Spotify Users Sell Data To AI Developers - 1

Image by @felirbe, from Unsplash

Spotify Users Sell Data To AI Developers

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Spotify is in conflict with Unwrapped, a project where thousands of users sell their listening data to AI firms, challenging data ownership norms.

In a rush? Here are the quick facts:

  • Over 18,000 Spotify users joined Unwrapped to sell their listening data.
  • About 10,000 users earned $5 each after selling data to Solo AI.
  • Vana co-founder compared data pooling to a labor union for users.

Spotify is clashing with a growing group of users who want to sell their listening data to developers building AI tools, as first reported by ArsTechnica .

The Unwrapped project, started in February, and now has more than 18,000 Spotify users who joined the platform. By pooling their data through the decentralized platform Vana , users can sell it to AI companies, researching for new ways to analyze listening habits.

ArsTechnica reports that the June vote from 10,000 members allowed Solo AI to purchase a small portion of their data for $55,000. Users received $5 worth of cryptocurrency from the deal.

ArsTechnica reports that Vana co-founder Anna Kazlauskas admitted this payout was not “ideal,” saying she wished users had earned “a hundred times” more. Still, she called the deal “meaningful” because it showed Spotify users that their data ‘‘is actually worth something.”

“I think this is what shows how these pools of data really act like a labor union,” Kazlauskas said, as reported by ArsTecnica.

Unwrapped received a warning from Spotify through a letter, because the project allegedly infringes on their Wrapped trademark and violates developer guidelines, as noted by ArsTechnica. The platform rules at Spotify prohibit developers from using platform resources or content to create machine learning or AI models.

“Spotify honors our users’ privacy rights, including the right of portability […]All of our users can receive a copy of their personal data to use as they see fit. That said, UnwrappedData.org is in violation of our Developer Terms which prohibit the collection, aggregation, and sale of Spotify user data to third parties,” a spokesperson said as noted by ArsTechnica.

Unwrapped developers rejected that claim, arguing: “They are simply exercising digital self-determination. To suggest otherwise is to claim that users do not truly own their data—that Spotify owns it for them.”

Hackers Expose Millions In Gucci and Balenciaga Data Breaches - 2

Image by Julien Tondu, from Unsplash

Hackers Expose Millions In Gucci and Balenciaga Data Breaches

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

The hacking group ShinyHunters announced they obtained more than 50 million customer records from Gucci, Balenciaga, and other fashion brands under Kering.

In a rush? Here are the quick facts:

  • Hackers gained access through Salesforce, a customer management platform.
  • Gucci’s breach reportedly involved 43 million records from 2017–2024.
  • Balenciaga ransom talks started at 10 Bitcoin, dropped to €750,000.

DataBreaches.net analyzed files and chat logs, which show that ShinyHunters executed multiple cyberattacks against Kering fashion brands: Gucci, Balenciaga, Brioni, and Alexander McQueen.

The stolen customer data included more than 50 million records, which exposed personal information including names, phone numbers, email addresses, birthdates, and purchase records. The hackers entered the brands’ systems through Salesforce, which serves as their customer management platform.

The hackers claim to have obtained 43 million Gucci records spanning from 2017 through April 2024. They also stole personal data from Balenciaga, Brioni, and Alexander McQueen, resulting in the exposure of 13 million customer records. The exact number of affected customers remains unknown, because Kering has not issued any public statements about these incidents.

In July, months after data was already taken, Kering published a new security policy highlighting the dangers of “information theft, sabotage, Social Engineering, [and] cyber terrorism.”

The company wrote:

“Protecting Information means ensuring the confidentiality, integrity and availability of the Information. If Information is lost, stolen, inappropriately disclosed, destroyed, modified, serious consequences may result for Kering such as: Loss of customers’ trust […] Loss of competitive advantage […] Loss of revenue.”

The negotiations between Balenciaga and the hackers continued for multiple weeks until the hackers rejected the €200,000 offer. The hackers then issued a final warning to Balenciaga before releasing the stolen data.

The lack of transparency from Kering about these cyber incidents puts millions of high-end fashion consumers at risk, while the company faces questions about its responsibility to protect customer data.