Any reactions to Muse Group's new user-data policy on Audacity?
https://fosspost.org/audacity-is-now-a-spyware/
There has been some discussion just recently over the fact that Muse Group, which (reportedly) also owns MuseScore, is imposing user data-collection procedures on the widely-used audio editing program Audacity (see attached link). The extent of this data-gathering is such that Audacity is being labeled as "spyware."
Does any of this have implications for the future of MuseScore? Can anyone with connections to Muse Group address this issue?
Comments
I have no connection, but it seems pretty plainly apparently this just a huge misunderstanding by some people who seem to misinterpreted the changes to the privacy policy that are legally necessary in order to implement automatic update and crash reporting facilities as somehow being akin to spyware. It's pretty ludicrous, really, that a number of blogs and so forth managed to take this non-story and make a big deal out of it rather than doing some basic research. but luckily there any number of more reputable news sources that correct this.
But yes, Muse Group is indeed the current name of the parent company for both Audacity and MuseScore. And for the record, MuseScore has had automatic update and crash reporting for quite some time, so these changes were made long ago - hence, no implication for the future of MuseScore.
In reply to I have no connection, but it… by Marc Sabatella
---The question is : does MS collect those information in normal circumstances (no crash to report about) and when automatic update is disabled ?---
Edit: MS seems to collect info only when the Telemetry is activated. What is collected exactly ?
Nevertheless, when one read Musescore's Privacy Policy, and they speak only both websites and the mobile app. Nothing about the desktop app. I could not find anything in the desktop app itself.
This isn't really compliant to the European GDPR, isn't it ?
In reply to The question is : does MS… by parkingb
When you first start MuseScore, it asks if you want to opt-in to the collection of telemetry data - information used to help developers understand how the application is used, which in turn helps on understand ways of making improvements. The dialog asking if you want to opt-in does go into a ton of detail, but it is pretty explicit about the sorts of things this does and doesn't mean ("how often you use certain features, statistics on preferred file formats, crashes, number of instruments per score, etc"). If you want more detail, you can always browse the source code, or find someone else with the necessary skills and motivation to do so for you. That's the beauty of open source.
So you can opt-in to this if you want, or decline if you prefer not to help in this way.
To be clear, again, this has all been in place for some time already. And it's pretty much identical to what a ton of other software - open source and otherwise - has also been doing for years.
In reply to When you first start… by Marc Sabatella
For what I know about GDPR, the application must explicitly list the information that are collected, the purpose of that collection and their retention period. I can't find any one of these in the soft.
The dialog giving a "ton of details" is maybe presented when you start the application for the first time. But is nowhere to be found afterwards.
In the "About" dialog, one shoud have a link to a "Privacy policy" explanation.
Some doc I came accross: Open Source Projects and the GDPR.
I think this is missing for the desktop app. And this should be a serious pitfall.
In reply to For what I know about GDPR,… by parkingb
In case anyone else does the same thing, I went to this site ( https://www.privacypolicies.com/blog/gdpr-open-source-projects/), which says: "Our Privacy Policy Generator can help you generate a customized Privacy Policy in around three minutes, for free." I filled in a list of variously obvious and sometime silly questions, just out of interest. At the end it demanded $123. What a scam.