It’s not that big of a deal I suppose, but Pandora currently allows you to register for (and use) an account without verifying your email address. I know because somebody used my gmail address to create an account. I got an email but thought it was just a phishing attempt or something so I deleted it. Then I got a confirmation email about using the Android app, and so curiosity got me to look into it further. Turns out, somebody signed up using my address. I was able to do the “lost my password” function and get into it, and find out the kid’s zip code and birth year.
At first I was pretty pissed, because I thought my email might’ve been hacked or something. Even though it wasn’t, it still felt like somebody stole my identity, because this kid was using up the number of listening minutes each person gets per month. It’s not like I was going to use them, but still…
In the end I just changed the password, deleted the created stations, and fired off an angry email to Pandora asking them to delete the account. Part of my anger could have been because the little twerp had such crappy taste in “music” and had the option to display his choices publicly turned on. Either way, I didn’t think it was right.
From another perspective, if Pandora is now a publicly-traded company, shouldn’t the system be a little more “verifiable” than it currently is? For instance, at the time of the IPO, Pandora reportedly had 80 million registered users, which was almost double the 46 million it had last year. The number of hours of music listened to roughly doubled as well. But how many of those registered users are actual new people? If none have been verified (except paid subscribers obviously), how accurate is that number? If I was a Pandora listener and my time ran out for the month, I’d probably just sign up as another email address, which might be another one of mine or just a fake one. As somebody who’s worked plenty of desk jobs, I can attest that 40-hour/month limit would be easy to hit every month.
Either way for whatever reason, I don’t think people should be able to use my email to sign up for their service.