DOE v. Github: Defendants' Conduct Raises Questions Related to DMCA Violations, Privacy, Data Breach

VI. CLASS ALLEGATIONS

D. Commonality & Predominance

37. Numerous questions of law or fact common to the entire Class arise from Defendants’ conduct—including, but not limited to those identified below:

1. DMCA Violations

• Whether Defendants’ conduct violated the Class’s rights under the DMCA when GitHub and OpenAI caused Codex and Copilot to ingest and distribute Licensed Materials without including any associated Attribution, Copyright Notice, or License Terms.

2. Contract-Related Conduct

• Whether Defendants violated the Licenses governing use of the Licensed Materials by using them to train Copilot and for republishing those materials without appending the required Attribution, Copyright Notice, or License Terms.

• Whether Defendants interfered in contractual relations between the Class and the public regarding the Licensed Materials by concealing the License Terms.

• Whether GitHub committed Fraud when it promised not to sell or distribute Licensed Materials outside GitHub in the GitHub Terms of Service and Privacy Statement.

  
  

3. Unlawful-Competition Conduct

• Whether Defendants passed-off the Licensed Materials as its own creation and/or Copilot’s creation.
• Whether Defendants were unjustly enriched by the unlawful conduct alleged herein.
• Whether Defendants Copilot-related conduct constitutes Unfair Competition under California law.

4. Privacy Violations

• Whether GitHub violated the Class’s rights under the California Consumer Privacy Act (“CCPA”), the GitHub Privacy Statement, and/or the California Constitution by, inter alia, sharing the Class’s sensitive personal information (or, in the alternative, by not addressing an ongoing data breach of which it is aware); creating a product that contains personal data GitHub cannot delete, alter, nor share with the applicable Class member; and selling the Class’s personal data.

• Whether GitHub committed Negligence when it failed to stop a still-ongoing data breach it was and continues to be aware of.

  
  

5. Injunctive Relief

Whether this Court should enjoin Defendants from engaging in the unlawful conduct alleged herein. And what the scope of that injunction would be.

6. Defenses

• Whether any affirmative defense excuses Defendants’ conduct.
• Whether any statutes of limitation limit Plaintiffs’ and the Class’s potential for recovery.
• Whether any applicable statutes of limitation should be tolled as a result of Defendants’ fraudulent concealment of their unlawful conduct.

38. These and other questions of law and fact are common to the Class and predominate over any questions affecting the Class members individually.