Merge pull request #121 from github/anti-bribery-and-events

Add anti-bribery and events policies

Author: vollmera

Policies/github-anti-bribery-statement.md

@@ -0,0 +1,50 @@
+---
+title: GitHub Anti-Bribery Statement
+---
+GitHub upholds our commitment to ethical business practices, including by prohibiting bribery and corruption. As [Transparency International](https://www.transparency.org/what-is-corruption#costs-of-corruption) explains, the costs of corruption are
+- **political**, by posing a major obstacle to democracy and the rule of law
+- **economic**, by depleting national wealth
+- **social**, by undermining people’s trust in political society, institutions, and leaders
+- **environmental**, by facilitating non-enforcement of environmental laws and regulations.
+
+According to the [World Bank](http://www.worldbank.org/en/topic/governance/brief/anti-corruption) in 2017, businesses and individuals pay an estimated $1.5 trillion in bribes each year.
+
+### GitHub policies prohibiting bribery
+
+GitHub makes our anti-bribery commitment clear in a number of company policies.
+
+GitHub's **Code of Ethics** prohibits employees and contractors from engaging in or contributing to bribery or corruption, and establishes record-keeping requirements:
+
+>You must never pay, offer to pay, promise to pay, induce, accept, or authorize bribes, kickbacks or other improper cash payments, or anything else of value (such as gifts, travel, or entertainment) to or from anyone (including, but not limited to, government officials, civil servants or anyone else in a position of power or authority), to improperly influence them or you in obtaining or retaining business involving GitHub. [GitHub employees] are required to keep accurate and fair records of all transactions involving any expense made on GitHub’s behalf—e.g., by keeping receipts and providing accurate descriptions of your expenses—or any other transaction involving the disposal or transfer of GitHub assets. Such actions are required by the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act of 2010, and anti-bribery laws of other jurisdictions in which GitHub does business and are also simply the right thing to do.
+
+>While GitHub encourages its employees to make charitable contributions, you must never make a charitable contribution as a means of influencing a government official.
+
+GitHub's Standards of Conduct prohibit:
+>Bribing government officials or other individuals to gain an unfair advantage, and taking bribes from anyone.
+
+GitHub’s **Gifts and Entertainment Policy** explains that bribery is not permitted in connection with travel or entertainment, and provides examples to illustrate improper conduct. The policy describes proper and improper gifts, travel, and entertainment expenses; company processes for gift-giving by GitHub’s directors, officers, employees, and agents and requirements for record-keeping, penalties; and reporting of violations. It includes clear monetary thresholds for gifts along with annual limitations, with limited exceptions for gifts approved by appropriate management. The policy is clear and easily accessible to GitHub employees and contractors.
+
+### Training for our employees
+
+GitHub employees are required to participate in training on corruption, including bribery. We also provide additional training for particularly relevant people and teams, such as our sales team. The training explains relevant elements of the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act of 2010. For example,
+- definition and structural effects of corruption
+- who is covered, including
+   - public officials or others in a position of power
+   - third parties
+- what kind of activity is covered, including
+   - cash, gifts, travel, and entertainment
+   - facilitation payments
+   - charitable contributions and sponsorship
+- for what purpose, including
+   - intent
+   - improper advantage or influence
+- due diligence and red flags
+- record-keeping requirements
+
+In addition, the training covers GitHub’s internal policies related to anti-corruption and bribery, including our non-retaliation (whistleblower) policy.
+
+While the U.S. FCPA is focused on interactions with government officials, the U.K. Bribery Act is broader and extends to bribing anyone, regardless of whether they are a government official. Both laws can extend to GitHub’s actions elsewhere on the globe. GitHub’s policies prohibit bribing anyone, anywhere in the world.
+
+### Engaging our Partners
+- GitHub’s standard **resale agreements with Partners** include mandatory anti-corruption clauses. Going forward, GitHub now requires our Channel Partners to commit to complying with this Anti-Corruption Statement.
+- Going forward, GitHub’s **vendor contracts** now require a commitment to comply with this Anti-Corruption Statement.

