GitHub Adds US/EU Data Residency and FedRAMP Controls to Copilot
Original: Copilot data residency in US + EU and FedRAMP compliance now available View original →
What shipped on April 13
On April 13, 2026, GitHub added a new governance control for organizations using Copilot: data residency in US and EU regions. GitHub says the feature keeps inference processing and associated data within the geography an administrator selects, instead of routing requests through a broader default footprint. That matters because many large teams have been willing to trial AI coding tools, but not willing to relax regional data-handling requirements to do it.
The announcement also extends GitHub’s public-sector story. For US government customers, GitHub says the model hosts and supporting infrastructure used for this path now meet FedRAMP Moderate authorization standards. In practical terms, GitHub is positioning Copilot as a more viable option for agencies and regulated contractors that need both AI assistance and a compliance boundary they can explain to auditors, procurement teams, and security reviewers.
It is opt-in, and it costs more
GitHub did not make the policy mandatory. Enterprise and organization admins must explicitly turn the setting on from Copilot settings, and the policy is off by default. Once enabled, admins can restrict their enterprise or organization to models that are data-resident or FedRAMP compliant. That opt-in design is important because it lets teams weigh governance benefits against coverage, model choice, and cost before changing production policy.
Cost is part of the rollout. GitHub says data-resident and FedRAMP requests carry a 10% premium-request surcharge. Its example is simple: a model that normally costs 1 premium request will cost 1.1 premium requests under data residency. That is not a trivial detail. It means compliance is being treated as a first-class product feature with real infrastructure and provider costs behind it, not just a marketing toggle.
Why this matters
The broader takeaway is that AI coding platforms are moving deeper into enterprise infrastructure. Earlier Copilot announcements focused on user experience and agent workflows. This release is about control planes, compliance posture, and geographic boundaries. That is usually the point where experimentation starts turning into procurement-grade deployment.
GitHub is effectively telling large customers that Copilot is not only a developer-assistance layer, but a system that can be governed at the same level as other enterprise software. For organizations that were blocked less by model quality than by data-location and authorization requirements, this is the kind of change that can materially expand adoption.
Related Articles
GitHub Changelog said on April 3, 2026 that GPT-5.1 Codex, GPT-5.1-Codex-Max, and GPT-5.1-Codex-Mini were deprecated across all Copilot surfaces as of April 1. GitHub tells organizations to move workflows and model policies to supported models, with GPT-5.3-Codex named as the replacement.
GitHub Changelog's March 19, 2026 X post announced that GPT-5.3-Codex is the first long-term support model for Copilot Business and Copilot Enterprise. GitHub says the model launched on February 5, 2026, stays available through February 4, 2027, and becomes the new base model by May 17, 2026.
GitHub has moved the Copilot SDK into public preview, exposing the same agent runtime used by Copilot cloud agent and Copilot CLI. Developers can embed tool invocation, streaming, file operations, and multi-turn sessions directly into their own applications.
Comments (0)
No comments yet. Be the first to comment!