An update to Audacity’s privacy policy made it spyware for some users and resolved ownership issues

Audacity is one of the most popular free audio editing applications. It has been provided as open-source software since May 2000. It has recently received an updated privacy policy, which has attracted the attention of users. Some users even call the application “spyware”, which collects user data specifically for “law enforcement, litigation, and law enforcement requests.” 

However, the Audacity team stated on their privacy policy page that extensive data collection is aimed at improving the application and for law enforcement purposes. The updated privacy policy issued on July 2 emphasizes that Audacity will collect personal data such as system version operations, user country/region based on IP address, CPU and non-fatal error codes, and crash reports. 

All these details are to improve the application. However, the privacy policy also mentions that the app will collect “data required by law enforcement, litigation, and authorities.” This has caused concern among some users, who put this issue under the spotlight through Reddit posts. Audacity’s privacy policy stipulates that it may disclose collected personal data to any of its staff, competent law enforcement agencies, regulatory agencies, and governments. 

Courts or other third parties, including potential buyers. According to FOSS Post, it also mentioned that the data will be shared with “Audacity’s main office in Russia and external lawyers in the United States.” Data shared with third parties will include hashed IP addresses, although the privacy policy stipulates that these addresses will be “identified stored” for a calendar day. 

This is sufficient to provide accurate and detailed information about the user’s location and network as part of the data shared with national authorities. Audacity policy also restricts users under the age of 13 from using the application. This is considered a violation of the applicable license under the General Public License, which allows all users to access the software instead of specifically targeting specific age groups. 

Audacity’s privacy policy update was provided by the Internet company Muse Group more than two months after obtaining it, which also owns music and audio applications such as Ultimate Guitar and StaffPad. When asked for comment, Muse’s Chief Strategy Officer Group’s Daniel Ray redirected to a post on GitHub. The company clarified the privacy policy and stated that users’ concerns were mainly due to the “bad wording” in the privacy policy. clear”. 

The company also stated that it is correcting the wording: “We understand that the unclear wording of the privacy policy and the lack of context of the introduction cause major concerns about how we use and store the very limited data we collect… We will release it soon. Revised edition,” the company said. Moussa Group also stated that the updated privacy policy will not take effect until the next version of Audacity (version 3.0.3), and its current version does not support data collection. 

Regarding why Audacity needs to collect user personal data, including IP addresses, Muse Group stated that the purpose of collection is to allow automatic updates and report acceptance errors, both of which will be provided in the next version. The company also mentioned that it used the term “personal data” in its privacy policy updates because the European General Data Protection Regulation (GDPR) classifies IP addresses as part of personal data. 

However, it has not resolved other issues raised by users. At the same time, some users began to request a forked version of Audacity on GitHub, which provides all its features but does not require user data collection. This is certainly possible because the application can be used as open-source software. However, it is not clear when the community can bring the fork. The Muse Group may also make some efforts to end the ongoing criticism.

Leave a Reply

Your email address will not be published. Required fields are marked *