Audacity Controversy continues with newly published Privacy Notice
The last couple of months have been anything but pleasant for the new owners of the open source audio editor Audacity. It all began in May 2020 with news that Audacity was acquired by MuseGroup; what acquired meant exactly was not made clear back then, considering that Audacity was an open source project.
Update: Audacity published a post on GitHub in which it attempts to clarify the newly published privacy policy. The key takeaways are:
- Data is not sold or shared with third parties.
- The only data that is collected is the IP address, pseudonymised and "irretrievable after 24 hours", basic system info, and error report date if enabled by the user.
- Personal data refers to the IP address.
- Only data mentioned above may be handed over to law enforcement, and only if compelled by a court.
The team acknowledges that the phrasing of the privacy policy was unclear and that the "lack of context" regarding its introduction have led to the concerns expressed by users of the application. A revised version will be published shortly according to the post. End
Tip: check out our Audacity alternatives here.
Also in May of the same year, plans to add Telemetry to Audacity were introduced on GitHub. These plans were dropped a week later because the move was criticized highly.
An update to the Desktop Privacy Notice was published in July 2021, and it too is generating uproar. The note lists the data that Audacity is collecting as well as the reason for collecting the data, with whom the data is shared and under which circumstances, how the data is protected, and how it is stored and deleted.
The following data is or may be collected by Audacity:
- App Analytics and App Improvements:
- OS version
- User country based on IP address
- OS name and version
- CPU
- Non-fatal error codes and messages (i.e. project failed to open)
- Crash reports in Breakpad MiniDump format
- For legal enforcement
- Data necessary for law enforcement, litigation and authorities’ requests (if any)
The "legal enforcement" data collecting part of the Desktop Privacy Notice is vague, as it does not list the data that Audacity may provide for "law enforcement, litigation and authorities’ requests". It is unclear why it is not listed. While it is clear that a company does not know which data law enforcement may request, a list of information that Audacity collects or may collect could be listed there.
Another paragraph that is seen as problematic is 7.1 Data storage and transfers of data. Audacity data is stored on servers in the European Economic Area according to the paragraph, but personal data may be shared occasionally with the group's main office in Russia and the group's external counsel in the United States.
The privacy notice looks like a lighter version of the group's Musescore privacy policy, but with less data collecting. The group's initial plan to collect more Telemetry in Audacity was halted because of the public outcry over the decision.
Closing Words
Controversy surrounding the new project owners of Audacity continues. It should be clear by now that any changes made that may affect user privacy are under scrutiny, especially if they are vague or may reduce the privacy of users.
The undefined data that Audacity may collect for law enforcement purposes falls into the category. The transferring of data to Russia or the United States is also problematic from a privacy point of view.
Now You: what is your take on the privacy note?
I just want to know if we can just keep using current software, without updating to the new privacy-shakey versions?
Of course you can.
Yes, Audacity was an open source project.
The more someone says ‘… data is not sold or shared …’ the more I think it’s not true.
So forget about it and keep quiet.
There are similar and better free alternatives…
I no longer use Audacity, and will not use it anymore, if we all drop Audacity, they will have a useless product because.
I no longer support Audacity either, and in the future will not pay another penny toward its enhancement it can go into oblivion for all I care , it has betrayed all those that supported it so goodby Audacity and thanks for the loyalty, you have sold us out too.
Izotope is offering their elements version of their audio repair program that “Includes a standalone audio editor with spectral editing, as well as four essential, real-time noise reduction plug-ins to fix clipping, hums, clicks, and unwanted background noise. Repair Assistant analyzes your audio and provides solutions to quickly correct the most common issues.”
PRICE $19.00 us
I’ve been using their various versions for old radio show repairs since version 2. You will not find a better program for fixing sound anamolies.
