Developers Oppose Tracking Cookies on GitHub

tracking cookies on GitHub
Written by Emma Davis

The developer community is extremely unhappy with the upcoming privacy policy changes on GitHub – the new rules will allow GitHub to place “tracking” cookies on some subdomains.

Let me remind you that we also wrote that Many Repositories on GitHub Are Cloned and Distribute Malware, and also that Miners abuse GitHub infrastructure.

The upcoming changes were announced earlier this month. Starting September 2022, GitHub is scheduled to start adding “optional cookies” to some marketing pages. The company offered users 30 days to discuss this decision.

GitHub’s current privacy policy (as of May 31, 2022) states that the platform places only “strictly necessary” cookies on users’ browsers and adheres to the W3C standard for the Do Not Track setting, if set by the user.

Olivia Holder

Olivia Holder

However, starting September 1, 2022, GitHub will start placing optional cookies on its marketing subdomains, such as resources.github.com.

GitHub introduces optional cookies on web pages that sell our business products. These files will provide analytics to improve site performance, personalize content and ads for corporate users.Olivia Holder, GitHub Senior Legal Counsel for Privacy explains.

Optional cookies (commonly referred to as “tracking cookies”) in this context refer to a class of cookies that are used by multiple sites and web services at once. These cookies may be used by third parties for advertising, marketing, customization and analytics purposes. At the same time, such cookies make it easy to identify browsing history and user behavior on other sites, potentially allowing attackers to track this activity.

Lucas Garron

Lucas Garron

The upcoming innovations have already been heavily criticized by the community. For example, GitHub Security Engineer Lucas Garron decided to draw everyone’s attention to the issue and the “30-day comment period” by citing an old GitHub blog post from 2020. In it, representatives of the platform stated that they “deleted all optional cookies” because they “respect the privacy of developers using the product.”

Quite funny, but a recent post from the GitHub developers explaining the need for implementing tracking cookies contains almost the same wording. The developers explain the need to implement cookie trackers by improving the reach and web experience for corporate users, but remind that “the developer community remains the heart of GitHub”, and the platform strives to “respect the privacy of developers using our product.”

While the comments are raging, a petition has already been created on change.org that calls the language of the new privacy policy “less transparent, unclear and misleading” and calls on GitHub to stop tracking cookies altogether.

At the same time, many users say they intend to leave GitHub (for example, to GitLab) or boycott it if the new rules come into force. Others blame Microsoft, the parent company of GitHub, for what is happening, saying that it discredits GitHub.

You lost me because of “ads for corporate users.a pentester and information security engineer Jonathan Gregson writes.
If this PR starts, I will leave. I’m not going to be part of this digital dystopia where I’m just a product and companies don’t care about people.user Wilhelm Sokolov says.

However, there are those who support the position of GitHub. For example, Rust and Android developer Evelyn Marie wonders why people are so angry about changes that “only affect corporate marketing subdomains.” Marie writes that most GitHub users don’t use Enterprise anyway and will likely never experience any inconvenience due to cookies.

People love pointing fingers at Microsoft as if they were asking for these changes. Most likely, it is not. There will always be changes that people will not like, but not all changes are the work of the parent company. If Microsoft had a hand in GitHub, they probably would have switched from GitHub’s privacy policy to Microsoft’s privacy policy a long time ago.says Marie.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending