The author is Russian and has numerous seemingly popular github repositories. They question Github's decision to ban their account without giving them any reasoning and illustrates how the open source community has lost a lot of value as a result of the comment/asset removal.
The author's comparison to internment camps and other dramatic measures of government suppression seems unfair. Github not providing reasoning is also unfair, but seems to be standard practice among corporations (maybe to help with liability?). The questions Github is asking from the user relate to U.S. OFAC policy, which is how the U.S. enforces economic sanctions. Basically if you've done business with North Korea or a number of other flagged entities you can be held liable criminally or more often for huge fines.
I don't know how the author triggered whatever automatic suspension mechanism github has in place, but I think github should priorize the author's case given their contribution to the community. I don't think Github is an evil organization. I do think OFAC policy is difficult to enforce and the U.S. gov should make it easier. If Github reported the number of suspensions, who was suspended or explain why a suspension happened I would have more trust in them as a platform.
its...getting there. There are good arguments to suggest new Microsoft is the same as old Microsoft and this might be one of them. Github frantically clawing for control of developers, while blindly enforcing things like ITAR are a classic Microsoft case of directionless middle management vying for government rent-seeking and free market capital at the same time.
Either MS fixes this quick, or FLOSS projects will rightly start hosting things elsewhere. free software is free as in speech, and in most cases this crap is interpreted as outright censorship.
>> FLOSS projects will rightly start hosting things elsewhere
They should be doing that anyway, and it should be happening RIGHT NOW, not because of this single dev account suspension but because centralization of control is the antithesis of FOSS, the fact that the community is centralized around github is a clear and present danger to said community.
and no the solution it not for everyone to just move to gitlab, I can see that coming as well, replacing github with hosted gitlab would simply replicate the problem
We as a community need to the distributed, not centralized
> replacing github with hosted gitlab would simply replicate the problem
How so? A hosted gitlab instance makes you immune from the administrative whims of any particular corporation.
It's possible that gitlab the company stops maintaining the free editions but that's not very much different from other pieces of software going unmaintained.
All the older project hosting software suites like sourceforge/gforge/savannah are still available.
Git itself is very easy to use in a distribute manner, but I guess some form of distributed issue tracker is missing?
Git repo hosting really doesn't cost much unless it's super popular and needs a lot of bandwidth (at which point you can probably get some hosting company to sponsor).
At minimum, a Raspberry Pi and an internet connection will do. If you want something a bit more reliable, you can get a virtual server for $5/month and host many repos on it.
Here is a decentralized and distributed backend for git called Mango. Basically takes advantage of Ethereum and P2P content addressable networks.
https://github.com/axic/mango
Github "Frantically clawing for control of developers", "vying for government rent-seeking and free market capital"?
...We must be experiencing very different versions of reality. Usually I sort-of get where people are coming from, even when I disagree. Here, I couldn't even name anything Github is doing that would support these statements. What power do they have, except being a useful product?
> Github not providing reasoning is also unfair, but seems to be standard practice among corporations (maybe to help with liability?).
Possibly liability, but also to keep people from gaming the system. Hard policy lines about exactly what is and is not okay end up being gamed by people that technically don't violate them but cause all the same problems that the policy was instituted to stop.[1] If the reasoning for the ban is explicitly laid out, but the person doesn't quite meet it through definitive evidence (but possibly easily meets it through a preponderance of circumstantial evidence), that's may indicate someone is gaming the rules. Acting on that person in that case may just lead to a bunch of bad press as people argue over whether it was justified. It's in the company's interest to keep it vague so a defense of that sort is harder to put forth.
That's not to say I think this is necessarily good, just that I can see how it came to be somewhat the norm. In a better world, we'd have something more like the legal system, with a case, a defense and offense, an a jury of peers. Unfortunately, that's too time consuming, resource intensive, expensive, and takes control away from the business, so it will never happen.
1: This is easy to do. For example, continuously make statements that are construed as attacks by the group you are targeting, but are less known as attacks outside that group, and feign ignorance when called on it. It polarizes those around, and also causes the targets to become hyper-sensitive to benign statements and causes false-positives, which is more evidence to others that the same group is overreacting, causing more polarization. Open source communities have been ripped apart by this. America seems to be getting ripped apart by this.
When the system is there to protect the company, I understand this position. When it's a system forced on them by law, I really don't think playing games with their users serves any reasonable purpose.
Laws should be black and white and people "toeing the line" should be treated no differently beyond verifying that they are indeed on one side or the other.
I get that the law puts the onus on companies to verify compliance and that creates an incentive for companies to draw an artificially strict rule of their own.
Nevertheless I think it's important to keep the distinction between a company acting as the police and a company that has a policy serving its own interests. When you're the police you don't get to hide the evidence or the charge against the person you've arrested at least in free countries.
> Laws should be black and white and people "toeing the line" should be treated no differently beyond verifying that they are indeed on one side or the other.
There are some laws for which this will never be the case:
> In its most general sense, a fair use is any copying of copyrighted material done for a limited and “transformative” purpose, such as to comment upon, criticize, or parody a copyrighted work. Such uses can be done without permission from the copyright owner. In other words, fair use is a defense against a claim of copyright infringement. If your use qualifies as a fair use, then it would not be considered an infringement.
> So what is a “transformative” use? If this definition seems ambiguous or vague, be aware that millions of dollars in legal fees have been spent attempting to define what qualifies as a fair use. There are no hard-and-fast rules, only general guidelines and varied court decisions, because the judges and lawmakers who created the fair use exception did not want to limit its definition. Like free speech, they wanted it to have an expansive meaning that could be open to interpretation.
