Update trade controls FAQ (#17137)

Kathy Korevec · mlinksva · lyhashim · web-flow · commit 6e93c5bd1f7a · 2021-01-05T09:58:06.000-08:00
* updates to trade controls Made updates to the trade controls FAQ to support the 1/5 launch. * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Mike Linksvayer <mlinksva@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Mike Linksvayer <mlinksva@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Mike Linksvayer <mlinksva@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com> * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Lynn Hashimoto <lyhashim@github.com> * Update content/github/site-policy/github-and-trade-controls.md * incorporate overview changes this commit incorporates the changes made to the overview section. cc @lyhashim for 👀 * Update content/github/site-policy/github-and-trade-controls.md Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com> Co-authored-by: Mike Linksvayer <mlinksva@github.com> Co-authored-by: Lynn Hashimoto <lyhashim@github.com> Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com>
diff --git a/content/github/site-policy/github-and-trade-controls.md b/content/github/site-policy/github-and-trade-controls.md
@@ -11,9 +11,9 @@ versions:
 
 GitHub.com, GitHub Enterprise Server, and the information you upload to either product may be subject to trade control regulations, including under the U.S. Export Administration Regulations (the EAR).
 
-GitHub’s vision is to be the global platform for developer collaboration, no matter where developers reside. We take seriously our responsibility to examine government mandates thoroughly to be certain that users and customers are not impacted beyond what is required by law. This includes keeping public repositories services, including those for open source projects, available and accessible to support personal communications involving developers in sanctioned regions.
+GitHub’s vision is to be the global platform for developer collaboration, no matter where developers reside. We take seriously our responsibility to examine government mandates thoroughly to be certain that users and customers are not impacted beyond what is required by law. This includes keeping public repository services, including those for open source projects, available and accessible to support personal communications involving developers in sanctioned regions. This also means GitHub will advocate for developers in sanctioned regions to enjoy greater access to the platform and full access to the global open source community.
 
-To comply with U.S. trade control laws, GitHub made some required changes to the way we conduct our services. As U.S. trade controls laws evolve, we will continue to work with U.S. regulators about the extent to which we can offer free code collaboration services to developers in sanctioned markets. We believe that offering those free services supports U.S. foreign policy of encouraging the free flow of information and free speech in those markets. For more insight on our approach and how sanctions affect global software collaboration, read our [blog on sanctions](https://github.blog/2019-09-12-global-software-collaboration-in-the-face-of-sanctions/).
+As a result of our advocacy and hard work with U.S. regulators, GitHub has secured a license from the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) to restore our cloud services to developers in Iran. And we will continue to work with U.S. regulators to secure similar licenses to offer collaboration services to developers in Syria and Crimea. We are committed to advocating for the broadest possible developer access, as we believe offering code collaboration services for developers in sanctioned regions makes the global developer community stronger, advances human progress, and supports the enduring U.S. foreign policy of promoting free speech and the free flow of information.
 
 Although we've provided the following information below for your convenience, it is ultimately your responsibility to ensure that your use of GitHub's products and services complies with all applicable laws and regulations, including U.S. export control laws.
 
@@ -25,9 +25,9 @@ Under our [Terms of Service](/articles/github-terms-of-service), users may only
 
 Users are responsible for ensuring that the content they develop and share on GitHub.com complies with the U.S. export control laws, including the EAR and the U.S. International Traffic in Arms Regulations (ITAR). The cloud-hosted service offering available at [GitHub.com](https://github.com) has not been designed to host data subject to the ITAR and does not currently offer the ability to restrict repository access by country. If you are looking to collaborate on ITAR- or other export-controlled data, we recommend you consider [GitHub Enterprise Server](https://enterprise.github.com), GitHub's on-premises offering.
 
-U.S. trade control laws restrict what GitHub.com services can be made available to users in certain countries and territories. GitHub may allow users in or ordinarily resident in countries and territories subject to U.S. sanctions to access certain free GitHub.com services for personal communications in accordance to authorizations issued by the U.S. Treasury Department’s Office of Foreign Assets Controls (OFAC). Persons in or ordinarily resident in these countries and territories are prohibited from using IP proxies, VPNs, or other methods to disguise their location when accessing GitHub.com services, and may only use GitHub.com for non-commercial, personal communications.
+GitHub now has a license from OFAC to provide cloud services to developers located or otherwise resident in Iran. This includes all public and private services for individuals and organizations, both free and paid.
 
