GitHub launches Copilot for a Business plan as legal questions remain Unresolved

GitHub’s new service, GitHub Copilot, is now available for enterprise users. This intelligent line-of-code-suggesting feature has only been available for individual users and educators until now.

GitHub’s new business plan, Copilot for Business, comes with a corporate license and policy controls. It costs $19 per user per month and includes all the features in the single-license Copilot tier.

This update includes a toggle that lets IT administrators prevent code suggestions from being displayed to developers if it matches public code on GitHub. This is likely in response to the intellectual property controversies surrounding Copilot.

Copilot is a software extension that helps developers write code by suggesting additional lines and functions based on an AI model called Codex. The codex was developed by OpenAI using billions of lines of public code as training data. Copilot is available for download in Microsoft Visual Studio, Neovim, and JetBrains development environments.

With over 400,000 subscribers as of August, Copilot is an AI-powered programming assistant that can help developers find the right solution to their problems. Just describe what you want to accomplish (e.g., “Say hello world”) and Copilot will surface the right approach or solution from its knowledge base, taking into account the current context.

Some of the code that Codex was trained on is copyrighted or has a restrictive license, which some advocacy groups are not happy about. Users have found that they can get Copilot to generate code from Quake, code snippets in personal codebases, and example code from books like “Mastering JavaScript” and “Think JavaScript”; GitHub itself admits that Copilot suggestions match the training data about 1% of the time for snippets longer than ~150 characters.

GitHub states that fair use, which permits the use of copyrighted material without having to first get permission from the rights holder, protects it if Copilot was unknowingly or deliberately created using copyrighted code. However, not everyone agrees with this.

The Free Software Foundation, a nonprofit dedicated to the free software movement, has denounced Copilot as “unacceptable and unjust.”

Microsoft, GitHub, and OpenAI are being sued for allegedly allowing Copilot to use sections of code from licensed programs without giving credit, the lawsuit says.

If GitHub is found blameless, some legal experts argue that Copilot could still put companies at risk. This would happen if they unknowingly used suggestions from the tool that turned out to be copyrighted material in their finished software product.

As Elaine Atwell explains on Kolide’s corporate blog, since Copilot strips code of its licenses, it can be tough to discern which code is okay to deploy and which might have Terms of Use that don’t line up.

GitHub’s way of fixing this is with a filter on the Copilot platform that was first introduced in June. This checks code suggestions and compares them to public GitHub code, hiding any suggestions that match or are pretty similar. Even though it sounds good in theory, it doesn’t always work correctly.

Tim Davis, a computer science professor at Texas A&M University discovered that by enabling the filter, Copilot produced large segments of his copyrighted code which included all attribution and license text.

GitHub hopes to roll out new features in 2023 that would help developers better understand Copilot’s suggestions. This will include the ability to cross-reference code strings with public repositories.

Lastly, GitHub promises that for Business customers, they won’t store code snippets for training or exchange any code– even if the data derives from public repositories, private repositories, non-GitHub repositories, or simply local files.

Nevertheless, it is ambiguous if those methods will be adequate to diminish corporates’ worries about potential lawsuits.

As of now, it’s unclear whether Copilot for business plan will be a hit or miss. We’ll have to wait and see how things unfold. Meanwhile, developers and companies should still be wary of using the tool without taking necessary precautions.

Leave a Comment