Audacity Gets Updated Privacy Policy To Address Spyware Concerns

The Audacity Team has announced that they’ve updated the Privacy Policy for Audacity to address spyware concerns raised by previous updates.

They note:

“We are introducing a revised privacy policy to address the concerns raised with the previous privacy policy published earlier in July.

The original policy, which was drafted in anticipation of the release of Audacity 3.0.3, received a large amount of media attention due to the inclusion of a few key provisions that appeared to some to violate promises we had previously made. We want to address the issues that were raised, give assurances about our intentions, and provide verifiable proof of what information is actually sent from Audacity.

The new privacy policy uses clearer language that we hope will explain our intentions more accurately this time. We are deeply sorry for the significant lapse in communication caused by the original privacy policy document.”

The team has also removed provisions that banned users under the age of 13 from using Audacity.

Here’s a summary of the main changes in the updated Audacity Privacy Policy:

  • Phrasing has been adjusted to remove ambiguity or aid in transparency, in particular that we do not collect any additional information for law enforcement or any other purpose
  • We have explained the purpose of the two networking features, error reporting and update checking
  • We have removed the provision that discourages children under 13 years old from using Audacity
  • We have taken steps to ensure that we never store a full IP address (we now truncate it before hashing or discard it entirely) and have reflected this change in the privacy policy document
  • We have made some changes to how we process error reports to ensure that we never store any potentially identifiable information

For Audacity users that have remaining concerns about the application’s status, a ‘fork’ of the audio editor has been created, Tenacity. Developers that want to contribute can see project info at Github.

24 thoughts on “Audacity Gets Updated Privacy Policy To Address Spyware Concerns

  1. still, there is NO reason that audacity should need any ip, or any connectivity to it. what for? i have used it for my students for years, but no more. who buys open source? russians or chinese.

  2. Audacity has done something that is truly horrible!
    Never trust this software again!
    MIDDLE FINGER TO Audacity!
    Lying scum bags!

    If any of you need a REAL FREE audio editor check out
    https://www.ocenaudio.com/

    ocenaudio began when a brazilian research group at the Federal University of Santa Catarina (LINSE) needed an easy-to-use audio editor loaded with features such as multiple file formats support, spectral analysis and audio signal generation. ocenaudio development focuses primarily on usability, providing the user with a cohesive and intuitive audio editing and analysis tool.

  3. Ocenaudio does NOT do multitrack audio like Audacity. So, stop. No thank you. It will not serve my purpose.

    However, Audacity has needlessly shot itself in the foot. With it’s own gun. Once you have let the genie out of the bottle, it is so hard to get it back in there. I see where this was all a big misunderstanding. The problem is trust. Will I trust this software going forward?

    1. Will you ‘trust’ software that you got for free? Huh? The outrage here is kind of funny to those of us with small businesses.

  4. I’ve read too much Cory Doctorow to trust Audacity or any app or device that stores and transmits user information and IPs. The ‘convenience’ of web-enabled toasters, doorbells, thermostats, vacuum cleaners or recording software is not worth the risk to my privacy. It’s bad simply enough using a cell phone.

    1. Yeah there has rarely been anything added to it through updates in the last ten years that you would miss. However the problem is that anyone with new hardware may be forced into using the latest version by their OS

  5. Anyone who can program is free to take the Audacity code (found in Github) and strip out the offending parts. The code is available and everyone has forever the license to copy and modify it, thanks to the GPL (GNU General Public License) that it is copyrighted under.

    The only thing this apparently evil company bought was the trademarked name, “Audacity.”

    This is apparently what is being done in the Tenacity project. Simply reject Audacity, accept Tenacity, and move on. Any nice things that the Audacity developers add to their code can be incorporated into Tenacity, and anything unwanted can be left out. Thank you, GNU!

  6. Amazing that people can’t tell the difference between companies that collect minimal data to improve software and companies that collect data as a part of monetization. The data they collect is less than if you visited any website and this type of collection is even common among many open source projects.

    1. Perhaps more common in open source in general, but in FLOSS this is definitely not common practice (And undesired by many who use FLOSS). I don’t think anyone mentioned monetization, but the previous privacy policy (Not going to bother getting into the revisions) was not a pleasant one to read and even made it so people under 13 were not allowed to use Audacity. What a trade off for that little data! Let alone the stored IP addresses.

  7. hard to see what the problem is. so many people concerned, yet literally no one cares what goes on in your computer unless you’re isis or selling droogs, gunz or kiddie pron. they just want to be able to send out timely updates and sort the mess that is error reporting. mostly i find people’s extreme reactions to be funny.

    1. “So many people care, but literally no one cares”. Just because you don’t understand the issue at hand at all doesn’t mean people’s reactions are extreme. You clearly have no idea what’s going on or even a basic understanding of what FOSS is, but glad you found the time in your day to ridicule other people’s opinions who do actually have a stake in this.

      1. i’m retired from google. RETIRED. so i have a lot of time on my hands to ridicule what is clearly stupid sh!!

  8. Russian law requires that that all Russian companies collect data on all users and share it with the Russian government, for the purpose of surveillance of its citizens. (Yes, it’s a fascist totalitarian regime.) The great thing is that much modern software expressly forbids this in the license, making Russian software businesses completely unable to compete, unless they flagrantly break their licenses like they’re doing here. What is the legal solution? Will the free software foundation sue them back to the stone ages where fascism belongs?

    1. “Russian law requires that that all Russian companies collect data on all users and share it with the Russian government, for the purpose of surveillance of its citizens. (Yes, it’s a fascist totalitarian regime.) ”

      But it’s not like America is much better on this front.

    2. I wouldn’t argue too much about the ‘fascist regime’ statement, although it is authoritarian, definitely not totalitarian (not yet, at least). But I don’t think there are laws like that in Russia. There is a recent law, that requires any collected personal of the Russian citizen’s data to be stored on servers located in Russia, but this law is being constantly violated by the likes of Google, Apple, etc. who obviously store everything on the cloud, not in any specifically located server.

      But all of this bears asking: what does it all have to do with a mostly offline op-source program for simple audio editing?
      I wouldn’t panic too much. It really seems that they miscommunicated their intentions and plan to collect nothing more than what this very website knows about you already (may be also worth checking what specifically? 🙂

      Not every Russian startup is created to spy on people. Avoid mail.ru group’s products if you are afraid of that.

  9. > what does it all have to do with a mostly offline op-source program for simple audio editing?

    Read your comment and you’ll see the problem. We are talking about an audio editing app. Why the hell would it need to go online? There was a torch iPhone app a few years ago, but once you installed it, sent to their servers all the details in your contacts.
    > I wouldn’t panic too much. It really seems that they miscommunicated their intentions and plan to collect nothing more than what this very website knows about you already (may be also worth checking what specifically?

    Give an inch and they’ll take a mile.

    The trouble is, once they have your data, the horse has bolted. It only takes a single breach, and all of a sudden your data is for sale the dark web.

    And if you look on the GitHub issue where Muse Score’s “Head of Strategy” threatens a Chinese national, it kind of makes me feel sick in the stomach.

Leave a Reply