I wanted to follow up briefly on my original post regarding my recent problems with the iTunes store, in part because some readers left comments that made interesting points that I thought I should address. Also, reading the comments has pushed me to think a little bit more about some of the issues involved in an incident like this.
Some readers suggested that buying music from a local independent retailer is a better alternative to buying music from iTunes. I totally agree. In fact, I buy the vast majority of my music from my local indie retailer, In Your Ear in Warren, RI. The owner is a friend of mine and I know he considers me a valuable customer. I have bought very little music from iTunes over the years, and what I have bought is mostly stray tracks, and a couple "iTunes exclusives" from bands I like. By far, my preferred method is to keep things local, and I have long been an advocate for that. (My car even sports a "Support Your Local Record Store" bumper sticker.) That said, I can’t agree with the perspective that says anyone who buys from iTunes deserves to get screwed.
I also don't see it as my business to tell anyone to not shop at iTunes if they want to, which is why I only went so far as to recommend funding with a pre-paid card for safety reasons. I'm not going to tell people not to buy from iTunes because I had a bad experience with them.
One poster suggested that it is unfair to expect Apple to "know" I wouldn't want to buy a particular release because a big electronic store like iTunes is totally different than a store run by person with cognitive abilities. This is a fair point. The reason I framed the incident in the way I did was to point out the differences between retailers that you have a personal relationship with, and e-tailers that create a kind of simulated personal shopping experience. Would it be unreasonable to expect Apple's iTunes store to be "smart" enough to automagically recognize when someone attempts to purchase something unusual on my account? In isolation, yes. But when a pattern of purchasing emerges that is totally out of character with my previous purchasing patterns (as was clearly the case here), Apple could easily detect that if they cared to.
My credit card issuer caught the fraudulent activity not because they pay a bunch of humans to sit around and study transaction sheets for suspicious activity, but because they employ sophisticated algorithms that can detect patterns that are out of the ordinary. Fraud detection algorithms are much more sophisticated than I think many realize, and they are nothing new. Banks and credit card issuers have been using them since the 80s. I am honestly a little surprised that Apple doesn't have some similar system in place for iTunes.
That said, no algorithm can detect fraud 100% of the time. Even the very best algorithms will miss something or generate a false positive on occasion. But what this experience suggested to me is that Apple has no fraud detection algorithms in place for its iTunes store whatsoever. If they did, the algorithm would certainly have picked up on the suspicious purchasing pattern that started with a single $1 purchase, then quickly escalated to numerous more expensive transactions.
Should we expect an online store like Apple iTunes to have robust fraud protection? I'll leave that for others to decide. The question here to mind is what do we get in return for all the information that we share with Apple? Because, believe me, Apple benefits from the information we give them about ourselves. In the case of iTunes we get recommendations for things to buy and the ability to create Genius playlists. What we don't get is even the weakest form of fraud protection. For some that will be a fair trade, for others not.
For me, all of this raises another issue, which is: How many of your digital eggs do you want to put in one basket? This is going to be an increasingly relevant question with the proliferation of devices like the iPad.
Currently, I use an iPod to listen to music on the go and LPs and CDs to listen to music at home. I use DVD, Blu-Ray and Netflix streaming service to watch movies. I get my phone and internet service through Cox. My cell phone service is through T-Mobile. My GPS system is a Garmin. My books are all still made of paper. There is an undeniable appeal to the idea of being able to combine all these functions (and more) into a single device or closely related family of devices. Certainly this is the kind of integrated system that Apple is hoping we will soon find impossible to live without.
But there is an obvious value to keeping these things separate that I think is perhaps under-discussed. If something goes wrong with my Garmin, I can always fall back on Google Maps to get directions. If my iPod breaks, I can still listen to LPs at home and CDs in the car. If I have a billing dispute with T-Mobile, I can still make phone calls from home, etc. There is a certain level of redundancy to a patchwork system of devices that helps us avoid catastrophic failures.
But what happens as we move toward a model in which all of these functions are integrated into a single device or family of devices linked to a single corporate entity? It's clear to me that is currently the direction we are headed, but I don't know that the implications of this move have been explored as thoroughly as they should be. What privacy issues will be involved? Will you actually own anything on the device, or only be allowed to use it at someone else's discretion? What happens if you decide you want to switch to a competing device/service? What happens when there is a billing dispute? Will there be sufficient government oversight and regulation to prevent monopolistic behavior? Is the convenience gained worth the risk of losing access to everything at once?
I don't necessarily have answers to these questions. But perhaps it would be wise for consumers to think a bit about them before making the leap into this new paradigm.