We ask a lawyer about GitHub Copilot
This week we’re bringing JS Party to The Changelog — Nick Nisi and Christopher Hiller had an awesome conversation with Luis Villa, co-founder and General Counsel at Tidelift. They discuss GitHub Copilot and the implications of an AI pair programmer and fair use from a legal perspective.
Sign in or Join to comment or subscribe
Kind of disappointed that this episode just glossed over the single most important legal issue, which is the scope and validity of Github’s Terms and Conditions. I think Github is most likely contractually allowed to do everything they do. They can read the code and they can display it. But the users have no contractual relationship with the owners of the code, and use it at their own risk. Luis also threw around the word “transformative” without elaborating. No clue how literally copy/pasting chunks of code is “transformative use” in any legal sense.
Ridgefield, WA, USA
likes it as much as the next guy
The ToS exists with or without Copilot; the same concerns around the ToS have existed for years. Given that there hasn’t been (to my knowledge) a lawsuit brought that has caused a significant change to their ToS, I think it’s unlikely to happen, and we’ll all just need to live with it if we keep using GitHub. There’s no news there, in other words.
IIRC Luis mentioned that courts have found that processing of data via ML is transformative–meaning it is not a violation of copyright. IANAL, but I do know what “literally” means, and Copilot does not “literally” copy and paste code. 😄
Well… that was one case with one particular ML product. Devil’s in the details. To judge if a use was transformative you have to compare the two actual pieces of code, there’s no rule that says “ML = transformative.” There’s been reported cases of Co-pilot outputting big chunks of code copied verbatim (Quake source code and whatnot). To the extent it parses a user’s IDE comments and spits out pre-existing pieces of code, it would be literally copying at least sometimes. None of us know what exactly Co-pilot does behind-the-scenes.
Companies change their ToS frequently, Github’s is likely to change more often than the law, which moves at a snail’s pace. I found this portion particularly interesting:
So if code from public repos makes its way verbatim into your Co-pilot code, there’s no guarantee that you have a right to use it. And what happens if someone uploads code they don’t own to a public repo and it somehow ends up in a bunch of Co-Pilot projects. Does this paragraph protect Github from liability? Idk, I feel there’s many interesting things you can get from the ToS, and it gives you a glance at what Github’s lawyers are thinking about.