paint-brush
GitHub is Amazing, but its Terms of Service is Extremely Concerningby@TheLoneroFoundation
556 reads
556 reads

GitHub is Amazing, but its Terms of Service is Extremely Concerning

by Andrew Magdy KamalAugust 30th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

GitHub has a termination clause in terms of service agreements that can be extremely concerning. GitHub is a Microsoft subsidy, but what will happen if dirty politics enters the "open-source" world? What would happen if a politically motivated person with ties to GitHub deleted something like SecureDrop for example? This is why alternatives that are self hosted for dependency management like GitPrep, and maybe even Gogs and Gitea (though not a fan of Go) are quite important for gatekeepers of open source software or data storage of any type of files or repository.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coin Mentioned

Mention Thumbnail
featured image - GitHub is Amazing, but its Terms of Service is Extremely Concerning
Andrew Magdy Kamal HackerNoon profile picture

Lots of websites have a termination clause, even Hackernoon, however, when it comes to the case of open source software this can be extremely concerning. The reason goes much deeper than you think.

Now I decided to make a gif just to show that point that not only GitHub utilizes this termination clause, but pretty much almost everyone in general.

Now given you are agreeing that someone can entirely delete you account regardless of any reason, this is problematic for the following reasons:

1. Imagine if a company that establish a monopoly on certain things such as a git distribution system is able to all of a sudden prevent certain developers from utilizing said system. True their is self hosting, but this is giving an organization capabilities of "permitted censorship".

2. Who is the decision maker that decides to terminate accounts? Let us say Roger here tweets something in disagreement with a specific lower level GitHub employee, will he have to power to terminate his account and destroy his entire GitHub portfolio in a click of a button, deleting 8 years of his coding work from GitHub's servers.

3. The burden of proof. If certain laws were broken that infringed on someone's rights like perhaps somebody's GitHub being deleted on the basis of gender or race, now there is a burden of proof to prove the deleter's motives or else he could have just gotten away with it.

4. GitHub is a Microsoft subsidy. What stops GitHub from deleted an open source Yammer, Skype, or MS Word alternative if they felt like it?

5. Even with the CDA and other legal provisions, can they fully protect you given you agreed to the terms of service to begin with? What would happen if a politically motivated person with ties to GitHub deleted something like SecureDrop for example?

This is why alternatives that are self hosted for dependency management like GitPrep, and maybe even Gogs and Gitea (though not a fan of Go), are quite important.

This is why for my startup I make sure to not only have main repos in GitHub, but also backup branches on third party services, have backups locally stored, try archiving everything, etc. You can never be too certain. I also write articles like these, given that Lonero is working on decentralizing the internet. We want to live in a future that is concerned less over censorship and more concerned over disproving non-factual material. Censorship, cancel culture, or whatever you call it is harmful to innovation and a progressive society.

That being said GitHub and other third parties having this clause is concerning for gatekeepers of open source software or data storage of any type of files or repository. The reasons outlined have been quite obvious, and though I think this may be rare to happen, it gives you something to think about. Yes, this is basically in most terms of service agreements. Yes, there are terms of service agreements that remove or specify this clause further. Yes, you have to agree upon it if you want any access to their service. Yes, their service is one of the most popular.

While Git is distributed, if you are running a distributed system ontop of a centralized host, can this lead to problematic things? This gives you something to think about. While I think the GitHub team is quite ethical and pro-innovation, what will happen if dirty politics enters the "open-source" world?