The business and human rights challenge – and what we’re doing about it

6 Jul 2017

By Charles Bradley

Today, we launch a new section of the GPD website – Business and Human Rights – dedicated to critically examining the intersection between corporate practices and human rights in the digital environment. We’ve already published some exploratory work on this issue – episode three of our In beta podcast, for example, as well as various articles. But over the coming year, and beyond, we’ll be doing a lot more.

As human rights defenders, we don’t really have a choice in this. In recent years, businesses – in particular, tech businesses – have assumed a markedly increased influence over almost every area of human life. They own and manage the platforms through which we communicate, organise, and assemble, and run many formerly state-provided services, including healthcare and utilities. As a consequence, the decisions businesses make are having increasingly wide-ranging impacts on the exercise of a range of rights – from freedom of expression, to privacy, to liberty and security. Any successful engagement on human rights in the coming years is, by default, going to have to involve them.

Unfortunately, the human rights framework hasn’t kept pace with this emerging reality. In the postwar period, the first instruments which established human rights internationally – the United Nations Declaration of Human Rights (UNDHR), and, later, the International Covenant on Civil and Political Rights (ICCPR) – posited the state as the sole guarantor and protector of human rights, entirely ignoring the role of businesses. While subsequent achievements like the UN Guiding Principles on Business and Human Rights (UNGP) and Global Network Initiative’s Freedom of Expression and Privacy Principles offer a useful beginning in addressing this, there remains a clear gap between high-level principles and actual implementation by technology companies around the world.

One of the key ways in which the UNGP falls short is its requirement for businesses to both understand international human rights standards and integrate them into everyday practice – an often impossible ask for the rapidly burgeoning (but often underresourced) tech small and medium enterprise (SME) sectors across the global South, which are contributing to an increasing share of economic growth in developing countries, and sit at the frontline of a range of urgent human rights questions. These tech businesses collect large amounts of user information, and face the heavy responsibility of not only handling and storing that data securely, but also responding appropriately to frequent requests by their government for access to it – often in the absence of robust legal and regulatory frameworks around the protection of user data. The risks to human rights in this environment are obvious.

At GPD, our broader work on privacy and freedom of expression has often touched upon these questions – but we’ve never really given them our full attention. This changed early last year, when we started conducting research and fieldwork on Kenya’s tech SME sector, and its relationship to human rights.

In the conversations and interviews we’ve since had with Kenyan business leaders, incubators and civil society, the same themes have kept recurring. Business leaders don’t know much about the impact of their products on human rights, but are open – often even eager – to find out more. Civil society organisations, on the other hand, tell us they don’t know how to engage effectively with businesses. Generally, with a few notable exceptions, there is a distinct absence of dialogue and collaboration across these stakeholder groups.

Based on this, we’ve come to a few conclusions about what needs to change, and how we might achieve it. It’s clear that tech SMEs need to play an active role in protecting and promoting human rights online – which will, we think, require:

  • More awareness of human rights among business leaders;
  • Increased capacity of local civil society groups to provide structured, constructive support to businesses;
  • Sustained and constructive dialogue across stakeholder groups.

We’re currently piloting ways of making these things happen in countries across Sub-Saharan Africa. Earlier this year, in close collaboration with local stakeholders, we developed and published a guide to respecting human rights aimed at tech SMEs in Kenya, which we presented at a series of workshops for civil society and businesses in Nairobi; and, over the next four months, we’ll be rolling out similar versions of these resources in Nigeria, Senegal, and Ghana. Later this month, we’ll be publishing a series of explainers, aimed at showing different stakeholder groups what their role is in respecting human rights. And we’re currently trialling a privacy and freedom of expression evaluation tool with several businesses, which we’ll be able to say more about later in the year.

These are only a few early experiments. We hope, over time, to expand our work into different regions, and to build on the excellent work of Ranking Digital Rights, Open Technology Institute, and Global Network Initiative, among others, to build a digital environment underpinned by human rights.

If you’d like to find out about opportunities for collaboration on business and human rights, email Charles (charles{at}