back to article Audacity's new management hits rewind on telemetry plans following community outrage

Amid the smell of burning rubber, the new managers of open-source audio editor Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product. Audacity pitched up under the umbrella of Muse Group earlier this month and professed itself to be both "scared and excited." Mere days later, an impressive …

  1. Anonymous Coward
    Anonymous Coward

    Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

    tried too hard, too fast in your scramble for juicy data. They should learn from real pros, look at google. How many years did they work uber-hard to convince humanity all this effort is for humanity's sake, before they started leeching? Years! How many years have the amazon played the card of an online bookstore, before it exploded into the uber-parasite of today? Years! How long did it take new Audacity owners to activate suction cups, a day? Two?

    1. BillG
      Devil

      Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

      He went on: "The response to PR #835 has brought about a realisation at Muse that the convenience of using Yandex and Google is at odds with the public perception of trustworthiness, so we will be self-hosting instead."

      FIFY

      It's too late and Muse has already publicly announced their intentions. I've got Audacity 3.0.2 installed, the last version before Muse assimilated the software into their anti-privacy collective, and I have no intention of ever upgrading.

      1. quxinot Silver badge

        Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

        Well, "What wrong-footed us completely was that the news got out before we were ready to make an announcement about it." strikes me as a complete lack of understanding about what your users want, it wasn't the timing of the information, it was the information itself.

        As far as "We'll have to make do without telemetry for the time being.", you should try ASKING your users, rather than being so bent on being a creepy spy.

        Keep the forks ready, kids! This is absolutely going to be tried again, as Mr K does not seem to understand that telemetry is something he wants, not something the users want.

        1. Wade Burchette Silver badge

          Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

          When the uproar dies down, the telemetry will return. But quietly in the hopes nobody notices. A desire delayed does not mean a desire denied.

        2. ThatOne Silver badge

          Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

          > "What wrong-footed us completely was that the news got out before we were ready to make an announcement about it." strikes me as a complete lack of understanding about what your users want

          It's worse than that: If you parse the sentence, it reads "Unfortunately the news got out before we could sugarcoat them enough". That's not a lack of understanding, that's a total lack of concern about what "the lusers" might want: The admitted goal is to get hold of that juicy personal information, and the only thing he regrets is they were a little too cavalier and hasty about it.

          You don't claim to be "wrong-footed" when caught tearing the dress off a girl during your first date. There isn't much you can claim anyway, since the problem is pretty obvious, you're a shameless sex offender.

        3. John Robson Silver badge

          Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

          "Keep the forks ready, kids! This is absolutely going to be tried again, as Mr K does not seem to understand that telemetry is something he wants, not something the users want."

          This is going to be an unpopular opinion...

          Telemetry isn't necessarily bad - it very much depends on what is being communicated.

          If the software checks for updates the first time it is started each calendar week, and that check includes a tag to say which version you are currently running, and on which platform, then that gives some idea to the developers which platforms are being most regularly used with their software - and potentially guides build/design decisions.

          What *is* almost universally bad is identifiable data being hoovered up.

          The other thing that is universally bad is telemetry that isn't truly consent driven (i.e. I am clearly asked AND I can say no without adverse effects on the operation of the system)

          Various flavours of linux have package popularity (or equivalent) telemetry. Yes, it's very clearly opt in without negative consequence if I don't, but the point is that telemetry isn't necessarily evil.

          Having a view of the features used by users can be useful beyond just seeing what bug reports they submit.

          So yes - keep the forks ready, but those forks being ready might well be sufficient to keep the telemetry truly consent driven, and therefore "not an issue".

          1. Greybearded old scrote Silver badge

            Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

            I get my software from the distribution. It honks me off when the things phone home to the upstream folks to tell me about new versions. It's no longer their business.

    2. John Brown (no body) Silver badge
      Devil

      Re: Audacity have announced a U-turn on plans to introduce "basic telemetry" into the product.

      I thought uber were a relatively new company. I didn't realise there where dark hands behind both Google and Amazon.

  2. C. P. Cosgrove

    Telemetry

    Telemetry is not a subject I have significant problems with so long as it is restricted to how an application behaves and any possible negative interactions with the OS it is installed on. I have Audacity installed on both Win 10 and Linux and I am firmly of the opinion that it is a brilliant application. It is possibly - probably ? - not the application my ex brother-in-law would use, he is after all a professional sound engineer with his own record label, but for me it does everything I need.

