Were you a paying GitHub user? Doesn’t sound like it.
You were scanning remote servers without written authorization using GitHub Actions bandwidth rather than hosting your own workers? “Scout for new sources”? I expect GitLab to ban you next.
You are not a European citizen, you do not reside in the EU, GDPR only applies to those physically within a country within the EU. Same is true for EU citizens if they reside outside of the EU, a European living in America using an American service does not get the rights the GDPR provides
GitHub is a US company that processes data of EU residents. They're subject to GDPR. I've been in cybersecurity since I was 14 — data protection laws aren't new to me.
Additionally, California BPC § 17200 applies since GitHub is California-based.
> GDPR allows companies 30 days to answer
Correct. I filed the DPO request on March 17. The 30-day window hasn't expired. I'm sharing this now because the permanent ban came 70 minutes after my legal appeal with no review of the actual arguments.
> Why FTC. Didn't you say you're from Russia?
FTC accepts complaints from anyone regarding US companies. GitHub is US-based. Their business practices affect international users.
> I'm guessing the pages were largely AI generated?
I used AI to help with English phrasing — it's not my first language. The legal framework and arguments are mine. I've been interested in cybersecurity, privacy, and cryptography since I was 14. I considered getting into cypherpunk circles at one point. GDPR Article 20 isn't exactly obscure knowledge for someone in this field.
> theft of intellectual property
Fair point on the wording. More accurately: GitHub is refusing to provide data portability as required by GDPR Article 20. I retain copyright but am being denied access without due process.
> Having no backups is hardly the provider's fault
You're right I should have had backups. But GDPR Article 20 grants an unconditional right to data portability. "You should have backed up" doesn't exempt a company from legal obligations.
> That sounds like you have the code at least
I had a local copy of the VPN client (rsquad) from March 2. I lost:
- Other repositories (hpp, node-filter, loshad-scoc, zhopa-bobra)
- All issues and pull requests
- Wiki content
- Release packages
- Account settings, SSH keys, GPG keys
> GitHub is a US company that processes data of EU residents. They're subject to GDPR.
You aren't located in the union in any way.
> I've been in cybersecurity since I was 14 — data protection laws aren't new to me.
Great, then you should be familiar with Article 3 of the GDPR:
> This Regulation applies to the processing of personal data of data subjects who are in the Union [...]
> This Regulation applies to the processing of personal data of data
subjects who are in the Union by a controller or processor not established in the Union [...]
And Article 20 does actually have several conditions, it's not unconditional.
...
> Additionally, California BPC § 17200 applies since GitHub is California-based.
What does this have to do with "unfair competition"?
Were you a paying GitHub user? Doesn’t sound like it.
You were scanning remote servers without written authorization using GitHub Actions bandwidth rather than hosting your own workers? “Scout for new sources”? I expect GitLab to ban you next.
[flagged]
I don’t agree that your usage is harmless, nor with your deferral of the expenses associated to first GitHub and now GitLab.
[flagged]
They haven't violated GDPR.
You are not a European citizen, you do not reside in the EU, GDPR only applies to those physically within a country within the EU. Same is true for EU citizens if they reside outside of the EU, a European living in America using an American service does not get the rights the GDPR provides
[dead]
> Under GDPR Article 20
Why GDPR. Didn't you say you're from Russia?
> DPO request unanswered beyond automated ticket
GDPR allows companies 30 days to answer, or telling you they need more time to answer.
> FTC complaint filed
Why FTC. Didn't you say you're from Russia?
> Filed formal legal appeal (7 pages)
I'm guessing the pages were largely AI generated?
> This is, de facto, theft of intellectual property.
At this point I'm laughing and wonder which AI lawyer gave the confidence to suggest that.
> No export. No backup.
Having no backups is hardly the provider's fault.
> Project migrated to GitLab
That sounds like you have the code at least and can recreate the data.
> Why GDPR. Didn't you say you're from Russia?
GitHub is a US company that processes data of EU residents. They're subject to GDPR. I've been in cybersecurity since I was 14 — data protection laws aren't new to me.
Additionally, California BPC § 17200 applies since GitHub is California-based.
> GDPR allows companies 30 days to answer
Correct. I filed the DPO request on March 17. The 30-day window hasn't expired. I'm sharing this now because the permanent ban came 70 minutes after my legal appeal with no review of the actual arguments.
> Why FTC. Didn't you say you're from Russia?
FTC accepts complaints from anyone regarding US companies. GitHub is US-based. Their business practices affect international users.
> I'm guessing the pages were largely AI generated?
I used AI to help with English phrasing — it's not my first language. The legal framework and arguments are mine. I've been interested in cybersecurity, privacy, and cryptography since I was 14. I considered getting into cypherpunk circles at one point. GDPR Article 20 isn't exactly obscure knowledge for someone in this field.
> theft of intellectual property
Fair point on the wording. More accurately: GitHub is refusing to provide data portability as required by GDPR Article 20. I retain copyright but am being denied access without due process.
> Having no backups is hardly the provider's fault
You're right I should have had backups. But GDPR Article 20 grants an unconditional right to data portability. "You should have backed up" doesn't exempt a company from legal obligations.
> That sounds like you have the code at least
I had a local copy of the VPN client (rsquad) from March 2. I lost: - Other repositories (hpp, node-filter, loshad-scoc, zhopa-bobra) - All issues and pull requests - Wiki content - Release packages - Account settings, SSH keys, GPG keys
> GitHub is a US company that processes data of EU residents. They're subject to GDPR.
You aren't located in the union in any way.
> I've been in cybersecurity since I was 14 — data protection laws aren't new to me.
Great, then you should be familiar with Article 3 of the GDPR:
> This Regulation applies to the processing of personal data of data subjects who are in the Union [...]
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union [...]
And Article 20 does actually have several conditions, it's not unconditional.
...
> Additionally, California BPC § 17200 applies since GitHub is California-based.
What does this have to do with "unfair competition"?
[dead]
[dead]
[dead]