Maria Eriksson – Eavesdropping to unpack digital streams

In June 2016, a major consumer outburst erupted on several online forums concerned with Spotify. Users were beginning to notice that their Spotify client was running amok, and had suddenly started to record large amounts of junk data on their hard drives; data that could potentially slow down—if not destroy—their storage capacities. As the news spread, reports about larger and larger examples of trash generation began to roll in. Journalists at the tech website ArsTechnica ran a test and found that their Spotify client was unwittingly writing 5 to 10 GB of data per hour on their computers—even when the client was put in idle mode (Goodin). Others reported of having as much as terabytes of junk being dumped on their hard drives in cases where the program had been running for months (Hampton). Blog outlets were calling the debacle an “assault on user’s storage devices,” a case of excessive “data gobbling,” and an issue which was “quietly killing” the lifespan of hard drives (Goodin; BBC; Brown). It quickly became clear that Spotify had unwantedly turned the computers of thousands of Spotify users into garbage dumps. Instead of momentarily transmitting music, the program was spitting out trash­.


While Spotify fixed the bug which caused the garbage generation a few months later, the incident above raises questions about the computational processes that occur below the surface of software clients. At face value, streaming services have frequently been associated with smoothness and stability. Drawing on metaphors of aquatic flows and currents, streaming “invokes a mental image of an eternal sky-blue river peacefully moving through hills, mountains and meadows” (Alexander 5). If cloud storage appeals to aerial fantasies of weightless clouds, streaming instead invokes an imagery of data as an essential, tranquil, and precious natural resource. In this domain of digital delivery, cultural content appears to be neutral, transparent, and in steady supply.


Yet below the seemingly calm and efficient interfaces of streaming services, a hidden cacophony of data arrangements reside; data arrangements which absorb users and digital objects into economies of value, and link infrastructural elements across vast geographic distances. Interfaces do not just make things visible; they also function as filtering mechanisms that hide metadata transmissions, computational processes, and network traffic from direct view. In this sense, the interface functions as a “dynamic space of relations, rather than as a thing” (Drucker 3). Here, careful acts of selection determine what is shown to users—and what isn’t. Interfaces mediate between users and databases; they are membranes of visibility behind which processes of valuation are constantly enacted.


The aim of this post is to think through open and hidden processes of value generation in the context of streaming. As the example of Spotify’s trash generation illustrates, streaming is a generative and productive process that can sometimes have hidden or unintended consequences. I am interested in thinking about how streaming entails accessible and concealed processes of (metadata) surveillance and commodification which are located at the sub-level of the interface. I also want to discuss possibilities of intervening in—and observing—such processes of streamed value production. And in order to do so, I suggest we turn to a simple yet efficient means of gathering information: eavesdropping.


“Eavesdropping”, bio linguist John L. Locke suggests, “is a deeply biological trait with ancient roots. Few if any species do not eavesdrop—even plants do it—and the chimpanzees and other primates” (13). At its core, eavesdropping involves figuring out who is who, and who is doing what to whom; it is a technique of observation which involves collecting knowledge about intimate communications. By drawing from this deeply rooted practice of willfully overhearing conversations taking place between others (in this case, computers), I suggest we overhear—and intercept—network traffic by using so-called Packet sniffers. Thereby, we may also begin to reverse the surveillance-oriented structures of value generation that permeate the digital sphere.


Values above and below

While software environments may seem to empower consumers, adhere to their needs, and only ‘act’ at their command, software systems in fact have a hidden life of their own. As Lev Manovich reminds us, engaging with cultural objects through an interface involves “engaging not with pre-defined static documents but with the dynamic outputs of a real-time computation” (33). Even if a software program might appear as a stable environment, it is always in motion and involves continuous acts of computation. This implies that software also constantly ‘does stuff’ without our direct knowledge; it moves in ways that are not immediately seen, and especially so in the case of streaming. Here, data is delivered to users en masse and in real-time, which requires a constant and complex Internet connections.


For instance, streaming triggers complex entanglements with media infrastructures at a planetary scale. As Nicole Starosielski notes, a simple ‘click’ on a computer commonly activates vast subterranean and subaquatic infrastructures where information is pushed through routers, local Internet networks, Internet exchange points, long-haul backbone systems, coastal cable stations, undersea cables, and data warehouses at the speed of light (53-70). Streaming also engages cloud providers, Content Delivery Networks, and a wide array of third-party software services whose geographic location may be widely distributed across the globe. Every time a streaming service is used, data is pushed back and forth through such infrastructures within split seconds depending on where the connection is best and which actors are involved.


