...or else?

[differentsmoke]

Greetings,

I was just wondering, after reading the letter, if there's any plan on what to do if and when (I'm thinking "when", but I'm a pessimist) GitHub ignores this.

What then? A massive migration to GitLab, BitBucket, or another alternative? Refusal to maintain source code hosted on GitHub? Moving up the chain of command and addressing Microsoft directly? Roll out a community owned solution?

Hopefully GitHub will do the right thing and history will prove me wrong, but I'm wondering what's the plan if it doesn't.

[Qix-]

Github won't care about this I don't think. Migrating to Gitlab isn't going to happen either.

This is a rock and a hard place. Companies only care about human rights when it's beneficial to them monetarily or altruistically. Github is no exception, neither is Microsoft.

Having met Nat personally (and having worked at a company he's invested in in the past) I sincerely hope he does the right thing.

[mr21]

@CHEF-KOCH To be fair the wikipedia link ("Censorship_of_GitHub") you've shared seems to talk about the censor of GitHub by China's gov etc. not GitHub applying censorship on people.

[Qix-]

@CHEF-KOCH Sorry but I've not heard of Github ever doing this. The link you posted says nothing about Github doing the censorship, but instead governments censoring Github. The only case I've heard of Github censoring content to its users is when it is mandated to by the users' governments.

Let's not be unfair in this criticism, lest we invalidate our credibilities and lose focus - Github is endorsing ICE and thus indirectly endorsing crimes against humanity. That's the issue here.

I highly, highly doubt this repository is removed. Too many eyes are on it. It wouldn't be in their best interest and it would be contradictory to their actions in the past. This is especially true since Github employees are already expressing disapproval of the move, anyway.

[mr21]

The only suspectable bad move from GitHub was this https://medium.com/@hamed/github-blocked-my-account-and-they-think-im-developing-nuclear-weapons-e7e1fe62cb74 (@Hameds)

And it was directly linked to trump applying an embargo against Iran.

So yes, i don't see GitHub applying censorship here, it would be a next level!

[mr21]

well, this is scary

[Qix-]

Thanks for the links @CHEF-KOCH, this is new information for me. Disappointing to say the least.

[itsaphel]

@CHEF-KOCH GitHub complies with the law. When served with a DMCA request they are effectively required to remove the content, unless they wish to be jointly liable with the author should the claimant go to court. They may do the same for legal requests issued in accordance with the law of other countries GitHub is served in, and that wouldn't necessarily be entirely wrong.

As far as your Shadowsocks story goes, in the very issue you linked to the closing comment is:

@CHEF-KOCH As I understand Github did nothing, its the author who decided to take the project down. Because china police "asked" him.

If GitHub had removed that repository it would be removed entirely. Instead, it is simply the content of the repository that has changed, which suggests that comment is true. Furthermore, the reddit thread discussing the issue has a comment saying:

Developer's words (the last comment he made in the repo): I hope one day I'll live in a country where I have freedom to write any code I like without fearing.

Furthermore, the content in that repository is still there. The author just created a new branch called "rm" and set it to the default. All the original code is in the master branch: https://github.com/shadowsocks/shadowsocks/tree/master. All the tags of versions still exist too.

You linked to a Wikipedia article suggesting that GitHub is involved in active censorship, where the article actually speaks of censorship by governments of GitHub, and then you linked to a repository which was deleted by the author and you wrongly, with knowledge, accuse GitHub of censoring it. I'm sure you feel strongly about the issue, but please try to back your opinions with facts, rather than skewing them.

[itsaphel]

What then? A massive migration to GitLab, BitBucket, or another alternative?

If we're being honest GitLab and BitBucket are not as well developed or as friendly to use as GitHub. And I would be wary of a open code hosting platform that participated in censorship lightly. And that is what revoking the ICE contract would be; a type of censorship and the use of force by a tech company.

I can't agree with many of the decisions made by ICE, but the proper way to deal with this is use the rights you have in a democracy: go through Congress and make them change ICE's practices, and change the executive administration in the next election. If the democratic institutions of government are unwilling to make changes I'm not sure it's entirely reasonable, fair, democratic or proper to expect one individual in a technology company to make the decision to censor an institution of a democratic government.

In fact I'd be concerned if GitHub started making extrajudicial actions. It shouldn't be GitHub's place to censor anything outside of what it is compelled to do by law, except perhaps in the most extreme of cases. People are complaining about tech companies having too much power, yet the same people are encouraging them to use their power on their terms as they see fit.

