Abuse
Auto Added by WPeMatico
Auto Added by WPeMatico
A number of Spotify playlist curators are complaining that the streaming music company is not addressing the ongoing issue of playlist abuse, which sees bad actors reporting playlists that have gained a following in order to give their own playlists better visibility. Currently, playlists created by Spotify users can be reported in the app for a variety of reasons — like sexual, violent, dangerous, deceptive or hateful content, among other things. When a report is submitted, the playlist in question will have its metadata immediately removed, including its title, description and custom image. There is no internal review process that verifies the report is legitimate before the metadata is removed.
Bad actors have learned how to abuse this system to give themselves an advantage. If they see a rival playlist has more users than their own, they will report their competitors in hopes of giving their playlist a more prominent ranking in search results.
According to the curators affected by this problem, there is no limit to the number of reports these bad actors can submit, either. The curators complain that their playlists are being reported daily, and often multiple times per day.
The problem is not new. Users have been complaining about playlist abuse for years. A thread on Spotify’s community forum about this problem is now some 30 pages deep, in fact, and has accumulated over 330 votes. Victims of this type of harassment have also repeatedly posted to social media about Spotify’s broken system to raise awareness of the problem more publicly. For example, one curator last year noted their playlist had been reported over 2,000 times, and said they were getting a new email about the reports nearly every minute. That’s a common problem and one that seems to indicate bad actors are leveraging bots to submit their reports.
Many curators say they’ve repeatedly reached out to Spotify for help with this issue and were given no assistance.
Curators can only reply to the report emails from Spotify to appeal the takedown, but they don’t always receive a response. When they ask Spotify for help with this issue, the company only says that it’s working on a solution.
While Spotify may suspend the account that abused the system when a report is deemed false, the bad actors simply create new accounts to continue the abuse. Curators on Spotify’s community forums suggested that an easy fix to the bot-driven abuse would be to restrict accounts from being able to report playlists until their accounts had accumulated 10 hours of streaming music or podcasts. This could help to ensure they were a real person before they gained permission to report abuse.
One curator, who maintains hundreds of playlists, said the problem had gotten so bad that they created an iOS app to continually monitor their playlists for this sort of abuse and to reinstate any metadata once a takedown was detected. Another has written code to monitor for report emails and uses the Spotify API to automatically fix their metadata after the false reports. But not all curators have the ability to build an app or script of their own to deal with this situation.
Image Credits: Spotify (screenshot of reporting flow)
TechCrunch asked Spotify what it planned to do about this problem, but the company declined to provide specific details.
“As a matter of practice, we will continue to disable accounts that we suspect are abusing our reporting tool. We are also actively working to enhance our processes to handle any suspected abusive reports,” a Spotify spokesperson told us.
The company said it is currently testing several different improvements to the process to curb the abuse, but would not say what those tests may include, or whether tests were internal or external. It could not provide any ballpark sense of when its reporting system would be updated with these fixes, either. When pressed, the company said it doesn’t share details about specific security measures publicly as a rule, as doing so could make abuse of its systems more effective.
Often, playlists are curated by independent artists and labels who are looking to promote themselves and get their music discovered, only to have their work taken down immediately, without any sort of review process that could sort legitimate reports from bot-driven abuse.
Curators complain that Spotify has been dismissing their cries for help for far too long, and Spotify’s vague and non-committal response about a coming solution only validates those complaints further.
Powered by WPeMatico
Domestic abuse comes in digital forms as well as physical and emotional, but a lack of tools to address this kind of behavior leaves many victims unprotected and desperate for help. This Cornell project aims to define and detect digital abuse in a systematic way.
Digital abuse may be many things: hacking the victim’s computer, using knowledge of passwords or personal date to impersonate them or interfere with their presence online, accessing photos to track their location, and so on. As with other forms of abuse, there are as many patterns as there are people who suffer from it.
