ArtistsData Security

It’s easy for artists to dismiss hacking as something that only happens to big companies or governments, but as many found out last week when distributor Tunecore was compromised, even small-time creatives aren’t immune. When you choose a music distribution platform to sell music online or deliver songs to streaming services, data security needs to be one of criteria you use to evaluate your options.

Make sure your music distribution is compliant with data security

Not all digital distribution platforms are alike. Although it might be tempting to go with the service that charges the lowest fees, it is definitely worth doing some due diligence to make sure you won’t wind up exposed. Make sure to see if a service has ever been hacked before, and if so, what steps they took in the aftermath to correct any security lapses. It’s also worth asking how user data is encrypted and how secure the distributor’s networks are — while a distributor doesn’t need a full time security expert to keep things in good shape, they should probably have at least consulted with someone to make sure all systems are in good order.

At a certain point, when you work with a digital distributor, you wind up leaving things to chance. But good security needs to start at home, and artists should make sure they observe data security best practices (starting with a secured password) on their personal networks as well — hackers have broken into producers networks and stolen unfinished tracks in the past.

11.19.14_music-stream-data.jpeg

You don’t want to take the risk to be hacked

That’s just one of the many risks artists face if they are hacked. First and foremost, your financial information could be stolen — and once that happens, it can be very hard to track down who exactly has your information. Even if you call your bank and alert them as soon as you find out, the hackers might have already used your information to make purchases, and getting that money back can be a long and difficult process.

Your personal information can also be stolen and resold, and you might not know that has happened for many years. If you’ve shared your government identification number (usually your Social Security number in the United States), that can then be sold along to someone trying to enter the country without proper documentation — and can create a massive headache if you ever want to collect government benefits. Your address and phone number can also be sold on to scammers, and although it’s unlikely someone will show up at your home, you can be the target of other mail and phone scams. Digitally savvy folks can generally see through these, but some are convincing — there have been cases of people calling about realistic sounding medical bills, for instance, and getting people to offer credit card numbers over the phone.

As mentioned above, hackers can also steal and distribute your music, although the good news is that unless you’re a superstar, this won’t be a huge deal. Once you release a song, it’ll likely end up on torrent sites soon enough — that’s just the situation these days. That said, having rough drafts of songs get out before they are ready is never fun, so add that to the list of reasons to make sure your data is protected.

Some tips to protect your data

  • Regularly change your password  (every 3 months);
  • Don’t use your name on your password, it is easier to hack;
  • Combination between numbers and letters are best.

Data security isn’t a particularly fun or sexy topic, but it’s also crucial to making sure all your hard work doesn’t wind up being compromised. As long as you do some due diligence and make sure your digital distributor is responsible, you can avoid some of the headaches outlined above.

Internet personality Josh Ostrovsky has recently come under fire for stealing jokes and images without proper attribution, and using that content to build a personal brand so strong he recently signed to talent agency CAA. Ostrovsky claims it was all a matter of misunderstandings and sloppiness on his part, and that no ill will was intended. In a recent interview with New York Magazine, he said the following in his defense: “The internet is a vast ocean of stuff, and sometimes it’s hard to find the original source of something. I now realize that if I couldn’t find a source for something, I probably shouldn’t have posted it in the first place.”

Ostrovsky probably should have tried harder, given his online stature, but he’s also right — the web is giant, and finding proper sources can be difficult. It’s easier than ever to share content — and harder than ever for content creators and owners to make sure they’re being credited, let alone paid, for their work. While the buzz this summer has been around the blockchain as a potential solution for music copyright management and payout transparency, it could also potentially serve as a solution for the broader woes of content creators.

The blockchain already allows messages, text, and and images to be stored, and it would be possible to create a digital watermark and timestamp on an image or piece of text to attribute it to the creator. The openness of the blockchain could help correct for any false attributions, so an average user couldn’t claim to be Andy Warhol. Smart contracts built on top of images could help facilitate payments more easily for commercial artists and photographers, and tipping services like Huzza could ensure that hobbyists can at least collect tips from fans.

For many casual social media users, the blockchain probably wouldn’t make much of difference — if I’m just sharing a funny joke or image to my small group of followers, I’m not going to take the time to do a full search for attribution, and the person who made the joke likely doesn’t care, anyway. But when you start dealing with people like Ostrovsky and his ilk, who make their living sharing content, it provides a neutral ground for determining who owns what and who should be credited.

That said, there are some definite downsides that need to be considered. If Tesla and Marconi could basically each independently invent the radio, the changes that someone else thinks of the same clever quip to slap on an image of a cat as you did are fairly high. The web has enabled a radical openness that allows people to see and share images from all over the world, and anything that chokes that ability would be a negative. But as all the work on Creative Commons has taught us, there are many creators who are fine with giving content away, so long as the credit is given to them and their work isn’t monetized by someone else.

There is also the challenge of getting old content on the blockchain, especially if it’s content that’s not very profitable. The same problem appears in music — data for catalog content from bands like Rolling Stones is likely to be complete and correct, whereas data for a band who sold 500 copies of an album thirty years ago isn’t. Still, the openness of the blockchain means that it will be easier for individuals to share their copyrights, and if you’re a member of that long-forgotten band, you still have some interest in getting paid.

A content-filled blockchain could stop plagiarism before a book even goes to press. An image filled blockchain could help a young artist get paid when his or her work appears in a magazine. A blockchain with smart contracts layered on top of text and images could mean more money for creators, paid out more quickly. It’s not a solution that will be implemented overnight, or even in the next five years, but it could be a long term solution to the copyright woes artists currently face.

Want to add your thoughts to this discussion, or learn more about Revelator? Visit http://www.revelator.com.

