I read that, which is why I asked the question. None of those concerns make the original Audacity not "FLOSS".
Telemetry (which was opt-in and not merged), crash reporting, etc. do not make software non-free. CLAs do not violate the GPL -- the FSF uses a CLA for GNU projects. So neither of these make Audacity non-FLOSS.
The privacy policy language is not binding and does not override the GPL. I think including it was a mistake and that it should be removed, solving the problem. Plenty of proprietary software (Windows, etc.) has crash reporting and telemetry and doesn't have a blanket "no kids allowed" policy, and Microsoft has better lawyers than Muse Group.
It would certainly be a good idea for Audacity to, by policy, enforce that any kind of crash reporting, auto-updating, analytics, etc. is opt-in. Perhaps the existence of a fork will push them to do this.
"Telemetry (which was opt-in and not merged), crash reporting, etc. do not make software non-free."
Collecting "telemetry" on minors, specifically under 13, without the minors' parents permission is illegal. In order to collect telemetry, they have to restrict the application's use to those over 13 (added to their privacy policy, for some reason, but I suspect that would not be satisfactory), which violates the "no restrictions on use" clause from the GPL.
>which violates the "no restrictions on use" clause from the GPL
This seems to be a bad interpretation. This is not adding restrictions on use, this is complying with other legal restrictions that are already there. If that were true, you wouldn't be able to have things like chat clients be GPL, because the same restrictions would apply there with allowing chat servers to collect data.
The GPL and the FSF legal eagles have a long history of replying, "Then you can't have things like that. Sorry."
I suspect there would also be an argument that an intentional distributed system like a chat client/server would be a different beast from an application like an audio editor.
COPPA restrictions only "appl[y] to an operator of a general audience website if it has actual knowledge that a particular visitor is a child"[1]. As for GDPR, crash reports and auto-updating seem likely to fall under "legitimate interests", which means that the requirements for parental consent would not apply.
Any interpretation of GDPR expansive enough to prohibit children from using software containing an auto-updater would also certainly prohibit them from sending an email or browsing most websites.
That's how I read it. Since Audacity is FOSS, I'm inferring that the developers believe that Audacity's new telemetry capabilities conflict with the "L" = "free as in freedom" bit of FLOSS.
