mirror of
https://github.com/github/dmca.git
synced 2025-06-19 01:15:38 -04:00
Process DMCA request
This commit is contained in:
dmca-sync-bot
parent
88afd3a9c5
commit
1cfca5472d
122
2022/11/2022-11-01-sardine.md
Normal file
122
2022/11/2022-11-01-sardine.md
Normal file
@ -0,0 +1,122 @@
|
||||
While GitHub did not find sufficient information to determine a valid anti-circumvention claim, we determined that this takedown notice contains other valid copyright claim(s).
|
||||
|
||||
---
|
||||
|
||||
**Are you the copyright holder or authorized to act on the copyright owner's behalf?**
|
||||
|
||||
Yes, I am the copyright holder.
|
||||
|
||||
**Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?**
|
||||
|
||||
No
|
||||
|
||||
**Does your claim involve content on GitHub or npm.js?**
|
||||
|
||||
GitHub
|
||||
|
||||
**Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.**
|
||||
|
||||
I am [private] of Sardine ([private]) and I was just made aware that code for our Dashboard, which we are copyright owner, is on this site.
|
||||
|
||||
**Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.**
|
||||
|
||||
We believe there are several pages that includes our code to our Dashboard and we request that these pages be taken down immediately - https://github.com/wb-ts/sardine-dashboard
|
||||
https://github.com/CandyDEV1014/Sardine-Dashboard
|
||||
https://github.com/phuoctrung96/Sardine-Dashboard
|
||||
|
||||
These above three are copy of our internal IP, as of a few month ago. I believe that the people who post it were subcontractor of former contractor. of us. We were unaware of this former contractor was using subcontractor to perform work for Sardine. One of this subcontractor, [private] who threatened us in April about make our dashboard code public, which [private] has done so by posting on your site. We also have a copy of this email and will provide it you upon request.
|
||||
|
||||
**What files should be taken down? Please provide URLs for each file, or if the entire repository, the repository’s URL.**
|
||||
|
||||
https://github.com/wb-ts/sardine-dashboard
|
||||
https://github.com/CandyDEV1014/Sardine-Dashboard
|
||||
https://github.com/phuoctrung96/Sardine-Dashboard
|
||||
|
||||
**Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice#complaints-about-anti-circumvention-technology">Complaints about Anti-Circumvention Technology</a> if you are unsure.**
|
||||
|
||||
Yes
|
||||
|
||||
**What technological measures do you have in place and how do they effectively control access to your copyrighted material?**
|
||||
|
||||
Technical and organisational security measures implemented by Sardine:
|
||||
|
||||
Organisational safeguards:
|
||||
Sardine has a full-time team dedicated to our security, compliance, and privacy program. Sardine’s security program is based on NIST 800-53 and we annually review our security program along with our policies and standards. Sardine has appointed one or more officers responsible for coordinating and monitoring the information technology rules and procedures.
|
||||
Sardine maintains SOC 2 Type II certification to demonstrate our security posture and commitment to security. It is audited annually by a qualified, external third-party.
|
||||
|
||||
Data security:
|
||||
Sardine maintains and enforces various policies, standards, processes, and controls to secure data, based on the NIST 800-53 framework.
|
||||
Access is limited to data, and in some cases, such as credit card numbers, no employee has routine access.
|
||||
Sardine has data security controls in place to do the following:
|
||||
Prevent unauthorized persons from gaining access to data processing systems (physical access control).
|
||||
Prevent data processing systems from being used without authorization (logical access control).
|
||||
Ensure that persons entitled to use data processing systems gain access only to such data as they are entitled to access in accordance with their access rights (data access control).
|
||||
Ensure that data cannot be read, copied, modified, or deleted without authorization during electronic transmission, transport or storage and that the target entities for any transfer of data by means of data transmission facilities can be established and verified (data transfer control).
|
||||
Ensure the establishment of an audit trail to document whether and by whom data has been entered into, modified in or removed from processing (entry control).
|
||||
Ensure that data is processed solely in accordance with the Instructions of the Data Controller (control of instructions).
|
||||
Ensure that data is protected against accidental destruction or loss (availability control).
|
||||
Ensure that data collected for different purposes can be processed separately (separation control).
|
||||
Sardine conducts annual risk assessments to review and revise its information security practices and whenever there is a material change in Sardine’s business practices.
|
||||
|
||||
Physical security:
|
||||
Sardine does not have any physical facilities.
|
||||
Should Sardine have facilities in the future, we will maintain commercially reasonable security at all of our facilities, including badged access and cameras, and will not store Customer data in any of our facilities, including backups.
