A shadow library group claims it scraped Spotify‘s music catalog and released metadata for 256 million tracks alongside plans to distribute 86 million audio files through peer-to-peer networks.
Anna’s Archive, a platform known for archiving books and academic papers, announced the operation in a blog post on Saturday. The group says it archived music files representing approximately 99.6% of all listening activity on Spotify, though this constitutes only 37% of the platform’s total track count.
Spotify confirmed the unauthorized access. “An investigation into unauthorized access identified that a third party scraped public metadata and used illicit tactics to circumvent DRM to access some of the platform’s audio files,” a company representative said.
The streaming platform disabled the accounts involved in what it called “unlawful scraping” and implemented new safeguards against similar attacks. “We’ve implemented new safeguards for these types of anti-copyright attacks and are actively monitoring for suspicious behavior,” Spotify said.
The archive includes nearly 300 terabytes of data distributed through bulk torrents. Anna’s Archive released the metadata immediately but plans to distribute audio files gradually, starting with the most popular tracks.
The metadata database contains 256 million tracks and 186 million unique International Standard Recording Codes, making it substantially larger than MusicBrainz’s five million unique recordings, previously the largest publicly available music database.
Anna’s Archive framed the operation as a preservation effort. “We saw a role for us here to build a music archive primarily aimed at preservation,” the group wrote.
Spotify labeled the group “anti-copyright extremists who’ve previously pirated content from YouTube and other platforms.”
The operation breaches Spotify’s terms of service. Legal experts note that the mass distribution of copyrighted audio files via torrents constitutes copyright infringement in numerous countries. Industry observers express concern that AI companies could exploit the archive to train models on copyrighted music without obtaining proper licenses.
Spotify emphasized its commitment to combating piracy. “Since day one, we have stood with the artist community against piracy, and we are actively working with our industry partners to protect creators and defend their rights,” the company said.
The company confirmed no private user information was compromised in the incident. The only user-related data involved relates to public playlists created by users.
Anna’s Archive operates as a search engine for shadow libraries, allowing users to find and download copyrighted content through torrents from distributed sources. Google removed nearly 800 million links to Anna’s Archive from its search engine after publishers issued takedown requests.
Information for this story was found via the sources and companies mentioned. The author has no securities or affiliations related to the organizations discussed. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