Policies/github-event-code-of-conduct.md

@@ -0,0 +1,44 @@
+---
+title: GitHub Event Code of Conduct
+---
+GitHub events are community events intended for networking and collaboration in the tech community.
+
+We value the participation of each member and want all attendees to have an enjoyable and fulfilling experience. Accordingly, all attendees are expected to show respect and courtesy to other attendees throughout all events hosted in the GitHub space.
+
+To make clear what is expected, all attendees, speakers, exhibitors, organizers, and volunteers at any event in the GitHub space are required to conform to the following Code of Conduct. Organizers will enforce this code throughout the event.
+
+### Code of Conduct
+
+GitHub is dedicated to providing a positive and harassment-free event experience for everyone, regardless of age, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, ethnicity, race, religion, nationality, or level of experience. We do not tolerate harassment of event participants in any form, nor do we tolerate any behavior that would reasonably lead to another event participant being made to feel unsafe, insecure, or frightened for their physical or emotional well-being. All communication should be appropriate for a professional audience including people of many different backgrounds.
+
+Examples of encouraged behavior that contributes to a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for everyone at the event
+* Showing empathy towards other participants
+
+Unacceptable behavior includes:
+
+* The use of sexualized language or imagery, or inappropriate physical contact, sexual attention, or advances
+* Trolling, insulting or derogatory comments, personal or political attacks, or sustained disruption of talks or other events
+* Deliberate intimidation, stalking, following, or harassing photography or recording
+* Harassment of any kind, even in a joking or ironic manner
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+Be kind to others. Do not insult or put down other attendees. Behave professionally. Remember that harassment and sexist, racist, or exclusionary jokes are not appropriate at this event.
+
+Each event guest is entirely responsible for their own actions.
+
+Thank you for helping to make this a welcoming, friendly space for all.
+
+#### Reporting an incident
+
+If you are being harassed, notice that someone else is being harassed, or have any other concerns, please contact the organizer by email ([email protected]) or phone/text (+1 415 842 2837), or by speaking to another GitHub employee or a security officer.
+
+GitHubbers will be happy to help participants contact security or local law enforcement, escort to safety, or otherwise assist those experiencing harassment to feel safe for the duration of the conference. We value your attendance.
+
+### Credit
+
+Portions of this Code of Conduct are based on the [example anti-harassment policy](http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy) from the Geek Feminism wiki, created by the Ada Initiative and other volunteers, under a Creative Commons Zero license.