But with something like emotional abuse, there are decades of studies and clinical approaches to address how to categorize and cope with it. Not so with newer phenomena like being hacked or stalked via social media. That means there’s little standard playbook for them, and both abused and those helping them are left scrambling for answers.
“Prior to this work, people were reporting that the abusers were very sophisticated hackers, and clients were receiving inconsistent advice. Some people were saying, ‘Throw your device out.’ Other people were saying, ‘Delete the app.’ But there wasn’t a clear understanding of how this abuse was happening and why it was happening,” explained Diana Freed, a doctoral student at Cornell Tech and co-author of a new paper about digital abuse.
“They were making their best efforts, but there was no uniform way to address this,” said co-author Sam Havron. “They were using Google to try to help clients with their abuse situations.”
Investigating this problem with the help of a National Science Foundation grant to examine the role of tech in domestic abuse, they and some professor collaborators at Cornell and NYU came up with a new approach.
There’s a standardized questionnaire to characterize the type of tech-based being experienced. It may not occur to someone who isn’t tech-savvy that their partner may know their passwords, or that there are social media settings they can use to prevent that partner from seeing their posts. This information and other data are added to a sort of digital presence diagram the team calls the “technograph” and which helps the victim visualize their technological assets and exposure.

The team also created a device they call the IPV Spyware Discovery, or ISDi. It’s basically spyware scanning software loaded on a device that can check the victim’s device without having to install anything. This is important because an abuser may have installed tracking software that would alert them if the victim is trying to remove it. Sound extreme? Not to people fighting a custody battle who can’t seem to escape the all-seeing eye of an abusive ex. And these spying tools are readily available for purchase.
“It’s consistent, it’s data-driven and it takes into account at each phase what the abuser will know if the client makes changes. This is giving people a more accurate way to make decisions and providing them with a comprehensive understanding of how things are happening,” explained Freed.
Even if the abuse can’t be instantly counteracted, it can be helpful simply to understand it and know that there are some steps that can be taken to help.
The authors have been piloting their work at New York’s Family Justice Centers, and following some testing have released the complete set of documents and tools for anyone to use.
This isn’t the team’s first piece of work on the topic — you can read their other papers and learn more about their ongoing research at the Intimate Partner Violence Tech Research program site.
Powered by WPeMatico
For the nearly 20 percent of Americans who experience severe online harassment, there’s a new company launching in the latest batch of Y Combinator called Tall Poppy that’s giving them the tools to fight back.
Co-founded by Leigh Honeywell and Logan Dean, Tall Poppy grew out of the work that Honeywell, a security specialist, had been doing to hunt down trolls in online communities since at least 2008.
That was the year that Honeywell first went after a particularly noxious specimen who spent his time sending death threats to women in various Linux communities. Honeywell cooperated with law enforcement to try and track down the troll and eventually pushed the commenter into hiding after he was visited by investigators.
That early success led Honeywell to assume a not-so-secret identity as a security expert by day for companies like Microsoft, Salesforce, and Slack, and a defender against online harassment when she wasn’t at work.
“It was an accidental thing that I got into this work,” says Honeywell. “It’s sort of an occupational hazard of being an internet feminist.”
Honeywell started working one-on-one with victims of online harassment that would be referred to her directly.
“As people were coming forward with #metoo… I was working with a number of high profile folks to essentially batten down the hatches,” says Honeywell. “It’s been satisfying work helping people get back a sense of safety when they feel like they have lost it.”
As those referrals began to climb (eventually numbering in the low hundreds of cases), Honeywell began to think about ways to systematize her approach so it could reach the widest number of people possible.
“The reason we’re doing it that way is to help scale up,” says Honeywell. “As with everything in computer security it’s an arms race… As you learn to combat abuse the abusive people adopt technologies and learn new tactics and ways to get around it.”
Primarily, Tall Poppy will provide an educational toolkit to help people lock down their own presence and do incident response properly, says Honeywell. The company will work with customers to gain an understanding of how to protect themselves, but also to be aware of the laws in each state that they can use to protect themselves and punish their attackers.

