github/dmca
1
Fork 0
mirror of https://github.com/github/dmca.git synced 2025-06-18 17:05:41 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
dmca/2023/07/2023-07-26-ota.md
dmca-sync-bot fdbea4afa6 Process DMCA request
2023-07-27 18:16:16 +00:00

7.4 KiB
Raw Permalink Blame History

While GitHub did not find sufficient information to determine a valid anti-circumvention claim, we determined that this takedown notice contains other valid copyright claim(s).

Are you the copyright holder or authorized to act on the copyright owner's behalf?

Yes, I am authorized to act on the copyright owner's behalf.

Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?

Yes

Please provide the Zendesk ticket number of your previously submitted notice. Zendesk ticket numbers are 7 digit ID numbers located in the subject line or body of your confirmation email.

2254833

Does your claim involve content on GitHub or npm.js?

GitHub

Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.

Authorization to act on behalf of Purple Ventures Company Limited
We, Purple Ventures Company Limited, with our registered office at [private] ("Client"), is the copyright owner of the Online Travel Application (OTA) and accordingly, all the source code therein. We hereby authorise you, Publicis Sapient and all its affiliates under the Publicis Groupe organisation including the Publicis Global Security Office team as our agent to act on our behalf to submit a DMCA takedown request to GitHub for them to take down the repository known as "GitHub - vivekanon/ota" and to provide Github with additional information regarding the takedown request, as and when it is required.

Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.

The original copyrighted work that has been infringed here is the code for OTA app and accordingly all the source code within that is owned by PPV.
The said copyrighted work is the proprietary work owned by PPV and it's not available for public.
It has recently come to our attention that a user by name vivekanon on GitHub has created a repository and copied some sensitive code (relating to OTA app) on to his GitHub repository which is owned by Purple Ventures Company Limited. The repository contains the code for OTA app.
The owner of the repo has uploaded the content containing references to our client.
We are not able to identify the owner of the repo hence reached out for your support.
OTA is “Online Travel application that Publicis Sapient has built for their client-Purple Ventures. This application is used in Thailand to book hotels & flights. The client-Purple Ventures is the copyright owner of the OTA and accordingly all the source code within.”
The relevant URLs which would be helpful to explain the relationship between Publicis Sapient (the developer of OTA apps (known as [private]) for Purple Venture), Purple Venture (the copyrighted owner of the OTA apps), [private], and OTA apps:-
[private]
[private]
[private]
[private]
[private]

What files should be taken down? Please provide URLs for each file, or if the entire repository, the repositorys URL.

https://github.com/vivekanon/ota
Apart from the name of the repository itself (OTA), we see multiple references for client in the repository, highlighted below. We have provided line by line reference as well as a brief description of the content, including each item identified as a security risk to the Client.
References:

Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our Complaints about Anti-Circumvention Technology if you are unsure.

Yes

What technological measures do you have in place and how do they effectively control access to your copyrighted material?

-Repositories : Private enterprise repo with limited access [private]
-Access control : Sync with Organization AAD and give at least privilege permissions per role per project by group with MFA enabled and conditional access

How is the accused project designed to circumvent your technological protection measures?

The GitHub's owner had proper rights to work in the repo of the project as a team member in that time that's mean he had rights to manage project's code by himself in developer role. So, it's not about processes and technologies flaws.

Have you searched for any forks of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.

We have already reached out to the user ([private]) who forked the repository from GitHub - vivekanon/ota.
Forked repository is deleted from GitHub from user account([private]).

Is the work licensed under an open source license?

No

What would be the best solution for the alleged infringement?

Reported content must be removed

Do you have the alleged infringers contact information? If so, please provide it.

We tried contacting him since he mentioned [private]company name on is GitHub profile but got no response and results.

I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.

I have taken fair use into consideration.

I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.

I have read and understand GitHub's Guide to Submitting a DMCA Takedown Notice.

So that we can get back to you, please provide either your telephone number or physical address.

PUBLICIS RE:SOURCES
[private]
[private]

Please type your full legal name below to sign this request.

[private]