This year marks the 10th anniversary of the UN Guiding Principles on Business and Human Rights (UNGPs). This landmark framework, endorsed by the UN Human Rights Council on 16 June 2011, was the culmination of decades of advocacy for a universally agreed framework on the roles and responsibilities of states and business enterprises to ensure that human rights are protected and respected by the private sector.
In many ways, however, we are really still only at the start of the process. Despite the UN Human Rights Council calling in 2011 for all governments to adopt National Action Plan on Business and Human Rights (NAPs) setting out how they will implement the UNGPs, fewer than 30 have done so. And there is still a great deal of awareness-raising to be done among companies, not least developing more granular standards and guidance on what the UNGPs mean for businesses in different sectors, and how they apply to both the largest multinational corporations and the smallest SMEs.
For some sectors where human rights impacts had been on the agenda for many decades—such as the extractives sector and poor working conditions in complex supply chains—this work was already well underway by 2011. But far less attention was initially placed on newer industries such as the tech sector, where human rights impacts were at that time little felt or considered. While there was the occasional mention of data protection (such as Ireland and Finland), early NAPs rarely mentioned the tech sector or technology at all. Now we are finally seeing some progress towards including tech considerations within NAPs: Switzerland’s most recent NAP sets out stricter rules and restrictions around the export of war material and surveillance technologies where human rights might be put at risk, and Japan’s NAP commits the government to promoting a human rights-based approach to the governance of AI. However, the focus of government action remains largely on more tangible business and human rights issues.
On the corporate side, there were some early champions, notably Google, Microsoft and Yahoo! (now Verizon). In 2008, even before the adoption of the UNGPs, these three companies had established the Global Network Initiative (GNI), a multistakeholder initiative to promote respect for human rights among three of the leading ICT companies, and with a strong focus on privacy and freedom of expression. While many more companies have joined the GNI, the conversation around business and human rights in the tech sector has yet to become mainstream globally. It is only a small number of very large tech companies, almost all in the global North, that have endorsed the UNGPs (Facebook and Apple being two of the most recent tech companies to adopt human rights policies). Even among those companies with human rights commitments, concerns around their use of personal data, a lack of transparency in content moderation, and links between online activity and offline violence and discrimination remain prevalent.
For those working in digital rights (or on digital policy), the role played in society by the companies that develop, deploy and use digital technologies cannot be understated. Digital technologies play an important role in enabling people to exercise and enjoy their human rights, such as making it easier to access education and information, or enabling activists and human rights defenders to communicate and coordinate. But digital technologies, and the companies that develop them, play an increasing role in human rights harms: in the last few years we’ve seen the algorithmic curation of content on online platforms leading to the spread of harmful disinformation and hate speech; AI technologies, particularly predictive policing and facial recognition technology, used in ways that reflect and amplify racial biases; and government-ordered shutdowns of the internet to silence protestors and activists. The growth in new technologies such as drones, robotics and “smart” devices will all raise new issues and challenges.
Nor is this trend is likely to slow down. The COVID-19 pandemic has only accelerated the digital transformation of societies across the world, with the internet and digital technology now indispensable for work, entertainment, public services, commerce and almost every other part of our lives. The rollout of 5G over the next decade will be a further boost to what digital technologies are capable of, in both positive and negative senses. And as more people around the world access these technologies, which are becoming ever more sophisticated, their impact on human rights will only increase.
It is therefore critical that governments and companies that develop or use digital technologies have human rights front and centre when it comes to their design and deployment. For governments, this might mean greater regulation: ensuring that human rights due diligence is undertaken by tech companies, mandating greater transparency over the decisions that they make, and making sure that technologies which have the potential to cause human rights harms are prohibited or subject to safeguards and oversight. Collaboration at the regional and global level here is critical, however, to avoid fragmented regulatory approaches. For companies, it means building human rights into their day-to-day practices, increasing the understanding of those in product development of human rights, and talking to users and other stakeholders who will be affected by digital technologies, making sure that they are designed and deployed in ways that remove (or, at least, mitigate) risks to human rights.
Civil society has an important role to play in supporting governments who are looking to develop NAPs and building links with tech companies by making the business case for respecting human rights (and then holding them to account in doing so). With much of the effort so far having taken place in the global North, it’s important too that civil society organisations in the global South engage with both local and global tech companies in order to bring different contexts, languages and challenges to light. When these engagement opportunities are created, we have seen positive results. For example, Paradigm Initiative in Nigeria has seen proposed text amendments on the ICT tech sector included in a redrafted version of the country’s NAP (see their latest policy brief). In Argentina, Asociación por los Derechos Civiles has worked with the government and companies on implementing mandatory human rights due diligence in the procurement and development of technology. It’s clear that all stakeholders have a role to play in upholding the UN Guiding Principles and in shaping a robust and inclusive business and human rights ecosystem at the national level, as no one actor can fully understand the interlinked issues at play.
The first 10 years of the UN Guiding Principles have seen a slow but promising start in ensuring that the tech sector—and digital technology more broadly—respects human rights. While concerns around the human rights impacts of tech companies have grown, so, too, has the number of companies committing themselves publicly to pay greater attention to their human rights responsibilities. But with a decade of rapid technological development ahead, the biggest challenges are likely still to come, meaning sustained action from all stakeholders is needed to make the UN Guiding Principles’ 20th anniversary one to celebrate.