The agreement prohibits using GitHub's systems to send spam, conduct excessive automated bulk activity, relay unsolicited advertising, or operate get-rich-quick solicitation schemes.
This analysis describes what GitHub's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision restricts automated and bulk communications activity through GitHub infrastructure, which is relevant for organizations using GitHub Actions, bots, or API integrations for high-volume operations that may approach the threshold of prohibited bulk activity.
Interpretive note: The term 'excessive automated bulk activity' is not defined with a specific operational threshold, leaving the boundary between permissible high-volume automation and prohibited bulk activity subject to GitHub's discretionary interpretation.
Under this clause, using GitHub's systems to send unsolicited communications, operate bulk automated activity beyond permissible thresholds, or relay advertising solicitations is prohibited. API integrations and GitHub Actions workflows that involve high-volume outbound communications should be assessed against this restriction.
How other platforms handle this
You may not use Shopify's Services to send spam, unsolicited communications, or engage in harassment of any person. This includes using Shopify's email or messaging tools to send bulk unsolicited messages to consumers who have not opted in to receive communications from you.
You may not automatedly crawl or query the Services for any purpose or by any means (including, without limitation, screen and database scraping, spiders, robots, crawlers and any other automated activity with the purpose of obtaining information from the Services) unless you have received prior exp...
relate to transactions involving (f) the promotion of hate, violence, racial or other forms of intolerance that is discriminatory or the financial exploitation of a crime... (i) involve offering or receiving payments for the purpose of bribery or corruption.
Monitoring
GitHub has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You may not use our servers for any form of excessive automated bulk activity (including, for example, sending spam or cryptocurrency mining), to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our systems, such as get-rich-quick schemes.— Excerpt from GitHub's GitHub Acceptable Use Policies
1) REGULATORY LANDSCAPE: This provision engages the CAN-SPAM Act, which regulates commercial email and unsolicited bulk electronic messaging in the US. International equivalents include Canada's CASL and the EU's ePrivacy Directive. The FTC is the primary US enforcement authority for CAN-SPAM violations. 2) GOVERNANCE EXPOSURE: Low to Medium. The prohibition on spam and unsolicited advertising is standard across developer platform acceptable use policies. The reference to 'excessive automated bulk activity' without a defined threshold creates interpretive uncertainty for organizations running high-volume legitimate automation. 3) JURISDICTION FLAGS: Organizations operating across jurisdictions should assess whether their GitHub-mediated communications comply with CASL (Canada) and ePrivacy requirements (EU) in addition to CAN-SPAM. The 'get-rich-quick schemes' reference may also engage FTC regulations on deceptive marketing practices. 4) CONTRACT AND VENDOR IMPLICATIONS: Marketing automation workflows, CI/CD-triggered notification systems, and API-driven bulk operations should be reviewed to confirm they do not constitute prohibited bulk activity under this provision. GitHub's API rate limiting policies should be reviewed alongside this prohibition. 5) COMPLIANCE CONSIDERATIONS: Legal teams should confirm that any automated notification, alerting, or communication workflows integrated with GitHub comply with applicable anti-spam laws and do not constitute prohibited bulk activity under the AUP.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision restricts automated and bulk communications activity through GitHub infrastructure, which is relevant for organizations using GitHub Actions, bots, or API integrations for high-volume operations that may approach the threshold of prohibited bulk activity.
Under this clause, using GitHub's systems to send unsolicited communications, operate bulk automated activity beyond permissible thresholds, or relay advertising solicitations is prohibited. API integrations and GitHub Actions workflows that involve high-volume outbound communications should be assessed against this restriction.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by GitHub.