    It is probable that to an extent MS poisoned the telemetry well during the development of Win 10, but this was on pre-release development versions where, understandably, MS were watching almost every interaction with the OS under development. Once Win 10 went RTM most of this compulsory telemetry fell by the way-side and it is now extremely easy to restrict telemetry to the functioning of the OS itself, which is entirely reasonable. It is almost certainly true that MS could have explained this period of intense telemetry better and it is largely for this reason that there is still a tremendous amount of FUD about telemetry in general around.

    Chris Cosgrove

    1. Doctor Syntax Silver badge

      Re: Telemetry

      "t is now extremely easy to restrict telemetry to the functioning of the OS itself, which is entirely reasonable"

      Have they changed their T&Cs then? Or have you read them? Certainly when I read them the alarm bells were rung no so much as by what they said as to what they didn't say.

      For instance they gave themselves permission to extract data about transactions. Innocent reader looks at that and says "Quite reasonable. If I conduct a transaction with Microsoft of course they're going to need that." Anyone used to reading more carefully notices what it doesn't say: that they're restricting that to transactions with Microsoft or some affiliate. If they syphon up a few transactions with your bank that's quite OK, their T&Cs allow it.

      I think there were a few other bits like that. Don't take my word for it. Go and read it for yourself. It's possible they've changed the wording and those limits have been imposed. But read it with a critical eye as to what limits it does or doesn't impose. Compare the reality of the legal statement with the PR puffery. What's the worst case, not the sales patter? If you do that critically you can make an informed opinion about FUD for yourself. Do the same with any telemetry - do the T&Cs restrict the vendor in the way your first sentence suggests? The legal agreement is what matters, not the PR promises.

      1. Anonymous Coward
        Anonymous Coward

        Re: Telemetry

        I am unable to find it on wayback machine, but Microsoft did have their T&C's such that they could extract the file from your machine for analysis if it caused a crash. They stated that it was a strictly controlled operation.

        They have since deleted this aspect from their current online T&C's, but i would expect that they have not removed that capability.

        Does anyone have any information on this, or a wayback machine reference ? Thanks.

    2. NetBlackOps Bronze badge

      Re: Telemetry

      With nearly Windows Update, Microsoft tries to restore one or more aspects of the telemetry here and the multiple methods of monitoring in my system catches them red-handed. It's an actual war.

    3. Ilgaz

      KDE

      KDE has an excellent "Telemetry" implementation. I am sure they know about it, they just didn't want to give the user choice.There is a slider coming with nothing as default and if you slide it to right you send more information to KDE project step by step.IMHO it should have been implemented by Mozilla into Firefox rather than simple opt-in/opt-out scheme.

    4. doublelayer Silver badge

      Re: Telemetry

      There are cases where I don't mind the collection of telemetry, but most of the time, it's not valid. I'll admit to having written code on occasion which has the ability to report telemetry, but several caveats apply to every time I've done it:

      1. It is opt in, and the page asking for the user's consent contains a thorough description of what is collected, how it will be collected, how their personal data is kept away from it, and that nothing bad happens if they say no.

      2. It only concerns basic information about the application and doesn't include identifiers.

      3. It gets sent to self-hosted infrastructure so only I can see it.

      4. Users can see the reports as they are sent to check that I have told the truth.

      Even then, there are concerns about the collection of such information. What if there is personal information involved? What if the system on which it is collected is restricted and shouldn't be originating any traffic? More importantly, what information does the telemetry provide that is needed? If you care about crash data, you can ask them to send it when the crash happens rather than sending lots of data when it's working properly. For all these reasons, most if not all software should have a no-telemetry-at-all option.

      1. thondwe

        Re: Telemetry

        Telemetry has gotten a bad name - it has to to be all about Trust - then clearly making the data open and available for inspection to a user is a step in the right direction - but then of course it's likely to get labelled with that user's details! Anonymisation is hard

        Clearly Telemetry data is a godsend to a developer - spotting bugs/issues, allowing focus on improving most used elements in package, dropping unused features etc. greatly augmenting users submitting bug reports/feature requests etc. Just needs to be done in an open and accountable way,..

      2. John Robson Silver badge

        Re: Telemetry

        "4. Users can see the reports as they are sent to check that I have told the truth."

        But can they be sure what you have shown them is the same as what you have sent?

        Spit out a tarball and get them to email it?

    5. Binraider Bronze badge

      Re: Telemetry

      I'm afraid Chris you can't restrict it anywhere near as much as you suggest. Server 2019 allows you to genuinely switch it off; but a cursory look at traffic on my Pihole with Win10 booted up in "minimal" telemetry modes sees more URL's being accessed at Microsoft addresses than anything else combined.