Policies/github-event-terms.md

@@ -0,0 +1,52 @@
+---
+title: GitHub Event Terms
+---
+
+By RSVP'ing or attending a GitHub event, including any of the events or activities organized by GitHub in association with the GitHub event (collectively the "Event"), you signal that you have read, understand, and agree to the following Event Terms and Conditions.
+
+### 1. Basic requirements to attend - including the [Event Code of Conduct](/articles/github-event-code-of-conduct)
+
+In order to participate in the Event, you represent that
+
+- you have the requisite power and authority to enter into these Event Terms
+
+- you have read and understood these Event Terms as well as the [GitHub.com Terms of Service](/articles/github-terms-of-service/)
+
+- you agree to abide by the [Event Code of Conduct](/articles/github-event-code-of-conduct), which seeks to provide a harassment-free experience for everyone
+
+- if alcohol is being served at a GitHub event, you represent that you are at least 21 years old, or otherwise over the legal drinking age in your jurisdiction.
+
+Participants asked to stop any harassing or other prohibited behavior are expected to comply immediately. If a participant engages in behavior that violates the [Event Code of Conduct](/articles/github-event-code-of-conduct) or these Terms, the event organizers may take any action they deem appropriate, including warning the offender or expulsion from the event or conference with no refund.
+
+### 2. Pictures
+
+GitHub or its partners sometimes take photos and videos at GitHub events. By participating or attending the Event, you agree that you may appear in some of these photos and videos, and you authorize GitHub's use of them. On the flip side, if you take any photos or videos of attendees at the Event and provide them to us, you authorize us to use them in the same fashion, and represent that the attendees that appear in your photos and videos have also consented to such use.
+
+### 3. Risk, liability, and indemnity
+
+#### Assumption of risk
+Although we try to create a safe environment at the Event, accidents or other bad things happen, even to good people. We ask that you do your part to help limit the possibility that you might get injured at the Event.
+
+You agree to carefully consider the risks inherent in any activities that you choose to take part in and to take reasonable precautions before you choose to attend or participate at a GitHub event. For example, you should ensure that you are in good physical health before engaging in any physical activity at a GitHub event, and you should always drink responsibly given the risks associated with drunk driving and participating in activities while your judgment is impaired. It's always good to remember that other event guests may be less responsible than you, and may themselves create additional risk to you despite their best intentions.
+
+In short, you understand that your attendance and participation at any GitHub event is voluntary, and you agree to assume responsibility for any resulting injuries to the fullest extent permitted under applicable law.
+
+By the same token, you agree that GitHub is not responsible for any injuries or accidents that you might sustain at any events that GitHub doesn't organize or control.
+
+#### Release of liability
+You (for yourself, your heirs, personal representatives, or assigns, and anyone else who might make a claim on your behalf) hereby release, waive, discharge and covenant not to sue GitHub and its respective parent companies, subsidiaries, affiliates, officers, directors, partners, shareholders, members, agents, employees, vendors, sponsors, and volunteers from any and all claims, demands, causes of action, damages, losses or expenses (including court costs and reasonable attorneys fees) which may arise out of, result from, or relate in any way to your attendance at the Event or any related event, except, of course, for any gross negligence or willful misconduct on our part.
+
+#### Indemnity
+By the same token, you agree to indemnify and hold GitHub, its parents, subsidiaries, affiliates, officers, directors, employees, agents and representatives harmless, including costs, liabilities and legal fees, from any claim or demand made by any third party due to, related to, or connected with your attendance or conduct at the Event or any related event.
+
+### 4. Termination
+
+While we hope not to, GitHub may prohibit your attendance at any GitHub event at any time if you fail to abide by these Event Terms and the [Event Code of Conduct](/articles/github-event-code-of-conduct), the [GitHub.com Terms of Service](/articles/github-terms-of-service/), or for any or no reason, without notice or liability of any kind. Section 4 will continue to apply following any termination.
+
+### 5. Choice of law and venue
+
+California law will govern these Event Terms, as well as any claim, cause of action or dispute that might arise between you and GitHub (a "Claim"), without regard to conflict of law provisions. FOR ANY CLAIM BROUGHT BY EITHER PARTY, YOU AGREE TO SUBMIT AND CONSENT TO THE PERSONAL AND EXCLUSIVE JURISDICTION IN, AND THE EXCLUSIVE VENUE OF, THE STATE AND FEDERAL COURTS LOCATED WITHIN SAN FRANCISCO COUNTY, CALIFORNIA.
+
+### 6. Miscellaneous terms
+
+You agree that you will not represent yourself as an employee, representative, or agent of GitHub (unless, of course, you are actually employed by GitHub). We reserve the right to cancel the Event or any related event at any time, for any reason, and without liability or prejudice. Any failure on GitHub's part to exercise or enforce any right or provision of these terms does not constitute a waiver of such right or provision. If any provision of these terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that the Event Terms shall otherwise remain in full force and effect and enforceable.

