In the wake of the recent kerfuffle that was the Facebook Data Breach, and in an age where privacy and data protection and GDPR are headline news, you would think that digital tech companies would be doing all they can to protect people from having to give more information about themselves that they have to.
But are they?
I’m sad to report that they, in fact, are not. At least not all of them.
To be honest, I’m sad to have to write this article at all, because the truth is I didn’t want to write it.
Music composers are having a harder and harder time making money than ever before, much like photographers who use stock photography websites to generate money from their work online. This is due to a couple of things. First, market saturation. As information bursts from the seams and videos pop up on news feeds, timelines, and channels right before our eyes at a blistering pace, (many times when we don’t even want to see the information in the first place,) the concepts and ideas that we used to only make real in our imaginations are before us day in and day out. Ideas such as “You too, can be a photographer or music composer or beatmaker.”
Not that that’s a bad thing.
But when you combine that with the fact that the barrier to entry for creative enthusiasts is insanely low in terms of being able to pick up a camera or a laptop computer filled with software instruments and VST plugins for less than it costs to buy a used car at the lowest-end used car dealership in the worst part of town, then things begin to get interesting.
To be clear, it’s not easy to make passive income from stock music libraries or stock photography websites. It can be done obviously, but it takes serious work, dedication, and lots of time. Which brings me back to the point of this article.
I have my musical compositions on several digital delivery systems for creative professionals. Pond5, Getty Music, Music Dealers, and some other private libraries. Of all of the music libraries, I’ve only ever been accepted, and then rejected for things that had nothing to do with my work, by one.
Pond5.com
Pond5 and I had a pretty good relationship. But it’s also the only relationship with a music library that I’ve ever had that went very much like my relationships in real life. Blame it on my ADD, but after the romance phase is over with, real life kicks in and for one reason or another, I always find myself back at square one, single, wondering what in the holy hell just happened.
This is what happened recently with Pond5.com. Unlike an actual relationship though, Pond5 actually turned things around on me in a number of ways, more like a beer-joint stripper on an off night who had a desperate need for…questionable items.
When I first uploaded my music tracks to Pond5, things were pretty good, in the sense that some tracks had somewhat consistent downloads. Be aware right out of the gate that they take 50% of whatever you make. Whatever, I’m not worried about this, because I have hundreds (probably thousands) of tracks in my publishing catalog. Hey, I’ve been a busy guy for the last two decades working on music.
But life happened and I ended up losing my recording studio for well over a year. I was forced to move due to a lease issue and re-located into a property that was filled with black mold. It seriously put my health at risk and could have jeopardized it long run. Remediation the mold situation wasn’t east because it wasn’t covered by insurance, since the mold was determined to have been caused by the tenant who lived here at the property before me, and therefore wasn’t covered. So the entire thing was entirely out of pocket. This put me at a serious disadvantage because it was a catch 22. Music was my income, and losing the studio meant I just lost my source of income.
Fast forward one year later and I’m settled back into a new spot, finally have enough money to pay for the new recording facility to be constructed, and for the mold to be removed. I log back in to all of my music licensing accounts and begin to upload music. Here’s where things get harry.
All of the submissions go through except for Pond5.
Pond5 says it can’t accept any submissions from me until I give them a copy of my ID.
Say what?!
They want a copy of my ID even though they already have my social security number and my bank information to deposit money into my account? They’ve got to be kidding, right?
But whatever, I comply and send them a copy of my Identification card.
It is rejected because the date on the card is expired! I can no longer upload files to Pond5 because I have an expired ID card.
At this point I am thinking that perhaps Pond5 was bought out by the California DMV. This would make total sense! Everything that has to do with DMV is waiting, waiting, rejection, paying fees, and so on. They love to make your life difficult, believe me. So does Pond5.
I send them a long e-mail explaining that this is outrageous and that it should be more than enough to send them a copy of my California issued ID card, whether the date said current or not. I reminded them that they already have tons of my other data sucyh as my social and bank account information and that there’s no other practical need for them to have my ID card for “verification.”
I got no reply. Ever.
And this is the part that sucked the most. Because it’s one thing to have questionable practices that are NOT the standard in an industry, and when people are freaking out more than ever about giving people physical or digital copies of information about their personal lives, and it’s another thing entirely to not reach out and respond to enhance the user experience or even just general concerns.
Why This Is A Big Deal
Recently I’m sure many of you have been getting e-mails from companies like Google about GDPR – The General Data Protection Regulation. It’s a big deal and it will affect all business globally, regardless of whether you live in the EU, and regardless of how big your operation is. Now, I’m not a lawyer and the regulation is obviously very long and detailed, but a part of what this regulation involves is how and why people are collecting your personal data. Lawyers Gilbert Villaflor and Ananth Iyengar from the law firm Perkins Coie LLP state that one of the objectives of the regulation is to make sure that you have a very good and lawful reason for the data in the first place:
“If you’re a controller [of data] and you don’t have a lawful basis for processing the data then it’s considered unlawful and a violation of the GDPR.”
They must also receive your consent and permission, and elaborate further,
“When you’re processing personal data based on someone’s consent, there must be actual choice on that person’s part and they can’t be forced to give consent as a condition for receiving service.
And here is the problem because this sounds like precisely what the company is doing. I wasn’t able to upload ANY new music without giving this information.
So obviously I have questions for Pond5, who are based out of the EU. My first question is, what is the lawful basis for you asking for photo copies of my ID for “verification”?
I know all about user experience. I run a consulting firm who deals with PR and marketing, as a result of my many years working the entertainment business. I explain to clients all the time the importance of remembering that user experience should be all about the enjoyment people get out of using your product or service.
From a marketing and PR standpoint, this is like having a waitress pour coffee on you, instead of in your cup, and then when you try to get her attention, she ignores you. Then, since I’m actually paying pond5 every time my music is sold, it’s like the waitress having the audacity to come back over and say, “That’ll be 19.95 plus my tip. Cash, check, or credit?”
There will be some of you who say, “Who cares? Just give them a copy of your current ID.” For one, as mentioned, I did, and even if I didn’t, you would be missing the point here. We live in a day and age where people’s rights are violated all day every day. It isn’t even required that we give a copy of our identification to an officer if we’re not suspected of committing a crime. So why should I have to give it to a company who is admittedly going to keep a copy of it on their server? I simply don’t want photo copies of my information floating out there like that. I never have, and I never will.
Overall, Pond5 seems like a decent marketplace, but I’m not the type of person who says, “Wow, she’s beautiful, but dumb as a bell and has no manners – my type of girl!” I actually care about substance, depth, meaning, and how people treat others. I don’t like having to give more of my information than I need to. There are PLENTY of ways to verify identity. I advertise with Facebook for instance. I have never had to give Facebook a copy of my identification in order to do business with them.
When people ignore your concerns about privacy and overstep their boundaries, at least for me, this is something I take very seriously. Especially of the Data Service Rights written into the GDPR. Maybe you don’t. And that’s totally okay. Our rights are ours to give away or retain. But for those of you out there who are like me and who don’t like having to give away more info than necessary, this doesn’t seem right. Especially since these are changes of their terms. (My old tracks are STILL up for sale. I just can’t upload new tracks. If it’s such a big deal, why not suspend my sales all together? Because it’s admittedly not a big deal to them.)
What are some good alternative libraries that you guys use? I’d really like to switch platforms to something less intrusive, and yes, respectful of data and privacy.