      What part of no data leaves my machine without my permission do MS or Muse not understand. It's quite simple really - I won't be using either by choice any time soon.

      What exactly do they want to know anyway? How much typical users click on certain menus? How often do you have to resort to help to find certain help items? Get a half decent UI designer and talk to your users, don't just blindly bloody spy on them.

      The problem principally is that for all the legit reasons to spy, there are whole bunch of nefarious ones to do so to. Trust is earned, not bought with marketing.

      1. John Robson Silver badge

        Re: Telemetry

        "talk to your users"

        Great in an office setting, somewhat harder for audacity.

        The concept of packaging up use statistics as you described and then spitting out a tarball for users to inspect and email to a collection point is reasonable.

        You could even digitally sign a few bits of it so that you know you are getting untampered data, but if you do that then do also ensure that you are signing small enough bits that people can choose what to send (or let them choose before you spit out the tarball).

    6. DrXym Silver badge

      Re: Telemetry

      Telemetry is a big scary catch all word that can cover a lot of things.

      It could be some app that just wants to know what features someone is using (or not) so they can improve the experience. It could be an app sending a crash report so the devs can fix bugs. Alternatively it could be an app or website that wants to sell someone more stuff by looking at what they do and building up a profile on them. Sometimes it might be a combination of all of that.

      I think the issue is that Muse just bought Audacity and Muse has an obvious incentive to monetize Audacity. If they're going to use telemetry it should be opt-in and the purpose and use of it needs to be clearly stated and visible in the source code.

  3. b0llchit Silver badge
    Facepalm

    Double U-turn

    So, they will not proceed with telemetry hosted at the Bad Guys but then suggest to start on building it within their own infrastructure. How is that a U-turn? As if building a telemetry infrastructure at home makes you the Good Guys? That is a double U-turn.

    Telemetry has no place in most if not all programs. It is not a benefit for the user and only a profiteering market for the data collector(s). Stop it.

  4. Doctor Syntax Silver badge

    "It was a completely innocent mistake that ended up doing the announcing for us... in the worst way imaginable."

    It was a completely stupid mistake resulting from a complete lack of understanding of what their users would let them get away with. Does "innocent" cover that?

    1. ThatOne Silver badge
      Devil

      Yes, because if they had announced it themselves, nobody would had found anything to say!...

      It's the stupidest excuse I've ever heard (and I've heard a lot).

  5. Someone Else Silver badge
    Black Helicopters

    So I took a little trip...

    So, I took a little trip to the Audacity web site to take a look. (I use Steinberg's Wave Lab myself, but wanted to see what else is out there). First thing I noticed is that their web site uses ssl.google-analytics.com and mc.yandex.ru (both of which are blocked by default on my script blockers).

    Seems the virus has already invaded the body...

    1. sus
      FAIL

      Re: So I took a little trip...

      Have you seen Muse Group's website? Last time I checked, it pinged Yandex servers extremely often! This is so wrong.

  6. Anonymous Coward
    Anonymous Coward

    Sorry

    Sorry we got caught

    Sorry

  7. Anonymous Coward
    Anonymous Coward

    Probably not go back

    I used to use Audacity, for fairly basic editing of voice recordings (clip out unwanted sections, normalise, basic enhancements for clarity). Found Reaper did the simple stuff better (for me, anyway). I'd removed Audacity (periodic clear out of apps that have been superseded, or I otherwise no longer use) but was about to reinstall to see what had changed and whether I should return - not now.

    Reaper sits in similar place for audio as DaVinci Resolve does for video editing: a professional grade program that is free (without restrictions) for personal use (although Reaper has the option to buy a low cost licence for personal, non-commercial use - an honesty option).

    1. Anonymous Coward
      Anonymous Coward

      Re: Probably not go back

      Free? Looks like they want $60 after the first month.

      1. iron Silver badge

        Re: Probably not go back

        They even want that 60 bucks from non-profits and for every computer that will be in simultaneous use.

      2. Inventor of the Marmite Laser

        Re: Probably not go back

        From https://www.reaper.fm/

        "You can evaluate REAPER in full for 60 days. A REAPER license is affordably priced and DRM-free."

        Although I do note our erstwhile commentard above suggests this is an honesty option.

      3. fidodogbreath Silver badge

        Re: Probably not go back

        Reaper is awesome. Not the prettiest UI, to be sure, but the program is compact, solid, and highly functional, and its price-performance ratio vs. the Big Name-Brand DAWs is off the charts.