Policies/github-gifts-and-entertainment-policy.md

@@ -0,0 +1,60 @@
+---
+title: GitHub Gifts and Entertainment Policy
+---
+
+GitHub recognizes that our business is built on positive and transparent relationships. While informal interactions and exchanges of gifts may be part of developing those relationships and may even be considered customary in some countries, we need to ensure that we’re following anti-bribery laws. We have a legal obligation to behave ethically, including by not using such interactions to create a special advantage or influence a deal.
+
+### Company policies
+As a reminder, our Code of Ethics states:
+
+>You must never pay, offer to pay, promise to pay, induce, accept, or authorize bribes, kickbacks or other improper cash payments, or anything else of value (such as gifts, travel, or entertainment) to or from anyone (including, but not limited to, government officials, civil servants or anyone else in a position of power or authority), to improperly influence them or you in obtaining or retaining business involving GitHub. [GitHub employees] are required to keep accurate and fair records of all transactions involving any expense made on GitHub’s behalf—e.g., by keeping receipts and providing accurate descriptions of your expenses—or any other transaction involving the disposal or transfer of GitHub assets. Such actions are required by the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act of 2010, and anti-bribery laws of other jurisdictions in which GitHub does business and are also simply the right thing to do.
+
+>While GitHub encourages its employees to make charitable contributions, you must never make a charitable contribution as a means of influencing a government official.
+
+Our Standards of Conduct prohibit:
+>Bribing government officials or other individuals to gain an unfair advantage, and taking bribes from anyone.
+
+That means not only no cash or cash equivalent of any kind, but nothing of value, should be given to anyone (including civil servants, government officials, or anyone in a position of power or authority, as well as people not in any of those privileged positions) in order to influence them or taken from anyone to influence GitHub. Such activity is prohibited by the U.S. Foreign Corrupt Practices Act and UK Anti-Bribery laws, both of which govern GitHub’s actions globally.
+
+### Examples of acceptable and unacceptable gifts
+So what does “of value” mean? Keep in mind that no gifts are acceptable for government officials (ok, maybe stickers). You should always ask them what their policies permit and prohibit. But if in doubt, please run it by Legal to make sure. For example, many U.S. congresspeople will not let you take them out for dinner and pay.
+
+As for other customers or prospective customers, certain things might seem trivial but have great value to someone else. For example, although it might not seem like a big deal to you to get your friend’s daughter hired as an intern, it might be of huge value to them. But if she is not qualified and you pull strings to make it happen, then it isn't ok. In addition, if the intention is to improperly influence, anything, however small, might be considered "of value."
+
+:no_good_woman: _Here are some other things that aren't ok:_
+
+- First class airfare to GitHub offices for Executive Briefings ✈️+🍾
+- Winery tours 🍷
+- Recommending a friend’s kid to a prestigious private school for admission 🎓
+- Tickets to Disneyland 👸, the World Cup 🥅, the Olympics 🏅
+- A futbol ⚽️ autographed by a famous player
+- A contribution to a charity
+
+🙆 _Here is some stuff that is actually ok for customers or prospective customers:_
+
+- Swag
+- Economy class airfare to GitHub offices for Executive Briefings ✈️
+- Bleacher-type tickets to a sporting event ⚾️
+- A reasonably priced dinner in town 🍽
+- A small box of chocolates as an end of year thank you 🍫
+
+All of the above applies to _taking_ bribes too. So if a vendor or prospective vendor sends you something “of value,” don’t accept it—or at least run it by Legal before you do.
+
+### Process
+If you are planning to provide or accept an informal gift (that is not one of our promotional items like t-shirts and sticker swag), please make sure to do the following:
+
+1. Keep in mind that what's an acceptable amount can vary. For example, spending $50 on dinner might be considered a lot of money in some countries but not as much in others. So, when in doubt, ask! But generally speaking, for any expenses exceeding $150, you'll need approval (each time) from Legal in writing. And for any gifts you receive exceeding $150, you'll need to report that (each time) to Legal in writing. 
+
+Also - Legal is just weighing in on the bribery question. You might still need to check with Finance for other reasons.
+
+2. When you submit your expense report for reimbursement, please:
+- Indicate the recipient and the purpose of the gift in the notes; and
+- include a copy of the email approval
+
+### Consequences
+What happens if you don’t follow the policy and GitHub ends up paying for a prospective customer and his family to fly first class to Japan and attend the Tokyo Olympics? Or if you drop off a suitcase of Euros for a government official in a pre-arranged train station locker?
+
+FINES and JAIL. Not necessarily just for GitHub, either. You might get to spend a few years in jail, yourself, and it won’t matter if the customer ever submitted an order to GitHub after their trip to Japan or if the government official even picked up the suitcase of cash. Basically, it doesn’t matter whether you actually _made_ a bribe. Yoda notwithstanding, it’s the trying that counts.
+
+### More information
+For more information and context on rules, enforcement, and penalties, the U.S. Department of Justice’s [Resource Guide to the U.S. Foreign Corrupt Practices Act](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) is an excellent resource.