Below the immediate level of the interface also spans the sphere of metadata (i.e. the domain of “data about data”)—a field where clicks and online behaviors are accumulated and converted into market value. As Yuk Hui notes, “the production, circulation, and distribution of metadata takes place beyond the factories as Marx described in Capital, but also sets up a new theatre of individuation which materializes the psycho-social relations as manipulable digits.” The details of what happens in this domain of value extraction are unknown to most users, however. Similar to like an electrical grid or a highway system, metadata is a fundamental resource which underlies network traffic but one which easily blends into the background and remains anonymous and obscured.


Accessing the underground of data

One way of entering this metadata substrate—and studying the infrastructural arrangements on which it relies—could involve eavesdropping on network traffic using packet sniffers such as Wireshark and Fiddler. A packet sniffer is a software solution that makes visible the plethora of data transmissions which occur below the level of the interface. It does so by logging and intercepting the transmission of packets—i.e. small units of data that make up network traffic. Placed as a filter between a digital device and the wider Internet, a packet sniffer makes it possible to study the origin, destination, and characteristics of data that passes to and from a selected device. For this reason, packet sniffers are also frequently used for diagnosing network problems, detecting network intrusion attempts, gathering network statistics, and evaluating the effectiveness of security systems like firewalls or spam filters. My proposal is to repurpose packet sniffers as digital research tools, and using them as an entryway for ‘listening in’ on streamed data traffic.


As sound artist Lawrence Abu Hamdan notes, “listening is never simply a passive and receptive process but an act that plays a fundamental role in the construction and facilitation of the speech of the other (person or thing, subject or object)” (83). Listening is connected to power, and listening on a service like Spotify involves several layers of speech facilitation. On the one hand, Spotify users have the power to give voice to musicians by making their music heard. On the other hand, the algorithmic structure of a service like Spotify also makes recorded user behaviors ‘speak’ in new ways as they are engineered to inform product development, ad-tech markets, music recommendation systems and so on. And as software systems are increasingly deployed to ‘listen in’ on and monetize our digital communications, we also need to develop methods to overhear and study their actions. We need to make hidden data transmissions ‘speak.’


Packet sniffers offer an opportunity to freeze and inspect transmissions of packets which otherwise move at speeds that surpass human cognition. In this way, they alter the speed of network traffic, lay bare the data transmissions that a simple ‘click’ can trigger, and open up for unpacking digital streams. For example, packet sniffing may help us visualize how users are “coded and circulated numerically, invisibly, [and] nonvolitionally” as part of their immersion into digital media (Chun 4). Embedded into packets which are shuffled across the web during a streaming session are numerous tiny behavioral fragments by which music listening is commodified; traces of decisions to skip a song, add music to a playlist, or hit play on a music recommendation. Through packet sniffing, it becomes possible to map the geographic origins of such data packets and study the behaviors of actors who trade in such data. What type of data is extracted from users? And where is the data being sent to?


By recording traces of encryption and compression technologies, packet sniffing can also offer an entryway for considering the assemblage of codecs and protocols on which a specific service runs. Thereby, it may be used as a starting point for disassembling and picking apart the internal data structures of commercial online services. Hidden in captured packets lies traces of third-party software, adoptions of open-source software solutions, and proprietary services. By excavating traces of such entanglements, packet sniffing can help give nuance to the image of the ‘platform’ as a caged-off and solitary entity, and instead reveal the messiness and dependencies of online services.


In addition, packet sniffing allows for studying the sometimes troubled communication attempts that take place between computers, as well as the moments when software break down and misbehave. As even the shortest trial-run with a packet sniffer will reveal, what Federica Frabetti calls “quasi-failures” continuously lurk below the surface of streaming services, also in cases when software appears to be functioning seamlessly (107-135). The complex software and infrastructural arrangements that makes digital streams flow are far from peaceful and serene. Bringing forth evidence of when they fail may help us re-think the notion of streaming as a calm, smooth, and stable mode of delivery.


As a whole, then, packet sniffing may offer possibilities to reverse the surveillance logics that permeate digital environments. What sets streamed content apart from its analogue counterparts, is that these digital objects are not just passive things onto which we may direct our gaze, actions, and attention. Just like us, streamed data environments are observers and carriers of information; they monitor, record, and analyze our characteristics and qualities just as much as we pay attention to them. In a sense, then, packet sniffing may involve reversing acts of surveillance that inform capital generation and capitalist structures in the digital sphere.


Maria Eriksson is a PhD candidate in media studies and an affiliated researcher at the digital humanities laboratory Humlab at Umeå University, Sweden. Her background is in social anthropology, with a special interest geared towards issues related to media and economics. Her dissertation examines some of the code, algorithms, and infrastructural arrangements that underlie commercial circulatory systems for digital music, with the purpose of understanding how digital technologies are forging new types of human/machinic ways of sensing, knowing, and experiencing sound.


