From Napster to now: The legacy of Y2K music piracy

In the 1920s, music companies were facing a piracy problem. Across major cities, bootlegged copies of sheet music were a commonplace and more convenient option for music fans than the official offerings from major publishers. Sound familiar?

Although most people point to the late 1990s and early 2000s as the end-all-be-all era of music piracy, the problem has been persistent across the entire history of recorded music, shapeshifting to fit each era. Following the days of sheet music piracy, other popular iterations of music bootlegging emerged — like the DIY “labels” of the ‘70s that profited from tape-recording live events, printing cheap copies and selling them under the radar. Only a few years later, hip hop and electronic music emerged and popularized the use of uncleared samples and the monetization of unlicensed, derivative works.

Fast-forward to today, and the dominant narrative in the music industry seems to be that streaming, and Spotify in particular, “saved” piracy. But piracy still continues in underhanded, sometimes humorous forms. And the DMCA and early lawsuits against Napster and unsuspecting music fans have left a deep, consequential legacy on the relationships between music and tech companies — particularly music rights holders’ surprising slowness to adapt to user behavior.

Digital piracy cripples the music business

In 1999, with the founding of the peer-to-peer internet file-sharing site Napster, piracy grew from a background nuisance into a devastating, decade-defining threat for recorded music. From 2000 to 2010, U.S. recorded music revenue decreased by nearly 62%, much of which is attributed to the proliferation of music piracy. In 2007, the Institute for Policy Innovation found that both local and global sound recording piracy was costing the U.S. economy up to $12.5 billion in total annual output and over 70,000 lost jobs.

Though Napster itself lasted only a few years (the site shut down in July 2001 following its lawsuit with the RIAA), the site had opened Pandora’s box; there would be no going back to the sunny CD era which saw the highest profits in recorded music history, peaking at $22.7 billion (adjusted for inflation) in the U.S. in 1999.

For reference, U.S. recorded music revenue was just $12.2 billion last year. Globally, as Benedict Evans found, Apple’s App Store commission alone now generates more revenue annually than all digital recorded music revenue combined. Music sales are growing year-over-year, sure — but it’s a mere fraction of what it used to be.

The RIAA was hoping it had squashed illegal P2P file-sharing post-Napster — but the consumer demand for free music remained, spawning a suite of new, piracy-riddled P2P services like LimeWire and Kazaa, both founded in 2000. Unlike Napster, LimeWire outlasted the record industry’s attempts to sue them into oblivion for nearly 10 years, including a particularly costly 2006 lawsuit that forced the service to pay $105 million in damages to the major labels. Its surprising resiliency against attacks allowed LimeWire, at its peak, to be responsible for 80% of all illegally downloaded music.

To benefit from sites like LimeWire, however, users had to assume great risk — and not just because bad audio, computer viruses, misnamed files and illegal content (including child pornography) were rampant. As part of their anti-piracy campaign, the RIAA directly sued over 1,400 individual users (read: fans) to scare them into compliance with U.S. copyright law. Many of these users were far from typical criminals — like Joel Tenenbaum, a college student who was ordered to pay $675,000 for file sharing of 30 songs (that’s $22,500 per song); Jammie Thomas-Rasset, a Native American mother of four from Minnesota, who was sued in 2007 and forced to pay a $222,000 penalty for sharing just 24 songs on a P2P network (or $9,250 per song); and Gertrude Walton, a deceased (yes, you read that right) grandmother who allegedly hated computers but was still wrongfully accused of pirating 700 songs, due to a false match between her birth name and the username “smittenedkitten.”

Streaming is both the solution and the problem

Spotify may be the world’s biggest paid music streaming service today, but it was far from the first. In the wake of Napster’s shutdown and iTunes’ failure to bring the recorded-music sector back to a state of growth, dozens of music streaming services entered the market in the mid-2000s — many touting the same “celestial jukebox” vision of offering all-you-can-eat access to millions of songs for a low, monthly fee. At one point, all the major labels even banded together to launch their own branded streaming service called PressPlay, but it didn’t last longer than two years.

Spotify, which was founded in Stockholm, Sweden in 2006 and launched in the U.S. in 2011, happened to nail the perfect combination of good timing, sleek branding and a superior user experience driven by new forms of algorithmic recommendation. And at least as far as messaging was concerned, the company definitely had anti-piracy in mind. As CEO Daniel Ek told The Telegraph in 2010, “I realized that you can never legislate away from piracy,” as the RIAA had tried to do. “The only way to solve the problem was to create a service that was better than piracy and at the same time compensates the music industry.”

According to many sources, Ek’s Spotify helped do just that. Market researcher YouGov, for example, found music piracy fell from 18% in 2013 to 10% in 2018 as legal music streaming sites like Spotify grew — and 22% of surveyed participants who pirated music said they planned to stop within five years.

But music piracy never truly died, not even with affordable streaming options. Just like piracy morphed from decade to decade in the 20th century, we currently face new, popular forms of piracy as the industry evolves in the 21st century.

In fact, many emerging piracy practices are taking place on Spotify itself. For instance, there have been multiple reports over the past few years of users taking advantage of music metadata loopholes to upload leaked audio onto artists’ Spotify pages without their permission. Andy Chatterly, CEO of copyright monitoring company Muso, calls this strategy “hijacking”; the hijacker is often able to collect a substantial amount of royalties before the DSP and/or the artist’s team discovers and removes the error, which can take anywhere from a few hours to over a week.

Major celebrities like Addison Rae, Beyoncé and SZA, as well as independent artists and bands like TV Girl, have all been subject to this underhanded form of piracy. “On a monthly basis, we see whole albums being uploaded that the artist has nothing to do with,” says Chatterly. “I think that’s a big issue.”

