A Criminally Good Song
When you work for a managed security service provider, it’s not unusual to think about how the topic of cybersecurity influences every aspect of our lives.
Then I started to think about every time I’ve heard about an artist’s new song or album getting leaked prior to its intended release date. That’s a cybersecurity issue! So, I’ve done some research to find out how and why these breaches happen, and the implications they carry for cybersecurity awareness.
Let’s go back in time to pre-Spotify and pre-Apple music, when peer-to-peer music sharing, and downloads were the number one way most people got their music. Platforms like Napster facilitated the illegal downloading and piracy of music, severely impacting the artists, recording studios and labels losing millions of dollars every day. The users didn’t always realize the severity of their crimes because it was so normal to download free music in that format. Therefore, the real people to blame were the owners of these music sharing companies. And blame them they did. Napster was practically driven off the market by a series of lawsuits coming from the record labels and the artists themselves, followed by serious losses in court.
Since then, things have changed a great deal and the laws regarding the distribution of music are much more stringent. That being said, the market for free music online didn’t just disappear. It took a new form, resulting in the growth of “leaks” for artists new music.
Obviously, as a listener, it’s great news to get your hands on your favorite artist’s new album weeks earlier than you anticipated. For a record label, t’s a nightmare. And for an artist it’s a mixed bag.
From a cybersecurity nerd’s perspective, I was curious to know the specifics of how music gets leaked even when cybersecurity has grown so much since the Napster days of music.
Nevertheless, there are many ways for it to happen.
It can strike as early as the days in the studio making the album. When a diverse group of producers, sound engineers, groupies, and peers of the artist all make contact with early copies of the music, things happen. Especially when emails are constantly being sent back and forth between members of the team containing sensitive files. Computers get hacked and emails get intercepted all the time, and it can happen to anyone if you’re not careful.
Another way music leaks happen is during the promotional build up for an album’s release, when artists and their labels engage with the press. It’s important to build hype around a new release before it drops so people are excited to listen to it. Unfortunately, once the press gets their hands on the album, it’s not uncommon for the internet to get a taste too. By the time the new music goes viral, it’s difficult to target a specific culprit responsible for the leak.
Now this last way that music gets leaked is the most unexpected and is the reason I said some artists may have mixed reactions to their music being leaked. There are artists who leak their own albums or songs themselves. Often, this is used as a dig at their label due to the artist’s frustration towards how they’ve handled their project. For example, when the band Death Grips wanted an earlier release date than Epic Records had chosen, they just went ahead and leaked it. It was a badass move, although it did lose them their record deal. Additionally, M.I.A. threatened to leak her album early because she didn’t feel that Interscope was putting enough effort into getting her album out. This put pressure on the label to deliver and generated excitement about the album.
When the artist is not the perpetrator of their own music leak, their feelings about it may vary. Artists like Lil Wayne came back with a mixtape entitled “The Leak” with new tracks to challenge the leaked songs on the charts, and Jay Z didn’t sweat the leak of Blueprint 3, saying he hoped people enjoyed the preview and he’s proud of his work.
However, Kaiser Chief’s Nick Hodgson didn’t have the same lax response to his music being leaked. For him it felt overwhelmingly like something had been stolen from him. He wasn’t necessarily upset about the money that would be lost due to the leak. He was upset about the fact that his art was exposed before he was ready and without his consent.
It’s no secret that Taylor Swift’s fans are incredibly passionate about her music and maybe more so about her personal life. When her unreleased song “You’re Losing Me” was leaked, it provided a never before seen look at her breakup with ex-boyfriend Joe Alwyn. The song was raw and personal, including contrasting lines like “I’m the best thing at this party…And I wouldn’t marry me either, a pathological people pleaser.” People were moved by the song and many related to the powerful lyrics describing the painful moments leading up to a relationship’s ending.
Following the leak, Taylor decided to formally release the song as a single on November 29th of 2023. I know Taylor made much more money releasing it herself rather than letting people continue to illegally stream it online, but I wonder if she would have ever shared such an emotional piece without the pressure of the leak. My suspicions were practically confirmed when producer Jack Antonoff answered the question many of us wondered–when was this written???– with an Instagram story sharing the night Taylor wrote You’re Losing Me. The date was December 5th, 2021. Now the news of Taylor’s breakup with Joe didn’t come until April of 2023. For a song so clearly referencing the undeniably nuanced feelings of a breakup, it’s shocking to find out that it was written so long ago. It seems that when she was going through this situation, she wanted to keep the music she wrote private, but a leak shifted that and once again Taylor was expected to share the intimate details of her relationship with the public.
I know I’ve spent a lot of time discussing the music industry and the effects of leaks, but I’d like to end this by tying it all back to the topic of cybersecurity. I’m positive that record labels and any company that handles demos or master copies of new music must involve cybersecurity in their business practices. I think it’s important to note that even with a cybersecurity system in place, there are still gaps where sensitive information can slip through the cracks and get leaked to the internet. Worse, however, is if the breach comes with a ransomware attack where the artist or their label must pay a large sum of money to get the music back from a hacker. Leaks have become a routine part of the music industry, but coming from an IT perspective, enlisting a managed service provider that can monitor any actions made using the new music would be a surefire way to limit unwanted leaks. But if you’re leaking your own music, it better be a criminally good song.