59 comments

[ 3.0 ms ] story [ 296 ms ] thread
From a machine translation of the article: "announced through its Telegram channel that the US company had thrown access to the Tsunami repository from our country. You only need to go to one of their last available web links: tsunamidemocratic.github.io to see that it is true. In a warning message written in English , the system alerts that "the repository is not available in your location"."

I'm not in Catalonia, and was able to click through to the repository. Surely no developer would be deterred by a simple IP ban?

> Surely no developer would be deterred by a simple IP ban?

Except it's not just for developers; it's the homepage for the app.

Though part of me has a feeling that GitHub complies with these takedown notices in the way that they do because they know how easily circumvented they are. Pretty much everyone involved with a modern protest movement has been taught some basic level of digital OpSec by the organizers.

I'm in Barcelona and was able to open that page and download that app. My IP is not masked and few geo-ip services I tried says "Barcelona".

To avoid future possible misunderstandings: I do not support Tsunami Democràtic and I strongly disagree with their methods.

While it's fair to call out the owner of any property when something like this happens, the emphasis of "Microsoft" in the headline seems to imply that this is some newly introduced policy since the acquisition.

As far as I'm aware, Github has been honouring government takedowns of this nature since long before they were acquired by Microsoft.

The way I read it on the article, with punctuation, I don’t think it was necessarily intended like that? It’s in parentheses “Microsoft (GitHub)”. I don’t read Spanish fluently, though, so perhaps I’m not grasping it entirely. It felt like they were just adding context.
> Microsoft (GitHub) blocks the Tsunami Democràtic to avoid the issues of their 'app'

Is how I'd translate it and depending on who you are, you might just ignore the GitHub bit if you have no idea who that is and just assume Microsoft's doing this outright. It is confusing, but the subtitle specifically calls GitHub a service owned by Microsoft. They then mention since when Microsoft has owned GitHub, which I'm not sure how accurate it is or isn't. Is it wholly owned by Microsoft at this time? Though as others have said, it's an existing policy.

Yes, GitHub is 100% owned by Microsoft. The date in the article is correct.
In the first paragraph, they say "GitHub, the service owned by Microsoft since June 2018, has begun to block access to the repository that hosts the web page and the application from Spain."
The article is aimed at regular people who's probably not familiar with GitHub but surely know Microsoft. Maybe they should have written it "GitHub (Microsoft)" instead.
It would be more clear for everyone to call it Microsoft Github at all times.
I don't know the details here, but there can be takedown notices from governments that I certainly wouldn't want a software repository to agree to. I think we would need a solution for this problem of central repositories.
IANAL but it's a question of legal jurisdiction. Github is a business selling to Spanish users, so presumably are beholden to Spanish law.

Github also have a HQ in Amsterdam and likely there's some further ramifications for those based in an EU states in terms of compliance with laws of respective EU states

That's the beauty of git. You just need to:

git add remote plan-b one-of-dozens-of-git-hosts-or-your-own-server

git push plan-b master

And then let people know of your new repo(s).

> As far as I'm aware, Github has been honouring government takedowns of this nature since long before they were acquired by Microsoft.

What makes me worried is that this was not a normal takedown where GitHub thought the content was harmful for their platform. It seems it's only geographically blocked, as in, not available for people in Spain. So GitHub thinks the repository is fine, just that it's not fine in Spain specifically.

This indicates that it's more hairy than just "it was harmful for GitHub"

It was a warrant issued by a Spanish court that Github legally had to comply with. So Github did the minimum it could do, which was to block the website within Spain.
The article seems somewhat unclear on that.

First it says:

Después de que un juez decidiese bloquear sus direcciones web, obligando a sus gestores a migrar dominios y buscar nuevo alojamiento, ahora ha sido GitHub, el servicio propiedad de Microsoft desde junio de 2018, el que ha acabado por bloquear el acceso al repositorio que alojaba la web y la aplicación de la plataforma desde España.

but then:

Pese a que el servicio de 'software' libre estaba entre los objetivos de las autoridades por dar cobijo a la plataforma independentista, fuentes de Microsoft España han confirmado a Teknautas que ellos no han recibido ninguna petición por parte de las fuerzas y cuerpos de seguridad del Estado para cerrar los repositorios de Tsunami por lo que la decisión se ha tomado a nivel internacional.

