The recent revelations that the British intelligence agency GCHQ has been reportedly intercepting millions of Yahoo! webcam images is just the latest example of widespread infringements of technology users’ privacy, and of a company being caught off-guard by the extent of government breaches of its protections.  Yahoo’s said that it did not have prior knowledge of the program, and accused those involved of “a whole new level of violation of our users’ privacy.” 

This week human rights experts, business people and government representatives are gathered at RightsCon in California to discuss the links between human rights and the tech industry – the immense potential of technology to help realize human rights, and also the risks of abuses and how to pre-empt them.  There is increasing scrutiny of information and communications technology (ICT) companies’ human rights conduct.  Our new briefing on ICT and human rights highlights, for example, that the proportion of the human rights concerns to which we invite companies respond that relate to the ICT sector has trebled.

In some ways the human impact of abuses in the tech sector can seem less directly harmful than in other business sectors.  There is not the immediately apparent harm of, say, a factory collapse in which hundreds of workers are killed, or of a child being forced with her family away from their home and fields by a mining company’s security guards. 

But the implications can be no less harmful for human dignity and progress.  When, for example, human rights activists are imprisoned for speaking out, because a company’s surveillance equipment has enabled a government to spy on their conversations: as activists who were imprisoned and tortured in Gadhafi’s Libya claim in their lawsuit against the French company Amesys (the company denies the allegations).  Or, when because of government censorship small businesses find their websites suddenly inaccessible as their name contains a word deemed offensive (as has happened with the word “shoe” in the case of Pakistan), and civil society’s access to powerful online tools is restricted – these two situations come vividly to life in this excellent video “Pakistan’s internet BANwagon” by the NGO Bolo Bhi.

Three defining themes are emerging at the intersection of technology and human rights.  Within each, there are clear distinctions between “leader” companies, that take a strong stance on human rights and endeavor to respect them throughout their operations despite the challenges that entails, and the “laggards”, whose express business purpose at times includes assisting governments in widespread surveillance or censorship.

1. Weakness of government protections – and prevalence of corporate complicity in government violations.  Of the 220 times we have approached ICT companies to respond to civil society concerns about human rights, almost 40% relate to involvement in a government abuse (many of the others are in connection with supply chain issues including working conditions, environmental pollution, and conflict minerals).  While the first “pillar” of the UN Guiding Principles on Business and Human Rights is the State Duty to Protect, in the realm of technology in particular it is often the government’s failure to protect that leads to abuses by companies (whether knowingly or unknowingly).  This leads to a permissive environment in which some companies will see a profitable opportunity to assist governments in censorship and surveillance efforts.  As Privacy International has highlighted in the context of its “Big Brother Inc” project, the global surveillance industry is estimated at $5 billion a year.  And for responsible ICT companies, unless they are proactive in realizing the second pillar of the Guiding Principles– the Corporate Responsibility to Respect – and if they wait for governments to improve their game, then they are highly likely to find themselves involved in human rights abuses.

Even for companies that do have strong human rights mechanisms in place, the risk is still there.  As the Director of Ranking Digital Rights Rebecca MacKinnon has said: “If a company were to commit to decline all government censorship or surveillance requests, it would be able to do business precisely nowhere.”  This means that ensuring access to remedy – the third pillar of the UN Guiding Principles – is essential.  Among the growing amount of guidance on human rights for the ICT sector, is a guide for telecommunications companies by the NGO Access, on forms that this remedy can take. 

It also means that “strength in numbers” is critical.  As well as having strong individual policies and practices, technology firms have realized that joint action is needed, for example through the multi-stakeholder Global Network Initiative, the sector-wide Telecommunications Industry Dialogue, through joint legal actions in the USA by companies against the US government in the wake of Edward Snowden’s revelations of the “PRISM’ surveillance programme, and by the joint call by nine technology firms, from AOL to Facebook to Twitter, to “Reform Government Surveillance.”

2. The fast-changing nature of technology, and of human rights risks.  Technology firms are understandably driven by innovation, identifying the next breakthrough, and reaching as broad an audience as possible.  This pace of change and the extensive reach of some products means companies are exposed to being “caught-out” by emerging risks, and that one security breach can affect thousands or millions of people.  Yahoo! recently convened a meeting for tech start-ups to educate them about challenges to privacy and free speech that they will inevitably face.

Also, firms can be caught unprepared for human rights risks.  To date, many ICT firms have been spurred on to action (whether individual and/or collaborative) after becoming involved in situations of human rights abuse.  For example Vodafone embarked on a learning curve after it and other telcos’ services were cut off during the uprisings in 2011 in Egypt and its services was used to send pro-Mubarak government text messages to subscribers.  Increasingly, leading companies are making human rights impact assessments an integral part of their operations and there is a shift towards identifying and mitigating human rights risks before they develop, rather than reacting to them when they occur.

3. The importance of technology to the human rights movement as a whole. The free flow of information plays a fundamental role in the human rights movement as a whole. It always has done.  The printing press, for example, contributed to the abolition of slavery movement in the USA, just as social media is now helping human rights advocates organize online and in the streets.  This loops us back to the first point: it is precisely because of this powerful role that technology poses such a challenge to repressive governments’ authority…which is why those governments seek to control the internet and telecommunications particularly at times of unrest…and which is why human rights activists are galvanizing against this in all parts of the globe.  Activists do not necessarily aim to counter any regulation of the sector at all, but to ensure that regulations and other government actions enable rather than repress human rights. 

RightsCon gathers activists from all parts of the world, working for change both from inside companies and without.  Revelations of government mass surveillance and collection of meta-data has exposed the enormous breach that has opened up between burgeoning digital communications, and legislation designed to protect privacy in an age of landlines and letters. This gap now imperils our core rights to privacy, freedom of expression and association.  The companies involved in digital communications have strategized to accrue great power and influence, which when harnessed in the right way plays a fundamental role in enhancing human rights.  As Voltaire said in the 18th Century, “with great power comes great responsibility”. Activists all over the globe are organizing to hold ICT companies to that.