Spotify was one of the first streaming services to use AI technology to successfully persuade users to use its service. However, Spotify has also been accused of misusing AI to create fake artists in order to get a bigger slice of the streaming pie. The misuse of AI to manipulate music streams is the dark side of the AI revolution in music streaming, and even led to a prosecutor’s investigation into music streaming service Tidal in Norway. Although the case was eventually dropped, it draws attention to the growing influence of AI-generated content being played on a loop via illegal streaming farms, which in turn can only be detected by AI anti-fraud tools. We are therefore witnessing a real war between streaming fraudsters and anti-fraud fighters, which goes hand in hand with the improvement of AI technologies. This is the subject of the sixth part of our series on AI in the music industry.

AI in the Music Industry – Part 6: Fake Streams and Streaming Farms

In the summer of 2016, Spotify was accused of creating accounts for fake artists whose music was streamed millions of times to get a share of the streaming pie.[1] In July 2017, the industry portal Music Business Worldwide identified a total of 50 artist profiles on Spotify that, despite intensive research, were not real people. Within two years, these ‘artists’ had generated 2.85 billion streams, equivalent to US $11.4 million.[2] Spotify has always denied the allegations of fraud but has had to commit to taking rigorous action against fraud on its platform. To this end, Spotify, along with other music providers such as Amazon Music, Believe, DistroKid, CD-Baby and Downtown, launched the Music Fights Fraud Alliance in 2023, whose members have pledged to detect, prevent or at least mitigate any type of fraud on their platforms.[3]

Maybe also the case of Tidal played a role in setting up the alliance. Tidal emerged, when Black Panther, the business conglomerate of US rapper Jay-Z, acquired a 59 per cent stake of the Norwegian music streaming service WiMP for US $56 million by.[4] In January 2017, investigative journalists of the Norwegian business newspaper Dagens Næringsliv received a package and were stunned by its contents. It was a hard drive containing explosive internal data from Tidal. Billions of lines of data containing streamed song titles, streaming times, user IDs and country codes were listed. The streaming figures for two albums in particular caught the eye: ‘The Life of Pablo’ by Kanye West and ‘Lemonade’ by Jay-Z’s wife Beyoncé, which generated hundreds of millions of streams on Tidal in a very short time. The journalists unveiled that, according to hard drive data, registered users were streaming these albums hundreds of times in the middle of the night. When questioned, the Tidal users denied having consumed the music at night, confirming the suspicion that the streams had been manipulated.[5] In early 2018, the newspaper commissioned a forensic report from the Norwegian University of Science and Technology (NTNU) in Trondheim to substantiate the suspicion. The report, published in April 2018, was unequivocal and came to the following conclusion: “We have through advanced statistical analysis determined that there has in fact been a manipulation of the data at particular times. The manipulation appears targeted towards a very specific set of track IDs, related to two distinct albums. It is difficult to determine the exact cause and means of the manipulation, but it is likely that several methods were used. The manipulation looks to have become more sophisticated during the period for which we have data.”[6] Although the scientists could not rule out an external attack on the Tidal system, they considered this scenario unlikely.[7]

As a result, Norwegian neighbouring rights society Tono, musicians’ advocacy group GramArt, indie label association Fono and artists’ union Creo filed a lawsuit against Tidal in Norway for manipulating streaming figures. In autumn 2018, the Norwegian authority for prosecuting economic and environmental crimes, Økokrim, opened an investigation against Tidal,[8] which were delayed due to legal moves by Tidal and the COVID-19 pandemic. It took until May 2020 – more than two years after the first allegations were made – before the authorities were able to raid Tidal.[9] However, another three years passed without any concrete results from the investigation. Surprisingly, and with little media attention, Økokrim announced in a press release on 27 June 2023 that the investigation into Tidal had been closed. According to the senior official, there was not enough evidence to bring the case before a Norwegian court.[10] Although the case has been closed in Tidal’s favour, the allegations of manipulative streaming activity cannot be completely dispelled.

The streaming pattern identified by the NTNU researchers is similar to that caused by streaming farms. These are interconnected bots that stream music tracks in a continuous loop that have been placed on streaming platforms via digital music distributors.[11] Australian cybersecurity expert Peter Fillmore first drew attention to the problem of fake stream fraud with an experiment in 2013. With relatively little technical effort, he uploaded MIDI-generated songs by a fake artist called John Matrix to the streaming service rdio, which were played in an endless loop and generated one million streams within six months, the equivalent of about US $1,000. Only then did rdio discover the fraudulent streams and remove the album from the service.[12]

The still prevalent pro rata model of streaming services facilitates this form of fraud. All streams in a period are aggregated and revenue shares are distributed to rights holders according to market share. This does not increase the revenue pie, but it does put some of it in the pockets of fraudsters. To underline their criticism of this billing model, US funk band Vulfpeck released an album on Spotify in March 2014 called ‘Sleepify’, which consisted entirely of 31-second tracks with nothing to listen to. They encouraged their fans to stream the album on a continuous loop, earning US $20,000 until Spotify stopped the frenzy after a month. Vulfpeck used the proceeds to fund the ‘Sleepify’ concert tour, which was free for fans to attend.[13]

However, Vulfpeck’s high-profile action did not lead to a change in the payment model, meaning that streaming farms were still able to flood music streaming services with fake songs in order to get a slice of the revenue pie. Streaming farms are offering their “services” on the Internet, allowing labels or artists to supplement their income with fake streams.[14] This is of course illegal, but the manipulations are difficult to detect.

