Open-source audio editor Audacity has been labelled as “spyware” over its new data collection policy.

Two months after being acquired by a multi-national company called Muse Group, the cross-platform audio software has drawn widespread criticism for recent privacy policy changes that suggest the app is collecting user data and sharing it with third parties, including state regulators.

Among the various new changes, the updated policy – which was uploaded on 2nd July – states: “All your personal data is stored on our servers in the European Economic Area (EEA). However, we are occasionally required to share your personal data with our main office in Russia and our external counsel in the USA.”

In a section titled “Who does Audacity share your Personal Data with?” it includes “to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this notice.”

Elsewhere, the updated policy now prohibits users below the age of 13. It also states that Audacity will collect data points including a user’s “country based on IP address” and “data necessary for law enforcement, litigation and authorities’ requests”. 

Among those criticising the move is independent open-source commentators FOSS Post, who has suggested the app is now definable as spyware. On the Audacity GitHub and Reddit, there have also been calls to “fork” (essentially to create an independent spin-off) of the software in order to revert back to its original policy.

Read the full updated Desktop Privacy Notice here

Here are some good alternatives to using Audacity.