I'm not sure exactly what legal obligation Github actually had.

Could you summarise those paragraphs in English? I am basing my comment on the takedown notice posted on Github, which sounded like they did not have much of an option.

edit: based on the responses below that just says that Microsoft Spain didn't receive a request, not that Microsoft global didn't receive one. And otherwise, where would the request that Github published have come from?!

Using https://www.deepl.com/translator I get the following automated translation:

First quote:

    > After a judge decided to block their web addresses, forcing their managers 
    > to migrate domains and look for new hosting, it has now been GitHub, the 
    > service owned by Microsoft since June 2018, which has ended up blocking 
    > access to the repository that hosted the web and application platform from 
    > Spain.

Second:

    > Although the free software service was among the objectives of the 
    > authorities to give shelter to the independence platform, sources from 
    > Microsoft Spain have confirmed to Teknautas that they have not received any 
    > request from the state security forces to close the Tsunami repositories so 
    > the decision has been taken at the international level.
I'm afraid my Spanish isn't any better than Google Translate's.

As I understand it, the first paragraph says that a judge blocked access to Tsunami Democràtic's domain names (literally "web addresses")

But according to the second paragraph Microsoft Spain denied having received a takedown request for the Github repository from the Spanish security services. It also says that the takedown request must have been made on an international level, but I'm not sure what that could refer to.

Not a judge but the Guardia Civil, which is a police force
Yep, it says that Microsoft Spain has claim that they did not receive any request to take down the repo from the government. Also, the article claims that the journalist tried to contact Github and Microsoft USA but hasn't received a reply. And certainly I don't expect any quick response, they probably need to get the PR department to review any answer.
Your observations are not at odds with what the OP said.

> Github has been honouring government takedowns

The Spanish government requested the information be taken down but only has jurisdiction over it's own users. It therefore makes sense that Github would just restrict access to the content.

Again, they are of course free to do so and I agree that it makes sense for GitHub to honor lawful requests. I was simply observing that I haven't seen GitHub apply take downs geographically before. The cases I've seen before have been global, even if the request came from Russia/China.
They have an official repo with all the government takedown letters: https://github.com/github/gov-takedowns (Only from China, Russia and Spain at the moment).
I find it interesting that they removed user and repo names from the Spanish notice, but kept links in the Chinese and Russian ones.
They don’t include the court order itself, but it wouldn’t surprise me if there were some additional clause (similar to the gag order in a US NSL) that forbids Github from revealing the specific target of the order.
In that case, how would it possibly have any legal effect in the US?
They restricted access to the repo itself in the jurisdiction covered by it. Their takedown repo isn’t restricted, so it makes sense that they would just redact the relevant parts so it’s obvious they were forced to take down something.

Kind of a lesser of evils. Yes, we could blacklist all of Spain from seeing the takedown request and publish it in its entirety. Instead a bit of a screw you to the Spanish government. We can’t say what we had to blacklist, but we had to blacklist something, so wink wink, nudge nudge.

(comment deleted)
I wonder how the Spanish government and courts feel about being in this exclusive club?
From the perspective of a few Galego and Catalan friends, I don't think they would be surprised.
You could be in that club for any reason. In Germany we prosecute Nazi related content (e.g. Mein Kampf, etc). Would be completely fine in the US.

As a result, a government takedown request can bring a rationale country like Germany on the list, doing the right thing, and still be viewed by US standards as violation of free speech.

Legal is different in each country. And honestly, Spain has a territorial integrity and a working democratic process.

(comment deleted)
It is always questionable if the state enacting control on media is the correct conclusion from the Nazi era where content control was common and a pillar of the regime.
That is the approach of our society here in Germany and that is not questionable. It is core concept of our identity and how we deal with this heritage. I would recommend to read the following article about it:

https://www.theatlantic.com/ideas/archive/2019/09/germany-ha...