I’m a bit late in chiming in here, but I just wanted to point out that if a software developer collects enough user information to be useful to law enforcement, that information also likely has market value to private parties … like advertisers or, say, intellectual-property owners itching to make an example out of someone. Moreover, intellectual-property owners can get law-enforcement agencies to do the subpoena legwork for them. Whether you’re allergic to being profiled or a bona fide user who cleans up or excerpts digital copies of physical media you own for personal use, *that should concern you*. If you want a guarantee that your privacy won’t be abused and that you won’t be harassed, you won’t accept MuseGroup’s vague and noncommittal privacy policy as remotely adequate. You’ll use software that *doesn’t collect the information in the first place*. I’m not interested in having to sandbox, monitor, and firewall Audacity, so I’m going to be looking into a fork.
The Biggest Concerns About Personal Information
China enacted the National Intelligence Law in 2017, requiring companies doing business in China and people residing in Chinese jurisdictions to cooperate with the government intelligence gathering was made mandatory. As such, they cannot refuse the government’s requests. Even if it is encrypted, it cannot maintain confidentiality because its decryption is requested.
In fact, the “Snowden Affair” has exposed that the member countries of the UKUSA agreement are also implementing the same thing. Google is still cooperating (providing data) with the “NSA”.
What is serious in China and Russia is that on the basis of the associated data, people are arrested without question, like potatoes, without lawyers, without a public trial, and unjustly treated (or worse, executed) at the unilateral discretion of those in power.
Both Apple and Microsoft hope to maintain their relationship with China because the Chinese market (1.4 billion people) is a great business opportunity and labor is cheap.
According to the World Health Statistics for 2021 released by WHO, the total population of the world is about 7,676.96 million, and the country with the largest population is China with about 1,441.86 million. The second-largest country is India, with about 1,366.41 million people. The number of Overseas Chinese residing abroad exceeds 50 million (2018 estimate).
Apple and Microsoft have surrendered to a powerful China, and other countries (Russia and Myanmar) are copying China’s methods.
It is no longer a matter of “big tech is bad”; we need to recognize that “human rights violations by the state” are becoming more serious on a global scale.
On July 10, 2021, China announced new rules for Chinese companies listing abroad (for “technology companies with more than one million users’ data”, they must undergo a Chinese government-led cybersecurity review before listing abroad).
China Tightens Rules on Foreign IPOs in New Blow to Tech Firms – Bloomberg
https://www.bloomberg.com/news/articles/2021-07-10/china-tightens-foreign-ipo-rules-for-firms-with-large-user-data
China widens clampdown on overseas listings with pre-IPO review of firms with large user data | Reuters
https://www.reuters.com/world/china/china-widens-clampdown-overseas-listings-with-pre-ipo-review-firms-with-large-2021-07-10/
Based on past examples, Russia will likely emulate this.
I’ve used Audacity for almost 20 years now. It’s always been on my list of software to install anew whenever I do a fresh Windows install or buy a new PC. I don’t use it extensively, but it’s always been handy to have, and I’ve definitely used it enough over the years to warrant keeping it around. Until now.
According to some users on Reddit, the safest older version to use now is 2.4. Others there are saying 2.3.2.
I’ve reverted to 2.3.2 for now, just as a temporary measure until the forks start maturing.
Once a clear leading fork is out I’ll abandon Audacity completely. Audacity will then be dead to me, and I will also make it a point to boycott any and all Muse Group software in the future.
Version 3.0.2 should be the last good version, as it was released before the aquisition of the software.
How weird this sounds… aquisition of FOSS.
Or just get 2.4.2. 3.0.2 seems to have some sketchy changelog.
Wow, lots of posts!
There should be, this is probably the worst Privacy Notice I’ve ever seen. Did they accidentally paste part of some oppressive contract employee agreement?
Really bad. And stupid; if you follow this verbatim, almost no one can use the software without getting busted.
Stupid bad and dumb!
which version have Telemetry ? 3.0.2 ?
I’m still using Audacity 3.0.0 and see no reason to upgrade. ?
I think that Bill Kill got it right. Though this is not a MS issue – it is a software issue that has played out right under most peoples noses for over 25 years. I’ve watched many instances of “freeware” turn into “shareware” and then to paid for product with the option of “crippleware” to use for free. It appears that it is now happening with GPL open source software. Sure as the sun comes up this will morph into a non-gpl version and then to shareware and then to the choice between crippleware and paid software.
