When Apple announced iCloud back in June, it announced an intriguing feature called iTunes Match.  iTunes Match will scan users’ hard drives for music files and identify them using techniques such as acoustic fingerprinting and scanning ID3 metadata in MP3 files.  If it identifies a track that’s in the massive iTunes library, it will download that track to the user’s Apple devices or PCs/Macs running iTunes software. Apple will charge US $24.95/year for iTunes Match.  Earlier this week, Apple took it into beta and released it to developers.

Astute readers may have caught a very interesting word in the previous paragraph: download.

We had been speculating whether Apple would supply tracks to users’ devices by download or streaming; Apple itself had been ambiguous — I would say intentionally — on this point.  A poll of Copyright and Technology readers suggested that streaming was the likely method, by more than a two-to-one margin.  No: in the latest version of the beta, as of August 31, it’s downloading.  (To be more precise: progressive downloading, meaning that the track starts playing shortly after the download starts.)

I imagine that stream vs. download was an issue in Apple’s licensing negotiations with the music industry leading up to the iTunes Match launch; and it’s possible that Apple may move to streaming at some point in the future.  Royalty structures for downloads and streams differ.  Streaming is cheaper yet requires much more technical infrastructure — although Apple supposedly owns such infrastructure as the result of its purchase of the streaming service la la in late 2009.

The implications of iTunes Match as a downloading “cloud sync” service are worth considering, and they don’t look very favorable to the record companies.  ITunes Match helps Apple lock users into the iTunes/iPod technology stack now that it no longer uses DRM — although all of the files involved are unencrypted and therefore easy to use in non-Apple music players.

At the same time, iTunes Match is essentially an amnesty service for people who have unauthorized music files.  For $25 per year, you can get pristine, legal AAC-encoded copies of up to 2500 of your music files on all of your devices.  That’s a penny a track to go legal and get the added convenience of music synced to all your Apple devices.

On the one hand, this service probably won’t appeal to hoarders — those people who have accumulated multi-terabyte hard drives full of dubiously legal content.  2500 tracks, roughly 250 albums’ worth, is not much for hoarders.  It’s unlikely that many of them will be interested in paying $25 to ease worries about infringement for a small fraction of their holdings.

The use case that Apple (and record companies) most likely had in mind is, in fact, very much like the DRM use case: to apply to so-called casual copiers, who may have ripped a few of their friends’ CDs or downloaded the occasional track from a file-sharing network but would pay a modest amount for legal music plus the convenience of keeping it on multiple devices.

On the other hand, the opportunities for abuse — the analogs to DRM hacks — are interesting to contemplate.

Here’s one example.  I presume that iTunes Match uses Gracenote’s music identification technology, because iTunes already uses Gracenote.  Yet this is different from the usual content identification use case, in which it’s safe to assume that ID3 tags actually signify the music in the file.  In other words, music ID technology typically looks for ID3 tags (or equivalent metadata in other file formats) first and stops if it finds them, otherwise it goes on to analyze the actual content in the file using acoustic fingerprinting.

If iTunes Match comes across a music file, does it check to make sure that the music in the file is actually the music that the metadata describes?  One would think not, because this would be inefficient.  But in that case, it would be possible to create libraries of MP3 files that contain dummy MP3 data along with ID3 tags signifying actual music.  Do you want a nice collection of a couple thousand tunes in your favorite genre?  Just download this ZIP file of fake MP3s and run iTunes Match on them; you’ll get legal files of all those tracks on all of your Apple devices.

Although such dummy files would take some effort to create, they would be easy enough for non-techies to use with iTunes Match.  To me this sounds just like a hack to a weak DRM, with one big difference: whereas it’s a crime to hack DRMs, this hack is perfectly legal.  Furthermore, I would argue that because the files are unprotected, this type of hack is more of a problem for record companies than for Apple compared to DRM.

iTunes Match is still in beta, with launch expected in the coming weeks.  We’ll see whether this feature leads to more abuse than DRM hacks relative to the money that it puts in record companies’ pockets.