|
| 1 | +**Are you the copyright holder or authorized to act on the copyright owner's behalf? If you are submitting this notice on behalf of a company, please be sure to use an email address on the company's domain. If you use a personal email address for a notice submitted on behalf of a company, we may not be able to process it.** |
| 2 | + |
| 3 | +Yes, I am authorized to act on the copyright owner's behalf. |
| 4 | + |
| 5 | +**Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?** |
| 6 | + |
| 7 | +Yes |
| 8 | + |
| 9 | +**Please provide the Zendesk ticket number of your previously submitted notice. Zendesk ticket numbers are 7 digit ID numbers located in the subject line or body of your confirmation email.** |
| 10 | + |
| 11 | +3751550 |
| 12 | + |
| 13 | +**Does your claim involve content on GitHub or npm.js?** |
| 14 | + |
| 15 | +GitHub |
| 16 | + |
| 17 | +**Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.** |
| 18 | + |
| 19 | +[private] was a contractor of ICEO Lab ltd (a company registered in the [private] under company number [private] |
| 20 | +whose registered office is at : [private], hereinafter referred to as the “ICEO”). He was employed as a [private]. Under the cooperation agreement he was obliged to: |
| 21 | +a. Create, maintain and develop of infrastructure within GCP and GKE - on high and low-level design for performance at all levels and with security, availability and reliability at the core of it. |
| 22 | +b. Take ownership of security best practices across the DevOps lifecycle, ensuring the infrastructure is hardened and secure at every layer, from the first point of contact with the external client to the network and application layer. |
| 23 | +c. Implement and maintain security measures such as vulnerability scanning, patch management and security automation tools to detect, mitigate and remediate risks proactively. |
| 24 | +d. Ensure continuous compliance with industry standards and regulations, including data protection policies (e.g., DORA, ISO, GDPR, SOC2, etc.), working alongside compliance, technology and security teams to meet audit requirements. |
| 25 | +e. Develop and enforce security controls within the CI/CD pipeline, integrating security testing, static/dynamic code analysis and vulnerability scanning into the development process. |
| 26 | +f. Design and implement secure network architectures, focusing on secure access, encryption and the segmentation of cloud environments, leveraging tools like VPNs, Firewalls and Cloud-native security services. |
| 27 | +g. Monitor, identify and respond to security incidents and alerts, working closely with incident response teams to quickly mitigate threats. |
| 28 | +h. Promote a security-first mindset within the organization, educating teams on security best practices and driving improvements in secure coding, deployment and monitoring techniques. |
| 29 | +i. Create documentation from the implemented solutions. |
| 30 | +j. Research and potential development of new solutions in the market. |
| 31 | +k. Build and maintain tools that help in the automation of the software development process in all stages. |
| 32 | + |
| 33 | +As part of the remuneration for the performance of the agreement, [private] agreed to transfer to ICEO all proprietary copyrights (author’s economic rights) to the results of tasks performed by him. Based on aforementioned provision - the copyrights to the works (which were almost identical to the ones in the repository) belong to ICEO. |
| 34 | + |
| 35 | +I act as a [private] who's working in a law-firm which is a contractor of ICEO. We have a relevant power of attorney. |
| 36 | + |
| 37 | +**Please provide a detailed description of the original copyrighted work that has allegedly been infringed.** |
| 38 | + |
| 39 | +The original copyrighted work is a proprietary Terraform codebase created exclusively for ICEO, a company operating within the [private] and the [private]. |
| 40 | + |
| 41 | +This work was developed in its entirety by an employee in his capacity as a [private] engineer during the course of his employment at ICEO. Accordingly, all intellectual property rights to the code belong solely to ICEO. |
| 42 | + |
| 43 | +The codebase is structured as a monorepository containing a set of custom Terraform modules designed to provision and manage infrastructure on Google Cloud Platform (GCP). It implements industry best practices for security, resilience, and compliance in financial services, and was explicitly tailored to support regulatory obligations, including the Digital Operational Resilience Act (DORA) and related EU financial regulations. |
| 44 | + |
| 45 | +The original work includes the following modules and components: |
| 46 | + |
| 47 | +bastion: secure bastion host setup for controlled administrative access. |
