The music industry just failed to fix streaming fraud with a toothless ‘Code of Conduct’

Hello music industry. May we say, many of you are brilliant people, coming up with brilliant ideas and, most importantly, signing and investing in brilliant artists.

But sometimes, collectively, you don’t exactly present yourself at your most… distinguished.

Today, that applies more than usual, thanks to some pointless grandstanding, and a series of piss-weak ‘go us!’ pledges that will have precisely zero impact on anything.

The global music industry is in self-back-patting mode today (June 20) for collectively undersigning a 21-point ‘Code of Best Practice’ which pledges to “tackle stream manipulation” on services like Spotify and Apple Music.

In terms we can all understand, that means fake streams.

Streaming fraud is quite a simple beast to comprehend, because it always serves one of two, non-mutually exclusive purposes:

  • (i) Deliberately inflating metrics which affect an artist’s perceived popularity – upping their chances of getting signed, or their chart success etc.;
  • (ii) Inflating the revenue share that an artist (and/or their fellow rights-holders) receives from streaming services.

Shall we all agree that the more heinous and powerful motivation here – the one which deliberately and criminally takes money from other artists to which this cash is due – is (ii)?

It can be fixed with two sentences.


Sentence 1: Financial stream fraud exists because services like Spotify operate a model whereby an individual Premium account can theoretically generate more money in royalties each month than it costs to access that same Premium account in the first place.

Stop that being able to happen, and you’ve largely solved financially-motivated stream fraud.

The fact it is able to happen is why some clever scammers are able to benefit from ‘streaming farms’ – aka. banks of devices all running streaming accounts that repeatedly play music to which the scammers own the rights.

Remember our friend in Bulgaria? He or she managed to suck $1m in royalties out of Spotify doing exactly this, via a series of legitimately paid-for premium accounts, in 2017.

Right then. Now let’s stop it happening for good.


Sentence 2: Switch Spotify et al’s payment model from a ‘service-centric’ licensing basis to a ‘user-centric’ licensing basis.

In other words, after a user pays $9.99 for a monthly premium streaming account, simply monitor which artists they’ve individually played in that month, and divide the small amount of money they’ve paid accordingly.

If they want to play their own dodgy 30-second-per-track library endlessly from June 1 through June 30, great! They get their money back, minus Spotify’s overheads, tax and profit margin.

The fact that a ‘service-centric’ system operates unanimously in audio streaming today is exactly why millions of artists would have been robbed of a big chunk of money from TIDAL if – and this is a big, hypothetical, alleged, if – someone was hacking into the accounts of the service’s users and rinsing plays of Kanye West and Beyoncé back in 2016.


‘User-centric licensing’ isn’t even mentioned in the four-page industry Code released today (June 20) and undersigned by everyone from Universal Music Group to Spotify, Sony Music Entertainment, Sony/ATV, Warner Music Group, IMPALA, Deezer, Spotify and the RIAA.

That’s understandable. Industry consensus on this matter is difficult. (Some say ‘user-centric’ licensing will cost more to run than ‘service-centric’ licensing; some just don’t like what it will do to their market share.)

What’s absolutely not fine is the absence of any other concrete solutions in this Code to tackle point (i) or (ii) above.

“The signatories to this Code condemn the practice of stream manipulation, and agree to use reasonable efforts to communicate a zero-tolerance approach to related activities,” it reads.

Under a heading of practical and reasonable measures against stream manipulation, the Code continues with the following five points:

  1. Rights holders agree to: (a) undertake as part of their industry-level anti-piracy and content protection operations reasonable investigations to identify stream manipulation; and (b) undertake reasonably appropriate and proportionate actions where there is reasonable evidence of stream manipulation;
  2. Streaming service providers agree to implement a set of balanced, commercially reasonable measures and controls enabling the prevention and/or reduction of stream manipulation, including supporting effective detection and management of instances of suspected illegitimate activities in a commercially and technologically reasonable and proportionate manner;
  3. In the event of any suspected illegitimate activity, rights holders shall provide reasonable support to streaming service providers’ investigations, including provision of all relevant and available information. Streaming service providers agree, in their conduct of appropriate, commercially and technologically reasonable investigations, to consider all relevant information in connection with and available at the time of such investigations and to make ultimate determinations based on principles of fairness, consistency and, wherever possibte, transparency;
  4. The signatories will consult with one another periodically to consider current information and developments on stream manipulation, to enable an exchange of best practice and strategies for addressing the problem, and to revise this Code where necessary;
  5. From time to time, the signatories may share information regarding third parties (including marketing and promotion companies) which have been found on the basis of reasonable evidence to have engaged in stream manipulation. 

That’s it. That’s the plan.


Question: can someone please point out a single item here that wasn’t being conducted before?

Were major labels not looking out for streaming fraud and “undertaking reasonably appropriate and proportionate actions” against it?

Were streaming services not implementing a “balanced, commercially reasonable measures and controls enabling the prevention and/or reduction of stream manipulation”?

And if this was all being carried out, it does rather beg the question of what the… point is here?


After that, within the Code’s cracking list of five industry-wide solutions, we get to the good bit: whenever a label is being accused of illegally tinkering with the streaming numbers of their artists, they agree to turn over internal information to the relevant streaming service – who may be conducting an investigation into the incident. Hardcore!

Fair enough. This is at least going to have some impact on things. They’re gonna have to do it, too, because, well, because… oh. What’s this?

“This Code is not legally binding and does not create any contractual or pre-contractual obligations under any law or legal system.”

They’re not gonna have to do it.


As for the fact this document has been signed by all of the major labels AND Spotify in a show of unification and corporate harmony?

Remember back in January, when it was revealed that historical plays of mystery music was starting to appear on Spotify user accounts?

When we reasonably concluded this could only be the product of two things: either Spotify being hacked by a third-party who was adding streams to user accounts, or, in a much less likely possibility, someone at Spotify doing the deed themselves?

This is what a senior major label executive told us at the time: “It’s a first-party Spotify ploy to dilute total streams, just like ‘fake artists’ – I can smell it.”

Spotify didn’t directly comment in response, but said: “We take the artificial manipulation of streaming activity on our service extremely seriously. Spotify has multiple detection measures in place monitoring consumption on the service to detect, investigate and deal with such activity.

“We are continuing to invest heavily in refining those processes and improving methods of detection and removal, and reducing the impact of this unacceptable activity on legitimate creators, rights holders and our users.”Music Business Worldwide

Related Posts