-Specially Designated Nationals (SDNs) and other denied or blocked parties under U.S. and other applicable law are prohibited from accessing or using GitHub.com. Additionally, users may not use GitHub.com for or on behalf of such parties, including the Governments of sanctioned countries. Furthermore, GitHub.com may not be used for purposes prohibited under applicable export control laws, including prohibited end uses described in [17 CFR 744](https://www.ecfr.gov/cgi-bin/text-idx?SID=ad384e1f1e017076f8c0136f322f0a4c&mc=true&node=pt15.2.744&rgn=div5).
+Specially Designated Nationals (SDNs), other denied or blocked parties under U.S. and other applicable law, and certain government officials, may be restricted from accessing or using GitHub.com. Additionally, users may not use GitHub.com for or on behalf of such parties, including the Governments of sanctioned countries. Furthermore, GitHub.com may not be used for purposes prohibited under applicable export control laws, including prohibited end uses described in [17 CFR 744](https://www.ecfr.gov/cgi-bin/text-idx?SID=ad384e1f1e017076f8c0136f322f0a4c&mc=true&node=pt15.2.744&rgn=div5)
 
 #### GitHub Enterprise Server
 
@@ -41,7 +41,7 @@ GitHub Enterprise Server may not be sold to, exported, or re-exported to any cou
 
 #### On which countries and territories are U.S. government sanctions applied?
 
-Crimea, Cuba, Iran, North Korea, and Syria.
+Crimea, Cuba, Iran, North Korea, and Syria. With respect to Iran, however, GitHub now has a license from the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) to provide cloud services to developers located or otherwise resident in that country.
 
 #### How is GitHub ensuring that folks not living in and/or having professional links to the sanctioned countries and territories still have access or ability to appeal?
 
@@ -55,23 +55,23 @@ Travel in these regions may impact your account status, but availability may be
 
 #### What is available and not available?
 
+GitHub now has a license from OFAC to provide cloud services to developers located or otherwise resident in the U.S.-sanctioned country of Iran. The license includes all public and private services for individuals and organizations, both free and paid. However, Specially Designated Nationals (SDNs), other denied or blocked parties under U.S. and other applicable law, and certain government officials may be restricted from accessing or using GitHub.
+
 GitHub is committed to continuing to offer free public repository services to developers with individual and organizational accounts in U.S.-sanctioned regions. This includes limited access to free services, such as public repositories for open source projects (and associated public Pages), public gists, and allotted free Action minutes, for personal communications only, and not for commercial purposes.
- 
-However, due to U.S. trade controls law restrictions, GitHub is unable to provide private repository services and paid services to accounts in U.S. sanctioned regions like North Korea, Iran, Syria, and Crimea. The restriction suspends access to private repository services and paid services, such as availability of free or paid private repositories, secret gists, paid Action minutes, Sponsors, and GitHub Marketplace services. 
 
-For paid organizational accounts in sanctioned regions, users may have limited access to their public repositories, which have been downgraded to archived read-only repositories. For free organizational accounts in sanctioned regions, however, users will continue to have full access to free public repositories for open source projects (and associated public Pages), public gists, and allotted free Action minutes.
+For paid organizational accounts in these sanctioned regions, users may have limited access to their public repositories, which have been downgraded to archived read-only repositories. For free organizational accounts in these sanctioned regions, however, users will continue to have full access to free public repositories for open source projects (and associated public Pages), public gists, and allotted free Action minutes.
 
-GitHub will continue advocating with U.S. regulators for the greatest possible access to free code collaboration services to developers in sanctioned regions, including free private repositories. We believe that offering those free services supports U.S. foreign policy of encouraging the free flow of information and free speech in those regions.
+GitHub will continue advocating with U.S. regulators for the greatest possible access to code collaboration services to developers in sanctioned regions, such as Syria and Crimea, including private repositories. We believe that offering those services advances human progress, international communication, and the enduring U.S. foreign policy of promoting free speech and the free flow of information.
 
