Internet and telecommunications companies, along with mobile device and networking equipment manufacturers, exert growing influence over the political and civil lives of people all over the world. These companies share a responsibility to respect human rights. The Ranking Digital Rights project brings together a group of international researchers and advocates. We are developing a methodology to evaluate and rank the world’s major Information and Communication Technology (ICT) companies on policies and practices related to free expression and privacy in the context of international human rights law.
Our work aims to a) inform companies, individual users, civil society, academics, investors, governments, and the public about the relationship between the ICT sector and human rights; b) encourage companies to develop, deliver and manage products and services in a manner consistent with international human rights norms; c) identify what specific legal and political factors prevent or hinder companies from respecting users’ and customers’ human rights.
This website will document our research and consultations as we work to develop the ranking system’s criteria, methodology, and process. For more detailed information please see the About page, Work Plan and Timeline, and other Project Documents.
Thanks to case study research conducted by our research partners and coordinated by a hard working team, we have developed a “discussion draft” of potential methodology elements to be used in ranking 50 Internet and telecommunications companies on freedom of expression and privacy criteria.
Right now we are proposing to ask 50 questions about these 50 companies. Answers to the questions will be scored. Companies will be ranked according to their total scores, likely with sub-scores for “privacy” and “freedom of expression” since we anticipate some companies will be stronger in one or the other and it will be meaningful to show those differences.
We welcome comments from anybody who might be affected by such a ranking. We would also like to hear from people who might want to use it in different ways: as users of technology, as investors, as activists, as policymakers, or as journalists.
There is still much work to be done before the methodology is ready to implement in full. After presenting it at RightCon next week and receiving initial feedback, we will try to work out some of the unresolved issues, make another set of revisions, then post the revised version online for a six week public comment period. We will publish a final Phase 1 Pilot Methodology along with the case studies that helped us develop it by mid-2014. In the second half of 2014 we will conduct a pilot study looking at approximately 10 of the companies listed in the draft. The results of the pilot will inform further revisions, as long as a set of advocacy, engagement, and media strategies.
If all goes as planned we will then implement the full “Phase 1″ ranking for Internet and telecommunications companies in 2015. ”Phase 2″ adding device, equipment, and software companies will follow in 2016.
Please click here to download the full PDF document. Comments are welcome publicly via this blog’s comments section, or privately via e-mail to Rebecca MacKinnon (mackinnon AT newamerica DOT org).
Our friends at Access have organized an exciting conference called RightsCon, a three-day gathering in San Francisco next week “where human rights experts, investors, corporate leaders, engineers, activists, and government representatives from around the world work to advance solutions to human rights challenges by concentrating on the possibilities within the technology sector.”
The Ranking Digital Rights team will hold a workshop at 10:30am on Wednesday March 5th in a room called “The MiniHub”. If you are coming to RightCon, please join us. (For the full conference schedule click here.)
In this brainstorming workshop, members of our team will present our draft methodology for an annual ranking of the world’s most powerful Internet and telecommunications companies. We will invite RightsCon participants to help brainstorm on the best way to use the ranking to hold companies accountable.
In the five months since I last posted a public update, our research partners in the United States, Brazil, the UK, Germany, Hungary, Russia, Egypt, China, and India have been hard at work conducting case study research on the Phase 1 Draft Criteria. We are all grateful to human rights specialist and research coordinator Allon Bar, and research coordinator Richard Danbury, for their indispensable work in coordinating and conducting research as well as conducting outreach with civil society and corporate stake-holders. (Click here to learn more about Allon and Richard.)
Based on the results and recommendations made by our case study researchers (whose work will be published later this spring), we are now working to produce a discussion draft of the full methodology that will eventually be applied to evaluate and rank up to 50 major Internet and telecommunications companies across the world.
We plan to publish that discussion draft online for public comment in early March, both on this website as well as on the websites of allied organizations. The draft will also be presented at workshops at conferences such as Rightscon in San Francisco and Cyber-dialogue in Toronto. We will arrange further opportunities to for online and in-person feedback by stakeholders (civil society groups, investors, and companies) on the methodology as well.
In April and May we will revise the methodology based on the feedback we have received. The revised version will be published in May alongside the edited case studies, plus other research materials that will provide context and background for those wanting to understand how the methodology was developed.
Before our methodology is applied to dozens of the world’s most powerful ICT sector companies in a public ranking, it is important to prepare the field so that those we are seeking to serve (civil society advocates and investors) and influence (companies and policymakers) will be in a position to use and act upon the data that we aim to generate on an annual basis.
