For the past few months, Spotify users around the world have been finding their carefully curated mixes thrown into havoc by an obscure Finnish EDM musical act called Pesukone (translated into English: “Washing Machine”). Songs by the self-described “global artists collective” are ending up on unsuspecting users’ shared playlists, interrupting streams of sleepy-time lullabies, holiday tunes, and wedding music with blaring, synth-heavy, Euro-trance Darude knock-offs.
One Spotify user told Gawker that while listening to a playlist she made for her children in the car one day, she suddenly heard “weird random music” that she wasn’t able to skip past. It turns out this playlist wasn’t the only one of hers to be hijacked: “I had another playlist I put together for my mother’s funeral several years ago,” she said. “It was only shared among family so they could add songs if they wanted. After I discovered that our family playlist had been compromised, I went through my others and found the funeral playlist was affected, too.”
Another user, Drew, noticed a hostile takeover of the Japanese acoustic-pop playlist he uses for the Utah restaurant where he works. “It’s a custom work playlist, and since I work in a restaurant, I don’t want trash music to play,” he told Gawker. He found that the playlist, which had previously only been shared between him and a coworker, suddenly had a third, unfamiliar collaborator and included titles like “Wicked Sparkle” and the ironically titled “Done With You.” Now, in order to prevent the definition of “trash music” from blasting the eardrums of customers settling in for all-you-can-eat yakiniku, he has to remember to quickly check the playlist each time before hitting “play.”
Spotify playlists are publically viewable by default, with an option to make it private only. Users who want to invite friends to work on a playlist together can switch on “collaborative” mode, but this makes the playlist public and editable*. That means that, technically, anyone who stumbles upon a playlist can add songs to it — including unscrupulous actors like those who seek to spread the untz-untz-untz gospel of Pesukone and labelmates S Productions, Teddy Hitz, and Songbot.
The playlist trespassers tend to have blank profiles, often with avatars that look like they were AI-generated, as well as names that are perfectly generic and frequently feminine. TikTok user @jw__francis brought attention to a prolific playlist interloper called “Ashley,” but there’s a whole cast of anonymous, first-name-only Pesukone hype-accounts. Jamie, a U.K.-based Spotify user who was working on a shared playlist for a university project — a sound installation that features clips of songs, news, radio static, and a whole bunch of unsolicited Pesukone tracks — told Gawker that they discovered similarly shady users like “Julie” and “Susan” infiltrating their playlist every few days.
Removing the songs is no easy task, either. According to Spotify users who spoke with Gawker for this article, no matter how many times songs were removed or malicious users were blocked, tracks kept appearing again and again. Some affected users have reported they were forced to delete and replicate playlists over and over, while others claimed to have removed 1,000 Pesukone songs altogether. Pietro, who lives in Italy, told Gawker that he and his girlfriend were plagued by Pesukone and Songbot songs that he had to remove in the dozens each time. To add insult to injury, the unwelcome music was “pretty bad,” he said.
The issue has been ongoing since at least December 2021, judging from frustrated posts on Reddit and the Spotify support forum, which are littered with comments like “Fuck pesukone, imma lose my mind.” One user even took matters into their own hands, coding a Python script so only approved accounts can add songs. The problem has become so notorious that one of the Google search auto-fill suggestions for “Pesukone” is “Pesukone spotify spam.”
The scale of the issue suggests that bots could be at play. According to Andy Patel, senior researcher at the Artificial Intelligence Center of Excellence at cybersecurity company F-Secure, the anecdotal evidence about the nature of the operation — widespread modification of playlists, tracks repeatedly re-inserted after their removal — “points to automation” being used to crawl Spotify to find, and then edit, collaborative playlists.
Whatever is happening, it appears to be effective. Pesukone, whose Instagram followers number in the hundreds, has been launched into the top percentile of Finland’s most popular artists, with more than 1.5 million monthly Spotify listeners. Its label Badenstock, which is a father-and-son operation headquartered in the 6,000-person Finnish municipality of Vuokatti, claims that “over 2 million listeners worldwide” have grown around the Pesukone “community.” Pesukone’s roster of collaborators — which include a dozen artists from Nigeria, Finland, South Africa, and beyond, per the label — are responsible for a genre-spanning output that ranges from inoffensive electronic R&B to jarring dance travesties with stabbing synths that set your teeth on edge.
