Spotify’s New Sharing Feature Exposes Your Identity
What Spotify’s latest product update teaches us about link tracking
Spotify rolled out a new direct messaging feature last week. It was supposed to make it easier to share music. Instead, it turned into a privacy headache.
Reddit users quickly discovered that Spotify isn’t just letting you share songs. It’s also linking your account identity to everyone you’ve ever shared a Spotify link with. This even includes if those shares happened years ago, on other apps like Discord or WhatsApp.
One user put it bluntly:
“I’ve always kept Discord anonymous. But now it seems that anyone I’ve sent a Spotify link to can find me, which means they could discover my full name and account info.”
That’s not what anyone signed up for when they thought they were just passing along a track.
The hidden tracker in Spotify links
Fellow writer
brought this issue to our attention. Here is his original Substack Note:In a case of interesting timing, this problem touches on an issue we discussed in a recent post on Facebook link tracking, available here:
In the context of Spotify, every time you share a song from within Spotify, the app adds a unique identifier to the link. It looks like this:
That “?si=” plus the 16-character code is what ties the link back to you. Anyone else who clicks or shares that same link gets pulled into Spotify’s map of connections.
Worse, users report that Spotify has backfilled years of history. Old links you shared privately are now being connected to your current account.
Why This Matters
If you’ve ever used Spotify links in places you wanted to stay anonymous, such as a forum, a Discord or Telegram group, or even a casual acquaintance, your account identity may now be exposed.
This is a good reminder that sharing links isn’t as harmless as it looks. Companies can (and do) bake tracking identifiers into those links. And sometimes, like with Spotify, it creates privacy risks you never expected.
Quick Privacy Win
We’re all about quick privacy wins and here’s what you can do right now about this problem:
Strip the tracker. Before sharing a Spotify link, delete everything from “?si=” onward. That way, the link still works but isn’t tied to your account.
Note that Brave Browser (our browser of choice) has a built in feature to strip tracking from a URL. In our experience it doesn’t work every time, but it’s good to get in the habit of using that option by default. If it works even 50% of the time, you’re better off. Here’s a screenshot of what it would look like when you right click on the URL:
Audit your shares. Think twice before posting Spotify links in places where you want to stay anonymous.
Prefer neutral links. Some platforms (like YouTube) allow sharing without attaching your identity. Use those kinds of services when possible.
Small adjustments like this stack up. Each one helps you become a harder target and protects your privacy footprint.
Another great privacy win is to clean up your LinkedIn profile. LinkedIn is unavoidable for a lot of professionals. The good news is with a few tweaks, you can make it harder for scammers and other bad guys to use your LinkedIn profile against you.
We have a guide that shows you just what to do in an efficient and balanced manner with a high privacy ROI. Get your copy here. Use promo code 0DPMQ1T to get 25% off.
Friendly Ask
If you found this helpful or informative, chances are your friends and family will as well. Especially those that use Spotify. Please share it with them to help spread awareness.
Looking for help with a privacy issue or privacy concern? Chances are we’ve covered it already or will soon. Follow us on X and LinkedIn for updates on this topic and other internet privacy related topics.
Disclaimer: None of the above is to be deemed legal advice of any kind. These are *opinions* written by a privacy and tech attorney with years of working for, with and against Big Tech and Big Data. And this post is for informational purposes only and is not intended for use in furtherance of any unlawful activity. This post may also contain affiliate links, which means that at no additional cost to you, we earn a commission if you click through and make a purchase.
Privacy freedom is more affordable than you think. We tackle the top Big Tech digital services and price out privacy friendly competitors here. The results may surprise you.
If you have an iPhone, you’ll want to check out this post:
Check out our specialized privacy and security guides in our digital shop. Below is a sample of what’s available. People are really loving the De-Google your Life Guide (available here at 25% off). Browse all the guides here.
If you’re reading this but haven’t yet signed up, join for free (3.2K+ subscribers strong) and get our newsletter delivered to your inbox by subscribing here 👇