Companies should use enterprise Github for that exact reason. They get a system from Github to set up internally, all code stays internal. Github doesn't see any of it. Smaller companies/startups may not have the cash for enterprise github vs private repos I guess, I'm not sure about the cost comparison, but from an security of IP standpoint, that's a move you have to make if you want to use Github and you're a company/startup of any size.
Why not use self-hosted Gitlab then ?
The self-hosted community system has all paid Gitlab features (except that you have to host it yourself), including CI/CD, Registry etc.
I agree that Gitlab, and even Bitbucket, offer more enterprise features/value than GitHub does. But in terms of the comment above about Microsoft owning/seeing the code from enterprises' private repositories, I was commenting that enterprise should all be on enterprise GitHub where GitHub - or Microsoft soon - have no visibility.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.