GitLab ponders block on Russia, China employees in sensitive jobs after customer “concern”

Gitlab Logo
Gitlab Logo

GitLab has sparked a furore over whether to recruit individuals based in Russia or China for roles that involve access to customer data, and whether excluding these countries is “common practice” in the industry.

The company’s VP of engineering, Eric Johnson, last month opened an issue titled “WIP: Support Engineer Job family country-of-residence block”. Similar pages have been created covering DevSecOps, and compliance. The “issue” found its way to Hacker News over the weekend.

The support engineer page reads, “In e-group on Monday October 15, 2019 we took the decision to enable a ‘job family country-of-residence block’ for team members who have access to customer data. This is at the expressed concern of several enterprise customers, and also what is becoming a common practice in our industry in the current geopolitical climate.” The countries in question are China and Russia.

The pages discuss how the company can avoid making offers to individuals based in those countries, and prevent current team members moving to them, while “remaining in a role that prohibits it.” This is a particular problem for GitLab as the firm’s entire workforce works remotely.

While a block based on “permissions” would “force us to confront the possibility of creating a ‘second class of citizens’ on certain teams’ a country block is “the most humane solution at this time – especially because it affects zero current employees.”

Needless to say, the decision has set off a flurry of comment, not least from the GitLab’s director of global risk and compliance, Candice Cirsei, who noted that the firm isn’t actually prohibited from doing business in those countries – though is in Crimea.

“If management decides to move forward, then I suggest that, at minimum, an objective standard be established to determine when and if countries are to be barred. This will ensure all countries without legal prohibitions are afforded equal and fair consideration,” she added.  She also notes that the US ranks number two for hackers.

Needless to say, there are plenty of contributions from people in the countries concerned, and trenchant opinions from both supporters and opponents of the proposal. 

Tempers are even more frayed on the Hacker News thread – which GitLab CEO Sid Sibrandij, joined, saying: “Please note that we’re still discussing this change. We work out in the open so you can see us working on it.

“I hope that people appreciate the difference between that and what you would see in a non-transparent company (probably nothing, they would just not open up a vacancy in the offices in that country).”

He added there was no intention to block code from those countries. “Since we are an open core company that gets contributions from around the world”.

While the thread highlights a thorny internal issue for GitLab, it also raises a much bigger issue – are big tech companies, whether at the behest of their clients or not, blocking potential employees from China and Russia, either directly or via their suppliers?

We asked a number of companies whether it was indeed “common practice or not”. So far we’ve had one “no comment” and a lot of radio silence.