On Mar 27, 2017 08:41, "Dominik George" <n...@naturalnet.de> wrote:
The first issue is children under the age of 13 years not being allowed to register with GitHub. This issue already existed before GitHub updated their ToS, and they claim it is because of COPPA. I do think that they could easily fix this by not requiring a legal name, which is the only data thewy colelct that falls under COPPA, but they don't listen. Then, COPPA only "protects" US children, and GitHub are, in my opinion, wrong in putting this age restriction in their ToS explicitly. They could simply tell users "you need to be legally able to accept our privacy terms". This would mean that in the US, the restrictions by COPPA would apply, and in e.g. Germany, a child aged seven and above could register given parental consent. I had a lengthy discussion about that with GitHub Legal, but with no result. I'm almost completely certain that the COPPA applies to websites in the US regardless of the location of the website user. Now you might wonder whether contributors younger than 13 years do matter at all. Please note that this is primarily opinion-based - this aspect of my criticism is therefore explicitly opinionated. I *do* think that excluding a certain age group is plain discrimination against a subgroup of people. Furthermore, I have seen children as young as nine or ten years contribute to free software, both with bug reports and with actual code patches. This is something that is not widely seen, as Teckids is the only organisation (according to people at international conferences) actually helping young users to become *active* members of the community, but it does exist and I am strongly against adding hurdles to it. I'd suggest looking at some of the things StackOverflow has suggested on this topic; for example, having parents set up an account and then "giving" it to the child at the legal point in time. A quite good analysis of that can be found here https://www.mirbsd.org/permalinks/wlog-10_e20170301-tg.htm and here https://joeyh.name/blog/entry/what_I_would_ask_my_lawyers_ about_the_new_Github_TOS/ . I have spoken to two lawyers about that, and they basically say that on first glance, the ToS are indeed very problematic. The FSF, in the meantime, has published a post stating that the new ToS do not conflict with the GPL license family here https://www.fsf.org/blogs/licensing/do-githubs-updated- terms-of-service-conflict-with-copyleft (but they still discourage use of GitHub), I (and others) do not think their view is correct, because the ToS explicitly say that they may use works without attribution, and the GPL licenses explicitly require copies to carry attribution. Also, even if the FSF is correct, this only applies to GPL, and probably not to CC-BY-SA and other licenses requiring attribution, or even prohibiting sub-licensing under other licenses. The problem with this is that actual lawyers in the field have pointed out that these non-legal articles are almost certainly completely baseless. Saying that you think the FSF is wrong seems a bit presumptuous seeing they're paid to be able to understand this sort of law. In any case, with GitHub imposing terms on a license granted to them, all contributors also need to grant this license, for past *and* new contributions. *If* the separate terms do not conflict with GPL, this might be a non-issue for GPL code, but it might be an issue with other licenses. As I see that, in order to merge code into the repository hosted on GitHub from an outside contributor would require them to expclicitly grant a license as required by the GitHub ToS, or even accept the ToS even if they do not register with GitHub. I'd suggest looking at the HackerNews discussion of the mirbsd.org article if you have not already; there's no change in rights to the code beyond what is already provided by uploading code to the publicly accessible internet.
