Audacity is Spyware?

21 posts / 0 new
Last post

I know some people here use Audacity. I'm not sure what to make of this: https://appleinsider.com/articles/21/07/04/open-source-audacity-deemed-spyware-over-data-collection-...

Sounds like a desperate attempt to get people away from freeware....

Horrifying! I tend to use Audacity for basic recording projects (e.g. when I can't be bothered to use a more professional DAW and want to opt for something simple).
Mind you, the version I use is 2.2.1, so I haven't updated it to the latest one in ages.

That's quite alarming - although the amount of data collection that is already carried out my most people's systems would freak people out if it were more widely known. I'm sure Audacity's new owners know a fraction of what companies like Amazon, Facebook, and Google know about you. It's amazing how often the Facebook Container plugin I have on my browser kicks in...

I won't be upgrading the version I already have, that's for sure. It works fine.

So sorry to say it but unless we stop using our mobiles, Internet, etc. we are all giving away more than we can imagine. Sad fact of life Sad

I think the new owner is taking the name literally.

One of the big issues is that you can't opt-out of the data collection, and since you can't do this sort of data collection with kids, the new owners' solution is "kids can't use this software."

Regardless of the fact that it has been taught in schools to kids...

So, they're willing to just burn that segment of their user population.

Also: Free software isn't like Microsoft or Adobe. You can do more than just suck it up or complain that everybody is just as bad. Right now, it's just a matter of how many people will fork the code.

Yes, the good thing about this is that Audacity having been GPL up until version 3 can and will be forked and kept truly free. I'm still running 2.3.3 and will be watching for the inevitable forks.

For those who hate anything with "Apple" in the name, here's the article from a Linux-related site that is referenced by the above link.
https://fosspost.org/audacity-is-now-a-spyware/

Gaaah!!
I wish I had seen this last week!!
I *just* updated to the new version after ten years of using an older copy!

Yeah, the Linux people have even bigger issues with it. The data collection prevents it from being used by kids and this violates the GPL. Basically: It's not free software if it's not free for kids to use.

The company is literally not legally allowed to restrict the ages of people who use the software (because of the GPL), while also not being legally allowed to let kids use it in the US with the data collection in place (because of COPPA).

I've not heard if it violates the GDPR in the EU or not. I do know that the GDPR is why these sorts of analytics are now optional on some of the websites I use.

Okay, thank you for coping with my Apple allergy and yes, I'm now horrified too. But I'm running Audacity 2.3.3 and there's no itnention or need ever to go up!

And, one now twitches at MuseScore, which I have but rarely use.

Alex's @metalfoot's point about forking the GPL version pre V3.0 is very well made. Holding off updating and wait for a different fork to appear sounds like a reasonable plan.

@Fuzzy Complete uninstall and then reinstall from earlier download?

Just as an aside, I originally saw this article on the Hey Audio Student group but I see that a fellow FAWMer posted in the FAWM Facebook group, so I apologize for the duplication. https://www.facebook.com/groups/fawmers/permalink/10159391333126093/

cts's picture
Donatedcts

@TomS it's still creepy that even a DAW can be an manipulated for data mining. That really sucks!

There are currently 1.4k forks on GitHub: https://github.com/audacity/audacity

The most recent release is still using the GPLv2. This is, after all, why they're in violation of their own license.

It's easy to fork. If someone can figure out the compilation (which for some of these projects is non-trivial) they can probably figure out how to remove the analytics.

It's really a matter of getting a community around maintaining a fork, and then changing the name and icon. Straight-forward, but it involves managing humans which can take time and be tricky.

When it settles out, there won't be any loss of functionality. Some of those "we needed to start with the last GPL release" forks can really be a step backwards. That won't be the case here.

Just checked, my version is 2.4.2. I'll stick with that until a clean well-managed fork (well, as well managed as it can be) is established. I only use Audacity for quick little production edits and file conversion (usually WAV to MP3). It's not my main DAW and never will be (I'm not giving up on Jeskola Buzz anytime soon). At worst, I'll find another WAV editor to do the minor tasks I use Audacity for…

See You In The Shadows…

I am not convinced the new owner is acting maliciously at all, and I think this is a drop in the ocean compared with every other app we routinely use.

However, they are overstepping their bounds by asking under 13s not to use it, or they would be if they tried to modify the terms of use to include that.

Also, any fork would also need to comply with the GPL so would it be like the libreoffice fork? Wouldn't this simply legitimise companies using GPL licenced code for their own illegal agendas, since it would amount to gifting the current audacity code to Muse? This is not the same setup as libre/OpenOffice at all, and imho would be the end of real Free Software if not challenged.

@yam655, have I misunderstood how GPL works? Your post suggests that a private company can take over maintenance of a GPL project and then close the licence for future releases. This isn't my understanding and I thought this is the thing GPL was specifically designed to preclude.

@Calum Carlyle If they own the copyright completely all they need to do is release the next version with a different license.

This is only possible if the contributors have signed over the copyright to a company, however these legal agreements are pretty standard for larger projects.

Without an existing agreement, they'd need to get each contributor to agree to a change of license. This is next to impossible in most cases. (These things are sometimes done if a project decides to switch between GPL and one of the more commercial-friendly licenses, as well as when older projects decide to switch to an entity-owned approach.) My knowledge is that if a large project wants to switch to an entity-owned copyright, they have to rewrite everything that was written by someone who couldn't (or refused to) sign over copyright.

Being wholly owned by a single legal entity makes copyright enforcement easier, as otherwise any copyright infringement case needs to be made by oddball contributors that may be completely unreachable. If you can't enforce the copyright, then you don't really have it. This is important because licenses like the GPL only have legal teeth because without them the standard rules of copyright apply.

Honestly, though, they wouldn't talk about a company buying an open source product if it wasn't wholly owned by some sort of legal entity. The company can buy the open source product because they can purchase the organization that completely owns the open source project. The copyright on the Audacity website says, "Copyright © 2021 by Audacity". So, there's some sort of Audacity LLC or something.

The GPL prevents other people from relicensing code with a different license. A single legal entity that wholly owns the copyright is a different matter. They can change the license any time they want. However, if you were to fork Audacity, the code would be copyright Audacity LLC (or whatever) and Fancy Fork Name LLC (or whatever). In this case, you could not change the license.

If a single legal entity owns the copyright, then it's just like if I decided to change the license on one of the oddball software projects I've written. I don't need to talk to anybody, I just need to update the license file. It's my legal agreement with my customers, and since it is mine, I can tear it up anytime I want.

Does that make sense?