back to article Requests for info, gag orders and takedowns fired at GitHub users hit an all-time high last year

Microsoft-owned code repo GitHub has received twice as many requests for user information in 2018 as the prior year, noting a disproportionate rise in accompanying gag orders. As GitHub said in its 2018 Transparency Report, the total number of requests was small as things go – a mere 112 – and apart from two that hint at …

  1. Charlie Clark Silver badge

    Takedowns

    Back in the day, I took the trouble to read the T&Cs of GitHub and Atlassian and they differed signficantly in this respect: GitHub would takedown first and potentially reinstate later, Atlassian would initially side with the user based on the contractual obligation that the code wasn't deliberately illegal. IANAL so I could have misread this but it is of the reasons I've stayed with BitBucket.

    There is no reason at all for the gag orders.

    1. overunder

      Re: Takedowns

      You would think that if a gag order accompanies a takedown, Github would side with the user first and at the least try to stand ground before taking it down, but clearly users are first a number. I think this practice is what got the attention of Microsoft and other large companies, which appears to be a general practice of all large corporations and governments.

  2. Mark 85 Silver badge

    Copyright trolls running amok?

    Some copyright owners must have really deep pockets to inspect that much code then hand it to the lawyers.

    1. Charlie Clark Silver badge

      Re: Copyright trolls running amok?

      DMCA means that if anything looks like it can remove DRM then they can ask for it to be taken down. Oh, and software patents, like how your program calculates that 2 + 2 = 4 (or 5 if you're south of the Mason-Dixie line). American commercial history is replete with examples of companies strongarming their way to monopolies (Standard Oil, US Steel, NCR, IBM, AT&T, Oracle, …)

  3. Will Godfrey Silver badge
    WTF?

    Puzzled

    I find the gag orders the most disturbing. If a project I was working on was taken down and I wasn't allowed to know why I'd be pretty angry.

    1. Anonymous Coward
      Anonymous Coward

      Re: Puzzled

      How angry is "pretty angry"? "Slam your head against the desktop" angry? "Yell at your cat" angry? Dox GitHub staff angry? SWAT them angry? Send mail bombs to them angry? Leave a Ryder truck at the USPTO angry? Move to Canada angry?

      1. Jamie Jones Silver badge

        Re: Puzzled

        ......

        Yours,

        Disgusted from Tunbridge Wells.

      2. Adrian 4 Silver badge

        Re: Puzzled

        Or you could just push it somewhere else.

        If you're not told of the reason you can't assume you're doing anything wrong : the gag order might just be to avoid criticism.

    2. Phil Endecott Silver badge

      Re: Puzzled

      > If a project I was working on was taken down and I wasn't allowed to know why

      No, I be.ieve it’s the requests for user information - criminal subpoenas (68) of which 60 had gag orders (ish), not the thousands of take-down requests,

  4. Maelstorm Bronze badge

    There are only two reasons that I can see a takedown request being legitimate:

    1. The source code is stolen.

    2. The source code is an exploit.

    Beyond that, there should be no reason to honor a takedown request. In fact, if a copyright claim is made, the project owner on GitHub can counter sue the plaintiff by saying that the code is public so they stole it and are trying to claim it as theirs. As for the gag order...why? Unless there is some secret criminal proceeding, there should be no civil request takedown notices that are gagged.

    1. James R Grinter

      Not just source code

      Not everything posted to github, gists, or pages, is code.

      It’s quite possible for them to end up hosting dubious or illegal content, or just something that is objectionable to another.

    2. tiggity Silver badge

      Source code being an exploit does not necessarily mean legit reason to remove.

      e.g. Someone reports a bug (e.g. in Windows), a fix is made available by MS, a week later the bug finder then publishes their proof of concept (POC) code to the world on github.

      Yes its potentially an exploit (as some people will not have bothered applying the fix) but it should not be subject to a takedown, otherwise no POC code for bugs would ever be visible (POC code useful as lets you check vulnerability of your systems, check the published fixes actually worked! ))

  5. Starace
    Flame

    One takedown I know of...

    ...was about a certain pushy individual deciding they could monetize their WSUS management Powershell script that they would never ever shut up about in any discussion about WSUS.

    So they killed off the original public repo then chased down any backups.

    Right now I'd assume they're stuck having wasted cash and effort; something that's good enough for 'free' is not often good enough to get people to pay for on the off chance it works.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019