Audacity 3.0 called spyware over data collection changes by new owner
Audacity, the well-known open-source audio-editing software, has been called spyware in a report, with privacy policy changes revealing the tool is collecting data on its users and sharing it with other firms, as well as sending the data to Russia.

Audacity was acquired by Muse Group in May, a company that also controls Ultimate Guitar, MuseScore, and Tonebridge. Since the purchase of Audacity, changes have been discovered in online support documents indicating that it is being used to perform data collection on its users.
The privacy policy page for Audacity was updated on June 2, reports Fosspost, with some additions relating to the collection of personal data. Specifically, that the app collects a variety of details relating to the users Mac.
The list of data includes the operating system and version, the user's country based on their IP address, non-fatal error codes and messages, crash reports, and the processor in use. Under data collected "for legal enforcement," the software collects "data necessary for law enforcement, litigation, and authorities' requests (if any)," though no specifically what data is collected in such cases.
IP addresses are stored "in an identifiable way only for a calendar day," stored as a hash with a daily-changed salt. The hash is stored for one year before deletion, though the company also claims the salt "is not stored on any database and cannot be retrieved after it has been changed."
It is claimed the one day of storage is enough for a government entity to identify a user, with sufficient resources and legal authority.
The data is said to be stored within the European Economic Area, though the language of the policy also mentions that the company is "occasionally required to share your personal data with our main office in Russia and our external counsel in the USA."
The personal data may also be shared with a long list of entities, including "advisors" and "potential buyers," as well as law enforcement bodies, regulators, courts, and other third parties.
While previously the app was available for all ages to use, as per the GPL license, the privacy policy also includes language that says people under 13 years old to "please do not use the app." This is considered a violation of the GPL license that Audacity is released under.
Conversations on both Reddit and GitHub have include talk of a fork of Audacity into a new project, in a bid to eliminate it of the data collection and licensing alterations.
While the privacy policy changes have caught the most attention, it seems that performing data collection has been a plan of the company since its purchase. On May 4, a GitHub update revealed the app was supposed to include opt-in anonymous analytics data collection, handled through Google and Yandex, with the developers stressing it was "strictly optional and disabled by default."
A later update on May 13 attempted to answer complaints and outcry about the telemetry, including dropping the proposed telemetry features. At the time, it was determined that data collected from error reporting and checks for updates would be self-hosted, taking Google and Yandex analytics out of the loop over perceived trust issues.
AppleInsider has confirmed that the telemetry is still being sent in testing on July 4 and July 5.
Update June 5, 7:25 AM Eastern: Details of earlier telemetry proposals and AppleInsider test results added.
Keep up with everything Apple in the weekly AppleInsider Podcast -- and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too.If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.

Audacity was acquired by Muse Group in May, a company that also controls Ultimate Guitar, MuseScore, and Tonebridge. Since the purchase of Audacity, changes have been discovered in online support documents indicating that it is being used to perform data collection on its users.
The privacy policy page for Audacity was updated on June 2, reports Fosspost, with some additions relating to the collection of personal data. Specifically, that the app collects a variety of details relating to the users Mac.
The list of data includes the operating system and version, the user's country based on their IP address, non-fatal error codes and messages, crash reports, and the processor in use. Under data collected "for legal enforcement," the software collects "data necessary for law enforcement, litigation, and authorities' requests (if any)," though no specifically what data is collected in such cases.
IP addresses are stored "in an identifiable way only for a calendar day," stored as a hash with a daily-changed salt. The hash is stored for one year before deletion, though the company also claims the salt "is not stored on any database and cannot be retrieved after it has been changed."
It is claimed the one day of storage is enough for a government entity to identify a user, with sufficient resources and legal authority.
The data is said to be stored within the European Economic Area, though the language of the policy also mentions that the company is "occasionally required to share your personal data with our main office in Russia and our external counsel in the USA."
The personal data may also be shared with a long list of entities, including "advisors" and "potential buyers," as well as law enforcement bodies, regulators, courts, and other third parties.
While previously the app was available for all ages to use, as per the GPL license, the privacy policy also includes language that says people under 13 years old to "please do not use the app." This is considered a violation of the GPL license that Audacity is released under.
Conversations on both Reddit and GitHub have include talk of a fork of Audacity into a new project, in a bid to eliminate it of the data collection and licensing alterations.
While the privacy policy changes have caught the most attention, it seems that performing data collection has been a plan of the company since its purchase. On May 4, a GitHub update revealed the app was supposed to include opt-in anonymous analytics data collection, handled through Google and Yandex, with the developers stressing it was "strictly optional and disabled by default."
A later update on May 13 attempted to answer complaints and outcry about the telemetry, including dropping the proposed telemetry features. At the time, it was determined that data collected from error reporting and checks for updates would be self-hosted, taking Google and Yandex analytics out of the loop over perceived trust issues.
AppleInsider has confirmed that the telemetry is still being sent in testing on July 4 and July 5.
Update June 5, 7:25 AM Eastern: Details of earlier telemetry proposals and AppleInsider test results added.
Keep up with everything Apple in the weekly AppleInsider Podcast -- and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too.If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.
Comments
https://www.makeuseof.com/tag/best-free-cheap-audio-editors-mac-os-x/
Ocenaudio looks nice for single track editing and completely free. It has a much better UI than Audacity:
https://www.ocenaudio.com/features
It has support for VST plugins for effects - https://freevstplugins.net
Garageband will work for multiple tracks but usually needs the latest OS. Someone will probably fork Audacity and remove data tracking code if it's been added but the privacy policy might just be worded in a way that looks worse than it is. Most companies will track some kind of stats about their active userbase. The privacy policy for Parallels has similar wording:
https://www.parallels.com/about/legal/privacy/
"Data we process if you use our Products:
Parallels processes Personal Data when you install and register one of our Products. Some of this information will be processed automatically when installing our Products. This includes the following "Product Installation Data":
- Your browser type;
- Operating system;
- IP address;
- Broad geographical location (i.e. country, city and (where applicable) state);
- Product name and version;
- Hardware or machine ID and (for certain products) computer model and name;
- Your preferred language;
Although we make every effort to preserve user privacy, we may need to disclose personal information when required by law, such as when we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order, or litigation or other legal process or action (whether or not initiated by Parallels) to protect Parallels’, our users' or third parties' rights, property or safety. We will transmit data to public authorities such as law enforcement or tax authorities only in the case of a legal obligation to do so based on a request for information from the respective authority."Over $2,000 of free plugins and free updates from “greedy Apple”.
Next one....
Mac users may be more inclined to dl outside of the MAS than iOS users outside of the App Store, but I still think the majority of apps are dl'd through it. Windows is the exception because Windows users typically are more used to downloading from the web instead of an app store, which really wasn't a thing until Win8 in 2012. No, Windows Marketplace (hahahahahahahahaha) doesn't count. Wait, where was I?
Oh yeah, please stop with the FUD.
As I already said, sideloading and alternate app stores ave alway been a reality for Android. Their impact could generously be called minimal. More accurately, the impact could be described as near non-existent. I'm pretty confident it will be the same for the App Store.
A series of disc images from floppies took maybe 10s to install vs what might have taken many minutes chug, chug, chugging away in their day...
Thankfully one could upgrade the drive, ram, battery... Sigh...
Sounds like FOSSpost is reacting to a proposal for a not yet released version. That proposal has been walked back.
https://arstechnica.com/gadgets/2021/07/no-open-source-audacity-audio-editor-is-not-spyware/