Spotify is aware of the issue and has added the ability for playlist creators to block specific users from contributing to playlists, but that’s not enough to counter the problem, since spam accounts can’t be blacklisted en masse or in advance unless you know which individual users to block, and new ones pop up each day.
Badenstock pointed Gawker to a press release on the label’s Facebook page, which claims that its methods do not violate Spotify’s terms and conditions. The company maintains that it doesn’t use bots, but is merely copying and pasting songs onto public playlists. CEO Timo Surma-Aho told Finland’s YLE network in December that, these days, artists need more than their music to stand out — they also need to understand how Spotify’s algorithm brings music to new listeners.
(Surma-Aho told Gawker that reports in the news are “false” and that the label “did not want to continue the debate any further. We just do our job and try to keep up with the tough competition.” Further questions went unanswered.)
In messages sent between Badenstock’s employees — which were reviewed by Gawker — the label claimed that its tactics are merely a form of “digital marketing.” And in a way, it’s true. Spotify’s model — in which user data is mined to feed algorithms that surface music for which their creators are paid dirt — is what has allowed more, let’s say, entrepreneurially minded labels like Badenstock to game the system. According to artist advocacy group Trichordist, musicians receive just $0.00348 per stream on Spotify, the world’s most popular music streaming platform, which brought in $11 billion in revenue in 2021. It’s a wonder that spambots farming listens aren’t an even bigger problem than they already are on Spotify; a 2020 report suggested that 3.4 percent of all streams on the platform are faked and generating up to $300 million in revenue.
“Money being paid to artists this way is making it even harder for real striving independent artists to survive and have exposure on the platform.”
Still, even though Spotify is mostly to blame for sustaining an exploitative ecosystem that encourages this kind of spammy behavior, it remains grating for other musicians to see artists like this getting away with using underhanded tactics to artificially boost their numbers. “Totally embarrassing!” is how Canadian pop artist Melotika, who cut ties with Badenstock after having suspicions about the label’s streaming methods, described the whole affair to Gawker.
“This entire situation opened my eyes to the issue with streaming,” the singer said. “I have no doubt that if smaller artists can forge their streams, any artist, even with major labels, can. And money being paid to artists this way is making it even harder for real striving independent artists to survive and have exposure on the platform.”
When reached for comment about the problem, a Spotify spokesperson said:
Spotify is aware of this issue, and we are working to remove the content in question from collaborative playlists. We’ve also communicated to the content’s licensor that this kind of behavior is unacceptable on our platform. We’re continuing to explore ways to improve the collaborative playlist user experience.
In the meantime, the solution that Spotify, as well as cybersecurity expert Patel, have proposed is to switch playlists from public to private to prevent this kind of activity. But going private would take away one of the nice things about Spotify: the ability to collaborate with friends and loved ones in a shared space. To many users, these playlists matter on a personal level, allowing people to create the soundtracks of their lives together. They represent childhoods, relationships, celebrations, losses, and more. For some, they are hours spent accumulating songs and memories together. When mysterious Ashleys and Susans pepper users’ hand-curated mixes with unwanted, crappy EDM, those accounts aren’t just toying with people’s music libraries — they’re trespassing on their lives.
And, in the long run, this kind of “digital marketing” isn’t doing Pesukone and its labelmates any favors, if they ever want to accumulate any real fans.
“It’s annoying,” Drew said. “If they went through more traditional means or got their music on genre-specific playlists, it might be intriguing, but I think they’re just pissing a lot of people off.”
You would be pissed, too, if your mother’s funeral playlist was suddenly overtaken by the horrible cowbells, choppy synths, and low-tempo monotony of “Lime Days (Triple Sour Edition).”
*Update, March 15, 2022: Spotify announced that it is rolling out changes to its collaborative playlists. According to a status update on its community forum, users will soon be able to “review who currently has access to individual playlists, share collaborative playlists with large public groups, or keep them small and private for that special tightly-knit group of friends.”
Tamlin Magee is a culture and technology writer based in London.