| 48 | + |
| 49 | +cloudsql: deployment and configuration of Cloud SQL instances, including encryption, automated backups, and high availability. |
| 50 | + |
| 51 | +gke: provisioning and securing Google Kubernetes Engine clusters with compliance-focused configurations. |
| 52 | + |
| 53 | +iam: granular identity and access management (IAM) roles and policies, following least-privilege principles. |
| 54 | + |
| 55 | +iap: Identity-Aware Proxy (IAP) integration to secure access to internal applications and resources. |
| 56 | + |
| 57 | +memorystore: managed Redis instances configured for high availability and failover. |
| 58 | + |
| 59 | +svc-projects: service project structure for workload separation and compliance enforcement. |
| 60 | + |
| 61 | +svpc: shared VPC configurations to enforce centralized network security controls. |
| 62 | + |
| 63 | +vpc-sc: VPC Service Controls for enhanced data exfiltration prevention and regulatory compliance. |
| 64 | + |
| 65 | +In addition, the Terraform configurations cover: |
| 66 | + |
| 67 | +IAM and role management: definition of custom roles, binding of service accounts, and strict access policies. |
| 68 | + |
| 69 | +Networking standards: VPCs, subnets, firewall rules, and routing aligned with internal security baselines. |
| 70 | + |
| 71 | +Monitoring and observability: Cloud Logging, Prometheus and alerting policies. |
| 72 | + |
| 73 | +High availability and disaster recovery (HA/DR): multi-region deployments, load balancing, backup strategies, and failover configurations. |
| 74 | + |
| 75 | +This codebase represents significant original authorship in both design and implementation. It is not a generic Terraform setup; it embodies the unique security, compliance, and operational requirements of ICEO as a financial services provider. Its architecture reflects original creative and technical contributions that directly serve our regulated business environment and therefore constitutes protected intellectual property. |
| 76 | + |
| 77 | +The takedown of an almost identical repository was already filed and the repository was succesfully removed (ticket |
| 78 | + |
| 79 | +**If the original work referenced above is available online, please provide a URL.** |
| 80 | + |
| 81 | +**We ask that a DMCA takedown notice list every specific file in the repository that is infringing, unless the entire contents of the repository are infringing on your copyright. Please clearly state that the entire repository is infringing, OR provide the specific files within the repository you would like removed.** |
| 82 | + |
| 83 | +**Based on the above, I confirm that:** |
| 84 | + |
| 85 | +The entire repository is infringing |
| 86 | + |
| 87 | +**Identify the full repository URL that is infringing:** |
| 88 | + |
| 89 | +https://github.com/cloudon-one/google-landing-zone |
| 90 | + |
| 91 | +**Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice#complaints-about-anti-circumvention-technology">Complaints about Anti-Circumvention Technology</a> if you are unsure.** |
| 92 | + |
| 93 | +No |
| 94 | + |
| 95 | +**If you are reporting an allegedly infringing fork, please note that each fork is a distinct repository and <i>must be identified separately</i>. Please read more about <a href="https://docs.github.com/articles/dmca-takedown-policy#b-what-about-forks-or-whats-a-fork">forks.</a> As forks may often contain different material than in the parent repository, if you believe any of the repositories or files in the forks are infringing, please list each fork URL below:** |
| 96 | + |
| 97 | +**Is the work licensed under an open source license?** |
| 98 | + |
| 99 | +No |
| 100 | + |
| 101 | +**What would be the best solution for the alleged infringement?** |
| 102 | + |
| 103 | +Reported content must be removed |
| 104 | + |
| 105 | +**Do you have the alleged infringer’s contact information? If so, please provide it.** |
| 106 | + |
| 107 | +[private] |
| 108 | +[private] |
| 109 | +[private] |
| 110 | +[private] |
| 111 | + |
| 112 | +**I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.** |
| 113 | + |
| 114 | +**I have taken <a href="https://www.lumendatabase.org/topics/22">fair use</a> into consideration.** |
| 115 | + |
| 116 | +**I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.** |
| 117 | + |
| 118 | +**I have read and understand GitHub's <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/">Guide to Submitting a DMCA Takedown Notice</a>.** |
| 119 | + |
| 120 | +**So that we can get back to you, please provide either your telephone number or physical address.** |
| 121 | + |
| 122 | +[private] |
| 123 | + |
| 124 | +**Please type your full name for your signature.** |
| 125 | + |
| 126 | +[private] |
0 commit comments