[Qix-]

I agree in principle, @itsaphel. However, simply put, ICE exists in large part to harm humans. Github's contract assists ICE in doing so. Perhaps that's an overly black-and-white way of seeing it, but that's how I see it.

go through Congress and make them change ICE's practices

The US government has no interest in fixing things. Almost 50% of the country voted for a disastrous cabinet, which IMO is a symptom of a much larger problem - not the cause. These things are only going to get worse, not better, and no amount of voting seems to fix things because those votes are offset by uneducated individuals voting for instant reward instead of the improvement of society.

If we can help prevent a malicious abuse of the law against an otherwise law-abiding, innocent human by causing an inconvenience towards the perpetrators, then I'm all for it. Will it solve the problem? No. But Github is, in part, a home to a lot of us, and to see our overlords work with an agency that exists in large part to hurt, abuse or dehumanize swaths of people, it sits quite unwell with a lot of people.

And that's why we're here. I wish the US worked the way you suggest. I had the same mindset several years ago until I saw how absolutely broken things were. It just doesn't work that way - the system of checks and balances has long passed.

[itsaphel]

@Qix- Still, do you agree with the idea of the CEO of a tech company with a monopoly in a certain area getting to decide who to allow and boot off a platform it says is open? I'd be more comfortable with the idea if it's a poll of GitHub users deciding whether they're happy with the company engaging in a certain action, but I know companies aren't democracies, and the alternative of having a board of directors or someone in senior management decide what stays and goes off an open platform isn't really an idea I'm comfortable with.

It won't cause much disruption to ICE. They'll take their business to Atlassian or GitLab, or worst case self-host something like GitLab, and they'll go on with their business. As I understand it, the petition is mostly a matter of principle (as you described it, people aren't comfortable with seeing their overlords work with an agency that dehumanises people, which I understand and respect), but I feel there's some other principles affected by the decision as well.

Cloudflare, surprisingly, after some uproar chucked a couple of sites off its network after a long run of absolute openness despite content, yet I suppose we'd still consider Cloudflare as living up to the openness it says it promotes, but those sites weren't institutions of a 'democratic' government.

[Qix-]

Still, do you agree with the idea of the CEO of a tech company with a monopoly in a certain area getting to decide who to allow and boot off a platform it says is open?

No, but that's not what's being asked. Github has an enterprise agreement with them. Therefore, it's entirely financial; Github can choose to do business with whom it wants at the enterprise level as it is. We're simply asking they choose not to do business with ICE. This has very little to do with open source because ICE's use of Github enterprise would be private in this case.

It won't cause much disruption to ICE.

Of course not. We just don't like the company we have invested our time and energy into being used to support an agency that is so clearly anti-human. They obviously have a need for Git so of course they'll find something else. But most of the open source community isn't on 'something else'. They're on Github.

[differentsmoke]

@itsaphel , I think there's a Chicken and Egg type of problem here: does the modern open source movement thrive because it is largely on GitHub, or does GitHub thrive because it has become synonymous with open source hosting?

I think at this point it is a symbiotic process, so speaking about GitHub as it it was "a company" or "a CEO" doing something is disingenuous. The community around GitHub provides most of its value. The software that it hosts that is not written by them. The legal framework may be that of a private business, but the entity isn't, IMHO.

[mr21]

@itsaphel, As @Qix- said, if github is already doing extra works with the GOV then the CEO is already doing the "monopoly" thing, he is already following a specific agenda not related to us, to git, to the code etc.

We just want them to become neutral.

[itsaphel]

No, but that's not what's being asked. Github has an enterprise agreement with them. Therefore, it's entirely financial; Github can choose to do business with whom it wants at the enterprise level as it is. We're simply asking they choose not to do business with ICE. This has very little to do with open source because ICE's use of Github enterprise would be private in this case.

That's fair, and I suppose I overlooked the distinction between code hosted open-source on github.com, and companies wishing to use the enterprise product internally for their private code (which, just looking at the pricing, is obviously not meant to be open and is entirely financial as you say).

[Qix-]

Yes, it's a common Silicon Valley tech startup formula; indie/open source devs get a free version that's communal and open, then the same software can be deployed on-premise for enterprise customers that want the same functionality but isolated, usually at a large premium. Most small startups plan for this, too, as has been the case with most of the companies I've personally worked for.

StackOverflow, CircleCI, Travis, npm, AppVeyor - the list goes on - all have Enterprise offerings, usually starting at the 1k+/month price range, if not much more. They're all for-profit plans.

It should be made clear to everyone that that is what ICE is using. They are not using the open source offering. Github is making money directly off of ICE.

