Solely to allow us to provide the Service and to host
the Content you upload to the Website without violating
any rights you have in it, you grant GitHub and our
successors a nonexclusive, worldwide, transferable,
fully-paid and royalty-free license to use, reproduce,
display, modify, adapt, distribute, and perform the
Content in connection with rendering the Website and
providing the Service.
This appears to let Github take any software repository hosted there, and use it under this license to provide features to the github website. So they could take AGPL licensed software and modify and use it without complying with the source disclosure requirements of the AGPL because they have been provided this other more permissive license. It's essentially a free BSD license to everything on Github, for Github alone.
Also, "the Service" is defined as any product or service Github provides, so this could be expanded into any business.
The "transferable" in that also might let Gihub contract with some other company to provide part of "the Service" -- perhaps in an entirely unrelated business than the current Github website, and transfer the license to any free software they like to that other company.
I don't know if it was intended to be used this way, and I am not a lawyer so I could be misinterpeting it, but I will not be hosting any software on Github if they adopt this TOS, without consulting a lawyer.
We've gotten a few questions about this wording, and we'll revise it to clear up confusion. Thanks for the feedback.
We have absolutely no intention of taking any of the code people store with us or using it for our own purposes. As we said, this is solely to allow us to host your content without violating your rights.
No. Like it says, the license is solely to allow the service to function and display what you have uploaded to it.
Virtually every website that allows users uploads had a provision like this so that you cannot upload a copyrighted work and then turn around and sue them for infringement.
Except Github is hosting software, and this license allows them to modify and use that software in any way they like, without complying with the software's normal license.
Yes, even if your license says you have to quack like a duck when you view the source, if you intentionally upload it to github... they have a right to host on their servers it without quacking. This is not malicious. And is kind of obvious?
Here's what bitbucket says:
>Subject to the terms of this Agreement, you hereby grant to Atlassian a non-exclusive, worldwide, royalty-free right to (a) collect, use, copy, store, transmit, modify and create derivative works of Your Data, in each case solely to the extent necessary to provide the applicable Hosted Service to you and (b) for Hosted Services that enable you to share Your Data or interact with other people....
Wouldn't using, say, a high performance source code search engine in their backend, be "in connection with rendering the Website and providing the Service"?
Isn't there a (theoretical) concern for someone hosting GPL'd frameworks/servers/etc. on GitHub, that GitHub might want to use to replace or build their services?
This is the wording that concerns me most, because the Service is defined as:
> The “Service” refers to the applications, software, products, and services provided by GitHub.
Thus, GitHub could legally use this to use any software hosted by them, so long as it entered their stack at some point.
Contrived example:
They could use a modified Linux kernel at the bottom of their stack, and refuse to give anyone access to the source. Breaching the AGPL, but it doesn't apply. Simply because the Linux kernel is mirrored on GitHub.
> They could use a modified Linux kernel at the bottom of their stack, and refuse to give anyone access to the source.
Sure, if they wanted to risk billions of dollars of valuation for no good reason. After such a thing was discovered, how long do you think folks would continue hosting their private proprietary projects there?
That's not Github's primary use for the software they host.
The idea that they'd want to save a few thousand bucks by stealing someone's proprietary code to run Github.com itself is simply silly - it'd risk their reportedly multi-billion dollar valuation.
While I wrote my comment from a free software POV, this also seems to apply to proprietary software hosted on Github. Both software in private repositories there, and software with published code whose license does not allow modification.
Github does not need to sell the content to do anything I described. The content is software, and they can run it, modify it, and sell access to the site that runs it.
And "Service" is defined as "anything github is doing", so distribution inside the Service could involve any number of entities.
Service does have a definition, as it should in any legal document. Which isn't quite everything that they are doing:
> The “Service” refers to the applications, software, products, and services provided by GitHub.
If you focus the sentence on the "provided by" phrasing, then anything they take using their new TOS, would have to somehow be involved in directly forwarding something on to customers, as it needs to provide something. So they couldn't use it for anything internal only, such as say, a spreadsheet program, because the user doesn't directly benefit. They could however use a code auditing tool, as they could claim they are providing a better product to the public by auditing. It's a little bit grey, but there are limits.
Not to say that I agree with the new TOS, as I have some serious doubts about using it, and it does make me consider removing some of my projects from GitHub, though they are working on the wording still. We'll see.
Also, "the Service" is defined as any product or service Github provides, so this could be expanded into any business.
The "transferable" in that also might let Gihub contract with some other company to provide part of "the Service" -- perhaps in an entirely unrelated business than the current Github website, and transfer the license to any free software they like to that other company.
I don't know if it was intended to be used this way, and I am not a lawyer so I could be misinterpeting it, but I will not be hosting any software on Github if they adopt this TOS, without consulting a lawyer.
(The current TOS has nothing like this in it.)