> The company's compliance with law enforcement is limited to what is actually required by law.
I'm distressed at how quickly the article brushes this off. What could The Law possibly demand of a music editors users? What am I misunderstanding here?
I believe that once your open source software vendor collects telemetry, it becomes a concern to the users what kind of a custodian they will be for the data they collect. "Would they volunteer their users' data if asked by law enforcement?" for example would be a concern. And this answer seems to be "No, but they would comply with lawful court orders to produce their users' data."
I meam it's just such a strange statement. Are they really equipped to judge what is and isn't "actually required by law"? Would they be morally obligated to report the rogue officials illegally demanding information?
It's not illegal for law enforcement officials to ask companies for records nor is it illegal for the companies to give it unless it's explicitly privileged (like medicine, religious/legal counsel, etc). The law enforcement agents asking for the info are not rogue. It's tantamount to interviewing someone who might have information about a crime. The difference is that it's so terribly easy to go fishing for an enormous amount of information and companies can legally just go ahead and comply.
I think it's actually occurred in the past (many times?) which is why it's identified as an item of concern.
If someone asked me to hand over access to a database with thousands if not millions of peoples PII, I would expect it to be "on the books", not just some fishing expedition. I would feel forced to hire lawyers just to validate the request. Fishing around would cause real harm to innocent bystanders.
I understand the practicality of smaller scale inquiries, but at a certain size the rules really aught to change, no?
> If someone asked me to hand over access to a database with thousands if not millions of peoples PII, I would expect it to be "on the books", not just some fishing expedition. I would feel forced to hire lawyers just to validate the request. Fishing around would cause real harm to innocent bystanders.
In the US you may not even be given any choice in the matter. They just hand you a national security letter and you're forced to give them access to anything they want for as long as they want it while being forbidden from ever telling anyone (your customers, your shareholders, the press, etc) that it's even happening. The laws really need to be changed, but how do you petition government to give up so much power? Hell, the NSA has outright lied to congress about what they're doing so our lawmakers can't even know about the data collection going on until some brave whistleblower comes along who is willing to sacrifice everything to let us know.
A agent with black sunglasses and a national security letter is a very different case from cops going on a fishing trip. It's a bad idea to ignore the former. But there is probably (IANAL) no requirement to answer to queries of the latter, unless they also have a court order.
Why collect the data in the first place? When you aren't collecting IP addresses or CPU and OS details you don't need to worry about things like who is going to be responsible for maintaining, securing, removing, or providing that data when law enforcement (or the state) comes knocking. Nobody using the software is asking for this data collection.
Even with their "assurance" that data isn't kept for more than 24 hours, that's more than enough time for it to copied and shared with any number of parties and without independent audits we have no means to be certain the data is being cared for or removed as they claim.
Just don't collect any more info that you absolutely need and users don't have to put their faith in you that it won't be abused, you don't have to deal with the headaches and if law enforcement should ever come around asking you can just say "Sorry, we don't collect that information" and you don't have waste time dealing with those requests either.
They don't need the IP address for that. Of course their routers will see the address but they don't have to store it. If they store it it's because they need it for some reason.
> We have taken steps to ensure that we never store a full IP address (we now truncate it before hashing or discard it entirely) and have reflected this change in the privacy policy document
Depending on how much they are truncating, it might still be easily de-anonymized.
There are other ways to do that besides pulling the data off the host machine. For example, they could prompt users to choose their OS prior to downloading and track downloads. Give different (or even identical) copies of the installer version numbers depending on the OS that was selected so updates only have to see what version you have installed to know which OS is in use. Maybe add a prompt letting users whose OS doesn't match the version they're running know that if they have issues to download the version for their OS...
Seems over-complicated (and it is because they could just decide to stop supporting an old OS on their own using any number of criteria), but still probably less work than collecting and securely storing IP addresses and computer details, trying to anonymize that data, controlling access to that data, making sure it's all deleted appropriately, having lawyers review court orders for the data they've collected, etc.