Maybe not focusing on national symbols is a core tenet, as is disallowing violence in media out of fear it could awaken some inner monster. I do not share this view and given the realities of the modern world, people will come in contact with it anyway and it would help to be prepared. Which I think the German education system provides for that matter.

But with all things learned, "our identity" certainly has a comparably low priority.

I cannot tell you who is in the right in Spain, but I am certainly cautious not to justify a crackdown on content by authorities.

And while it is true that symbols associated with the nazi-era are prosecuted, I do believe that the goal is immediately lost if used as a justification to restrict freedom of expression, which this immediate case could constitute. Maybe not, but I like to defer judgement.

With a perspective on current world politics I have the impression that the German solution is fairly inadequate. That is why I do question it.

It’s a mainstream newspaper, nobody of the general public would understand what or who is github if it wasn’t written like that
I mean, I really don't think "Microsoft's Github" does anything to explain what Github is to the laymen.
It gives them the context that this is a decision from a big tech company, not just some startup they haven't heard of.
And the laymen doesn't care and it is not relevant to the story what a "github" is.

It is something by Microsoft that apparently is important for apps. Nothing more you need to know.

As a newspaper editor you have to be aware that each story will be read by both specialists and non-specialists. This headline attempts to convey information to both.
If you ask the average person about GitHub they won't know what you are talking about, everybody knows Microsoft though, that's the only reason.
Yeah in reality it's the Spanish Military Police where complaints should be submitted
Not the Military Police.

The Guardia Civil, the takedown petitioner, is one of the two Spanish national police forces, the Military Police is a different corps entirely which belongs to the Army.

The Guardia Civil is similar to the Gendarmerie corps from many countries, such as France. However it does follow a military-style rank structure, which nothing out of this world for a police force.

Both Guardia Civil and Gendarmerie are part of the Army (but take orders from a civilian hierarchy) and are strictly speaking military police. But they don't police the military, which is what you probably had in mind.
Well, first and foremost they are not the Military Police. The OP seems to use that terminology for a hyperbolic effect, I find this attitude very frustrating giving the sensitive aspect of the situation in Catalonia.

Secondly, they are not part of the Army, they are self-described as a "full bodied police force" [1] and they report directly to the Ministry of Interior and only report to Defense in case they take part in a armed forces mission (article 9b of this law: [2]), which is seldom the case.

Like I said they do have a military-style rank structure, which they describe as for "efficiency for performing our duties" or "military nature" [1] as they were created as an infantry division back two centuries ago.

[1] http://www.guardiacivil.es/en/institucional/Conocenos/idcorp...

[2] http://noticias.juridicas.com/base_datos/Admin/lo2-1986.t2.h...

Most likely they put that Microsoft in the title because the general audience hasn't heard of GitHub. We don't need it here though.
OT, but some headings with all capitalized words are impossible to decipher. Where does one put the groupings here? Looks like a gibberish sentence to my (non-native) eyes.

> Microsoft's GitHub Censors Catalonian App Tsunami Democratic

Subject: GitHub, which is owned by Microsoft

Verb: Censors

Object: the Catalonian app called "Tsunami Democratic"

(Microsoft's GitHub) censors (Catalonian App (Tsunami Democratic))

Some quotes around the app name, "Tsunami Democratic", would have helped a lot. The structure of the original Spanish headline delineates the app name from other nouns a lot better.

> Microsoft Spain sources have confirmed to Teknautas that they have not received any request from the security forces and bodies of the State to close Tsunami repositories

Note, this is a translation. If I understand it right, GitHub is a wholly owned subsidiary. That means it may have been (likely?) GitHub legal rather than Microsoft legal that received the request.

Did the reporter not know to check with GitHub or was it something else?

There is a little bit of organizational dynamics at play here. We may know how these companies are organized but do the masses? How much of the international reporters should we expect to know this?

(comment deleted)