Written by Tanisha Cardozo || Team Allycaral
Spotify has confirmed it is actively investigating an incident involving unauthorized scraping of its platform, after reports surfaced alleging access to hundreds of millions of rows of track metadata and millions of audio files. The streaming company said it has already identified and disabled nefarious user accounts linked to unlawful scraping and has implemented additional safeguards to prevent similar incidents in the future.
In a statement, a Spotify spokesperson said the company has stood with the artist community against piracy since its inception and continues to work closely with industry partners to protect creators and defend their rights. According to the report, the alleged scrape includes around 256 million rows of track metadata and 86 million audio files, with plans for distribution via peer-to-peer networks in bulk torrents totaling approximately 300 terabytes. As of December 21, however, the report indicates that only metadata, not music files, has been publicly released.
Spotify acknowledged that its investigation found a third party had scraped public metadata and used illicit tactics to circumvent digital rights management in order to access some audio files on the platform. The company emphasized that the investigation is ongoing and that it continues to actively monitor for suspicious behavior across its systems.
The report, first highlighted by Anna’s Archive, prompted strong reactions across the technology and music industries. Commentary circulating online, including a LinkedIn post by Yoav Zimmerman, CEO and co-founder of Third Chair, suggested that such a scrape could theoretically enable individuals to create personal, unauthorized versions of a music streaming service, with the main barriers being copyright law and enforcement.
Despite the claims, Spotify’s total catalog reportedly exceeds the number of audio files referenced in the report. Still, industry observers noted that even partial access could eclipse existing open music data repositories such as MusicBrainz, which contains around five million unique tracks.
Anna’s Archive, which typically focuses on books and academic papers, said the Spotify project aligns with its stated mission of preserving humanity’s knowledge and culture, describing the scrape as an attempt to build a music archive aimed primarily at preservation. The group acknowledged that Spotify does not contain all of the world’s music, but described it as a significant starting point.
As Spotify continues its investigation, the incident has reignited broader debates around digital piracy, data security, copyright enforcement and the challenges faced by streaming platforms in safeguarding content at scale.
Discover more from Allycaral
Subscribe to get the latest posts sent to your email.
