Ticketmaster House Testimony Contradicts Privacy Policy, Prior Statements Ticketmaster House Testimony Contradicts Privacy Policy, Prior Statements
When asked by members of congress last month about what data her company had access to for users required to use its ticketing systems... Ticketmaster House Testimony Contradicts Privacy Policy, Prior Statements

When asked by members of congress last month about what data her company had access to for users required to use its ticketing systems for mobile-only “Safetix” events, Ticketmaster President and COO Amy Howe had a simple answer:

“Name, phone number, email address,” she told the Subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce February 26. That was all her company required of users for such systems, which make it impossible for consumers to access tickets anywhere but within Ticketmaster’s walled garden. “We cannot market to that consumer, we cannot sell that data.”

The answers came in response to questions generated by members of the subcommittee, who pressed the Ticketmaster executive in response to accusations by StubHub’s Stephanie Burns that Safetix and systems like it raised questions regarding both competition and consumer privacy.

In reality, however, Ticketmaster has access to far more data than that when consumers are forced to use its systems for mobile-only transactions. And claims it cannot market to that consumer or sell data acquired via such systems are quickly proven false by its own privacy policies and consumer experiences.

“Witnesses at the oversight hearing were testifying under oath. All witnesses presenting before Congress must speak forthrightly and truthfully at all times,” says Rep. Bill Pascrell (D-NJ), a longtime Ticketmaster critic and co-author of the proposed BOSS Act who attended the committee hearing in Washington, D.C.. “There can no doubt that Ticketmaster and Live Nation have abused their power as monopolies for years. The primary result of their bad practices has been the gouging of millions of customers who want nothing more than to enjoy a little entertainment for a reasonable price.”

Several members of the committee did not respond to a request for comment for this story.

“Safetix” – a dynamic ticketing system that uses a regularly updating barcode to prevent the ability of consumers to screenshot the barcode on their phone and use outside of Ticketmaster’s system – has been somewhat controversial of late. In September, the system was enabled without warning at a Black Keys concert, causing hundreds of consumers who purchased tickets on secondary markets to be rejected from the performance.

Since its inception, it has been marketed as both a anti-fraud technology for consumers and also a massive source of data for Ticketmaster’s clients.

“What’s unique about Presence is that it replaces something outdated and inherently anonymous – a laser reader and a paper ticket – with cutting edge technology,” reads a release posted to Ticketmaster’s tech website in 2017.

That means things like entry information, in-venue update, upgrade offers, and any event changes can be communicated directly to the fan attending the show. In addition to providing a more engaging experience for fans, venues can increase security and decrease fraud by better understanding both who bought the ticket and who is in the seat at an event.”

In short, the system gives the rights-holder a lot of information about who bought it, and anyone who transferred it within the proprietary system along the way.

Within its terms and conditions and privacy policy, Ticketmaster’s right to consumer data is spelled out in detail. Data grabbed from consumers who either purchase or are transferred a ticket includes contact and billing information, age, race, gender, health information for accessibility purposes, and more. And it is sharable with third parties – including artists, promoters, teams, and sponsors for events consumers buy or are transferred tickets for. Once distributed, consumer data is subject to the privacy policies for those entities, and it is specifically mentioned that you may be sent marketing communications.

When directly asked about what Ticketmaster does with consumer data received from customers who make purchases on other platforms by Rep. Yvette D. Clarke (D-NY), Howe replied “The only information we receive is the consumers name, email and phone number. And the only thing we can do with that is fulfill the ticket. If there’s an issue fulfilling [an order] we use it for customer service.

“All consumers have to opt in for marketing purposes. That’s regardless of what platform they’re buying on.”

To see if the gap between what was said at the subcommittee meeting and past statements about Precence/Safetix and the privacy policy, we also conducted an experiment. A staff member had a pair of tickets transferred to a newly-created email address. They accepted the transfer, and did not opt in for any marketing.

Within 36 hours, that email address had received marketing emails from Ticketmaster itself, the event promoter, and the venue. Those have continued to this day despite never being opted in for.

 

We reached out to multiple Ticketmaster staff members and its general media inquiry email address for clarification on the policies in place and Howe’s statements at the hearing, but have yet to receive a response.

Video of the hearing and testimony is embedded below: