Data collected is described in the "GitHub Copilot Telemetry Terms." In addition, the GitHub Copilot extension/plugin collects activity from the user's Integrated Development Environment (IDE), tied to a timestamp, and metadata collected by the extension/plugin telemetry package. When used with Visual Studio Code, IntelliJ, NeoVIM, or other IDEs, GitHub Copilot collects the standard metadata provided by those IDEs.
GitHub will use this data for:
- Directly improving the product, including assessing different strategies in processing and predicting which suggestions users may find helpful
- Evaluating the product, e.g. by measuring the positive impact it has on the user
- Improving the underlying code generation models, e.g. by providing positive and negative examples (but always so that your private code is not used as input to suggest code for other users of GitHub Copilot)
- Guiding closely related GitHub products
- Investigating and detecting potential abuse of the GitHub Copilot service
- Other purposes related to improving the GitHub Copilot service, including sharing as described in the next section
The telemetry data is stored securely on GitHub systems, with appropriate encryption in place. We know user edit actions, source code snippets, and URLs of repositories and file paths are sensitive data. Consequently, access is strictly controlled. The data can only be accessed by (1) named GitHub personnel (employees and contractors) working on the GitHub Copilot team or on the GitHub platform health team, (2) Microsoft personnel (employees and contractors) working on or with the Azure and/or GitHub Copilot teams, and (3) employees of OpenAI who work on GitHub Copilot.