We may track the IP addresses associated with their use of the Applications using JUCE

Them mentioning “IP Address” and “tracking” in the terms is probably for legal precision only. The mere establishing of a connection will always transfer (or at least reveal) your IP address. This is nothing you could avoid or obfuscate.

Other than for geographical mapping, which Google Analytics does under the hood, the IP is probably not of much use for ROLI. IIRC, there’s an option with Analytics to obfuscate or hide the IP information from the reporting, basically throwing it away after the mapping. Maybe that’s a viable path to ensure anonymity?

My concern isn’t whether or not people are willing to accept the loss of anonymity when it comes to connecting to the internet. I’m concerned with the implicit agreement between developer and user that I’m not going to try and connect to the internet from their machine, because my software doesn’t need to in the first place. And in the event that it does, I’d like to guarantee users that despite their machine making an unwanted connection to a third party that they have not agreed to share information with, their personally identifiable information is not shared nor stored by that 3rd party.

If it’s possible for me personally to collect data from licensing my products and share it in aggregate with ROLI, then I’m fine with that. My concern is ROLI stepping past the licensee to the end users, who are not agreeing to the same license terms I am.

We’re really not doing anything evil or underhanded here! This is my high-level summary:

GPL users

Set a flag to disable it, and carry on as before.

Paid-for license users

This is all off by default so won’t affect you. In future we hope to be able to offer a simple analytics dashboard, so this may become something you’ll want to opt-into if you decide you’d like some low-effort basic analytics.

Free license users:

There’s a saying about the internet: “When you get something for free it means you’re the product, not the customer”. The splash + analytics is how you’re paying for our service!
If it means you have to worry about how it affects app store or other 3rd-party EULAs then that’s just something you’ll have to figure out. But there are millions of apps out there which do all kinds of far more insidious call-homes, so it’s clearly not an unusual thing to do.

5 Likes

Please don’t take my semi rants at the start as not valuing Free or OS work, I have been involved with OS for over a decade.

My only “gripe” was that you went to the trouble of explaining the splash screen in great detail but failed to mention this network usage requirement for free users.

This IS a permission in Android(that we as a developer must ask for) and yes it’s in the EULA and we all should read it like a Tech Manual, :slight_smile: but you don’t say anything about this network connection requirement in the bread and butter advertisement for licences tiers.

2 Likes

I am 100% with you, I hope my post didn’t come across differently. I think it is a really fair deal to contribute to Roli’s assets by providing usage statistics. My only point was, it would have been nice to have that noted alongside the splashscreen in the tier chart.

I am still more than happy with my choice to use JUCE for my developments.
Keep up the good work!

2 Likes

I think it is also worth reminding that the Free License, which is the only for which splash screen + analytics are required, is an entirely new option introduced with JUCE 5.

As such, no previous user of JUCE is retroactively forced to use it.

Instead, I think old and new developers that use JUCE should see the Free License as a new alternative that they may wish to opt-into if they like. If they don’t, then the two other routes (GPL or Paid) are still there as they were before, nothing changed for them.

(in short, I think @jules in the summary post above could have added a big fat [NEW] tag next to the “Free License” entry, to make that more prominent)

small edit: the above being said, I also agree with those who think that the presence of the analytics stuff could/should have been mentioned together with the splash-screen in the email/website communication. Doing otherwise gives the feeling that ROLI would have liked it not to be really noticed.

5 Likes

I don’t mean to suggest evil stuff is going on either. It’s just that data tracking is a pretty touchy subject and so I think everyone should be careful about it. If it’s in the code base then (regardless of license tier) we should all be making sure that the code doing what it’s supposed to.

It is in #ifdefs, so it won’t be in the compiled code, if you didn’t opt-in. So not that bad after all

I think we all understand you’re not doing anything nefarious here.

There are various state laws in the US (not sure about the EU, but I’m guessing it’s just as varied) where the provider of online applications that collect identifiable user data must provide a privacy policy and comply with it, in order to legally sell or provide a product in those states.

So does ROLI provide the privacy policy, or do we?

Given that our customers don’t know about Roli, we have to inform them.
See the Juce 5 T&C under 10.1:

Users of free versions of JUCE, such as JUCE Personal or JUCE Education, may not opt out of the tracking of IP addresses associated with the use of your Application by end-users. You agree to inform the end-users of your Applications about our collection of their IP addresses, if applicable, and have your end-users agree to such collection.

It’s you. I also see the problem, that the data is going to a third party… I don’t know, if that is a problem. It might be possible, because it is anonymised. But IANAL

It’s your app - we have no idea what it does, or which bits of our code you decide to use in it, or which countries or states or app-stores you’re working in, so there’s no way we could do this for you.

We are adding a pop up window to the Projucer that will display information about our application data usage, and allow Indie and Pro users to opt out.