You cannot hand over what you don't have. A software being offline has that advantage going for it. You don't see law enforcement going to the GIMP's development team saying "we need this persons GIMP data", which is arguably more likely to be abused.
Right, but I'm just explaining why there is nothing unusual or alarming about a privacy policy saying that they will comply with law enforcement when legally required.
This is all a non-issue since the telemetry is entirely opt-in and can even be stripped out entirely with a single make flag.
You could be leaking enough data about the hash or acoustic fingerprint of files users are editing which could be correlated with enough unique information to identify a user.
On the positive side you could identify the user who created ransom_message.mp3 in the exceedingly unlikely case this scenario comes to pass. More realistically you could identify the creator of unpopular_religious_message005.mp3 or how about helping a repressive regime locate any and all creators of any of 385 banned religious or political ideas?
"plus ça change, plus c'est la même chose" translates as "the more things change, the more they stay the same." The only reason I know this is from Rush lyrics ;)
>I have been doing 3.0.3 Release Candidate testing and all seems good:
>a) error and crash reporting are one-off opt-in each time you get such a dialog,
>b) the update checking dialog that you get on initial launch of 3.0.3 enables you to turn off update checking in Application prefs BEFORE you hit the OK button - and thus no data is sent.
Everything is now as opt-in as it can be expected to, and the privacy policy has nothing untoward in it. I'm not super happy with how long it took to get to this point, but at least the wound has been debrided.
This seems like a reasonable and thorough response. They revised and cut unnecessary bits and added clarification where possible within a reasonable time frame for these matters. Good job.
I really don't get the wailing and gnashing of teeth against even the principle of adding update checking and error reporting features. Real, regular people will get tangible benefits from these features. Their scope is so limited and implementation (now) drawn down to such a sharp point I can't really sympathize with a hard-line counterposition that these features must be defacto evil.
The "wailing and gnashing of teeth" is against updates and error checking being opt-out, or even not opt-outable at all.
Sometimes this gets mixed with observations that telemetry and auto-updates are modern-day antipatterns, encouraging bad software development practices and resulting in subpar products.
Personally, I feel that a ToS/privacy policy for Audacity would be more palatable if it explicitly limited scope of data collection to optional features of update checks and error reports.
The question of data collection could use a little reverse consideration: what could Audacity possibly collect that would be of interest to law enforcement? The only thing I can think of is IP address with a timestamp (which I'm not sure would be admissible as evidence anywhere) given their current stance, or....more? They want to add video so they have to be prepared for e.g. pedo interest? The circumstances in the movie "Blow Up?" I really can't think of anything from the real world.
Beyond that, there's nothing that requires them to allow for this in their TOS. There's no loose end by not including it; it's not a 't' to be crossed or an 'i' to be dotted.
I'm eager to be corrected, but I just don't see why they'd need to change the TOS at all except to replace some ownership info.
I had a big comment drafted but I'm realizing that I'm basically copy-pasting the whole policy and comments (as said elsewhere itt, "Everything is now as opt-in as it can be expected to be"), so it would be quicker and more accurate to ask you to just read the new privacy notice directly to see that everything you asked for and more is already present. It's quite readable:
You have to come up with the modicum of empathy to put yourself in the shoes of the users to be able to understand why they are angry.
• You must acknowledge that privacy is a basic human right.¹ Maybe you were brought up in a culture where these rights don't count; well, here's your opportunity to learn and grow. Maybe you have simply forgotten your school lessons, that's not good and the blame falls squarely on your shoulders then.
• The users were promised UI improvements and an eighth zoom button, instead they got malicious software and bad treatment from the new owners.
• Look at what Muse originally planned, not what they compromised to after the public push-back.
• There is a person at Muse named Daniel Ray who is a sociopath and lacks the basic decency/internal filter in communicating with other people and utter lack of self-preservation for avoiding bad consequences for himself, such that he thinks that threatening a software developer on public Github with doxxing him into the gulag is an acceptable thing to do.