 #### How do you define these specific users?
 
-If GitHub determines that a user or customer is located in a region that is subject to U.S. trade control restrictions, or a user is otherwise restricted under U.S. economic sanctions, then the affiliated account has been restricted to comply with those legal requirements. The determination of user and customer location to implement these legal restrictions are derived from a number of sources, including IP addresses and payment history. Nationality and ethnicity are not used to flag users for sanctions restrictions.
+If GitHub determines that a user or customer is located in a region that is subject to U.S. trade control restrictions for which GitHub does not yet have a license from the U.S. government, or a user is otherwise restricted under U.S. economic sanctions, then the affiliated account will be restricted to comply with those legal requirements. The determination of user and customer location to implement these legal restrictions are derived from a number of sources, including IP addresses and payment history. Nationality and ethnicity are not used to flag users for sanctions restrictions.
 
 #### How are organization accounts impacted?
 
-If an organization is based out of, or the key individuals or membership of an organization shows sufficient ties to, a sanctioned territory or country, or if the organization otherwise appears to be subject to U.S. economic sanctions, then the organization account and the affiliated owner account will be restricted. 
+If an organization is based out of, or the key individuals or membership of an organization shows sufficient ties to, a sanctioned territory or country for which GitHub does not yet have a license from the U.S. government, or if the organization otherwise appears to be subject to U.S. economic sanctions, then the organization account and the affiliated owner account will be restricted.
 
-The restriction suspends access to private repository services and paid services, such as availability of free or paid private repositories, secret gists, paid Action minutes, Sponsors, and GitHub Marketplace services. For paid organizational accounts associated with sanctioned regions, users may have limited access to their public repositories, which have been downgraded to archived read-only repositories. For free organizational accounts associated with sanctioned regions, users will continue to have full access to free public repositories for open source projects (and associated public Pages), public gists, and allotted free Action minutes.
+The restriction suspends access to private repository services and paid services, such as availability of free or paid private repositories, secret gists, paid Action minutes, Sponsors, and GitHub Marketplace services. For paid organizational accounts associated with such sanctioned regions, users may have limited access to their public repositories, which have been downgraded to archived read-only repositories. For free organizational accounts associated with such sanctioned regions, users will continue to have full access to free public repositories for open source projects (and associated public Pages), public gists, and allotted free Action minutes.
 
 #### Can trade-restricted users’ private repositories be made public?
 
@@ -81,3 +81,16 @@ Free individual account users can make restricted private repositories public, f
 
 Unfortunately, our understanding of the law does not give us the option to allow downloads or deletion of private repository content, until otherwise authorized by the U.S. government. We will strongly advocate, with U.S. regulators, for the right of trade-restricted users to secure the contents of their private repositories. We will also advocate for more availability of GitHub services for developers in sanctioned markets, and further underscore the importance of code collaboration in supporting personal communications for developers globally.
 
+#### Under the license GitHub has received from OFAC, which types of accounts will be available in Iran?
+
+The license we have secured includes all public and private services, for individuals and organizations, both free and paid.
+
+For example, a developer in Iran may sign up for a Free or Pro plan for their individual use, and an Iranian university may set up an organization account to collaborate with students.
+
+Specially Designated Nationals (SDNs), other denied or blocked parties under U.S. and other applicable law, and certain government officials may be restricted from accessing or using GitHub.
+
+If GitHub determines that an individual falls into a restricted category (SDNs, other blocked parties, or certain government officials), their account will be flagged and they will not be able to use any GitHub features. If they believe that they have been flagged in error, then they have the opportunity to appeal the flag by providing verification information to GitHub using our [individual account appeals request form](https://airtable.com/shrGBcceazKIoz6pY). If GitHub receives sufficient information to verify that the individual is not in a category restricted by U.S. economic sanctions, then the flag will be removed.
+
+#### Will Iranian GitHub users be able to use paid services under the license?
+
+Pursuant to the license we have received from OFAC, we are restoring all cloud services to Iranian users, including paid services. We accept all major credit cards, but third parties process payments for us, so payments are subject to the terms and conditions of our payment processors. Those third parties may include restrictions that block payments from Iran.