To that end, we continue to re-evaluate and revise our work plan and timeline for 2014 and 2015. In the Summer and Fall of 2014 we are likely to conduct a pilot study applying the methodology we are now developing, with the aim of rolling out the full annual ranking in 2015. The precise nature and scope of that pilot study will be shaped by the results of the methodology consultation phase that we are about to launch.
None of the above would be possible without the continued support of our funders. We continue to reach out to other potential funders and partners whose support would be compatible with maintaining the integrity and independence of our work. Suggestions are always welcome!
We are deeply grateful to the MacArthur Foundation for a substantial 2-year investment in our work for 2014 and 2015. While the grant does not cover all project costs, MacArthur’s commitment lays the base to continue our work through the next two years in some way or another. The ultimate scope of the ranking, how much engagement we are able to conduct, and how well it is promoted among other things, depends on the extent to which we can raise other funds. Please also see our lists of 2013 funders and project partners without whose support and commitment we would never have gotten to this point.
Case Study Research and Methodology Development:
In July we launched case studies focused on Internet companies in India, Russia, China, and the U.S. In August and September we began the process of developing and launching case studies focused on telecommunications companies, including: a comparative case study looking at Deutsche Telekom in Germany and its subsidiary T-mobile Hungary; a comparative study of several telcos operating in Brazil, with an added examination of Telefonica based in Spain, whose subsidiaries include Vivo in Brazil; an examination of two Indian telcos Bharti Airtel and BSNL. A U.S. telco case study is also getting off the ground and we are examining whether further case studies are needed on other European telcos as part of this methodology-development stage. The purpose of the case study research is to test out the draft criteria on selected companies in several different types of jurisdictions, in order to gain a better understanding of how the draft criteria play out across a range of companies in a range of jurisdictions. Most importantly we hope to be able to answer to the following questions:
- What criteria should apply to all companies everywhere regardless of size, maturity, or jurisdiction? (In other words what things do we believe that no company anywhere has an excuse not to be doing – even in hostile legal and political environments?)
- What criteria can only reasonably be met after company has reached a certain size?
- What criteria can only be met under certain legal/political/regulatory conditions?
- How should we focus the methodology – what is most important and urgent to measure companies on and what is better addressed by government-focused advocacy? (The answer to this will be informed heavily by the answers to the first three questions.)
- What can actually be meaningfully measured and compared and what simply cannot?
- On what basis should we select the companies we will evaluate in Phase 1?
- In particular countries and parts of the industry, what impact is such a ranking likely to have on company behavior?
It is too early to report on the final results or conclusions as research is still ongoing, but we can say that most researchers are telling us that in the next iteration, the criteria should be more streamlined and focused in order to be effective. That means we won’t be able to include everything on everybody’s laundry list of what an ideal company ought to be doing on all fronts; we will have to prioritize and focus on what is most urgent, important, and measurable.
We are also learning important things about the relationship between what companies say and commit to publicly, what they actually do in practice, and what their practices mean concretely for users’ free expression and privacy. While there is clearly a relationship between companies’ statements and public commitments and practice, that relationship is different in different contexts. Companies that make similar commitments can still have a wide range of actual practice that plays out with users in a range of different ways. We need to make sure our methodology reflects a nuanced understanding of this reality, and emphasizes the right things.
If all goes as planned we hope to have final drafts of the case study write-ups completed in December. The goal is to publish them in late January or early February, alongside a final draft of our proposed ranking methodology which will be the product of what we learned from our case study research. The methodology will then be subjected to a period of public consultation and stakeholder engagement in early 2014. Funds permitting we hope to then make a final revision and begin applying it in Q2 2014 with an aim to produce our first Phase 1 ranking report in Q4 2014. Please see the project timeline for more details.
The case study research includes company interviews. We have encountered a range of reactions from companies: from highly enthusiastic, to curious, to neutral but willing to talk, to negative, to hostile, to indifferent, to radio silence. On the positive end of the spectrum, we have had some truly enlightening and energizing meetings and calls. We have learned a tremendous amount from companies that have been willing to talk with us about the specifics of the draft criteria in the context of their own products, services, and operations. We continue to reach out to other companies with the message that if we can talk to them now during the case study research phase, the final draft methodology – and ultimately the ranking – is more likely to take their concerns and perspectives on board. We have developed an FAQ for companies.
Civil society engagement:
It is vital that our ranking should promote best practices by ICT companies that will better minimize digital threats to human rights defenders and journalists under threat. One of the things we intend to do this Fall is to revise our human rights risks scenarios (which haven’t been revised much since April) through consultation with groups working with human rights defenders and journalists, and to make sure that these scenarios play a strong role in the methodology development process.
