So they should file a takedown request. Trying to track down everyone who simply viewed an innocuous GitHub URL is overstepping boundaries and going way too far.
No one said anything about code “needing” to be open source.
The issue here is that code became public the moment it was uploaded to a public repository. Just because your organization has reckless hiring practices and fails to secure its proprietary code shouldn’t entitle you to be able to use the legal system to doxx every IP who viewed it on a public website in an attempt to track them down seize their machines and claw back the code. How would you feel if I posted a snippet of the leaked code here in this comment and then tomorrow you receive a legal summons or your house gets raided in an attempt to make sure you don’t have a copy?
You’re the one conflating issues. No one said anything about forcing people to divulge their private messages. The difference here is that this leaked source code can no longer be considered private after the moment it leaks to the general public. Don’t want your proprietary code leaking? Make better hiring decisions and implement better technical safeguards against it. Just because you fail to secure your code shouldn’t give you the legal power to dox everyone who viewed it on a public repository and seize their machines in an attempt to claw back the code.
Has there ever been a person with less integrity than Elon Musk? He claims to be a “free speech absolutist” then turns around and does the exact opposite.