Blood money is fine with us, says GitLab: Vetting non-evil customers is 'time consuming, potentially distracting'

Code-hosting biz also bans staff from talking politics at work

Updated GitLab, a San Francisco-based provider of hosted git software, recently changed its company handbook to declare it won't ban potential customers on "moral/value grounds," and that employees should not discuss politics at work.

The policy addition, created by co-founder and CEO Sid Sijbrandij and implemented as a git pull request, was merged (with no approval required) about two weeks ago. It was proposed to clarify that GitLab is committed to doing business with "customers with values that are incompatible with our own values."

Such a declaration could run afoul of legal boundaries in some circumstances. While workers have no constitutional speech protection in the context of their employment, federal labor law requires that employees be allowed to discuss the terms and conditions of their employment and possible unlawful conduct like harassment, discrimination, and safety violations.

But it's perhaps understandable given how, over the past few years, workers in the tech industry have become more vocal in objecting to business deals with entities deemed to be immoral or work that conflicts with declared or presumed values.

At Google, for example, employees have protested the development of a censored search engine for China, the company's Project Maven AI protect for the Pentagon and its provision of cloud services to federal agencies like US Customs and Border Protection (CBP), US Immigration and Customs Enforcement (ICE), and the US Office of Refugee Resettlement. And currently Googlers are sounding off on internal message boards about the company's decision to remove content supportive of democracy protests in Hong Kong.


Microsoft, GitHub staff tell Satya Nadella: It's time to ice ICE, baby. Rip up those tech contracts


Meanwhile at Microsoft's GitHub, employees at both companies have objected to GitHub's business with ICE, not to mention Microsoft's government contracts. Employees at Amazon have also urged the company not to sell its facial recognition technology to police and the military.

And recently workers at devops biz Chef raised similar objections to doing business with ICE. Three weeks ago, Chef, after refusing to bend, decided not to renew its contracts with CBP and ICE.

In what appears to be an effort to avoid such protests, Sijbrandij amended his company's handbook to state: "We do not discuss politics in the workplace and decisions about what customer to serve might get political."

And what reason does Sijbrandij's pull request provide to support this position? It says, "Efficiency is one of our values and vetting customers is time consuming and potentially distracting."

Historical precedent

If you can see how people might respond to IBM, infamous for providing technology that helped the Nazis in World War II, saying, "Who has time to look into the source of this hard German currency?" you can imagine how GitLab's policy amendment has been received.

Drew Blessing, a staff engineer at GitLab, in a discussion of the policy change, appears to be incredulous that Sijbrandij would word the statement in a way that suggests the company will take anyone's money.

"Is there no scenario we can envision where we would choose not to do business?" Blessing asked. "I understand that it may be a rare occasion where we would want to, but it seems like we may want to reserve that right rather than say we never will? Obviously we could always change the policy if that occasion arises, but it seems like a strange signal to send to say we won’t ever exclude a customer."

Sijbrandij responded by saying the company can change its strategy at any time, though it would honor standing commitments to customers.

Unsatisfied with Sijbrandij ducked his question, Blessing pressed for an answer. "Can you comment on this question, please?" he said.

"Is the timing of this update coincidental or in response to what’s happening in the Chef community? Unless it’s entirely coincidental it seems like we’re signally that we would accept a similar contract and would hold our ground if people disagreed."

Sijbrandij responded by stating, "as this [merge request] indicates we would do business with any entity that we're allowed to do business with." He also said the policy change wasn't a direct response to what happened at Chef "but that situation did cause me to think about it and make this [merge request] to explain the reasons better."

Some people are fine with business deals divorced from moral considerations. Ben Fellows, a cloud computing consultant, argues that GitLab is just a tool maker shouldn't be accountable for how its services are used, just as an automaker would not be expected to ensure only law abiding citizens drive its vehicles. If ICE has violated the law, he argues, there are legal processes to deal with that.

GitLab CEO and founder Sid Sijbrandij

Ditch Chef, Puppet, Splunk and snyk for GitLab? That's the pitch from your new wannabe one-stop DevOps shop


"The problem with the whole 'activism' mindset is it doesn't actually target the people who created the problem, it just creates lots of noise – and the problem with noise is facts get lost," Fellows said.

But as others point out, GitLab has made statements about its values. It has a Code of Conduct, in which it talks about empathy for others. Similar statements about values landed software biz NPM in hot water earlier this year after it fired several workers who sought to unionize, making a mockery of said values.

As a commenter identified as "casiotone" observed, "If your values aren't used to inform who you're doing business with, why do you bother pretending to have values at all? This [merge request] demonstrates that you don't have any values except 'we want to make money, and it doesn't matter who gets hurt.'"

The Register asked GitLab to comment. We've not heard back. ®

Updated to add

GitLab has performed what's technically known as a reverse ferret.

Other stories you might like

  • DigitalOcean tries to take sting out of price hike with $4 VM
    Cloud biz says it is reacting to customer mix largely shifting from lone devs to SMEs

    DigitalOcean attempted to lessen the sting of higher prices this week by announcing a cut-rate instance aimed at developers and hobbyists.

    The $4-a-month droplet — what the infrastructure-as-a-service outfit calls its virtual machines — pairs a single virtual CPU with 512 MB of memory, 10 GB of SSD storage, and 500 GB a month in network bandwidth.

    The launch comes as DigitalOcean plans a sweeping price hike across much of its product portfolio, effective July 1. On the low-end, most instances will see pricing increase between $1 and $16 a month, but on the high-end, some products will see increases of as much as $120 in the case of DigitalOceans’ top-tier storage-optimized virtual machines.

    Continue reading
  • GPL legal battle: Vizio told by judge it will have to answer breach-of-contract claims
    Fine-print crucially deemed contractual agreement as well as copyright license in smartTV source-code case

    The Software Freedom Conservancy (SFC) has won a significant legal victory in its ongoing effort to force Vizio to publish the source code of its SmartCast TV software, which is said to contain GPLv2 and LGPLv2.1 copyleft-licensed components.

    SFC sued Vizio, claiming it was in breach of contract by failing to obey the terms of the GPLv2 and LGPLv2.1 licenses that require source code to be made public when certain conditions are met, and sought declaratory relief on behalf of Vizio TV owners. SFC wanted its breach-of-contract arguments to be heard by the Orange County Superior Court in California, though Vizio kicked the matter up to the district court level in central California where it hoped to avoid the contract issue and defend its corner using just federal copyright law.

    On Friday, Federal District Judge Josephine Staton sided with SFC and granted its motion to send its lawsuit back to superior court. To do so, Judge Staton had to decide whether or not the federal Copyright Act preempted the SFC's breach-of-contract allegations; in the end, she decided it didn't.

    Continue reading
  • US brings first-of-its-kind criminal charges of Bitcoin-based sanctions-busting
    Citizen allegedly moved $10m-plus in BTC into banned nation

    US prosecutors have accused an American citizen of illegally funneling more than $10 million in Bitcoin into an economically sanctioned country.

    It's said the resulting criminal charges of sanctions busting through the use of cryptocurrency are the first of their kind to be brought in the US.

    Under the United States' International Emergency Economic Powers Act (IEEA), it is illegal for a citizen or institution within the US to transfer funds, directly or indirectly, to a sanctioned country, such as Iran, Cuba, North Korea, or Russia. If there is evidence the IEEA was willfully violated, a criminal case should follow. If an individual or financial exchange was unwittingly involved in evading sanctions, they may be subject to civil action. 

    Continue reading

Biting the hand that feeds IT © 1998–2022