Also note that we have been actively reaching out to all the organizations and projects that we know of whose work is remotely related to supporting the emergence of better standards and practices around digital rights, to maximize synergies and minimize duplication.
We are exploring whether and how we might work with an organization that provides research data to responsible investors on environmental, social, human rights, and governance factors.
Our case study research network includes academics from around the world. Our partnership with the University of Pennsylvania has yielded a course on “Human Rights, Corporate Responsibility and ICT” at Penn Law, two public events, and a workshop. If you are in or near Philadelphia on October 17th please join us for an event called “Scholarship After Snowden. This project is committed to supporting our academic partners – whose research contributions are so vital – in their efforts to beef up teaching and research on issues related to digital rights.
I remain the only full-time staff member of the project, so you can blame me for all of the project’s shortcomings. Click here to see the long list of people without whom the project would be nothing and nowhere. While we still cannot afford to offer a one-year full-time contract to a person with the kind of experience we need, we do plan to hire a 6-month consultant, ideally based in Europe, to support methodology development and stakeholder engagement. The job description is posted on the New America Foundation website.
We have now published a research draft of our Phase 1 Criteria. It would not have been possible without a wealth of excellent advice and input from a wide group of academics, investors, human rights advocates, technologists, experts in business and human rights, and experts in corporate rankings. This advice was given generously through an advisory mailing list, several expert consultation meetings, and a number of one-on-one meetings. Thanks to everybody who helped us reach this point.
This is just the end of the beginning, however. We are far from ready to actually start scoring or ranking companies. The draft criteria will now be tested on selected companies in selected jurisdictions by researchers over the Summer and Fall. Click here for more details about our case study research.
We welcome public input into this process. Please feel free to post your comments on the Criteria page, or if you do not want them shared publicly please send them to mackinnon AT newamerica DOT net.
On April 4th at the University of Pennsylvania’s Annenberg School for Communication, the Ranking Digital Rights project convened a day-long invitation-only workshop to inform the drafting of the project’s Phase 1 criteria for ranking Internet and telecommunications companies on their practices and policies related to free expression and privacy.
The meeting would also help to determine priorities, scope, and focus of research needed to refine and improve the ranking criteria and methodology. This research process will enable the team to produce a final draft of the Phase 1 methodology by the end of the year.
Invited participants included: University of Pennsylvania faculty advisors; graduate and undergraduate students involved in the research; international research partners from Brazil, China, India, Russia, the United Kingdom and elsewhere; human rights advocates; technologists; socially responsible investors; experts on best practices in corporate ranking and rating systems; experts in the field of business and human rights, business ethics, and corporate social responsibility. For a full account of the discussions and outcomes please click here.
Event Report – Internet Censorship, Surveillance, and Corporate Transparency: Google’s Dorothy Chou in Conversation with International ExpertsPosted: April 12, 2013
Global Engagement Fund Undergraduate Fellow Jon Diamond reports on the recent panel held at CGCS featuring Google’s Senior Policy Analyst Dorothy Chou and other experts, as part of the cross-disciplinary, university-wide “New Technologies, Human Rights, and Transparency” project funded by the university’s Global Engagement Fund and hosted by Annenberg’s Center for Global Communications Studies in partnership with Wharton, Penn Law, Engineering, and the School of Arts and Sciences.
In a presentation to students, faculty, and visiting scholars at the University of Pennsylvania last Wednesday, Google’s Senior Policy Analyst Dorothy Chou described Google’s flagship digital rights initiative, the Transparency Report. Updated twice a year, the report documents requests that Google receives from governments all over the world to remove content and hand over user data. It also documents country-by-country internet traffic patterns, which enables the public to know in real time when certain Google services have been blocked or even when Internet access is cut off to an entire country. Google’s report thus provides a wealth of data on the censorship and surveillance policies of national governments, and how Google responds to those policies. This data thus offers a powerful tool for netizens to hold their governments – and Google itself – to account for either violating or protecting Internet users’ rights to free expression and privacy.
The Internet, according to Chou, represents a new form of social contract, made not only between governments and their citizens but also between information and communications technology (ICT) companies and their users. Whereas private individuals once surrendered certain freedoms to the state in return for the guarantee of their rights, today they do so with companies as well—each time they click “Agree” to a terms of service agreement. In the same way that governments must be accountable to their people, so does Google believe that companies should be accountable to their users. Google’s Transparency Report, and similar reports now published by Twitter, Microsoft, and others, represent an important tool for users seeking to exercise their digital rights in the face of legal uncertainties. Joined by a panel of international experts from the BRIC countries, Chou discussed the impact of corporate transparency reports and the prospects for broader efforts on the part of the ICT companies worldwide.