¹ Let's see how these rephrases violating some other human rights feel: "I really don't get the wailing and gnashing of teeth against even the principle of forced castration and hysterectomy." "I really don't get the wailing and gnashing of teeth against even the principle of trading and using chattel slaves."
> We have removed the provision that discourages children under 13 years old from using Audacity
This point is very important. Like many other open source projects, Audacity is used in a very large number of education-related projects. Having 13 as the minimum age was going to be a huge problem.
I agree, but if memory servers correct they are lying here.
Or at least being extremely disingenuous.
They didn't discourage children under 13 years old from using
Audacity. They forbade children under 13 years old from using Audacity.
I need to understand. Lets say I have an inquisitive 8 year old kid at home who does arduino and pi and 3d printing and Python and now even does YouTube and stuff.
They are saying now that they have implemented telemetry that a resident offline software cannot be used by aged 13 and below? Why?
What has the law to do with offline apps on a personal computer owned by a family home when the machine is supposed to be "family machine". The next thing you know windows will forbid ages 13 and below from using their products?
Its not like there are dangers of pedos by using audacity? What about "YouTube kids"? How is that allowed when its online with automated content moderation but audacity is not for kids?
As I read it this was (based on the previous revision of the policy) - "we're planning to store some data on all users, with no way to opt out. However, in some regions, we cannot/shouldn't store data on people who are 13 or under. So, if you're 13 or under, please don't use this software as we'll be storing data on you."
"Hopefully the Muse Group will learn from these missteps and proceed a bit more carefully from here on out. A focus on real improvements for users and better communication with the user community would help to rebuild trust. It would also be nice if the Internet would learn to damp its reactions a bit — but there seems to be little hope of that. If the Audacity project can find a way to reconnect with its wider community, though, at least one thing will have gotten a little better."
Once you have lost your users' trust, it is very hard to get that trust back. Especially if your "better communication" is simply to walk back (er, "clarify") some of your more outrageous statements. (Pro tip for these kind of situations: start by demanding the moon. Then, when you settle for merely owning, say, California, you look generous.)
This is incidentally before their "Head of Strategy" tried to shut down the equivalent of youtube-dl for sheet music by threatening to work with the Chinese government to get at a Chinese dissident living abroad potentially facing death or imprisonment at home.
52 comments
[ 2.7 ms ] story [ 40.4 ms ] threadI'm distressed at how quickly the article brushes this off. What could The Law possibly demand of a music editors users? What am I misunderstanding here?
I think it's actually occurred in the past (many times?) which is why it's identified as an item of concern.
I understand the practicality of smaller scale inquiries, but at a certain size the rules really aught to change, no?
> I understand the practicality of smaller scale inquiries, but at a certain size the rules really aught to change, no?
shrug throw it on the pile of sorely needed legislative changes. The laws just haven't kept up with things.
In the US you may not even be given any choice in the matter. They just hand you a national security letter and you're forced to give them access to anything they want for as long as they want it while being forbidden from ever telling anyone (your customers, your shareholders, the press, etc) that it's even happening. The laws really need to be changed, but how do you petition government to give up so much power? Hell, the NSA has outright lied to congress about what they're doing so our lawmakers can't even know about the data collection going on until some brave whistleblower comes along who is willing to sacrifice everything to let us know.
https://en.wikipedia.org/wiki/Third-party_doctrine
Even with their "assurance" that data isn't kept for more than 24 hours, that's more than enough time for it to copied and shared with any number of parties and without independent audits we have no means to be certain the data is being cared for or removed as they claim.
Just don't collect any more info that you absolutely need and users don't have to put their faith in you that it won't be abused, you don't have to deal with the headaches and if law enforcement should ever come around asking you can just say "Sorry, we don't collect that information" and you don't have waste time dealing with those requests either.
To sell, obviously.
https://github.com/audacity/audacity/discussions/1353
They want to know when it’s safe to drop support for a particular operating system version.
Depending on how much they are truncating, it might still be easily de-anonymized.