        The absence of DRM in both Reaper and Audactity is huge for artists. You can't run most modern commercial DAWs without either a software 'authorization' app always running or a hardware iLok key, or both. If the vendor goes out of business or changes their 'revenue model' to require monthly rent payments, proprietary file formats mean that your personally-created content becomes either inaccessible or locked behind a paywall.

        Muse Group is a mixed bag. I was really enthusiastic about MuseScore through version 2.x, but the 3.x launch was extremely buggy and painful. That said -- Big Name-Brand Notation Programs are mostly from the same companies as Big Name-Brand DAWs, and are plagued with the same issues: overpriced, bloated, super expensive / rent-seeking, DRM out the wazoo, forced cloud connection, etc.

  8. Pascal Monett Silver badge

    "at odds with the public perception of trustworthiness"

    In other words : We have no problem of trustworthyness in Yandex or Google, but apparently you do. We can't understand why.

    Way to go to demonstrate just how deeply we're no longer able to trust you.

  9. Sparkus Bronze badge

    The one good thing to come from this

    is to open the door for a hypothetical GNU-DAW project.......

    1. boxplayer

      Re: The one good thing to come from this

      There's a Free DAW project already, called Ardour. Multi platform and very good.

      1. Sparkus Bronze badge

        Re: The one good thing to come from this

        There's more than 10 that I could find.

        But GNU-anything rings a bell with a lot of folk.....

  10. Adair Silver badge

    Get ready to stick a fork in it ...

    this one could be nearly done.

  11. Jonjonz

    It's only a matter of time before this operation shows their hand on how they intend to monetize Audacity. Their current methods with other "free" products they offer is to sell Pro versions, or subscriptions to better features or abilities, or sample pack sales.

    This bunch is out to monetize Audacity for sure, one way or another. So much for further development of free updates and new features that are not premium.

    1. AndrewCappo

      Tantacrul's reign over MuseScore has been pretty benevolent.

      Absolutely cocked-up the Audacity revitilization effort, though — never, ever, ever introduce telemetry by default, even as part of an effort to, well, reduce the effort involved in using Audacity.

      Here, none of the comment section cares one whit about his professional music experience or previous open source management record, and here's why:

      It is impossible to tell well-intentioned dumbassery from corporate malevolence; they oft have the same effect.

  12. msobkow Bronze badge

    Ok, so how much CASH did Google and Yandex offer you to try to sell out the user base? That is REALLY what went on here, isn't it? You had some "gravy" coming your way if you sold out all the "pirates" to the American's Google enforcement arm. :(

    1. fidodogbreath Silver badge

      Ok, so how much CASH did Google and Yandex offer you to try to sell out the user base?

      I doubt the combined active user base for Audacity and MuseScore is large enough to merit that level of attention from Google.

  13. Felonmarmer

    "The fact that we were planning on hosting the telemetry data on Google and Yandex was (I think) what convinced some people that we had underhanded intentions."

    Underhand was doing the telemetry in the first place, hosting on Google and Yandex just adds to the suspicions of what you want to do with it.

    Here's some software that people use to make a comercial product, and you want to spy on them to see what they are doing? What could possibly be your motive?

  14. ForthIsNotDead
    WTF?

    Everyone losing their shit over telemetry in Audacity...

    ...and running it on Windows.

    Cry me a river.

    1. Binraider Bronze badge

      Re: Everyone losing their shit over telemetry in Audacity...

      I don't get the downvotes on this. The only slurp anywhere near MS' level of slurping is at Google.

  15. RobLang

    Standard corporate nonpology

    "Sorry you were upset"

    "Sorry there was panic"

    All sounds like:

    "Sorry we got caught"

    And not:

    "Sorry we got that all wrong"

    1. Mike 137 Silver badge

      Re: Standard corporate nonpology

      Nobody these days says "sorry we upset you". They say "sorry you're perverse enough to get upset by what we do".

  16. DrXym Silver badge

    Record setting

    Last week it was all about how awesome it was that Audacity was being bought by Muse but it would be business as usual. A few days later - Muse wants tracking cookies and telemetry.

    1. Anonymous Coward
      Anonymous Coward

      Re: Record setting

      which proves that

      - people are still naive (or, to put positive spin on it: optimistic)

      - cynics rule, and every time 'this' happens, they cheer.

      p.s. I don't want to cheer, but I struggle to find much between humans that's actually positive...

      1. Greybearded old scrote Silver badge

        Re: Record setting

        If us cynics ruled it wouldn't get to happen, would it?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021