With that comes data collection for what ever they choose to do with the data.
Very dirty – very dirty indeed.
That process is fine if:
1. The software is excellent; works well, has a great interface and does what it claims.
2. It doesn’t turn into spyware, nagware or scrapeware.
Making money is fine; I pay for software that was shareware/freeware at one time.
Same goes for upgrades. Some software offers free upgrades forever, then switches to just a year or whatever. Topaz Labs did that a while back; it would be nice if they hadn’t but their image products really are excellent and far easier to use than standard bearers, so, Oh, well.
The data they collect is only from bug reports, they have to list it out in a privacy policy because laws require them to. the only data they would have to give to law enforcement would be from the bug reports so the only reason that would happen is if the servers themselves got seized for legal action against the company.
@Nervatel,
> The data they collect is only from bug reports, they have to list it out in a privacy policy because laws require them to. the only data they would have to give to law enforcement would be from the bug reports so the only reason that would happen is if the servers themselves got seized for legal action against the company.
It is a construction (a ship with a hole in it), and the reality in Russia, China, UKUSA Agreement member countries, etc. is different.
MuseGroup, the company that acquired Audacity, is a Russian start-up and is based in Moscow.
It is an open secret that the wily Russian government and intelligence agencies would not be so lukewarm about it.
They use every means at their disposal to collect personal information (and link the various data they collect) to identify and profile individuals.
https://www.ghacks.net/2021/07/04/audacity-controversy-continues-with-newly-published-privacy-notice/#comment-4499478
https://www.ghacks.net/2021/07/04/audacity-controversy-continues-with-newly-published-privacy-notice/#comment-4499546
https://www.ghacks.net/2021/07/04/audacity-controversy-continues-with-newly-published-privacy-notice/#comment-4499556
If I was Microsoft this is what I would do. Telle everyone I luuuuuv open source, but in fact I love it because then I don’t have to develop anything. I just wait for an open source program to be good and stable, with a great reputation and a loyal user base..THEN I bribe the developers, take over and shove the thing full of telemetry and advertising. I of course also provide a paid version that seemingle has no telemetry or advertising, but that’s just for show, the biggest ads aren’t visible but it’s still the same product. That’s what I would do, because “I love open source”.
If Audacity is used only while disconnected from the internet, would data telemetry be possible after closing Audacity and then re-connecting?
I just hope this sort of thing never happens to Blender. It is a real marvel of free and open source software, probably the very best, well at least right up there with Linux itself.
Hopefully no vulture capitalists are attracted to it!
Being able to use software without having to opt out of 50 different data collection options in 20 different places is a wonderful thing, albeit quite alien in the year 2021. It’s free, and it totally feels like a professional-grade product.
I switched to Ocenaudio on my laptop and on my desktop I use WavePad Sound Editor.
I don’t get this – a program has certain functions – and then the idea is to spy on whomever uses that program?
??
Isn’t that called catfishing?
Noodling.
@Andy,
> I don’t get this – a program has certain functions – and then the idea is to spy on whomever uses that program?
??
Isn’t that called catfishing?
It’s not “catfishing”.
This case is,
about the collection of data to place citizens and other nationals under surveillance in the name of “national security”.
Such actions have been carried out in UKUSA Agreement member countries, Russia, Belarus, China, North Korea, South Korea, Vietnam, Myanmar, Turkey, Israel, and Egypt.
In those countries, for the convenience of those in power, “people who are deemed to be in the way are wrongfully detained, arrested, or assassinated on innocent charges (with trumped-up charges)”.
The data collected will be kept in a secret database and will remain there forever.
Not only you, but also your family, relatives, friends, and communicants can be associated with it.
Examples of this are famous in the former Soviet era (KGB) and the former East Germany (Stasi), but we are still witnessing it today in China (in Hong Kong, Xinjiang Uyghur, persecution in Tibet Autonomous Region), and Myanmar, etc.
In particular, since Russia and China have historically “disregarded human rights”, care should be taken to ensure that personal information is not collected by such countries. Again, the collected data is profiled, not erased, and cannot be get back. The end users themselves should be very careful not to cause such a situation.