1 Like

If only intending to release software thru the GPL license, can developers also opt out of the Projucer usage analytics thing?

If not a problem it’s certainly a can of worms. Ideally we get a lawyers to reassure us that it’s not personal data being collected by ROLI. Maybe this has already been done?

The issues are pretty much covered in these two links:

https://ico.org.uk/for-organisations/guide-to-data-protection/key-definitions/ - what is personal data.

And:

https://www.whitecase.com/publications/alert/court-confirms-ip-addresses-are-personal-data-some-cases

Otherwise:

[deleted some stuff here because I think it’s wrong … and besides didn’t really cover the international issues…]

Now the thing that those links don’t cover is the use of static IP addresses by individuals … but I think that’s an edge case :slight_smile:

Users of free versions of JUCE, such as JUCE Personal or JUCE Education, may not opt out of the tracking of IP addresses associated with the use of your Application by end-users. You agree to inform the end-users of your Applications about our collection of their IP addresses, if applicable, and have your end-users agree to such collection.

What exactly is being sent anyway? Just that JUCE is in use at some IP address? Or is information about the application being sent as well? The users computer?

GPL means that of the user asks for the source code, you must provide it. Doesn’t say anything about distributing the source alongside the app AFAIK.

IIRC that’s why you get a message on some website saying that they are tracking you. They don’t do enough, I think, as they should still allow you to say that you don’t agree (and take you elsewhere).
At least, this is what I understand from France’s privacy law.

+1 that’s definitely needed.
Problem is, that those who need the personal license to start small, cannot afford, and the other users ar not affected. So I would kick the ball back to ROLI, if you could please make sure, that by providing the personal licensing model you don’t put your users in legal conflicts.

Maybe just provide an approved disclaimer for the users to put in their EULA and be safe?
Maybe even include in that statement, what statistics are collected.
(approved = checked by a lawyer)
Because if it turns out, that if a user gets in trouble because of using the personal license model, it would end up in court anyway, so solve problems before they spread.

I imagine something like

This software is made using ROLIs JUCE sdk. Therefore ROLI will collect anonymized statistics, where and on which platform this software was started. It will not contain any further information of actions or data that you enter into that program.

3 Likes

That can be seen in the relevant code, which is:

const auto deviceDescription = SystemStats::getDeviceDescription();
const auto deviceString = SystemStats::getDeviceIdentifiers().joinIntoString (":");
const auto deviceIdentifier = String::toHexString (deviceString.hashCode64());
const auto osName = SystemStats::getOperatingSystemName();

StringPairArray data;

data.set ("v",   "1");
data.set ("tid", "UA-19759318-3");
data.set ("cid", deviceIdentifier);
data.set ("t",   "event");
data.set ("ec",  "info");
data.set ("ea",  "appStarted");

data.set ("cd1", SystemStats::getJUCEVersion());
data.set ("cd2", osName);
data.set ("cd3", deviceDescription);
data.set ("cd4", deviceIdentifier);

String appType, appName, appVersion, appManufacturer;

#if defined(JucePlugin_Name)
appType         = "Plugin";
appName         = JucePlugin_Name;
appVersion      = JucePlugin_VersionString;
appManufacturer = JucePlugin_Manufacturer;
#else
if (JUCEApplicationBase::isStandaloneApp())
{
    appType = "Application";

    if (auto* app = JUCEApplicationBase::getInstance())
    {
        appName    = app->getApplicationName();
        appVersion = app->getApplicationVersion();
    }
}
else
{
    appType = "Library";
}
#endif

data.set ("cd5", appType);
data.set ("cd6", appName);
data.set ("cd7", appVersion);
data.set ("cd8", appManufacturer);

data.set ("an", appName);
data.set ("av", appVersion);

auto agentCPUVendor = SystemStats::getCpuVendor();

if (agentCPUVendor.isEmpty())
    agentCPUVendor = "CPU";

auto agentOSName = osName.replaceCharacter ('.', '_')
                         .replace ("iOS", "iPhone OS");
#if JUCE_IOS
agentOSName << " like Mac OS X";
#endif

String userAgent;
userAgent << "Mozilla/5.0 ("
          << deviceDescription << ";"
          << agentCPUVendor << " " << agentOSName << ";"
          << SystemStats::getDisplayLanguage() << ")";

ReportingThreadContainer::getInstance()->sendReport ("https://www.google-analytics.com/collect", userAgent, data);

Which is in: https://github.com/WeAreROLI/JUCE/blob/4f41f28b47d01b939559123d145b4e5860528bb7/modules/juce_gui_basics/misc/juce_JUCESplashScreen.cpp

Even if its usual practice these days, which is sad enough, it feels so wrong to add more or less hidden tracking code to a framework. In the least worst case, this information is used to place customised adverts. A second point i see, because plugin-code runs in user-space, it may adds a potential vulnerability to all these applications.

1 Like