The policy update stated that Muse Group would be collecting a variety of data; most of which is commonplace—like crash reports, non-fatal error codes, user computer information, and geographical location—but some raised eyebrows, like “data necessary for law enforcement and authorities’ requests (if any).” It also added that the software is “not intended for individuals below the age of 13” and requested that people under that age “please do not use the App.” While that age may seem arbitrary, it’s not; 13 is the age under which a company will have to deal with various international child data collection laws and limitations.
The Russia-based company also dropped a shocking new Contributor License Agreement (CLA) on Audacity’s GitHub page. In it, Muse Group’s Head of Strategy, Daniel Ray, explained that all future and past contributors are bound by the agreement; this gives the company full rights and control over contributed code (including how it is or can be used). The agreement states that “contributors retain copyright to their code and are free to use it however they like,” but also that they won’t have a say in any code already merged into Audacity.
Why implement the CLA, you ask? Muse Group intends to relicense the software, moving it from GPLv2 to GPLv3, which would open it up to a wider variety of technologies and libraries that the company is interested in. For the record, it owns several popular music-centric applications, like Ultimate Guitar, MuseScore, StaffPad, Tonebridge, and MuseClass.
The CLA and relicensing efforts are all fine and dandy (and certainly not unheard of in the open-source community) and either would probably go over more or less just fine with users, but the problem lies with the fact that Ray said the company might decide to dual-license the code. This could potentially allow Muse Group to put out a separate version of Audacity under a different license. Ray cited vendor redistribution requirements (say, for Apple’s App Store) as the reason why this clause is necessary, but the statement is quite vague and could have other implications.
The new CLA also states that Muse Group can use contributor code in other closed-source products “to support the continued development of Audacity.” While the company already does this with its own code, “the CLA allows us to do it with our contributors’ code, too. This is necessary because community code and internal code often get mixed in ways that are difficult to separate later on … We cannot allow the fact that we accept contributions from the community to become a disadvantage that prevents us from using our code in other products.”
Given Audacity’s open-source nature, it’s easy to see why the CLA has caused such a ripple within the community. Tons of people have contributed to the software’s code over the years, and it would likely be a massive undertaking to get them all to sign off on these changes. However, in reply to a comment voicing such concerns on the CLA blog post, Ray emphasized that Muse Group would only need major contributors to sign off. Trivial commits (single submissions with only a few lines of code) would simply be rewritten so the company wouldn’t have to track down all original authors and get them to sign off as well.
Not surprisingly, some users have already forked the software into a new project, dubbed (appropriately) Tenacity. While there’s no guarantee that the project will survive or be favored over Muse’s version (or any other alternative programs), the fate of that version of the software is still up in the air. Here’s hoping it lands on its feet in one way or another.