Audacity Owner Muse Group Claims “Unclear Phrasing” is to Blame for Open Source Community Outrage
Muse Group acquired Audacity earlier this year, with the new owner promising to improve the software for users, but caused a firestorm this week with its new privacy policy for the free, open-source audio editor, which it now owns “in partnership with contributors” via their new CLA (Contributor License Agreement). The policy stated that it will share user data with third parties including “competent” law enforcement bodies and potential buyers, which means just about any company that takes an interest.
READ MORE: Audacity Joins the Tech Giants with “Spyware” Data Policies
The new privacy policy led to calls for Audacity to be “forked” and for new software to replace it, meaning that Audacity’s source code would be copied and developed into a new, unique project without the data harvesting code.
In response to the controversy, Muse Group states that it is “due largely unclear phrasing in the Privacy Policy”, reports Music Radar. The Audacity owner goes on to say it will only collect a “very limited” amount of data (operating system, IP address, processor chip & opt-in error reports) from Audacity users. User IP addresses are stored in a readable format for 24 hours before become irretrievable”, says Engadget.
Daniel Ray, head of Strategy at Muse Group, responded on GitHub by saying that that they will only share if required by a court that operates in the same jurisdiction(s). They will not hand over “useful” information if asked by a law enforcement request or sell or share data in any other scenario. The data collection is “a standard policy requirement for providing services in many jurisdictions, regardless of the depth of data collected or nature of service,”. “We do not and will not sell ANY data we collect or share it with 3rd parties. Full stop.”. Ray goes on to say “We do understand that unclear phrasing of the Privacy Policy and lack of context regarding introduction has led to major concerns about how we use and store the very limited data we collect. We will be publishing a revised version shortly.”
“We do understand that unclear phrasing of the Privacy Policy and lack of context regarding introduction has led to major concerns about how we use and store the very limited data we collect. We will be publishing a revised version shortly.” Ray continues.
The ability to “automatically check for updates” and “the optional error reporting” are the two new features that are necessary reasons, according to Ray, for the limited data collection. Ray didn’t address a privacy policy request for users aged under 13 not to use the app.
The General Public License under which Audacity is distributed doesn’t allow restrictions on the use of the software.
The updated privacy policy isn’t valid with “offline use of the application,” so blocking Audacity’s access to the internet may save the user any trouble. The policy comes into play with the next version of Audacity, which is 3.0.3. Older versions won’t collect any data.
This may have been a case of miscommunication which caused a flood of concern among Audacity users, but many in the community are working towards a fork of the open-source D.A.W without any data collection built-in.