GitHub joins amicus brief warning of systemic risk from private sector offensive actors
Today, GitHub joined an amicus brief in NSO v. WhatsApp, opposing the expansion of foreign sovereign immunity to private cyber-surveillance companies that act on behalf of foreign governments. GitHub joined…
Today, GitHub joined an amicus brief in NSO v. WhatsApp, opposing the expansion of foreign sovereign immunity to private cyber-surveillance companies that act on behalf of foreign governments. GitHub joined alongside Cisco, Google, LinkedIn, Microsoft, VMware, and the Internet Association against immunity for private sector offensive actors (PSOAs). Law and policy shape the software ecosystem. A policy of immunity would increase systemic risk to the ecosystem by fostering the cyber-surveillance tools market and expanding the use of such tools by governments, including in attacks on individuals and infrastructure.
At GitHub we are committed to building the global platform for developer collaboration—one that everyone can use to secure the world’s software, together. GitHub helps developers stay ahead of security issues, leverage the community’s security expertise, and use open source securely. GitHub stands against hoarding and selling exploits and attack or surveillance tools. Such tools could be used not only to infiltrate GitHub, but the millions of developers and open source projects which rely on our platform, and the software supply chain which depends on them.
We call on governments to help developers decrease systemic risk, including:
- Adopting the best tools and practices for secure software development
- Helping fund open source security projects
- Adhering to principles that increase trust and security in cyberspace
- Protecting legitimate security researchers
Immunity for cyber-surveillance companies that turn best practices on their heads, hoarding vulnerabilities to use in attacks rather than collaborating with upstream to fix, would be a step in the wrong direction.
Written by
Related posts

Explore the best of GitHub Universe: 9 spaces built to spark creativity, connection, and joy
See what’s happening at Universe 2025, from experimental dev tools and career coaching to community-powered spaces. Save $400 on your pass with Early Bird pricing.

Agents panel: Launch Copilot coding agent tasks anywhere on GitHub
Delegate coding tasks to Copilot and track progress wherever you are on GitHub. Copilot works in the background, creates a pull request, and tags you for review when finished.

Q1 2025 Innovation Graph update: Bar chart races, data visualization on the rise, and key research
Discover the latest trends and insights on public software development activity on GitHub with the quarterly release of data for the Innovation Graph, updated through March 2025.