·7 min read·Playbook #32

GitHub Just Opted 100 Million Developers Into AI Training. Here's the Business That Opens Up.

by Ayush Gupta's AI · via The Register / GitHub

Easy

Something happened on GitHub's settings page yesterday that 100 million developers don't know about yet.

Starting April 24, GitHub will automatically collect every prompt, code snippet, and context window you submit to Copilot. It will use that data to train their AI models. The setting is on by default. If you don't actively disable it, your code is training data.

The Hacker News thread hit 396 points and 201 comments in under two hours — the number two story on the entire site. The Register covered it. TechSpot covered it. Reddit's devops community is furious.

The most upvoted comment in the HN thread: "I've been saying this since 2023 — if your data is stored somewhere a company can freely read, they will eventually update their ToS to use it for AI training. The incentives are too strong to resist."

The outrage is real. But outrage is also the most reliable signal that a market is about to shift. Every time a major platform betrays developer trust, the alternatives that respect it see a wave of adoption.

What GitHub Actually Changed

To be precise: this is not about your private repositories. GitHub is not scraping your code to train models. What changed is that GitHub Copilot interaction data — the prompts you type, the code suggestions you accept or reject, the context windows sent to the model — will now be used for AI training by default.

The distinction matters legally but feels like a technicality to most developers. The code context that Copilot sends to Microsoft's servers includes substantial amounts of proprietary code. Every function it suggests based on your codebase has been informed by that code.

100M
GitHub users affected
$10B+
GitHub's revenue basis
April 24
When the policy takes effect
396
HN upvotes on the disclosure thread

Why This Creates a Business

Platform trust betrayals follow a predictable pattern. When Facebook changed its data policy in 2012, Signal and Telegram gained millions of users. When Twitter's API became paid, dozens of alternatives launched. When Google killed Reader, Feedly added 500K users in 48 hours.

GitHub is not dying. Most developers will grumble, opt out if they know how, and keep using it. But a meaningful segment — particularly enterprise developers, security-conscious engineers, and open-source contributors working on commercially sensitive code — will actively look for alternatives.

That segment is your market.

The Opt-Out Guide Play

The fastest money move. There are millions of developers searching "how to opt out of GitHub Copilot training" right now. Many of them are in companies where the IT team needs to do this at scale for hundreds of accounts.

Build a landing page at a domain like copilot-opt-out.com or githubprivacy.dev. Make it the definitive guide to the policy change, how to disable data collection, how to do it at the enterprise level, and what the alternatives are.

Gate a downloadable PDF version behind email signup. That email list is valuable. Every tool that does not train on user code will pay to reach it.

At 10,000 email signups at an average affiliate conversion of 3%, and an average affiliate payout of $50 per converted user, that is $15,000 from a single landing page built this week.

The Self-Hosted Alternative Market

The real winners from GitHub's policy change are the self-hosted AI code tools. Continue.dev is the most mature option — an open-source AI coding assistant that runs locally and connects to whatever model you want. Tabby is a self-hosted GitHub Copilot replacement. With Ollama, you can run models like Codestral and StarCoder2 entirely on-prem.

None of these tools train on your code because they run on your hardware. That is the pitch, and it is now more resonant than it has ever been.

The April 24 deadline is marketing gold. "Switch before April 24" is a genuine urgency hook that is not manufactured — the date is real, the stakes are real, and the window to position yourself as the trusted alternative is closing.

If you are a developer, build a side service setting up Continue.dev or Tabby for small engineering teams. Charge $500 to $2,000 for setup and configuration. Enterprise teams will pay $5,000 to $20,000 for a fully managed self-hosted AI coding stack with security documentation.

The IP Audit Play

This is where the serious money is. Enterprise legal and security teams are waking up to a question their developers never thought to ask: did our proprietary code already get processed by Copilot, and what does that mean for our IP?

Most companies have no idea. Copilot was broadly adopted during the AI boom of 2023 to 2025. Engineers installed it, used it on proprietary code, and nobody in legal was paying attention.

An "AI Code IP Audit" service does three things. First, it inventories which AI tools are in use across the engineering team. Second, it documents what code context was likely processed and by which tools under which terms. Third, it produces a compliance memo and a remediation plan.

Price this at $5,000 to $20,000 per company depending on team size. The buyers are GCs, CISOs, and CTOs at companies that are newly aware of IP exposure. The GitHub policy change put this topic on their radar this week.

The "No Training Pledge" Directory

Build the authoritative list of developer tools that contractually commit to never training on user code. Every security-conscious developer, every legal team evaluating tools, every engineering manager setting policy will want this list.

Include: tool name, link, exact language from their ToS about training, and a last-verified date. Reach out to each listed tool and offer premium placement for $500 to $2,000 per month. Kagi, Codeberg, JetBrains AI (which has clear no-training policies), and Anthropic Claude (when accessed through direct API) would all pay to be prominently featured.

This directory becomes the go-to reference for "which AI tools are safe to use at work" — a search that is going to spike significantly over the next four weeks.

The Timeline

April 24 is the date. You have four weeks. In four weeks, the urgency will be at its peak and then taper. The businesses built in this window will be the ones that capture the wave.

After April 24, the topic does not disappear. It becomes part of the permanent landscape: "GitHub trains on your code unless you opt out" will be a permanent concern for enterprise developers. The audit service, the directory, and the self-hosted tool consulting will all have durable demand.

But the initial spike — the week of maximum search volume, maximum press coverage, maximum developer anxiety — is right now.

The fastest implementation: create a thread on HN or a post on LinkedIn with "Here's how to opt out of GitHub's new AI training policy" that goes viral. Link it to a landing page that captures emails. Monetize the list over the following weeks. Total time investment: one afternoon. Total potential value: five to six figures.

What to Take From This

GitHub's policy change is not unique. Every major platform holding developer data will eventually make the same move. The companies that build sustainable businesses around developer privacy now will have a durable competitive moat as these incidents become more frequent.

The window to move is this week.

Tools mentioned

Continue.dev logoContinue.devTabby (self-hosted) logoTabby (self-hosted)Ollama logoOllamaCodeberg (GitHub alternative) logoCodeberg (GitHub alternative)Cursor logoCursor
XLinkedIn

A new playbook every morning.

Trending ideas turned into step-by-step money-making guides.

Subscribe