Muse Group, the new owner of audio-editing app Audacity, caused a stir in recent days with an update to the software’s privacy policy. It stated that Muse Group will collect users’ personal data and possibly share that information with third parties, including law enforcement and potential buyers. That led to claims from users that the software was becoming “spyware.”
The company has attempted to clear up the controversy, which it says is primarily down to “unclear phrasing in the Privacy Policy,” as Music Radar reported. Muse Group says it will only collect “very limited” data (operating system version, processor type, IP address and opt-in error reports) from Audacity users. Users’ IP addresses are stored in a readable format for 24 hours before they become “pseudonymized and irretrievable.”
Muse Group added it will only share data if required by a court in a jurisdiction in which it operates. It won’t hand over user information following a law enforcement request or otherwise sell or share data. The data collection is “a standard policy requirement for providing services in many jurisdictions, regardless of the depth of data collected or nature of service,” the company said.
“We do understand that unclear phrasing of the Privacy Policy and lack of context regarding introduction has led to major concerns about how we use and store the very limited data we collect,” Muse Group’s head of strategy Daniel Ray wrote on GitHub. The company is working with its legal team on a revised, clearer version of the policy, which it plans to publish soon.
The limited data collection is necessary because of two new features in the upcoming version of Audacity, according to Ray: a way to automatically check for updates, and the optional error reporting. Ray didn’t address a privacy policy request for users aged under 13 not to use the app. The General Public License under which Audacity is distributed doesn’t allow restrictions on the use of software.
The updated privacy policy does not apply “to offline use of the application,” so if you block Audacity’s access to the internet, it shouldn’t be an issue. The policy will only come into force with the next version of the software, 3.0.3. Current and older versions don’t have any networking features and they won’t collect any data.
At best, this was a case of miscommunication which caused concern among Audacity users. Nevertheless, many community members are pushing for a fork of the open-source app without any data collection requirements.