> It's alright to blame people for lawfully following harmful laws.
It's also alright to blame people for interpreting laws too widely and too abusively. The legal and security departments are much at fault for this where they'll prefer to abuse people than to take up any kind of risk.
I agree with you. It's alright to blame them, but it's unfair at the same time. The world is not fair.
EDIT: concerning hypothetical worlds, I pretty much not want to live in a world were companies blindly follow the law regardless of how harmful it is. We have tried these worlds in the past and they were not pretty.
> EDIT: concerning hypothetical worlds, I pretty much not want to live in a world were companies blindly follow the law regardless of how harmful it is. We have tried these worlds in the past and they were not pretty.
Personally, I think a distinction is necessary. Companies IMO should absolutely obey the laws regardless of if they like them or not. It's entirely unfair to blame them for obeying the law.
They (as well as individual people) are free to oppose those laws in an attempt to change them, however until they are changed, they should follow the laws or cease trading in the country who's laws they disagree with. It's entirely fair to blame them for not fighting stupid/wrong/harmful laws.
Allowing companies to choose which laws they are going to obey is never going to end well.
There are countries in which being gay will still cause you serious trouble.
Or not agreeing with the political leadership.
We are quite privileged to just assume that following the law as written (AND interpreted by the judiciary) will mostly work out alright and doesn't cause us moral dilemma.
And companies consist of people, too. Is it then all of a sudden morally acceptable to build spying software so your country's leadership can prey on it's political enemies? Or assist in persecuting discriminated groups?
You don't have to cite long abolished laws or an industrialized killing machine for pointing that out ;-) though the post is really begging for it.
We can all cite harmful laws, does that mean companies (and people) should be free to ignore all law?
Should US companies be free to ignore laws related to sanctions because the UAE has made being gay illegal or because political opposition in China could land you in jail? Where do you draw the line? Specifically - for a US company as is being discussed.
> companies (and people) should be free to ignore all law?
Yet you continue with your strawmans. Nobody said that. The crucial word in your sentence is "all", with which nobody has agreed here. Of course nobody is above law. But sometimes, in exceptional circumstances, a particular law turns out to be immoral. In that case, and only in that case, it is wrong to follow that particular law, and it is right to do the illegal alternative.
If a company is found to have followed an immoral law and performed harmful (but lawful) acts, it is right that society punish that company later (e.g., when the law situation is solved). More so in this case, when the company is overzealous in its application of that immoral law.
> Yet you continue with your strawmans. Nobody said that.
No, it was rhetorical question. Reading and making an effort to respond to the entirety of the comment would have made that obvious when I specially ask "Where do you draw the line?".
> You are making a strawman. Companies are often following the law strictly or loosely as it suits them.
You're right that companies don't always obey the law. However, what has that got to do with "Personally, I'd rather a world where companies obey the law"?
My point is that companies SHOULD obey the laws, not that they always do - and that - allowing and encouraging companies to pick and choose the laws they are going to obey is wrong, and will simply not end well.
> GitHub could have warned the company before blocking and/or blocked access only from Iran. It did neither.
I'm not familiar enough with the specifics of the US laws regarding Iran to know if this is a lawful course of action to take upon a customer attempting to use your products/services from Iran.
Maybe they could have? Maybe they can't? I've no idea & I've made no attempt to address anything other than the "It's alright to blame people for lawfully following harmful laws" comment.
It's very easy to say that on someone else's behalf.
Essentially you're saying that Nat Friedman should risk 20 years in prison, and a million dollar fine per user in order to let Iranian developers use Github.
As much as I hate the idea of software not being freely available to everyone, I would not be willing to take that risk. I doubt many HN readers would.
It's not. You have a literal state actor backed with an army demanding money if you don't comply.
I'll pick the legal way unless the profits I can make somehow outweigh the sanctions (legislators can make mistakes too) and there are no penal repercussions.
Sure, the impact is different. But on the other hand, I try to follow this rule as much as possible:
“One has not only a legal, but a moral responsibility to obey just laws. Conversely, one has a moral responsibility to disobey unjust laws.” – Martin Luther King, Jr.
Microsoft is no stranger to breaking laws and certainly has the resources to fight this one, or at least to argue that it shouldn't apply in this case.