It is not limited to any particular country, but it “might” happen in any country if the political system and those in power change. No one can foresee the future. Being prepared for contingencies and risks is an important perspective.
Anyone knows a good alternative for this?
Why would you think switching to a closed-source program would be a better option?
Just fork it like WACUP did with WINAMP. Or like what LibreOffice did with OpenOffice.
MuseGroup must be part of some music licensing/copyright organization trying to kill Audacity from within.
@allen,
> MuseGroup must be part of some music licensing/copyright organization trying to kill Audacity from within.
I don’t think so.
From the track record of MuseGroup, we can infer that it was intended purely for comprehensive “music” related applications and communications.
However, it is clear that the new Russian law has affected the Russian company MuseGroup.
Russian President Vladimir Putin signs and enforcement a law requiring “companies operating on the Russian Internet” to have an office in Russia.
Putin signs law forcing foreign social media giants to open Russian offices | Reuters
https://www.reuters.com/technology/putin-signs-law-forcing-foreign-it-firms-open-offices-russia-2021-07-01/
Big tech companies will have to open Russian offices if they want to advertise in the country – The Verge
https://www.theverge.com/2021/7/1/22559383/russia-social-media-tech-company-office-law-signed
https://www.ghacks.net/2021/07/04/audacity-controversy-continues-with-newly-published-privacy-notice/#comment-4499478
Correcting a sentence
> From the track record of MuseGroup, we can infer that it was intended purely for comprehensive “music” related applications and communications.
From the track record of MuseGroup, we can infer that it was intended purely for comprehensive “music” related applications and community.
What’s wrong with the data they collect fron you? Nothing! Nothing from that list can identify you. People crying about this should stop using the internet and live in the woods.
A naive law abiding satire troll.
Weird.
Oh look, another “I have nothing to hide” – sheep. Baaaa.
@ChromeFan,
I don’t want to advise you, because it is obvious from your past words and actions that “you have bigoted and stubborn values”, however, I posted this because I can’t overlook such a stupid Bullshit.
It is well known from your past posts that you act as if you are knowledgeable about “privacy issues” and that you are an “ardent supporter of Google”. But the truth is that your ignorance of “privacy issues” is exposed, and your views are appalling.
It is true that Audacity was acquired and taken over by a Russian startup company called “MuseGroup”.
https://youtu.be/RMWNvwLiXIQ
The MuseGroup is based in Moscow.
Whois: The MuseGroup,
% Information related to ‘185.165.123.36 – 185.165.123.36’
% Abuse contact for ‘185.165.123.36 – 185.165.123.36’ is ‘legal@tilda.cc’
inetnum: 185.165.123.36 – 185.165.123.36
abuse-c: ACRO17522-RIPE
netname: VARITI-NET-185_165_123_36
country: RU
admin-c: VRTR1-RIPE
tech-c: VRTR1-RIPE
status: ASSIGNED PA
mnt-by: ru-variti-1-mnt
mnt-by: VARITI-MNT
created: 2020-01-27T10:11:50Z
last-modified: 2020-01-27T10:11:50Z
source: RIPE
person: Variti NOC RU
address: Nikoloyamskaya street, 52, building 1
address: 109004
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 792 22 74
% This query was served by the RIPE Database Query Service version 1.99 (BLAARKOP)
As long as it is based in Moscow, it is completely subject to Russian jurisdiction.
Any data transferred to Russia is under the control of the Russian government, not the GDPR.
https://www.ghacks.net/2021/07/04/audacity-controversy-continues-with-newly-published-privacy-notice/#comment-4499478
Likewise, if it is under the jurisdiction of the UKUSA Agreement, such as the US, it is under their control.
The seriousness of this problem is evident from the confession of former CIA officer Edward Snowden, which is by no means a thing of the past, but is an ongoing worsening.
As Snowden said, “Saying you don’t care about privacy because you have nothing to hide is like saying you don’t care about freedom of speech because you have nothing to say.”
