise-required advertising by subscribing for a
monthly fee, there is no way for users to opt out of DRM.

Technically, Spotify's use of the Ogg Vorbis codec under the
surface leads us to the conclusion that Spotify could easily
be a website using HTML5, removing the need for any kind of
program to be installed.

A group of Swedish developers have figured out how the
Spotify software works, and have created a limited
alternative to Spotify's client. While this client is free
software, its limited nature will lead many people to seek
out the proprietary client, and Spotify could block this
program at any time.

Take action!

  • Spotify asks you to send them a little message to get an
    invite to the service. We've created a template for a real
    paper letter you can use to respond to them by mail.
  • In the USA, send your letter to: Daniel Ek, Spotify, 76
    9th Avenue, Suite 1110, 11th Floor, New York, NY 10011
  • And for everyone else, send your letter to: Alison Bonny,
    Spotify, Golden House, 30 Great Pulteney Street, London,
    W1F 9NN, UK

Edit your own copy of the letter using LibreOffice.

You can see the letters we've sent here: USA and UK.

And follow it up

  • @eldsjal is the Twitter account of the CEO of Spotify,
    Daniel Ek, and @alisonbonny is the Head of Spotify's Press
    Division. Tell them we want Spotify without DRM! You could
    say: "@eldsjal, @alisonbonny I'm politely declining the
    invitation from @Spotify because of DRM, @SpotifyUSA" --
    remember, you don't need to use the Twitter website
    directly when you do this; you can instead connect your
    Twitter account to your account and send it that
    way. Or use a local free software client, such as Gwibber
    or HeyBuddy (this way you avoid Twitter's proprietary
  • Send an email -- seems to work, but
    CC just in case, and remember to- BCC
    us on all those emails too at
  • Share this action with others! When you read news stories
    about Spotify, make sure to leave a comment warning people
    about DRM.

Related articles