Sheng Wu didn’t plan to write the code that underpins some of the biggest tech companies in the world. It was 2015, and he was just looking for a fun way to teach a friend how to program. He set up an open source project, looking to answer a question plaguing him in his day job: How to coordinate six unruly vendor companies with the internal system of his client, the telecommunications giant China Unicom? Wu knew he needed to build some kind of distributed system, so they could all work at the same time and see where errors were originating.

“It was chaos, and everyone blamed the others’ faults when the system went down,” said Wu. “So we thought: Maybe there is a technological solution we can build, at least to find the right one to blame.”

His project grew into the massive application management system known as Apache SkyWalking, now used by companies from Alibaba to Huawei. It wouldn’t have been possible without collaborating with other software engineers around the world on Microsoft’s GitHub, the world’s largest open source coding platform. Here, software developers host their code in public for all to see, and benefit from others around the world combing it over for errors. Wu’s project is one of thousands submitted by engineers in China, GitHub’s largest market outside of the U.S.; at Wu’s last count, 500 people around the world had contributed to SkyWalking’s code.

In 2020, nearly 10% of GitHub’s 56 million contributors came from China. GitHub has been a triumph there for parent company Microsoft, which bought the platform for $7.5 billion in 2018. With the departure of foreign social networks like Facebook and the rollback of Microsoft-owned LinkedIn’s services there, GitHub is now the last major foreign-owned platform accessible in China that hosts user-generated content — an unpredictable set of information that would normally be at risk of censorship, screening, and even summary blockage. Some users have referred to it as “the last land of free speech.” 

Though GitHub continues to provide an unparalleled bridge to the global open source community, China’s developers have begun to wear their reliance on the platform more uneasily. Adding to the mounting pressure is a tech policy environment that is increasingly challenging, even for China’s own top tech companies – including, from November 1, the new Personal Information Protection Law. Intended to protect citizens’ data and store it inside the country, the law applies to any company that transmits Chinese user data.

As an open source platform, GitHub is more in alignment with Chinese tech policy goals in general than LinkedIn was, said Kendra Schaefer, head of tech policy at Trivium China, a Beijing-based consultancy. But, she said, “Open source policy goals do not supersede online content and algorithm regulations. The rules that make it more difficult for platforms with social elements to do business will still apply, and Microsoft may still decide they don’t want to deal with them.”

Microsoft has spent decades cultivating deep roots in the Chinese tech community. The company’s research center in Beijing has incubated some of China’s top tech talent — including executives at Pinduoduo, Alibaba, Megvii, and Xiaomi — and its Windows operating system is in widespread use. But Microsoft has been selective about which services to roll out to consumers. It shied away from a local version of Outlook after the company was internationally criticized for removing the site of a well-known Chinese blogger.

Despite Microsoft’s careful efforts to seed goodwill and navigate the government’s preferences, China has still been a source of problems. In July, the hacking of Microsoft’s Exchange servers was attributed to groups directed by the Ministry of State Security – a year after the company pointed to Chinese groups, among others, as culprits in a separate set of cyberattacks

“Microsoft has increasingly lost trust and confidence in China. It’s not only about the company itself, but the wider geopolitics.”

In China, these accusations have been interpreted by some as a geopolitical ambush by the U.S., rather than the actions of a private company. The incident ignited concern in China’s tech community about Microsoft’s independence from Washington, said Yik Chan Chin, a computer scientist and professor at Beijing Normal University, to Rest of World. “Microsoft has increasingly lost trust and confidence in China,” said Chin. “It’s not only about the company itself, but the wider geopolitics.”

In early October, Microsoft-owned LinkedIn announced it would scale back its Chinese version — a social network for which it had been praised in the carefulness of its setup — and strip it down to little more than a job search app. In China, Microsoft still operates search engine Bing, which has long complied with government censorship requests and accounts for just 2.6% of Chinese search traffic; cloud-based software, including Azure, which is set to become the company’s biggest business; and GitHub, for which it does not operate a local office or staff in mainland China. Microsoft’s Windows remains one of the most widely used operating systems in the country, but the company has reported seeing very little revenue from its popularity. This month’s rollout of Windows 11 notably relied on the presence of a chip that is banned in China. 

GitHub is now one of just two foreign-owned platforms accessible in China that host user-generated content. The other is Amazon’s reviews platform.

The data privacy law is an extra compliance cost, and risk, for Microsoft. The new law claims extraterritorial jurisdiction over the processing of Chinese users’ data even if it happens outside of China, similar to the European Union’s General Data Protection Regulation (GDPR). That, along with escalating content censorship regulations, will “certainly put additional pressure,” said Trivium China’s Schaefer. “The headache for Microsoft may not be worth their time, and it is always possible that regulators come to feel like the risks outweigh the rewards.”

