GitHub blocked developers in 5 sanctioned regions in July 2019

In July 2019, GitHub blocked developers in Iran, Syria, Crimea, Cuba, and North Korea from accessing their own repositories, citing United States export controls (S-0025).

When affected developers requested copies of their disabled repositories, GitHub responded in writing that it was "not legally able to send an export of the disabled repository content. I'm sorry for the frustration here, but GitHub must comply with U.S. export control laws and sanction requirements" (S-0025a).

Developers who had maintained local Git clones retained every commit, branch, and line of code from their disabled repositories. Developers who had relied exclusively on GitHub-hosted access lost access to their own work.

This is the cleanest available case demonstrating C-0016: the architectural tier is a property of the deployment, not of the software. Git is a Tier 3 protocol; GitHub is a Tier 1 deployment of it. Researchers who used Git as Tier 3 (kept local clones) preserved continuity. Researchers who used Git through GitHub as Tier 1 lost access on a single organizational decision they did not control.

The implication for research data is direct: any institution depositing data in a single hosted repository is, by deployment pattern, Tier 1 — regardless of whether the underlying repository software is Tier 3-capable. Recommendation R6 generalizes this: maintain at least one local clone and one content-addressed copy.