Guide to the guidelines - human rights, business and the ICT sector

Complex and interesting areas of international legal policy can be difficult to navigate.  Once an issue gains a profile in policy circles, everyone with an interest in the topic rushes to develop guidelines to help others navigate the area.  While the issue of human rights and web companies is still comparatively new, there are guidelines from the field of corporate social responsibility that can be drawn upon.  ICT-specific guidelines are also mushrooming at the moment.  In light of this, I thought it timely to develop a quick guide to the guidelines. There is an abundance of material on corporate social responsibility, with some of it approaching human rights more broadly and some creating sector specific guidance.  I will outline a couple of the key general CSR guideline initiatives and the guidelines that are specific to the ICT sector.  Once you start delving into specific issues such as environmental sustainability, fair trade or bribery or markets with particular vulnerabilities such as conflict zones, you find a whole host of additional stakeholders and reference materials.  Some notable examples include the OECD Risk Awareness Tool for Weak Governance Zones, the ILO Tripartite Declaration of Principles concerning Multinational Enterprises and Social Policy and the Extractive Industries Transparency Initiative.

Global Compact Self Assessment Tool

‘The United Nations Global Compact is a strategic policy initiative for businesses that are committed to aligning their operations and strategies with ten universally accepted principles in the areas of human rights, labour, environment and anti-corruption’.  Announced by the then UN Secretary-General Kofi Annan in 1999, the Global Compact catalysed a string of corporate social responsibility initiatives.  The UN Global Compact Checklist seeks to operationalise the Global Compact by expanding the principles of the Compact into a self-assessment checklist for companies. The Global Compact Self Assessment Tool was developed by a collection of Danish government, NGO and industry groups in consultation with the UN Global Compact Secretariat.  The Self Assessment Tool:

  • Is an interactive online tool
  • Is general and non-sector specific, as it reflects the UN Global Compact
  • Does not specifically address rights such as privacy and freedom of expression or the vexed issue of working in jurisdictions where domestic laws and practices infringe international human rights.

UN Guiding Principles on Business and Human Rights

Hot on the heels of the excitement generated by the Global Compact, John Ruggie was appointed as the Special Representative of the Secretary-General on the issue of human rights and transnational corporations and other business enterprises.  Ruggie’s six years of work culminated in the UN Guiding Principles on Business and Human Rights, which were endorsed by the Human Rights Council on 16 June 2011.  The Guiding Principles:

  • Cover the roles of States, State-owned companies and private companies in upholding human rights
  • Are based on the full range of civil, political, social, economic, cultural and labour rights found in the international bill of human rights
  • Require companies to have in place policies, due diligence and remediation practices for human rights compliance issues
  • Focus on situations where States may need to deal with companies that are having an adverse impact on human rights rather than the situation where companies are operating in jurisdictions with sub-standard human rights practices.

OECD Guidelines for Multinational Enterprises

The OECD proudly notes that these are the only ‘multilaterally agreed and comprehensive code of responsible business conduct that governments have committed to promoting’.  They have been endorsed by all OECD member countries, as well as 11 non-member countries (Argentina, Brazil, Egypt, Latvia, Lithuania, Morocco, Peru and Romania).  The guidelines:

  • Were originally developed in 1976, with the most recent update in 2011
  • Require member countries to establish a complaints procedure and point of contact
  • Contain 11 Chapters - concepts and principles, general policies, disclosure, human rights, employment and industrial relations, environment, combating bribery, consumer interests, science and technology, competition and taxation
  • Were updated in 2011 to include a new human rights chapter that is consistent with the UN Guiding Principles on Business and Human Rights.
  • Note that international human rights obligations are owed by States, but nonetheless require companies to respect human rights in accordance with the international legal obligations of the countries in which they operate and with domestic laws
  • Include an obligation to prevent or mitigate adverse human rights impacts that are directly linked to their business activities
  • Require companies to undertake due diligence in their supply chain
  • Include a chapter on science and technology, which aims to promote ‘the diffusion by multinational enterprises of the fruits of research and development activities among the countries where they operate, contributing thereby to the innovative capacities of host countries’.

