[GTALUG] [ Audacity Becomes Spyware (fwd)

Mon Jul 5 21:54:04 EDT 2021

Speaking personally as someone who  has used the program for field 
production,  I am rather disappointed.

Audacity open source audio editor has become spyware

https://www.slashgear.com/audacity-open-source-audio-editor-has-become-spyware-05681012/

Ewdison Then
   - Jul 5, 2021, 12:47am CDT

One of open source software’s biggest strengths is, naturally, its openness, 
which brings other benefits like freedom of use, security through scrutiny, 
flexibility, and more. That is mostly thanks to the open source-friendly 
licenses these programs use, but, from time to time, someone comes along and 
tries to make changes that infuriate the community of users and developers. 
Sometimes, those changes can even be illegal. Such seems to be the fate that 
has befallen Audacity, one of the open source world’s most popular pieces of 
software that now comes under a very invasive privacy policy.

The brouhaha started just a few months ago when Audacity was bought by the Muse 
Group, the company behind equally popular music software like MuseScore, which 
is also open source, and Ultimate Guitar. So far, Audacity remains open source 
(and can’t really be changed into proprietary software in its current form), 
but that doesn’t mean that Muse Group can’t do some pretty damaging 
changes. Those changes come in the form of the new privacy policy that was just 
updated a few days ago, a policy that now allows it to collect user data.

As a desktop application with no core online functionality, Audacity never had 
any need to “phone home” in the first place. Now the privacy policy says 
that the new company does collect data and does so in a way that’s both 
over-arching and vague, most likely by design. For example, it says that it 
collects data necessary for law enforcement but doesn’t specify what kind of 
data is collected.

There are also questions regarding the storage of data, which is located in 
servers in the USA, Russia, and the European Economic Area. IP addresses, for
example, are stored in an identifiable way for a day before being hashed and 
then stored in servers for a year. The new policy also disallows people under 
the age of 13 from using the software, which,  as FOSS Post points out, is a 
violation of the GPL license that Audacity uses.

The open source community was understandably irked by these changes. 
Fortunately, Audacity is open source software, and it will most likely be taken 
by the community and forked in a different direction, perhaps with a different 
name. That will leave Muse Group to develop Audacity on its own instead of 
being able to leverage (and exploit) the open source community’s hard work.