Private music sharing

Private music sharing exists because not all music is ready for the public and not all recipients should have the same access. Pre-release material, exclusive sync pitches, and unreleased demos all require that the composer controls who can hear the music, for how long, and whether they can download it. A SoundCloud link or a Dropbox folder gives the recipient permanent, unrestricted access with no record of who played what.

Why it matters

Music leaks happen. An unreleased track shared via a forwarded link before the release window closes loses commercial value and can destroy a sync deal. A pitch sent to five supervisors simultaneously with a downloadable link can end up in a production library's catalog by the following Thursday without the composer knowing.

Private music sharing addresses this through access controls that travel with the file. Password protection means only the intended recipient can open the link. Expiration dates mean the link stops working after the pitch window closes. Download controls mean the recipient can listen but not keep a copy. Per-recipient links mean you know exactly who forwarded it if it does leak.

For sync agents, private sharing is also a professionalism signal. Sending a supervisor a SoundCloud link says you did not think about their workflow. Sending a branded, password-protected playlist link that expires in two weeks says you understand how the industry works.

How it works

Private music sharing typically has four control layers:

Password protection. The share link requires a password to open. The sender provides the password directly to the intended recipient, usually in the same email as the link. Anyone who receives the forwarded link without the password cannot listen.

Expiration dates. The link automatically deactivates after a set number of days. Standard windows are 7, 14, or 30 days. After expiration, the link returns a "no longer available" message even if the password is correct.

Download controls. The sender can toggle whether recipients are allowed to download the audio files. When downloads are off, the recipient can stream but cannot save a local copy. This protects pre-release material from spreading beyond the intended listener.

Per-recipient tracking. Each named recipient gets a unique version of the share link. If the link leaks, the sender can see which recipient's link was used. This does not prevent leaks but it identifies the source.

Most professional platforms combine all four controls in a single share dialog. The sender configures access once and the platform handles enforcement automatically.

Examples

1. A trailer composer pitches five music supervisors with pre-release material for a major film score. They send each supervisor a password-protected playlist that expires in 14 days with downloads disabled. Two supervisors open it and listen. The other three receive a follow-up email after the link expires with a new password for a refreshed selection. No unauthorized copies circulate during the pitch window.
2. A sync agent sends 20 tracks from a new composer to an agency they are building a relationship with. The playlist is password-protected with downloads enabled on stems only. The agency listens, downloads two sets of stems for a brief they are working, and the composer sees exactly which tracks got downloaded and when. Three weeks later the track places in a national commercial.
3. A production music library shares an unreleased album with a streaming platform for editorial consideration. The link expires in 30 days, downloads are disabled, and each of the four reviewers at the platform gets a unique URL. One reviewer shares the link internally. The library can see which reviewer's link was used and follow up accordingly.

Common mistakes

• ●Using Dropbox or Google Drive for sensitive pitches. Both platforms give recipients permanent download access. There is no expiration, no per-recipient tracking, and no way to revoke access after the fact. Once you share a file in a Drive folder, that folder link can be forwarded indefinitely.
• ●Sending passwords in the same message as the link. A forwarded email includes both the link and the password, which defeats password protection entirely. Send the link in one message and the password in a separate one, ideally via a different channel like SMS.
• ●Using SoundCloud for unreleased material. SoundCloud's "private" setting makes tracks unlisted, not private. Anyone with the link can listen. There is no expiration, no download control, and no analytics on who listened.
• ●Setting long expiration windows on highly sensitive material. A 90-day link on a pre-release single is nearly as bad as no expiration. For pre-release pitching, 7 to 14 days matches the brief review cycle and keeps the window controlled.

How DropCue handles this

Every DropCue share link supports password protection, expiration dates, and download controls. Pro plan users can set per-recipient overrides so different contacts on the same playlist get different access levels. All links include analytics so the composer knows who opened the link and what they listened to, regardless of access settings.

Related terms

Keep reading

• →DropCue music pitching platform
• →DropCue for composers
• →DropCue for music supervisors