Compliance with the law is not binary. The US has a system of selective enforcement whereby they go after the most flagrant violators to make an example to everyone else. Blocking requests is compliance enough, practically speaking.
Disobey the law, make a public statement about it, and deal with the consequences. This is not a new problem, it was treated by Kant a few centuries ago.
Are you really suggesting that companies should willfully break laws? We already have this in reality I guess, but don't think we should suggest them to do it further. Right way to get change would be for companies to get together and lobby for the change they wanna see, not just break the law.
Although I agree the export embargo is fucking stupid, especially when it comes to online technology, I really want to see less criminal behavior from companies, not more.
> Although I agree the export embargo is fucking stupid, especially when it comes to online technology, I really want to see less criminal behavior from companies, not more.
The law is not stupid, it's criminal. By following it, companies are precisely engaging in criminal behavior.
You seem confused why GitHub did what they did. In the US there is something called "US Export Law", the law includes declarations that makes companies unable to sell services/goods to certain countries (which spoiler, Iran is part of that list).
The law itself is not illegal, as the lawmakers have created and enacted that law. It's the opposite, the law is declaring what's illegal.
So, if GitHub doesn't ban users from Iran, they are breaking the law in the US.
Hope this clears up any misunderstanding on how things work.
"the law includes declarations that makes companies unable to sell services/goods to certain countries" is not the same as "if GitHub doesn't ban users from Iran, they are breaking the law".
GitHub could comply with the law without completely banning users who access their service from Iran, e.g. by making their website unavailable for Iranian IPs or by making paid features unavailable.
IANAL and I'm not 100% confident on my knowledge around the export laws in the US, as I've only have to deal with that mess once in my lifetime.
But, if the CEO of GitHub (Nat Friedman) claims that they "do no more than what is required by the law" and end up banning a user, my understanding is that the lawyers are GitHub and Microsoft have made the judgement that banning users are a must, simply restricting them temporary is not enough.
Again, I think export embargoes are shit and don't necessarily agree with the calls that GitHub/Microsoft did, but trying to understand the side they are coming from here.
Who knows, probably? For the rest of the "Does X block Y if Y is in Iran|Other embargoed country" questions, the answers are either A) Yes, you'll get banned or B) No, they haven't thought of that yet, but they'll add banning as soon as they figure it out, as the law requires it.
To the extent that a law is unjust or otherwise morally wrong, it could be said there is a moral responsibility to disobey an unjust law (where one would otherwise be following it in a way which results in the unjust outcome). Note that GP isn't saying that it's permissible to break any law, only immoral ones.
It may be countered that the law isn't actually unjust (nor immoral), but a more convincing point is that it opens the door for companies to do whatever they like. I don't think that holds up - morality is supposed to supercede law.
It could be argued that anyone can disobey any law because anyone can find something moral or immoral - but that doesn't stand up; most people (and certainly society in general) admit some degree of objectivity in morality to the point where almost all moral questions either already have an answer, or the answer is currently being discussed (and that discussion is a process to find the right answer). People tend to say morality is "subjective" (whatever that means) or "relative", but act as though it is objective - with all the blame, shame, guilt, and assigning of responsibility. Even if it is "relative", it is relative to this society, in which GitHub operates.
Some people are interpreting this discussion on morality and law as being a matter of what a company or person does or doesn't "like" - morality is (by most accounts) a different ballgame, and should not (epistemologically speaking) be conflated with mere preference. Disobeying a just law (and doing something unjust in the process) is just as morally blameworthy as obeying an unjust law (and doing something unjust in the process). It's not a carte blanche for companies to do as they please.
I'm not commenting on this specific case; I'm silent on my moral reasoning of it, but I wanted to try and explain what I think GP was getting at.
I for one enjoyed your comment, I think it's just a heated subject and HN tends to swing up/down with the votes on those topics, no matter if you argue well or not. I don't necessarily agree with everything you said, but it's well argued in general, and now I do understand the point of view I did not understand before. So thank you!
And if the consequences is that the police comes at their doors and ordering them to comply, then what exactly has Github achieved? It's easy to be a keyboard warrior and taking an idealistic stance.