Normally at this time on a Friday you’d be reading about whichever interesting open-source project we decided to highlight for our GitHub Project of the Week. But this week it seemed more pertinent to take a closer look at the recently released GitHub 2014 Transparency Report.
The report details every disclosure and takedown request, search warrant, subpoena and national security order the Web-based Git hosting service and SCM platform received in the past year. The report is broken down into disclosure requests for user information and takedown requests to remove or block user content.
“We occasionally receive legal papers, such as subpoenas, that require us to disclose non-public information about account holders or projects. Typically these requests come from law enforcement agencies, but they may also come from civil litigants or government agencies,” the report states.
Requests may involve ongoing criminal investigations or be accompanied by a court order preventing GitHub from notifying the user whose data has been requested. In the past year the company received 10 total disclosure requests, disclosed that information in seven of the cases, and notified users their data had been disclosed on three out of the seven occasions. In total the disclosures affected 40 accounts out of the more than 8 million registered GitHub users as of December 2014.
GitHub received no court orders or search warrants in 2014, but was issued 10 subpoenas. The breakdown as to which government bodies issued the subpoenas is below:
The National Security Order section is the briefest and most vague part of the report, for which GitHub is only permitted to disclose that it received somewhere in the range of zero to 249 national security orders, which could’ve affected anywhere from zero to 249 user accounts. The orders include both U.S. law enforcement requests and those from foreign governments.
As far as content takedown requests go, the information is far clearer. GitHub’s policy is to publicly disclose all government takedown requests, both foreign and domestic. The report specifically mentions the one request GitHub received from Roskomnadzor, the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media. As a result of the request, three takedown notices were processed, affecting nine user accounts.
DMCA takedown notices—alleging user content is infringing on copyright under the Digital Millennium Copyright Act—were a different story. GitHub served 258 DMCA takedown notices and logged 17 counter-notices or retractions as a result. No legal action was filed in any cases.
Altogether those DMCA requests affected a large number of open-source projects, Git shared snippets, and websites hosted on GitHub in 2014. The month-by-month breakdown is below:
GitHub’s 2014 Transparency Report shows a couple clear trends: The company doesn’t receive a great many disclosure requests for user data (aside from the mysterious national security figures), but when it does, there’s not much GitHub can do but fork over the data, notifying users whenever it’s able. The DMCA copyright takedown figures are more telling, but only because developers and companies will never stop accusing and suing each other for allegedly stealing copyrighted code. That’s just a fact of life as a developer, especially in the open-source world.
The full report can be found here.
Top 5 projects trending on GitHub
Now back to your regularly scheduled GitHub programming:
#1: Awesome-ios-ui is, you guessed it, a curated list of UI and UX libraries for iOS, spanning everything from animations and transitions to badges, effects and notifications.
#3: Boltons are a set of more than 100 OpenBSD-licensed Python utilities, constructs, recipes and snippets missing from the Python standard library.
#4: Free-for-dev was featured in a previous GitHub Top 5.
#5: Lumen is a PHP micro-framework for building Web applications with expressive syntax, aimed at simplifying common Web development tasks such as routing, database abstraction, queuing and caching.