UKUSA Agreement | Wikipedia
https://en.wikipedia.org/wiki/UKUSA_Agreement
Edward Snowden: Leaks that exposed US spy programme | BBC News
https://www.bbc.com/news/world-us-canada-23123964
XKEYSCORE Spy Program Revealed by Snowden Still a Problem | VICE MEDIA
https://www.vice.com/en/article/88nmw4/xkeyscore-spy-program-revealed-by-snowden-is-still-a-problem-watchdog-says
GDPR is missing the point, says Edward Snowden | ZDNET
https://www.zdnet.com/article/gdpr-is-missing-the-point-says-edward-snowden/
Google Allo: Don’t use it, says Edward Snowden | ZDNET
https://www.zdnet.com/article/google-allo-dont-use-it-says-edward-snowden/
Correcting a sentence
> former CIA officer Edward Snowden,
former CIA agent Edward Snowden,
If you continue to constantly write screeds defending telemetry, please at least try to be intellectually honest. To say that nothing from that list can identify you is simply nonsensical given that the list contains “Data necessary for law enforcement, litigation and authorities’ requests (if any).” As Martin clearly states, and you clearly ignore, that item is vague as it simply does not provide any indication of what data is actually collected. But it is obvious enough that any data collected for law enforcement, or (even worse) litigation purposes is going to allow you at a minimum to be identified.
One could also very reasonably assume that Audacity did not list the data collected for this purpose because they are well aware that it will be objectionable to many, if not to you. Having voices out here that defend the practice of telemetry is not a problem. Its actually provides a necessary corrective to the prevalent view here that all telemetry is by defintion harmful. But defending telemetry by ignoring both inconvenient facts that are presented and the related explanations by Martin or the other site contributors is only going to lead to people becoming more convinced that telemetry advocates don’t understand the privacy issues involved.
If you are doing anything illegal of course they would need to pass over data to law enforcement, or do you think people doing these type of things are above the law? Data in this case would be IP address, but even that is not accurate.
I don’t see how the privacy notice for Audacity is any different from the one provided on this site.
Coming from someune with the username ChromeFan, of course it won’t bother you.
Guess you missed this part “For legal enforcement –
Data necessary for law enforcement, litigation and authorities’ requests (if any)”.
Law enforcement would need your name, rank, and serial number to enforce their laws or to surveil you.
Use the last good version and ditch it when it no longer cuts it. This crap is unacceptable.
@Martin
Language correction: “all but” means “almost”. https://www.merriam-webster.com/dictionary/all%20but
The expression you want is “anything but pleasant”.
English is a very flexible language. “All but pleasant” is not a cliche and conveys the message a little more strongly. I prefer it.
@Flo, interesting. But I presume ‘British English’ may be less flexible than ‘US-English’; I presume, neither being my mother-tongue. I remember an Englishman correcting an American fellow : “You’d rather say ‘we must part’ than ‘we must go'”. The English language has this amazing capacity to be understood, practiced with few words yet carry all the nuances required for expressing elaborated thoughts. This is why it’s so easy to start using it quickly as opposed to other languages (I have French in mind). Pragmatism signs the US culture and the language follows; British is perhaps more conservative. Not sure, I’m not a linguist (I was about to write “I’m no linguist”!
Thank You!
Sooo..if you cut a few quiet seconds from say Madonnas Papa don’t preach ending..you’ll be hearing from her lawyers! WHERE DID YOU GET THAT SONG!???? DO YOU HAVE ANY PROOF THAT YOU HAVE BOUGHT THE SONG!!!!!????? PAY ONE HUNDRED BILLION DOLLARS BY TUESDAY OR YOU WILL BE CHARGED!!!!!!
=) ..worst case scenario.
Or maybe Audacity are now planning to become a apid product and this is some weird preactive measure to guard them from future cracked version blaa blaa.. Who knows, but I see no reason to continue using this product since there a tons of similar ones out there. How DARE audacity have the AUDACITY to do this…
This new Audacity privacy policy is a project, correct? I’m running latest version 3.0.2 and when launched no connection whatever is established. I presume the project would apply to future versions of Audacity.
