Site navigation

What’s The Deal with the New Audacity Privacy Policy?

Ross Kelly


Audacity privacy policy
The popular audio editing platform has come under fire for new privacy policies, so what’s the fuss all about?

Audacity sparked controversy this week amid claims that its new privacy policy essentially turns the platform into ‘spyware’.

The allegations, first published by tech site Fosspot, have raged on social media and prompted the company to revise the new privacy Ts & Cs.

Audacity is among the most popular audio editing software tools available, boasting at least 100 million users globally.

In April this year, the platform wash purchased by Muse Group, a Russian-headquartered firm which counts Ultimate Guitar and Staffpad among the companies under its umbrella.

This acquisition initially raised concerns among the platform’s loyal user base. However, the subsequent changes to its privacy policy appear to have been the final straw.

According to Fosspot, the new privacy policy hinted at concerning data practices by the platform, including its ability to hand user data to state regulators and law enforcement wherever it operates.

“Real IP addresses of users remain for 1 day on Audacity’s servers before they are hashed, and hence, practical user identification is possible if one of the mentioned governments sends a data request,” the post read.

Audacity privacy policy?

“One would not expect an offline desktop application to be collecting such data, phoning home and then handing that data to governments around the world whenever they see fit,” it added.

The new policy also restricted users under the age of 13 from using the platform. This, Fosspot noted, is a violation of the GPL licence under which Audacity is released.

Members of the open-source community aired their frustrations at the new Audacity privacy policy, with users on Reddit urging peers to uninstall the software.

The Muse Group has since confirmed the changes to its revised Ts & Cs, insisting that the platform collects a “very limited” volume of user data.

Daniel Ray, Head of Strategy at Muse Group, took to GitHub to clarify the situation. Ray confirmed that the firm is working closely with its legal team to revise the policy and “more clearly communicate” its Ts and Cs.

“We do understand that unclear phrasing of the Privacy Policy and lack of context regarding introduction has led to major concerns about how we use and store the very limited data we collect,” Ray said.

So where does this leave Audacity users?

According to Ray, the Muse Group doesn’t currently sell user data it collects, nor does it share it with third parties

With regard to the data Audacity does collect, Ray appeared keen to emphasise that this remains limited and only includes IP addresses, basic system info and error report data, which is optional.

IP addresses collected by the platform are “pseudonymised and irretrievable after 24 hours,” he added.

Data sharing with regulators and law enforcement was a key concern for users initially, which Ray said the company will only do if “compelled by a court of law in a jurisdiction that we serve”.

In his post, Ray also revealed that the updated privacy policy does not apply to “offline use” of the platform, meaning that users can still use the app offline without any data collection taking place.


Despite the Muse Group’s attempts to alleviate concerns, members of the open-source community weren’t satisfied, with some still pushing for a fork of the app that removes data collection requirements.

Some users on GitHub and Reddit appeared unwilling to accept the firm’s response. One popular comment on GitHub said: “Do you expect any trust from the community? MUSE still does not understand open source software at a fundamental level.

“I am holding out for a fork to gain momentum, and will stay on pre-MUSE Audacity until then.”

Another suggested the Muse Group’s response was the final straw for many users.

“You’ve already destroyed any good will the community had. With the CLA and the proposed privacy policy and the (failed) attempt at adding telemetry, us nerds know exactly what you are trying to do.”

Ross Kelly

Staff Writer

Latest News

%d bloggers like this: