In response to reckless telemetry promotion by the Muse Group, which bought out the intellectual property and trademarks associated with Audacity, the Sartox Free Software organization, as part of the Audacium project, began developing a fork of the Audacity sound editor, getting rid of the code related to the accumulation and sending of telemetry.
In addition to removing questionable code that makes calls over the network (sending telemetry and crash reports, checking for updates), the Audacium project also notes redesigning the code base to make code easier to understand and easier for newcomers to participate in development. The project will also expand the functionality by adding features requested by users, which will be implemented in accordance with the wishes of the community.
At the same time, another fork of Audacity was founded - "temporary-audacity", which has retained the original name for now, but is in the process of choosing a different name, since Audacity is a trademark of the Muse Group. Fork was founded by Christoph Martens.
The temporary-audacity project is planned to be developed as a clone of the Audacity codebase, free from changes that are questionable from the community's point of view. For example, the code will be spared from sending telemetry, crash reports, and other network activity. 8 developers have already joined in making corrections to temporary-audacity, 10 pull requests and 35 change proposals have been sent.
In the meantime, representatives of the Muse Group tried to dispel concerns that arose after the publication of new privacy rules. It is alleged that suspicions of impure intentions are groundless and are caused by the use of not entirely clear wording in the text in the absence of the necessary clarifications and explanations (the text of the rules will be rewritten). Main theses:
- Muse Group does not and will never sell or transfer to third parties any data obtained as a result of telemetry collection.
- The stored data is limited to information about the IP address, OS version and CPU type, and optionally reports with error information. Data on the IP address is anonymized without the possibility of recovery 24 hours after receipt.
- At the request of law enforcement agencies, courts and authorities, only the information noted in the previous paragraph can be provided. No additional data other than those listed above is collected for any purpose. Data on IP addresses can only be transmitted if requested within 24 hours, after which time the data is permanently deleted. When requested by a court or law enforcement agency, information is released only when explicitly requested in the jurisdictions in which the company operates, and this is standard practice for all companies.
- The privacy policy does not apply to offline use of the program. The publication of the document is due to the need to comply with the regulation on the protection of personal data in the European Union (GDPR), as the next release of Audacity is expected to add features related to obtaining information about users' IP addresses. In particular, Audacity 3.0.3 will add the function of automatic update delivery with sending requests to check for a new version and the transmission of problem reports from the program (by default, sending crash reports is disabled, but can optionally be activated by the user).
Source: opennet.ru