What I’d do if the new Audacity privacy policy is indeed applied? I’ll check connections when the application is launched, as i do with all software not requiring a connection by their very nature (updates included) and if so block that/those connection(s). If the application fails to launch then I’ll remove it.
What I think about this new Audacity privacy policy? Nothing good, but bad given I perceive NO reason for an application which has no reason tied to its features that motivate a connection. When free or not software gets sold to a private company the company of course aims profit. If the application was free bringing it to a paid version is legitimate but NOT in all cases feeding it with whatever privacy-intrusive requirement.
No point in yelling, invective. Free world. If I can get around what I consider as invasion of my privacy then fine, otherwise I simply cross the road to the sunny side of the sidewalk and forget the intruder. Period.
Still, block it in the firewall and disable any update check it may have.
Then, out of principle, find something else. It’s the CCleaner effect. Soon, Avast will own Audacity because it starts with “A.”
:)
@Tom Hawack,
> What I think about this new Audacity privacy policy? Nothing good, but bad given I perceive NO reason for an application which has no reason tied to its features that motivate a connection.
When free or not, software gets sold to a private company, the company of course aims to profit. If the application was free, bringing it to a paid version is legitimate, but NOT in all cases feeding it with whatever privacy-intrusive requirement.
No point in yelling, invective. Free world. If I can get around what I consider as invasion of my privacy then fine, otherwise I simply cross the road to the sunny side of the sidewalk and forget the intruder. Period.
I also agree with your view!
3.0.2 is the last “good” version, so no connections there.
Uh, what does Russia have to do with anything?
How can it be “acquired”, if it’s allegedly open-source? Producing a different version of it, I can understand, but this all smells rather bad to me. Not happy at all about data potentially being sent to third parties – especially law enforcement, as I use it extensively. Not surprised there’s uproar. What next? Adverts? I suppose the answer is not to update the current version and/or block in it in the firewall, or use it on a machine that’s not internet-connected but I fail to see why I should have to go to all that trouble to use what was a brilliant and incredibly useful open-source project. This all needs more clarification. Maybe the courts or EFF could be involved.
Bearing in mind that the program is supposed to be open-source, if it has been “acquired”, it begs the question, from whom and has any money changed hands? If so, doesn’t this event throw the whole ethos of open-source down the drain? On the surface the whole thing stinks. From what we know so far, is this likely to happen to other open-source programs? I thought the whole idea was for anyone to contribute and if some individual or a company now solely “owns” the program (and how on earth did this come about?) this seems to preclude any other input. The situation and any explanations seem to have been made deliberately vague. Needs sorting out, well and truly.
First time they tried this bullshit, they called people paranoid and banned some of the more vocal critics from their github. I’m just gonna stick with 2.4 branch and keep an eye on how things turn out.
I guess I won’t be upgrading any time soon. It works just fine, so no need, and I ain’t sharing data about my sound recording with anyone.
Guess it’s time to add Audacity to my firewall’s list of blocked outbound rules.
Geez quite a bit of drama for an audio program. You could just firewall it and call it a day.
But if you’re looking for an alternative, my favorite free audio editor is ocenaudio.
Free as “beer”, but not as “speech”…
It’s a “drama” because it looks very much as if a precedent for open source is being set. How can someone “acquire” or own an open-source program?
Chromium?
Open Source just means the code is visible, the source is open.
This article: Closing Words
> The transferring of data to Russia or the United States is also problematic from a privacy point of view.
Russian President Vladimir Putin signs and enforcement a law requiring “companies operating on the Russian Internet” to have an office in Russia.