Works cited

Alexander, Neta. “Rage against the Machine: Buffering, Noise, and Perpetual Anxiety in the Age of Connected Viewing.” Cinema Journal 56.2 (2017): 1–24.

BBC Technology. “Spotify patches ‘data gobbling’ glitch”, author unknown, November 11 (2016). Digital copy available at <;.

Brown, Aaron. “Spotify could be damaging your computer behind your back, and this is why.” Sunday Express, November 15 (2016). Digital copy available at <“>.

Chun, Wendy Hui Kyong. Control and Freedom: Power and Paranoia in the Age of Fiber Optics. Cambridge & London: MIT Press, 2006.

Drucker, Joanna. “Humanities Approaches to Interface Theory.” Culture Machine 12 (2011).

Frabetti, Federica. “‘Does it Work?’: The Unforseeable Consequences of Quasi-Failing Technology.” Culture Machine 11 (2010):107–135.

Goodin, Dan. “Spotify Is Writing Massive Amounts of Junk Data to Storage Drives.” ArsTechnica, November 11 (2016).

Hamdan, Lawrence Abu. “Forensic Listening” in Audio Culture: Readings in Modern Music, revised edition, Edt. Cox, Christoph and Wadner, Daniel. New York: Bloomsbury (2012).

Hampton, Chris. “Spotify Is Killing Your Computer’s Storage with Junk Data.” Charkattack, November 17 (2016).

Hui, Yuk. “Metadata.” In Critical Keywords For the Digital Humanities, (2014). Digital copy available at <;.

Locke, John. Eavesdropping: An Intimate History. Oxford & New York: Oxford University Press (2010).

Manovich, Lev. Software Takes Command. New York & London: Bloomsbury Academic (2013).

Starosielski, Nicole. “Fixed Flow: Undersea Cables as Media Infrastructures” in Signal Traffic: Critical Studies of Media Infrastructures, Edt. Lisa Parks and Nicole Starosielski. Springfield: University of Illinois Press (2015): 53–70.



  1. Hi Maria, I really like how you reveal the unseen activities of value creation and the linking with the politics of listening through the idea of eavesdropping. Packet sniffing is an interesting strategy from a user perspective where one only has external access to large streaming service companies like Spotify. However, the usefulness of packet sniffing is limited for the everyday user. Data from Spotify is encrypted and packet sniffers can detect the amount of data it is sending, but does not detail the contents itself. It is primarily used for security researchers to identify security holes.

    As researchers, there are also possibilities to see if we can gain access to a company to understand its internal workings beyond an external user though may require signing NDAs. It would be interesting to see from a marketing perspective how data is processed to feed advertisements or recommendations, or technological perspective how errors or bugs are being tracked and how these algorithms work. How is the information being processed and used if at all? The company may already have made some details public in their privacy policy or articles on their algorithms to understand about the data being collected and the value created. I’d be interested to hear more in this regard.


  2. Hi Maria,
 I – like Ashley – am so impressed by the way you explain dataflows. Not only because of the argument of your text but also because you create precise and poetic images of something otherwise invisible: the materiality of data. I especially like the way you visualize surfaces, interfaces as seemingly smooth, stabile, orderly etc. while at the same time pointing towards the messy, chaotic flood of data lurking just beneath the surface. The example you give with Spotify starting to spit out trash in June 2016 functions as a very precise description of the relationship between what we, as humans, see and what we are not able to see. While reading your text, I couldn’t stop thinking about Mark Hansen’s concept feed-forward. Somehow you describe the relationship between human beings and contemporary technologies – 21st century media as Hansen would have it – in a way that made me understand his book in a new way. 

    As I understand it, you propose ‘eavesdropping’ as a strategy for opening up the otherwise sealed ‘platform’. Using technologies such as ‘packet sniffers’ (Wireshark, Fiddler) for “listening in on and overhearing” software systems, recording traces and mapping the structures of dataflow, we are able to become more aware of how certain platforms work. I don’t know much of Wireshark and Fiddler, but I would be interested in hearing more about in what ways this could lead to what you term “a disassembling and picking apart the internal data structures of commercial online services”? In other words, how do we get from overhearing, studying and becoming more aware of how the platform works, to actually changing it and the ways in which we, as users, relate to it? How do we as you write “reverse the surveillance logics that permeate digital environments”? This is not to pose an unfair question to you, but to open up something that I often struggle with myself. In your opinion, would it be a possibility to clog the data channels that inform capital generation by for example generating excessive amounts of data, or what kinds of actions would you suggest?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s