On Mar 27, 2017 08:41, "Dominik George" <nik@xxxxxxxxxxxxx> wrote:
The first issue is children under the age of 13 years not being allowed
to register with GitHub. This issue already existed before GitHub
updated their ToS, and they claim it is because of COPPA. I do think
that they could easily fix this by not requiring a legal name, which is
the only data thewy colelct that falls under COPPA, but they don't
listen. Then, COPPA only "protects" US children, and GitHub are, in my
opinion, wrong in putting this age restriction in their ToS explicitly.
They could simply tell users "you need to be legally able to accept our
privacy terms". This would mean that in the US, the restrictions by
COPPA would apply, and in e.g. Germany, a child aged seven and above
could register given parental consent. I had a lengthy discussion about
that with GitHub Legal, but with no result.I'm almost completely certain that the COPPA applies to websites in the US regardless of the location of the website user.
Now you might wonder whether contributors younger than 13 years do
matter at all. Please note that this is primarily opinion-based - this
aspect of my criticism is therefore explicitly opinionated. I *do* think
that excluding a certain age group is plain discrimination against a
subgroup of people. Furthermore, I have seen children as young as nine
or ten years contribute to free software, both with bug reports and with
actual code patches. This is something that is not widely seen, as
Teckids is the only organisation (according to people at international
conferences) actually helping young users to become *active* members of
the community, but it does exist and I am strongly against adding
hurdles to it.I'd suggest looking at some of the things StackOverflow has suggested on this topic; for example, having parents set up an account and then "giving" it to the child at the legal point in time.A quite
good analysis of that can be found here
https://www.mirbsd.org/permalinks/wlog-10_e20170301-tg.htm and here
https://joeyh.name/blog/entry/what_I_would_ask_my_lawyers_ab out_the_new_Github_TOS/
.
I have spoken to two lawyers about that, and they basically say that on
first glance, the ToS are indeed very problematic.
The FSF, in the meantime, has published a post stating that the new ToS
do not conflict with the GPL license family here
https://www.fsf.org/blogs/licensing/do-githubs-updated-terms -of-service-conflict-with-copy left
(but they still discourage use of GitHub), I (and others) do not think
their view is correct, because the ToS explicitly say that they may use
works without attribution, and the GPL licenses explicitly require
copies to carry attribution. Also, even if the FSF is correct, this only
applies to GPL, and probably not to CC-BY-SA and other licenses
requiring attribution, or even prohibiting sub-licensing under other
licenses.The problem with this is that actual lawyers in the field have pointed out that these non-legal articles are almost certainly completely baseless. Saying that you think the FSF is wrong seems a bit presumptuous seeing they're paid to be able to understand this sort of law.
In any case, with GitHub imposing terms on a license granted to
them, all contributors also need to grant this license, for past *and*
new contributions. *If* the separate terms do not conflict with GPL,
this might be a non-issue for GPL code, but it might be an issue with
other licenses. As I see that, in order to merge code into the
repository hosted on GitHub from an outside contributor would require
them to expclicitly grant a license as required by the GitHub ToS, or
even accept the ToS even if they do not register with GitHub.I'd suggest looking at the HackerNews discussion of the mirbsd.org article if you have not already; there's no change in rights to the code beyond what is already provided by uploading code to the publicly accessible internet.