Putin signs law forcing foreign social media giants to open Russian offices | Reuters
https://www.reuters.com/technology/putin-signs-law-forcing-foreign-it-firms-open-offices-russia-2021-07-01/
Big tech companies will have to open Russian offices if they want to advertise in the country – The Verge
https://www.theverge.com/2021/7/1/22559383/russia-social-media-tech-company-office-law-signed
As related information:
Federal Security Service | Wikipedia
https://en.wikipedia.org/wiki/Federal_Security_Service
Vladimir Putin | Wikipedia
https://en.wikipedia.org/wiki/Vladimir_Putin
Spy Files Russia | WikiLeaks
https://wikileaks.org/spyfiles/russia/
Russia’s laws – especially the new Yarovaya Law – make literally no distinction between Lawful Interception and mass surveillance by state intelligence authorities (SIAs) without court orders. Russian communication providers are required by Russian law to install the so-called SORM (??????? ??????????-????????? ???????????) components for surveillance provided by the FSB at their own expense. The SORM infrastructure is developed and deployed in Russia with close cooperation between the FSB, the Interior Ministry of Russia and Russian surveillance contractors.
About SORM
SORM is the technical infrastructure for surveillance in Russia. It dates back to 1995 and has evolved from SORM-1 (capturing telephone and mobile phone communications) and SORM-2 (interception of Internet traffic, 1999) to the current SORM-3. SORM now collects information from all forms of communication, providing long-term storage of all information and data on subscribers, including actual recordings and locations. In 2014, the system was expanded to include social media platforms, and the Ministry of Communications ordered companies to install new equipment with Deep Packet Inspection (DPI) capability. In 2016, SORM-3 added additional classified regulations that apply to all Internet Service providers in Russia.
The European Court for Human Rights deemed Russia’s SORM legislation in breach of the European Convention on Human Rights in 2015 (Zakharov v. Russia).
Worth to know is that United States has it’s own “SORM”-law called Patriot Act.
It is requiring companies operating on the United States to have “open door”-policy for request from book letter organizations, with a gag order. If you talk about it, you’ll end up in jail.
If you are running a company, vital to so called “national interest”, in United States, Russia and many other countries, you have to do what the book letter organizations tells you, or you will get into trouble.
The only way to get secure hardware and software is to make it yourself.
Patriot Act at congress.gov
https://www.congress.gov/107/plaws/publ56/PLAW-107publ56.pdf
> (??????? ??????????-????????? ???????????)
??????? ?????????? ????????? ???????????
System of Operative Search Activities
See:
https://github.com/audacity/audacity/issues/1213
Their name went to their heads. Their Audacity to be snitches. Their Audacity to spy on their clients.
Now the question is if their customers have the balls to ditch them and find another solution. Or just keep using old versions.
Their customers. A customer is the recipient of a service or a product obtained from a seller or supplier via a financial transaction.
Just becaused somebody used their work by downloading it, that doesn’t make them their customers. There needs to be a financial transaction to be their customers.
Customer some one who pays for a service or product.
So tell me this if someone supports a product being an open source product by giving an amount of money and that money goes to pay people to make a betterment of that said product, I would say that the said people are in fact costumers, EG: product supplied ,product payed for by many people [CUSTOMERS]. YET THE PRODUCT SUPPORTED BY CUSTOMERS FOR CUSTOMERS EXIST BECAUSE OF CUSTOMERS YET SOLD TO PRIVATE COMPANIES SEEMS FAIR TO ME .
PEOPLE PAYING FOR A PRODUCT TO BECOME GREAT THEN SOLD TO PRIVATE COMPANIES FOR PROFIT, GIVE ME A BREAK AUDACITY IS SOLD OFF TO MAKE A COMPANY MONEY AND SCREW THE PEOPLE WHO MADE IT SUCCESSFUL IN THE FIRST PLACE, WHEN THIS HAPPENS DROP THE PRODUCT STOP USING IT THEN THE COMPANY BOUGHT NOTHING AND THAT IS GREAT NEWS AND A GREAT OUTCOME.
@W3
Not necessarily, gratis transactions can be made with customers.
Software likes “users” ‘cuz it can mean most anything.
All are inputs and outputs regardless of terminology.
I want my inputs to result in outputs I control or my outputs can begin controlling my inputs. Then I’m working for free for a software company, a very common involuntary transaction.
@ Steve
Yep, data gathered by using their software and sold to third-parties is a “financial trasaction”.
But they haven’t doing that until now, right? So no you are not their customer.
You will become their customer when they start gathering, until then you are not.