|
||||
|
||||
Security controls:
|
||||
Sardine’s security program consists of many security policies, procedures, and controls. The following list highlights many of them:
|
||||
Application Security. Sardine utilizes a Secure Development Lifecycle based on the OWASP Software Assurance Maturity Model (SAMM). (Formerly known as OpenSAMM)
|
||||
Vendor Security. Sardine reviews and approves all vendors and sub-contractors that handle Personal Data to ensure they have appropriate security controls and reviews them periodically to ensure ongoing compliance.
|
||||
Media Destruction. When media are to be disposed of or reused, procedures have been implemented to prevent any subsequent retrieval of any Personal Data stored on them before they are withdrawn from the inventory. When media are to leave the premises at which the files are located as a result of maintenance operations, procedures have been implemented to prevent undue retrieval of Personal Data stored on them.
|
||||
Risk Rated Assets. Sardine has security policies and procedures to classify sensitive information assets, clarify security responsibilities and promote awareness for employees.
|
||||
Incident Response. All Security Incidents are managed in accordance with appropriate incident response procedures.
|
||||
Network Security. Sardine maintains network security using commercially available equipment and industry standard techniques, including firewalls, intrusion detection and/or prevention systems, access control lists and routing protocols.
|
||||
Access Control. Sardine will maintain appropriate access controls, including, but not limited to, restricting access to Personal Data to the minimum number of Sardine personnel who require such access.
|
||||
Least Privilege. Access rights are implemented adhering to the “least privilege” approach. Only authorized staff can grant, modify or revoke access to an information system that uses or houses Personal Data.
|
||||
User Roles. User administration procedures define user roles and their privileges, and how access is granted, changed and terminated; address appropriate segregation of duties and define the logging/monitoring requirements and mechanisms.
|
||||
Unique Logins. All employees of Sardine are assigned unique User IDs.
|
||||
Secure Passwords. Sardine implements commercially reasonable physical and electronic security to create and protect passwords.
|
||||
Encryption. Sardine encrypts, using industry-standard encryption tools, all Sensitive Information in transit and at rest. Sardine safeguards the security and confidentiality of all encryption keys associated with encrypted Sensitive Information.
|
||||
Virus and Malware Controls. Sardine utilizes anti-virus and malware protection software to protect Sensitive Data from anticipated threats or hazards and protect against unauthorized access to or use of Personal Data.
|
||||
Training. Sardine requires personnel to comply with its Information Security Program prior to providing personnel with access to Sensitive Information. Sardine implements a security awareness program to train personnel about their security obligations. This program includes training about data classification obligations, physical security controls, security best practices, and security incident reporting.
|
||||
Business Continuity. Sardine implements appropriate disaster recovery and business continuity plans. Sardine regularly reviews and updates its business continuity plan to ensure it is current and effective.
|
||||
|
||||
**How is the accused project designed to circumvent your technological protection measures?**
|
||||
|
||||
A former contractor used a subcontractor ([private]) without our knowledge or consent. This subcontractor was upset that this former contractor did not pay him. [private] then
|
||||
|
||||
**<a href="https://docs.github.com/articles/dmca-takedown-policy#b-what-about-forks-or-whats-a-fork">Have you searched for any forks</a> of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.**
|
||||
|
||||
Yes. We found those three, which are listed below.
|
||||
https://github.com/wb-ts/sardine-dashboard
|
||||
https://github.com/CandyDEV1014/Sardine-Dashboard
|
||||
https://github.com/phuoctrung96/Sardine-Dashboard
|
||||
|
||||
**Is the work licensed under an open source license?**
|
||||
|
||||
No
|
||||
|
||||
**What would be the best solution for the alleged infringement?**
|
||||
|
||||
Reported content must be removed
|
||||
|
||||
**Do you have the alleged infringer’s contact information? If so, please provide it.**
|
||||
|
||||
[private] <[private]>
|
||||
|
||||
**I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.**
|
||||
|
||||
**I have taken <a href="https://www.lumendatabase.org/topics/22">fair use</a> into consideration.**
|
||||
|
||||
**I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.**
|
||||
|
||||
**I have read and understand GitHub's <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/">Guide to Submitting a DMCA Takedown Notice</a>.**
|
||||
|
||||
**So that we can get back to you, please provide either your telephone number or physical address.**
|
||||
|
||||
[private]
|
||||
|
||||
My address - [private]
|
||||
|
||||
**Please type your full legal name below to sign this request.**
|
||||
|
||||
[private]
|
||||
Loading…
Reference in New Issue
Block a user