Dan Ives, an equity analyst at Wedbush Securities who advises multinational companies on their operations in China, told Rest of World that the new data privacy law, in combination with Beijing’s increasingly stringent regulations on even the country’s own tech companies, acts as a “one-two punch” that makes it nearly impossible for Microsoft to succeed in China. “From a data privacy and just overall regulatory environment,” said Ives, “It’s minimal upside, unlimited downside.”

Developers speaking to Rest of World expressed concern that the tensions would factor into whether Microsoft would keep GitHub accessible in China. They see the risk as one of international politics, not domestic censorship. “Blocking is not the real issue,” said SkyWalking founder Wu. “The real concern is about the relationship between the U.S. government and the Chinese government. GitHub has to follow the laws of the U.S. government.”

Microsoft did not respond, and GitHub declined to comment.

The Chinese government has tried to reduce developers’ reliance on GitHub by championing a homegrown platform, Gitee. In March, popular U.S.-based code repository GitLab licensed its technology to Chinese entity JiHu. The two do not share any internal systems, infrastructure, or data, in a move that seems tailor-made for GitLab to gain a stronger foothold in the Chinese market while complying with regulations.

Since its endorsement by one of China’s top tech policymaking bodies in July 2020, Gitee has added 5 million code repositories and topped 6 million developers, bringing the platform roughly level with the number of Chinese contributors on GitHub. 

Developers told Rest of World that Gitee has a key advantage: speed. “In China, the user’s experience on Gitee is better because GitHub’s server is in the United States,” said Joe Zou, a programmer who maintains the distributed management system Apollo. “Accessing it from China is slower.” 

Huabing Zhao, a software engineer at Tencent Cloud, invoked a longstanding conversation in the open source community: Shouldn’t a global open source repository be stewarded by an entity independent of any one nation, or, at the very least, a nonprofit organization, rather than a private corporation? “Maybe, one day, the U.S. government would issue some kind of restriction, so Chinese software developers may not use it anymore,” said Zhao. “I hope this day will not come.”

To assuage their concerns, Wu said that, for some essential blocks of code, developers set up a dual-sided system that mirrors the code from GitHub to a site hosted in China, like Gitee. Chinese developers like GitHub “from a tech perspective,” said Wu. “But we still have to face that the political issue is out there.”

Though it has been blocked by some Chinese web browsers in the past, GitHub has so far proved too essential to China’s tech industry to be banned entirely. And while Microsoft has been willing to comply with censorship requests for content on Bing and LinkedIn, GitHub has been host to a series of protests and organizing actions, largely without the censorship of Chinese social media. 

But the censors are still watching. In August this year, two activists who used the platform to create a repository of banned coronavirus-related content were detained and later sentenced for “picking quarrels,” a charge associated with criticism of the government. More recently, over the past two weeks, thousands of employees at China’s biggest tech companies have registered their working hours in a massive database posted on GitHub called “Working Time” to bring attention to the industry’s grueling work culture. The effort, notably hosted on Tencent and organized on messaging service QQ, catalogued more than 6,000 entries before links to the GitHub repository were blocked on Chinese social media. 

“The real concern is about the relationship between the U.S. government and the Chinese government. GitHub has to follow the laws of the U.S. government.”

The Working Time page calls back to a 2019 effort on GitHub dubbed 996.ICU, a darkly humorous reference to working from 9 a.m. to 9 p.m., six days a week, a schedule that would likely land employees in the intensive care unit. Though blocked on some Chinese browsers, 996.ICU ultimately provoked a conversation about labor and the price of national development – something which saw state media remind tech giants that 996 requirements are technically against the law, and which caught the attention of China’s tech policymakers freshly concerned with “common prosperity.”

The tech workers themselves have grown savvier and more adept at playing “boundary ball,” a term used online in China for activity that tests the limits of an ever-shifting boundary. “Both campaigns [tried] to frame their struggle against working overtime as abiding by the law; 996.ICU framed their campaign as a demand to tech companies to follow the labor law,” JS Tan, a researcher at nonprofit-funded research project Collective Action in Tech, told Rest of World.

Policymakers, too, have been promoting open source technology as an essential tool for the country’s digital development. “Unlike LinkedIn, GitHub helps to serve several of China’s policy goals,” Schaefer at Trivium China pointed out. “The world’s biggest open source software projects rarely consider the needs of Chinese users and developers, and the only way to mitigate that is to have Chinese developers actively contribute source code, provide feedback on open source projects.”

Rui Ma, the founder of consultancy Tech Buzz China, described GitHub’s potential to adapt. “If GitHub wanted to play by China’s rules, then it should do [comparatively] well,” she said to Rest of World, “because it’s leveraging its core asset — the global community of open source software developers. It’s useful, and perhaps uniquely useful, to many more developers in China than LinkedIn.”

Sheng Wu named his open source solution “SkyWalking” after the glass walkway over the Grand Canyon with a bird’s-eye view of the entire landscape. As a platform, a glass walkway may also be a way to the future that GitHub’s China users are trying to avoid: dependent on it to reach a goal, in full view of a threatening drop.