DA Wallach is fully aware he’s in uncharted territory. “I’m unaware of anyone who has used the blockchain to share data around music,” he says.

But just because no one in the music business has used the technology yet doesn’t mean that it’s not a potentially viable solution to fix the industry’s data, payments, and transparency woes.

“We don’t have a single, objective database to keep track of who owns what and is owed what, partially because no one has trusted each other enough to create something like that,” says Wallach. “But the blockchain represents a neutral ground, and a possible solution.”


“There are massive problems with the way music
copyrights and payments are currently managed”.

At this point everyone is aware that there are massive problems with the way music copyrights and payments are currently managed. Lacking a central database, those seeking to license music are forced to wade through disconnected and often incomplete information.

Artists are left to receive checks every quarter for seemingly random amounts, with almost no information about why those payments are being handed down.

And plenty of artists don’t even see money owed to them, not because of bad faith or unscrupulous actions by any one party, but simply because no one predicted the digital revolution thirty years ago when entering information in a database.

“No one predicted the digital revolution thirty years
ago when entering information in a database”.


The summer of 2015 has been the summer of the blockchain for the music business. Plenty of op-eds on either side have been published, with tech savvy artists and startup founders praising the technology as the means to an open and transparent payment system and naysayers dismissing it as another fad.

The truth seems to lie somewhere in the middle — while it’s dangerous to call anything a “savior” in this business without being reminded of videodisks, digital watermarks, and other flops, it’s also silly to dismiss the blockchain’s potential to create real change.

“One of the biggest problems now is a lack of understanding
about what the blockchain actually is”.

One of the biggest problems now is a lack of understanding about what the blockchain actually is and why it could power a solution where others, most recently the Global Repertoire Database, have failed.

Blockchain technology is most often related to bitcoin, the cryptocurrency associated with various illegal online activities (and, to be fair, plenty of legal commerce). But bitcoin and blockchain are not interchangeable terms; rather, the blockchain is the database that powers bitcoin, but it is certainly not limited to that one role.

Distilled down to its simplest essence, the blockchain is a decentralized public ledger that is duplicated across a “peer to peer network” while still maintaining a coherent state (agreed upon by all participants) without requiring a central authority.

New content updated to the ledger is validated and encrypted periodically and that data is bundled into a new block, making it hard to change the content of a block without permission.

Distilled down to its simplest essence,
the blockchain is a decentralized public ledger that
is duplicated across a “peer to peer network”.


Unlike many databases that exist today, the blockchain is public, meaning that data cannot be manipulated on the back end.

It is also open to public viewing and everyone has a full copy of the data, so it can never disappear, and everyone can participate. Think of it a little likeWikipedia, which allows open participation but open monitoring as well.


Blockchain technology also presents the possibility of using smart contracts. Smart contracts (or self enforcing contracts) are programs that execute a contract, without the need of an outside party to enforce them.

Because the blockchain is decentralized and immutable, everyone can trust a smart contract that runs on it.

For example, one can describe a contract where upon buying a song on iTunes, the value is immediately distributed with certain percentages (say 30%, 30%, 40%) between 3 predescribed parties (e.g. Apple, the record label and the artist).

Streaming services and labels could sync their payment systems up with the database and send royalties automatically, and artists could trust that they were being paid what they were owed.

“Streaming services and labels could sync their payment
systems up with the database and send royalties
automatically, and artists could trust that they
were being paid what they were owed”.


One interesting ability, available already on the Bitcoin blockchain, is a multisignature (or “multisig” for short) address which splits ownership between multiple parties (like a safe deposit box that needs more than one key to be opened).

Even if a band breaks up or members have a falling out, every member would still have to give permission for any contract to be modified, ensuring that no one member could monkey around with royalty payments.


One of the biggest battles will be getting artists and rightsholders on board the blockchain train. Wallach admits that this likely won’t happen overnight, and predicts it’ll be at least ten years before adoption will be widespread.

However, once information is being uploaded widely, the blockchain will provide accurate metadata for all to see, and transferring payments and copyrights will be as quick and easy as sending an email. Payments will be transparent and efficient, and easy to use as well.

“Transferring payments and copyrights will be
as quick and easy as sending an email”.

One possibility is that blockchain technology in music will be adopted first in developing markets that lack legacy databases.

As it stands now, most of the data is siloed and hard to understand even in developed markets, and as developing markets come online, the lack of any central database will be problematic.

In some African markets, mobile payments built on top of blockchain technology are commonly used; here in the US, it’s not hard to find business that don’t even accept credit cards.


The blockchain is also not the only game in town. Apple and Google, as well as the record labels, all have their own databases and many insist on those being used.

There are documented problems with historical data as well — even if artists all started using the blockchain tomorrow, there’s still almost fifty years of historical music metadata sitting out there, much of it incomplete and incorrect.

It makes sense for labels to make sure their most popular catalog content is correct — but pity the poor artist who sold a few thousand copies in the mid-seventies and then disappeared from view.

This is where a more open system could help; while that artist’s label has no real financial incentive to help him or her, the artist in question could upload their own information and at least start seeing some micropayments.


“An open and transparent platform that can
be used by anyone, anywhere in the world,
would open up opportunities for artists
to be compensated and music to be licensed
in new and exciting ways”.

Legitimate questions aside, the blockchain offers unprecedented possibilities in transforming digital rights management in the music industry.

An open and transparent platform that can be used by anyone, anywhere in the world, would open up opportunities for artists to be compensated and music to be licensed in new and exciting ways. Ultimately, greater transparency and smart contracts represent a great new way for artists to be paid fairly.

Revelator is one of a handful of startups innovating in this space, and isannouncing today a new partnership with Colu.
You can read the press release or the whitepaper.