Seems over-complicated (and it is because they could just decide to stop supporting an old OS on their own using any number of criteria), but still probably less work than collecting and securely storing IP addresses and computer details, trying to anonymize that data, controlling access to that data, making sure it's all deleted appropriately, having lawyers review court orders for the data they've collected, etc.
This is all a non-issue since the telemetry is entirely opt-in and can even be stripped out entirely with a single make flag.
On the positive side you could identify the user who created ransom_message.mp3 in the exceedingly unlikely case this scenario comes to pass. More realistically you could identify the creator of unpopular_religious_message005.mp3 or how about helping a repressive regime locate any and all creators of any of 385 banned religious or political ideas?
The "telemetry" hysteria was dumb. But the licensing complaints are legit.
The current state of affairs (from Muse Group's perspective) is here: https://github.com/audacity/audacity/discussions/1353 (published today)
>I have been doing 3.0.3 Release Candidate testing and all seems good:
>a) error and crash reporting are one-off opt-in each time you get such a dialog,
>b) the update checking dialog that you get on initial launch of 3.0.3 enables you to turn off update checking in Application prefs BEFORE you hit the OK button - and thus no data is sent.
Everything is now as opt-in as it can be expected to, and the privacy policy has nothing untoward in it. I'm not super happy with how long it took to get to this point, but at least the wound has been debrided.
I really don't get the wailing and gnashing of teeth against even the principle of adding update checking and error reporting features. Real, regular people will get tangible benefits from these features. Their scope is so limited and implementation (now) drawn down to such a sharp point I can't really sympathize with a hard-line counterposition that these features must be defacto evil.
Sometimes this gets mixed with observations that telemetry and auto-updates are modern-day antipatterns, encouraging bad software development practices and resulting in subpar products.
Personally, I feel that a ToS/privacy policy for Audacity would be more palatable if it explicitly limited scope of data collection to optional features of update checks and error reports.
Beyond that, there's nothing that requires them to allow for this in their TOS. There's no loose end by not including it; it's not a 't' to be crossed or an 'i' to be dotted.
I'm eager to be corrected, but I just don't see why they'd need to change the TOS at all except to replace some ownership info.
https://www.audacityteam.org/about/desktop-privacy-notice/
• You must acknowledge that privacy is a basic human right.¹ Maybe you were brought up in a culture where these rights don't count; well, here's your opportunity to learn and grow. Maybe you have simply forgotten your school lessons, that's not good and the blame falls squarely on your shoulders then.
• The users were promised UI improvements and an eighth zoom button, instead they got malicious software and bad treatment from the new owners.
• Look at what Muse originally planned, not what they compromised to after the public push-back.
• There is a person at Muse named Daniel Ray who is a sociopath and lacks the basic decency/internal filter in communicating with other people and utter lack of self-preservation for avoiding bad consequences for himself, such that he thinks that threatening a software developer on public Github with doxxing him into the gulag is an acceptable thing to do.
¹ Let's see how these rephrases violating some other human rights feel: "I really don't get the wailing and gnashing of teeth against even the principle of forced castration and hysterectomy." "I really don't get the wailing and gnashing of teeth against even the principle of trading and using chattel slaves."
This point is very important. Like many other open source projects, Audacity is used in a very large number of education-related projects. Having 13 as the minimum age was going to be a huge problem.
> The App we provide is not intended for individuals below the age of 13. If you are under 13 years old, please do not use the App.
They did not forbid it.
What has the law to do with offline apps on a personal computer owned by a family home when the machine is supposed to be "family machine". The next thing you know windows will forbid ages 13 and below from using their products?
Its not like there are dangers of pedos by using audacity? What about "YouTube kids"? How is that allowed when its online with automated content moderation but audacity is not for kids?
and it was shared 2 weeks ago also. Best to move along to more current developments.
Discussion on the mentioned Latest Update https://news.ycombinator.com/item?id=27927407
Once you have lost your users' trust, it is very hard to get that trust back. Especially if your "better communication" is simply to walk back (er, "clarify") some of your more outrageous statements. (Pro tip for these kind of situations: start by demanding the moon. Then, when you settle for merely owning, say, California, you look generous.)