[Verolop]

1. On migrating: When GitHub was acquired by Microsoft a lot of OSS developers moved their work from GH to Gitlab, including some who have already signed this petition, so I think it is only a matter of willingness to do it (with its own implications and complications, of course), rather than an absolute impossibility. Side note: for a while, the Go programming language contributions were not even made via GitHub.
2. On censorship: additional to all the cases already discussed, there was also the ban on users from Iran/Crimea/Syria/Cuba. While this is, again, a US government rule (not GH's), the company didn't offer alternatives to give people access to their own private work. They just blocked people's access without prior notice. I'm not saying they should have ignored the rules, all I'm questioning is how they decided to do it: they just execute, and wash their hands, without any social responsibility. For instance, this rule affected some developers from these nationalities who live abroad (ie. in unaffected countries).
3. We still have to see what ends up happening with this petition. The first goal is done: publish it and make people aware. That itself is very powerful, even if GH ends up keeping the contract.

[Qix-]

they just execute, and wash their hands, without any social responsibility.

When the US government orders you to do something, you either do it or risk losing your company. Github had very little choice; an act of defiance wouldn't be seen as revolutionary or bold. They would be immediately penalized and everyone would suffer for it.

Keep in mind, Github employees are (reportedly) not happy about any of this, either. There are a lot of good, rational people that work for Github. Let's not throw them all under the bus. It's a shitty situation all around, prompted entirely by the US government.

It's easy to say "you're a Github employee, do something about it", but remember that in a large company the individual has very little sway (despite what companies like to sell to candidates or to the public).

[Verolop]

Nah... I agree that individual employees don't have the power or authority to change something like that, and also that is not what I'm saying. I also mentioned that I don't expect companies to break the rules. That's OK. I'm just concerned about the way they do it. As a result, they ended up affecting users that shouldn't have.

[Qix-]

Yes, on that point, agreed.

[SRGOM]

Before migrating let's get a promise out of gitlab to boycott any companies that have a path to ICE in the dependency graph of collaboration.

So gitlab has to boycott ice, Microsoft, GitHub. And companies that collaborate with GitHub. And companies that collaborate with companies that collaborate with GitHub. And so on.

[thijstriemstra]

So gitlab has to boycott ice, Microsoft, GitHub. And companies that collaborate with GitHub. And companies that collaborate with companies that collaborate with GitHub. And so on.

Exactly. And this is never going to happen. We as an community should've stepped up and improved things like Trac, instead of using something like Github. And now that you enjoyed all the effort Github put into this platform, you think you can start demanding how they conduct their business? Petitioning a company for changes is just futile; we should make an alternative instead. Same applies to Facebook or any other company. Feel free to remove this comment, just wanted to give my opinion.

It's easy to say "you're a Github employee, do something about it",

Just refuse and quit. Simple.

[Qix-]

Just refuse and quit. Simple.

Have you ever quit your job on the spot when you're a young software engineer in the most expensive city in the US world out of philosophical disagreement? That's an incredibly unfair and irresponsible take on the situation.

[anthonychard]

Before migrating let's get a promise out of gitlab to boycott any companies that have a path to ICE in the dependency graph of collaboration.

good luck - GitLab is got its biggest investment from CIA ( In-Q-It ). Also, it needs to boycott any cooperation with police - they also separate kids from their parents.

[Hameds]

The only suspectable bad move from GitHub was this https://medium.com/@hamed/github-blocked-my-account-and-they-think-im-developing-nuclear-weapons-e7e1fe62cb74 (@Hameds)

And it was directly linked to trump applying an embargo against Iran.

So yes, i don't see GitHub applying censorship here, it would be a next level!

since you mentioned me and my article, I need to add something about GitHub policies: It seems that their public announced policies are different from actual results and these are not transparent decisions. After restrictions for Iranian developers, GitHub CEO said that "Public repos remain available to developers everywhere – open source repos are NOT affected." it's true about repos but we can't create a public organization in GitHub since then! Here is another one: we couldn't access public organization settings and they fixed it quietly.

[sijad]

@Hameds tbh I think github did bettar than gitlab. I can still use github without bypassing any restrictions or vaiolating any agreements. I don't thinks it's ok (it feels like racism), but github did better than others.

[Qix-]

Let's stay focused here: the Iran problem, sad as it is, is not what this petition is about.

Here are the key differences (please correct me if I'm inaccurate and I will edit):

• Github's restriction of Iranian users is commanded by the US government via a decree. Not cooperating would have resulted in sanctions. Github's position is to not take a stance against the US Government, under which it operates. It cannot make the choice to ignore it, else it opens itself up to very severe legal ramifications.
• Github's dealings with ICE are entirely voluntary. It can make the decision to cut them as a customer for whatever reason they feel (this is a liberty granted to businesses in the USA - it may not be the case in all countries, IANAL).
• Github's limitation of Iranian users' access hurts the open source community and all that it stands for.
• Github's contract with ICE only affects Github's revenue. It makes no impact on the open source community other than morale.

Let's not stifle conversation about the Iran sanctions, but let's please agree that it does not belong on this repository. We must remain rational in times of injustice.