In addition, Spotify’s burgeoning podcast infrastructure offers a ripe foundation for piracy. Since 2019, using free hosting tools like Anchor, people have been uploading ripped versions of major songs by the likes of Cardi B and XXXTentacion onto Spotify as podcasts that can be streamed for free. Importantly, because these files are uploaded as podcasts, their streams don’t translate to royalties for the original artist. These infringements also seem to last longer on Spotify than traditional “hijacking,” often going unnoticed or unreported for weeks or months.

Because digital service providers are protected by Title II of the 1998 Digital Millennium Copyright Act (DMCA), YouTube, SoundCloud, Spotify and the like hold limited liability when users post infringing content on their platform. According to the DMCA, tech platforms are required to act only if they have been specifically alerted to an infringement. This places the burden of reporting and fixing illegal uploads onto the artists’ teams, and allows the platforms plausible deniability when told of infringing materials on their sites.

Beyond piracy on DSPs, trade organizations point to stream-ripping — comprising any site, software or app that allows users to download audio from third-party sites without permission, like y2mate.com or mpgun.com — as a major driver of most piracy today, as opposed to the torrenting or P2P file-sharing associated with the early 2000s. A 2020 study conducted by INCOPRO and commissioned by PRS for Music found that stream-ripping now counts for over 80% of the top 50 music piracy sites in the U.K., while torrenting trails at only around 6%. Moreover, YouTube is the most popular source of content for stream-ripping, offered on 70 of the top 100 music-piracy sites analyzed in the study.

The Protecting Lawful Streaming Act, signed into U.S. law in December 2020 as part of a COVID-19 stimulus bill, officially makes it a felony to run “commercial, for-profit streaming piracy services” like the ones discussed above. Perhaps learning a lesson from the negative reaction to the RIAA’s early lawsuits against fans, this bill does not impact “individuals who access pirated streams or unwittingly stream unauthorized copies of copyrighted works,” according to an official press release.

But it’s not clear who exactly will be responsible for enforcing this law, and how they will do it; dozens if not hundreds of stream-ripping sites are still active online. And laws like the DMCA still protect consumer-facing tech platforms like YouTube and SoundCloud from having to enforce these regulations perfectly.

The legacy of Y2K music piracy: The importance of asking the right questions

Since Napster was founded over 20 years ago, a lot has changed about how people pirate music, and thanks to streaming, they are doing a lot less of it. But viewed through the lens of the DMCA, the music industry hasn’t changed much of their actual strategy for addressing the problem of music piracy.

To be fair, nearly every major tech platform, DSP and search engine today has its own safeguards to combat at least some piracy and infringement. There is also a burgeoning ecosystem of third-party content recognition tools that music rights holders and tech platforms alike can use to monitor pirated content more efficiently, such as Muso, Audible Magic, ACRCloud and Pex.

But the platform protections built into the DMCA still force artist teams to play their own game of takedown whack-a-mole to safeguard their catalogs. In turn, this also creates a confusing and frustrating experience for burgeoning creators on these platforms, who don’t have clear benchmarks for what is or is not allowed when it comes to using music in their content. Consider the last year-and-a-half, for example — when rampant music takedown requests on Twitter, Instagram and Twitch frustrated artists and fans around the world, most of whom were just trying to spread the word about the songs they loved.

The problem at the heart of this conflict is that anti-piracy campaigns in music have historically been focused solely on punishing the results, instead of going deeper and addressing — and, importantly, adapting to — evolving consumer behavior.

In fact, music piracy in the 2000s was all about communicating a pain point at the time: Everyone loved music, but music cost a lot of money. In the CD era, labels and record stores were charging the 2021 equivalent of about $29 for a single compact disc, making music consumption cost-prohibitive for many. The rise of Napster and other online torrenting sites in the early 2000s was both a reaction to high CD prices and a reflection of fans’ desire to listen to a lot more music. The more sound move for labels would have been to recognize and adapt to these customer pain points, not litigate through them.

In this vein, Muso’s Chatterly shies away from the word “piracy” altogether to describe the actions of users who torrent, stream-rip and illegally stream infringing works today (excluding those who profit from piracy). “We prefer to use the word ‘unlicensed,’” he explains. Rather than treating these consumers as criminals, as the RIAA has historically done, Muso sees them as fans, signaling desire for easier access and/or more affordable prices — all needs that the music industry should be able to meet themselves. “These are people who are consuming music. They’re probably fans,” he says.

Muso launched a tool in 2014 that replaces unlicensed music on piracy sites with a free preview of the track coupled with a message along the lines of, “You seem to like this band! If you want to see them make another record, please support their music.” From there, users can choose to purchase a legal file of the track or be redirected to Spotify or Deezer.

At the same time, while streaming has largely quelled the problems around piracy from the Y2K era, music listeners and fans continue to turn to piracy for a variety of reasons. Maybe they love a certain unlicensed remix or live version of a record that they can’t find anywhere else. Or maybe they’re hoping to drive more value and hype around a song online — whether playing it for thousands of viewers on a livestream, including it in a Roblox game or embedding it into an NFT — and only realize after the fact via a DMCA takedown that they were unwittingly violating copyright law in the process.

Nearly every major social platform either already has or is in talks to get blanket licensing deals with rights holders, which will hopefully help formalize music sharing as a way to drive, rather than diminish, music’s value. Whatever the case, we are still living through the residual effects of the first decade of the 21st century — an industry-altering era when record companies learned the hard way that consumers want more music and will do just about anything, except pay, to get it.