Yes, they updated their privacy and data collection policy.
That’s kinda the blessing and the curse of FOSS. You absolutely can fork the repo, remove the telemetry, and republish it as a new app.
But fragmentation is confusing, requires a lot of maintenance, and really I’m not sure it was worth it. Those who are particularly conscious about the telemetry can block it with a single line in /etc/hosts.
The primary network activity Audacity does is checking for updates, which you don't want in a distro-packaged binary in any case. I don't know if it's "looking out for users".
seriously, people who get outraged over telemetry should temper their anger. most of the time the telemetry isn't used to sell your data or something nefarious (its quite useless if you dont even have a login, like audacity does), its just being used to try to improve the product for you.
i write this as someone who's been involved in one too many debates about the perils of introducing telemetry to a commercial open source thing because "HN would tear us apart"
The problem is you never know what they will share. Today, they just want to track which buttons get clicked. Tomorrow, maybe some eager PM wants to upload all of my environment variables.
If it can fully run locally on my machine, I do not want it sending anything external.
Lastly, as an abused Firefox user, it seems that telemetry is only ever used to justify removing features I like.
> it seems that telemetry is only ever used to justify removing features I like
If the removed features are only features you like, then they probably aren't doing things right... The one most relevant purpose for telemetry I see for Audacity is precisely preventing this from happening, meanwhile fostering a more vigorous growth of the repo by cutting off dead branches. Audacity is over 20 years of development of features, some of which we every now and again wonder if they're still used. Not knowing, we try our best maintaining these, which slows down Development, QA and Design in delivering features that are relevant now.
The problem with this argument is that there's no reason to believe a slippery slope exists. It's just as easy to go from "no tracking" to "digital colonoscopy" as it is when your starting point is "anonymized crash reporting". Any new release of any software could start spying on you.
I did some basic digging and this is at best a misrepresentation[1].
The original email appears to indicate they intended to contact CCP authorities. The inference I took is that they believed the developer was in China.
Later they stated that violation of law in Canada could result in revocation of visa.
So "threated to have someone deported" is maybe a stretch, "tortuted" is pretty untrue.
The github issue appears to show a pretty reasonable attempt by both parties to move forward.
Musegroup's head of strategy posted the following and removed it later after backlash:
"If found in violation of laws, residency may be revoked and he may be deported to his home country. This becomes even further complicated given another repo of his – 'Fuck 学习强国', which is highly critical of the Chinese government. Were he deported to China, who knows how he may be received."
Hard to take that as anything but a threat. My point stands that Musegroup has proven that they should not be trusted with any information about users.
It’s a consent violation. That always warrants anger. The purpose for violating consent is irrelevant.
Using a user’s computer to spy on them when they don’t want it to is extremely rude, in all cases, even if the surveillance data is thrown away and never used.
Developers who implement such features should be named and highlighted and should have trouble finding new jobs. It’s shady and unethical to make such software, doing so should be a black mark on one’s professional record, just like stealing. It is literally malware.
Your assumption that violating consent is ok as long as it isn’t “nefarious” is the problem.
The reason for the "non-FOSS" accusations was not related to the introduction of telemetry, but the new CLA. But they did this around the same time they tried to add (but backed out) telemetry, so people tend to confuse the two events. Which I guess is helpful for Muse.