The scope of the problem
Based on research conducted by the Pew Foundation, there are millions of people in the U.S. alone, who could benefit from the type of service that Tall Poppy aims to provide.
According to a 2017 study, “nearly one-in-five Americans (18%) have been subjected to particularly severe forms of harassment online, such as physical threats, harassment over a sustained period, sexual harassment or stalking.”
The women and minorities that bear the brunt of these assaults (and, let’s be clear, it is primarily women and minorities who bear the brunt of these assaults), face very real consequences from these virtual assaults.
Take the case of the New York principal who lost her job when an ex-boyfriend sent stolen photographs of her to the New York Post and her boss. In a powerful piece for Jezebel she wrote about the consequences of her harassment.
As a result, city investigators escorted me out of my school pending an investigation. The subsequent investigation quickly showed that I was set up by my abuser. Still, Mayor Bill de Blasio’s administration demoted me from principal to teacher, slashed my pay in half, and sent me to a rubber room, the DOE’s notorious reassignment centers where hundreds of unwanted employees languish until they are fired or forgotten.
In 2016, I took a yearlong medical leave from the DOE to treat extreme post-traumatic stress and anxiety. Since the leave was almost entirely unpaid, I took loans against my pension to get by. I ran out of money in early 2017 and reported back to the department, where I was quickly sent to an administrative trial. There the city tried to terminate me. I was charged with eight counts of misconduct despite the conclusion by all parties that my ex-partner uploaded the photos to the computer and that there was no evidence to back up his salacious story. I was accused of bringing “widespread negative publicity, ridicule and notoriety” to the school system, as well as “failing to safeguard a Department of Education computer” from my abusive ex.
Her story isn’t unique. Victims of online harassment regularly face serious consequences from online harassment.
According to a 2013 Science Daily study, cyber stalking victims routinely need to take time off from work, or change or quit their job or school. And the stalking costs the victims $1200 on average to even attempt to address the harassment, the study said.
“It’s this widespread problem and the platforms have in many ways have dropped the ball on this,” Honeywell says.
Tall Poppy’s co-founders
Creating Tall Poppy
As Honeywell heard more and more stories of online intimidation and assault, she started laying the groundwork for the service that would eventually become Tall Poppy. Through a mutual friend she reached out to Dean, a talented coder who had been working at Ticketfly before its Eventbrite acquisition and was looking for a new opportunity.
That was in early 2015. But, afraid that striking out on her own would affect her citizenship status (Honeywell is Canadian), she and Dean waited before making the move to finally start the company.
What ultimately convinced them was the election of Donald Trump.
“After the election I had a heart-to-heart with myself… And I decided that I could move back to Canada, but I wanted to stay and fight,” Honeywell says.
Initially, Honeywell took on a year-long fellowship with the American Civil Liberties Union to pick up on work around privacy and security that had been handled by Chris Soghoian who had left to take a position with Senator Ron Wyden’s office.
But the idea for Tall Poppy remained, and once Honeywell received her green card, she was “chomping at the bit to start this company.”
A few months in the company already has businesses that have signed up for the services and tools it provides to help companies protect their employees.
Some platforms have taken small steps against online harassment. Facebook, for instance, launched an initiative to get people to upload their nude pictures so that the social network can monitor when similar images are distributed online and contact a user to see if the distribution is consensual.
Meanwhile, Twitter has made a series of changes to its algorithm to combat online abuse.
“People were shocked and horrified that people were trying this,” Honeywell says. “[But] what is the way [harassers] can do the most damage? Sharing them to Facebook is one of the ways where they can do the most damage. It was a worthwhile experiment.”
To underscore how pervasive a problem online harassment is, out of the four companies where the company is doing business or could do business in the first month and a half there is already an issue that the company is addressing.
“It is an important problem to work on,” says Honeywell. “My recurring realization is that the cavalry is not coming.”
Powered by WPeMatico