@ ULBoom
Nobody hired you to work for a software company.
And there wasn’t a company until now to work to. They sold audacity IPs etc now to a company, right?
So you are not a customer of them until now, there wasn’t a company around to work for.
@W3
I guess you don’t get their business model. First, they hook you up with the free stuff to make you addict to it (like drug dealers handing free samples). Then, when you and a thousand more (or even millions if you apply this model to certain Android apps) are addicted to it, they cash in (like Audacity is trying to do right now.) So, you are not their customer ONLY if you do not engage in using anything their provide.
They offered free, very effect, versatile software. They aren’t obligated to keep it under the same umbrella forever. That is not the same as getting someone addicted to something so they can’t even resist if they want to.
If I developed software and decided I’m just going to give it away for free, I’m not setting you up so I can gain from you and sell. I decided to let you choose to use my software if you’d like to do that, and this way you chose to download my software and use it because you didn’t want to pay for someone else’s.
Now if I decide down the road I don’t want to work on my software anymore, and someone offers me money for it, I’m also allowed to take that offer. It has nothing to do with you, except that you said, “Yes I would like to use your software,” and I let you.
If that is the way you feel don’t call it open source and sell it in the normal way as propriety software, that will save people money from supporting you while you make the program better, and may I say you where being paid for it by the people who supported the open source as it is suppose to benefit all of us.
IF YOU WANT TO CALL IT YOUR SOFTWARE PROJECT AND SELL IT, BETRAY THE TRUST OF THE OPEN SOURCE VALUES, BY ALL MEANS DO SO BUT DON’T CALL IT OPEN SOURCE, ASK FOR A PRICE AND SEE IF PEOPLE WANT IT, DON’T GET SUPPORT FOR THE PROJECT FROM PEOPLE TO BETTER YOUR PROJECT AND BETRAY THEM, IF YOUR A MAN SELL IT AS PROPRIETY SOFTWARE FROM THE START, IF YOU HAD DONE THAT NO ONE WOULD CARE WHAT YOU DO WITH YOUR SOFTWARE PROJECT, WHAT YOU MISS IS OPEN SOURCE IS ABOUT TRUST NOT PROFIT.
@Steve
I don’t disagree on that, you are right, that’s exactly how they operate.
But you are not their customer until they start cash in.
They give you free stuff to EVENTUALLY make you their customer.
You are not their customer when they give you free stuff without any form of financial benefit out of you.
And honestly if they think that all (like you said) addicted to free stuff will start paying and become their customers, they will be proved wrong.
@W3:
So, are you saying data gathered by using their software and sold to third-parties is not a “financial trasaction”? Or are you saying people PII is worthless so there is no “financial” gain? Also, are you implying Audacity Team is made of rich people burning their cash for the greater good and taking nothing in return? Oh boy.
I was sure that once telemetry in Audacity had been announced, they (the owners) wouldn’t forget about it easily. Perhaps there are no malicious intentions behind the data collection, at least I want to believe there are none, but a fertile space for speculations of untrustful users has appeared.
BTW, do you know any sensible open source substitutes for Audacity? I tried but failed to find any. OceanStudio comes close in terms of functionality (not so robust though) but it is not open source…
Audacium is a great contender download the audacium_20210722-1_amd64.deb file
it works like a charm, I WILL BE USING THIS FORK FROM NOW ON, I use it on Linux mint and have had no problems.
I’m using audacity for years, but I’ve become doubtful where all this is going to lead … Do you know about viable alternatives (freeware) for editing audio?
Ocenaudio looks like a contender.
I use it as my default audio editor in Ableton. One of the best free editors. I don’t think it’s free, but Goldwave is a good editor that I have seen deadmau5 use even though he has Audition. https://www.goldwave.com/features.php
Audacity being an Open Source project, I hope that some developer will fork out a privacy-respecting version of the software. I have been using Audacity for my audio projects over the past 15 years and hope to be able to continue doing so without having to sandbox it.
Forking is the easiest thing to do.
Finding people willing to keep developing the fork for free is the hard part.
Just some patches to remove the spy thing. Pretty easy to do.