The Global Network Initiative – ‘Principles’, ‘Implementation Guidelines’ and ‘Governance, Accountability and Learning Framework’

The GNI was launched in 2008 as a cooperative effort between ICT companies, academia and NGOs.  It seeks to create ‘a collaborative approach to protect and advance freedom of expression and privacy in the ICT sector’.  The Principles:

  • Are specific to the ICT sector
  • Directly address situations in which companies may be operating in jurisdictions in which the local government is not upholding its international human rights law obligations.
  • Are part of a broader membership system, which entails a commitment to implementing the principles and to undergoing monitoring and evaluation processes
  • Require companies to have human rights policies, due diligence procedures and mitigation strategies.
  • Give concrete guidance on issues such as how to handle requests for information from law enforcement agencies.

The Council of Europe Human rights guidelines for Internet service providers

As keeper of both the European Convention on Human Rights and the European Convention on Cybercrime, it is no surprise that the Council of Europe has prepared guidelines on human rights and cybercrime issues.  In 2008, the Council of Europe endorsed the Human Rights Guidelines for Internet Service Providers, which were developed in cooperation with the European Internet Services Providers Association (EuroISPA).  The Guidelines:

  • Emphasise the need for ISPs to provide information to customers about their rights and obligations regarding privacy, unlawful content and circumstances in which they may need to disclose customers’ private information
  • Caution ISPs to ensure that any removal or filtering of content is strictly in accordance with the law
  • Cross-reference existing CoE standards relevant to ISPs such as those on freedom of communication on the internet, protection of personal data, promoting the freedom of expression, etc.
  • Do not address circumstances in which the local government is contributing to the human rights abuses but rather focus on private threats to internet users’ rights.

The Council of Europe Guidelines for the Cooperation between law enforcement and internet service providers against cybercrime

2008 was a busy year for the Council of Europe in this space, because not only did it endorse guidelines on human rights and ISPs, but also guidelines on law enforcement and ISPs.  The Guidelines:

  • Provide practical tips on how law enforcement and ISPs can work to improve their working relationships.
  • Encourage law enforcement and ISPs to uphold human rights in their dealings and to ensure that due legal process is adhered to, but do not provide specific guidance on human rights issues.

European Commission

The European Commission’s Directorate-General for Enterprise and Industry selected the ICT sector as one of three business sectors that will be the focus of a new, year-long project to develop sector-specific guidance on the corporate responsibility to respect human rights.  The guidelines will be based on the UN Principles and are due to be completed by the end of 2012.  The Commission promises ‘extensive consultations with enterprises and all concerned stakeholder groups’.

GRI Telecommunications Sector Supplement

The Global Reporting Initiative is a non-profit organisation that aims to promote economic, environmental and social sustainability by developing a comprehensive sustainability reporting framework.  The GRI's Telecommunications Sector Supplement is intended to be used in conjunction with the general reporting guidelines.  Although it has not progressed beyond the ‘pilot’ stage, is available upon request from GRI.  Key features include:

  • applies to service providers and equipment manufacturers
  • provides guidance on reporting procedures, not on substantive policies
  • principles are general enough that they can be adapted to current technology issues (this is particularly important because the supplement was developed in 2002-2003 - before Twitter even existed!)
  • PR3 requires reporting on respect for privacy and PA7 on access to content.  PA7 notes that this includes policies on freedom of expression, censorship and interaction with government on issues such as surveillance.

Electronic Industry Citizenship Coalition Code of Conduct 

'The EICC is a coalition of the world’s leading electronics companies working together to improve efficiency and social, ethical, and environmental responsibility in the global supply chain.'  The EICC certainly has some big name members in the ICT sector, including Adobe, Apple, Foxconn, Cisco, Microsoft and HTC (not all of whom necessarily have a squeaky-clean human rights record!).  Any company is open to adopt the code of conduct, but membership of the EICC indicates a commitment to its implementation and compliance with the organisation’s by-laws.  The Code of Conduct:

  • Outline standards for labour, health and safety, the environment and business ethics; also outlines the elements of an acceptable system to manage compliance with the Code
  • Businesses firstly must comply with local laws, but are encouraged then to go beyond
  • Provides no ICT specific guidance or direction relating to privacy or freedom of expression.

Guide to Human Rights Impact Assessment and Management

This is a collaboration between the International Business Leaders Forum (IBLF) and International Finance Corporation (IFC), in association with the United Nations Global Compact.  Full details are only available to registered users on the website.  The Guide:

  • Started life as an interactive online tool but is now also available in pdf format
  • Focuses on procedures to assess and respond to human rights risks, rather than suggesting the human rights policy content
  • Establishes an online forum aimed at encouraging businesses to share their experiences and learn from each other
  • Provides guidance on the four elements of human rights due diligence, as advanced in the UN 'Protect, Respect and Remedy' Framework.