This is where AI comes in. AI generated music tracks  can be uploaded to streaming sites via digital distributors and then streamed millions of times by streaming farms in order to divert royalty payments from the streaming sites. In particular, the ability to create voice clones of superstars with AI tools encourages this form of streaming fraud. A study by the French Centre National de la Musique estimated that by 2021, fraudulent streams accounted for between 1 and 3 percent of total streaming volume in France alone.[15] French streaming service Deezer also calculated that around 7 per cent of all streams on its platform were fraudulent in 2022.[16] Based on these figures, Billboard magazine estimated the damage caused by fraudulent music tracks worldwide in 2022 at more than US $1 billion.[17]

However, AI is also used to combat fraud. Deezer’s CEO, Jeronimo Folgueira, explained in an interview that more than 100,000 tracks are uploaded to the streaming platform every day, and only artificial intelligence is able to detect manipulated streams. Deezer has been using radar technology since 2023. It is scanning entire music catalogues for corrupted tracks and detect unusual streaming patterns.[18] A veritable war is now raging between streaming fraudsters and fraud fighters, with both sides arming themselves with AI technology.

The intensified fight against fraud, to which digital music providers have committed themselves, led to the California-based AI music creation portal Boomy being blocked by Spotify at the beginning of May 2023 on suspicion of creating and distributing fraudulent music tracks.[19] Boomy denied all allegations of illegal activity and condemned any form of manipulation and fraudulent intent on the part of its users.[20] The digital music distributor DashGo,[21] which Boomy uses to upload the songs to the streaming platforms, investigated on its own initiative whether fraudulent tracks had been uploaded and, according to its own information, blocked them.[22] At the same time, the music majors are looking to work with Boomy, which has signed a distribution deal with Warner Music Group’s Alternative Distribution Alliance (ADA) for some of its top artists working with AI from November 2023.[23] This highlights the ambivalent relationship between the recording industry and AI music companies, which will be discussed in more detail later.

Endnotes

[1] Music Business Worldwide, “Spotify is making its own records… and putting them on playlists”, August 31, 2016, accessed: 2024-02-02.

[2] Rolling Stone, “‘Fake Artists’ Have Billions of Streams on Spotify. Is Sony Now Playing the Service at Its Own Game?”, May 15, 2019, accessed: 2024-02-02.

[3] Siehe dazu: Music Fights Fraud Alliance, https://www.musicfightsfraud.com/, accessed: 2024-02-02.

[4] Billboard, “Jay Z’s Bid for Swedish Streaming Company Reportedly Accepted”, March 11, 2015, accessed: 2024-02-02.

[5] Dagens Næringsliv, “Project Panther”, January 20, 2017, accessed: 2024-02-02.

[6] Norwegian University of Science and Technology (NTNU), Digital Forensics Report for Dagens Næringsliv, April 10, 2018, p 54.

[7] Ibid.

[8] Music Business Worldwide, “TIDAL ‘fake streams’: Criminal investigation underway over potential data fraud in Norway”, January 14, 2019, accessed: 2024-02-02.

[9] Music Business Worldwide, “TIDAL now officially a suspect in Norwegian data fraud investigation”,pJune 10, 2020, accessed: 2024-02-02.

[10] Økokrim press release, “Charges dropped in Tidal case”, June 27, 2023, accessed: 2024-02-02.

[11] Hypebot, “Are music streaming farms really that bad? Take a closer look…”, July 28, 2022, accessed: 2024-02-02.

[12] The Register, “Aussie bloke hacks way to top of music charts with MIDI-based tunes”, March 29, 2016, accessed: 2024-02-02.

[13] Billboard, “Vulfpeck’s Half-Joke ‘Silent Album’ Made Some Serious Cash”, July 22, 2014, accessed: 2024-02-02.

[14] Qonzertapp-Blog, “Streaming Farms: How Big Artists and Labels Fake Their Streaming Numbers”, n.d., accessed: 2024-02-02.

[15] Centre national de la musique, 2021, “Manipulation des écoutes en ligne”, accessed: 2024-02-02.

[16] Billboard, “Why Can’t Music Fix Its Fake Streams Problem?”, April 5, 2023, accessed: 2024-02-02.

[17] Ibid.

[18] Music Business Worldwide, “As AI-made music explodes, Deezer lays out strategy to identify AI tracks and ‘weed out illegal and fraudulent content’ on its platform”, June 6, 2023, accessed: 2024-02-02.

[19] Music Business Worldwide, “The Boomy/Spotify streaming fraud debacle proves ‘pro-rata’ must go – urgently”, May 4, 2023, accessed: 2024-02-02.

[20] Music Business Worldwide, “AI music app Boomy has created 14.4m tracks to date. Spotify just deleted a bunch of its uploads after detecting ‘stream manipulation'”, May 3, 2023, accessed: 2024-02-02.

[21] DashGo is owned by the music rights company Downtown, which is a co-founder of the Music Fights Fraud Alliance.

[22] Ibid.

[23] Music Business Worldwide, “Warner’s ADA to distribute select artists’ music from generative AI platform Boomy in ‘first-of-its-kind deal'”, November 29, 2023, accessed: 2024-02-02.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.