Yes, that means that any of the "rules" about things which are guaranteed to be Fair Use you were taught are wrong. The law doesn't work that way, it's designed to not work that way, and the courts will never be persuaded that it ought to work that way.
Laws are almost never black and white when put into practice, because that's not justice. There are plenty of times extenuating circumstances change how laws are applied by judges and by juries, and that's how it should be, because the law can never accurately portray every possible situation in real life, even if the lawmakers would have wanted an exception for that circumstance. That's why there's talk about the "spirit of the law", which is meant to convey what the law attempts to do.
> I get that the law puts the onus on companies to verify compliance and that creates an incentive for companies to draw an artificially strict rule of their own.
As soon as you shift responsibility to a company, they are going to do the thing that's best for them, whether that be thr cheapest, easiest to defend, or best to drive more business. That's their incentive structure, they will apply that to anything they are told to do. No point in us getting mad about it, if we don't want that incentive applied to the problem, don't make companies responsible for it (there are other solutions, such as implementing a tax that's used by third partied for reviewing cases, or any number of other things).
> When you're the police you don't get to hide the evidence or the charge against the person you've arrested at least in free countries.
You don't when there's a court. But without a requirement for a court, sure you do. If it's not a court, such as with state and federal fines, I think often it's down to whether the statutes give you ways to dispute something, and otherwise if it somehow infringes on your rights. I'm not sure being told you aren't allowed to use a company's service infringes on your rights, as they generally reserve the right to refuse service.
Yeah, having sat on the other side of this, it seems like most "policy" teams believe that publishing hard guidelines will encourage people to maliciously toe the lines, like children playing the "I'm not touching you" game during long car rides.
There's no good solution, because people aren't good. If you want to make someone a cynic for life, have them moderate a random social media website for a few days.
Still, if github really only provided a one liner "account blocked due to terms of service violation" and not much more explanation then github itself also rightly needs to be criticised.
That by itself is bad behavior and general misconduct in the broader community. That one-liner is not acceptable. We should be shaming organisations that do it. Appealing to legal liability is not an excuse either. If you accuse someone you must actually make a accusation they can answer. Vagueness of explanation is generally not a constructive path for guiding behavior. Otherwise we increase unfairness and ultimately make society worse. [1]
None of this prevents a rapid banhammer for legal reasons and similar. Sometimes a ops team has to take rapid action. I get it. But the process for working out the specifics and working towards a resolution shouldn't be vague or convoluted either.
[1] making society worse is actually being evil. Increasing the background level of unfairness and injustice is being evil. A lot of corporations are already on this path.
If you prioritize everything, you prioritize nothing.
A case regarding a popular contributor should be prioritized over someone who has contributed nothing, as it'll have an impact on those who rely on those contributions.
> Github not providing reasoning is also unfair, but seems to be standard practice among corporations
There is absolutely no normative contribution to such practice being common. It is entirely unacceptable. GitHub is a public good, even if technically it's owned by a private corporation.
GitHub shouldn't "prioritize the author's case" - it should not remove people automatically this way. See my other, independent comment.
If this person is persona non grata for U.S. and GitHub blocked him in order to comply to OFAC policy, can we expect this article to be removed from Medium for same reason?
IANAL but it's not illegal to communicate with an OFAC-sanctioned entity, but rather to have business dealings with them. If you look at the case history usually companies like Paypal are fined for facilitating a transaction to an entity that then transacted with an OFAC-sanctioned entity, or companies offering travel to OFAC-sanctioned countries. AFAIK it would be unprecedented for the U.S. gov to hold someone liable for an OFAC violation without money changing hands with the sanctioned entity.
This makes sense, but in this case I'd guess that from economical point of view Medium is tied to author more than GitHub is (provided author does not pay either of them directly): I assume Medium is receiving some revenue that could be quite clearly derived from concrete article (author's work, i.e. value that in this hypothetical case originates from work of OFAC-sanctioned entity). In GitHub case I see no such clear money/value flow.
"So, the reason for the abrupt ban of all my public repos turned out to be just a random comment I’ve left on GitHub jokingly calling a guy a prick."
"Only that I’m more used to GitHub so I’ve posted a (now deleted) issue rather than a tweet. The issue was titled “You’re a [funny-word]” where [funny-word] was a set of latin characters reminding a transliterated Russian half-offensive word for “gay”, while not being equal to that specific word."
Even if he did call somebody an offensive word, this looks like gross over-reaction. Deleting the comment - and maybe banning for a day or two from commenting on issues, to get the point through - would be appropriate. Deleting all modules and locking all content other people are using, thus punishing them much more than the original author - is a completely disproportional reaction. The fact that github can and is willing cause massive amounts of breakage to people's code because somebody left mildly offensive comment is really scary.
The author's comparison to internment camps and other dramatic measures of government suppression seems unfair. Github not providing reasoning is also unfair, but seems to be standard practice among corporations (maybe to help with liability?). The questions Github is asking from the user relate to U.S. OFAC policy, which is how the U.S. enforces economic sanctions. Basically if you've done business with North Korea or a number of other flagged entities you can be held liable criminally or more often for huge fines.
I don't know how the author triggered whatever automatic suspension mechanism github has in place, but I think github should priorize the author's case given their contribution to the community. I don't think Github is an evil organization. I do think OFAC policy is difficult to enforce and the U.S. gov should make it easier. If Github reported the number of suspensions, who was suspended or explain why a suspension happened I would have more trust in them as a platform.