Google, Raising the Bar on Corporate Transparency
Google’s report, the first of its kind, was launched in 2010 as one of Google’s “20% projects,” the creative side-projects to which Google employees are allowed and encouraged to devote 20% of their work time. The report reflects Google’s commitment to principles developed by the Global Network Initiative, a multi-stakeholder organization devoted to free speech and privacy online. At first, the report tracked only content removal requests from copyright owners and governments and government user data requests, but has since expanded to include more granular data on the nature of different requests and whether Google complied, and also visualizations of internet traffic patterns on a national scale in (near) real-time. Even over the approximately three years that Google has published its biannual report, several clear patterns have come into focus. On the one hand, the volume of content removal and user data requests from governments has grown steadily since 2010, while removal requests from copyright owners have exploded over the past year or so. On the other hand, Google has demonstrated an increasing willingness to pose legal challenges to government requests. Indeed, only last week, Google filed a petition against one of the U.S. government’s top-secret “national security letters,” user data requests which come with built-in gag orders.
Ultimately, Chou remarked, Google aims to be a neutral intermediary. Companies are not elected and thus should not be the ones to decide what is and is not legal. That is a job for the courts. Though its bold stance free expression, particularly, can be financially and some cases politically costly for Google, in the end, Chou said, the company has a long-term interest in upholding digital rights in order to build and preserve user trust. In apparent recognition of this long-term business interest, not to mention the broader moral case for digital rights, a number of other major ICT companies including Twitter, Dropbox, LinkedIn [pdf], and now Microsoft have joined Google in publishing regular reports on their policies and practices regarding government requests.
Even as Chou describes Google’s transparency report as a “numerator without a denominator,” there are indications that its efforts have already had an impact—both on ICT corporations and on public debate more generally (see below). The data from the transparency report has also been picked up by civil society groups, who have adapted Google’s findings to produce new and compelling products, such as the Electronic Frontier Foundation’s visualizations. Governments, corporations, and civil society have all taken note of Google’s efforts, and with more such efforts on the horizon, there is good reason to hope for heightened public awareness and increased levels of accountability and transparency in sphere of digital rights. Whether this emerging standard of transparency reporting will continue to expand to the rest of the global ICT sector, however, remains to be seen.
Leading off the expert panel, Gregory Asmolov, a PhD candidate at the London School of Economics and founding contributor to the Global Voices “RuNet Echo” project, spoke on the prospects for greater corporate transparency in an increasingly authoritarian Russia. By way of background, Asmolov noted a strong push toward the regulation of the Russian Internet over the past year, including legislation passed last November giving the government broad authority to censor online content deemed illegal or harmful to children. Although the law’s stated goal, child protection, is entirely uncontroversial, it is ultimately subject to wide range of interpretations—and thus official abuse. According to an article from RuNet Echo, the child protection law has been used to take down popular torrent site RuTracker and online library Lib.rus.ec. “While both are hotbeds of piracy,” writes Andrey Tselikov, “they were blacklisted in accordance with the new law, not intellectual property statutes.” Transparency reporting like Google’s has the potential to shed light on similar cases by documenting the legal authorities invoked in each removal request. If the Russian government is not held to account in this way, and if companies are not put under closer scrutiny regarding the way in which they comply with government demands, free speech will continue to be threatened by over-broad application of existing censorship law.
A second issue with transparency in the Russian context, according to Asmolov, is the government’s network of informal relationships with Russian corporations. Unlike in the United States, where the majority of government requests are made through (debatably) legal channels, the activities of many Russian ICT companies can be regulated with a simple phone call from Moscow. During the country’s recent parliamentary elections, for instance, the Federal Security Service (FSB) called the head of popular Russian social media site VKontakte to request the removal of content posted by anti-fraud watchdogs. In this particular case, the request was refused in what the VKontakte official described as a “business decision” rather than a political move. Yet Asmolov expressed his doubts regarding a business case for transparency in Russia, given a lack of awareness of these issues among Russian users. A third and final stumbling block to greater transparency in Russia, in Asmolov’s view, is a characteristically Russian cynicism toward the very idea of “transparency.” Could a company like VKontakte ever be convinced to do a report like Google’s? Perhaps, conceded Asmolov, but no one would believe it.
Touching on some of the same challenges, Malavika Jayaram of the Center for Internet and Society in Bangalore and Visiting Scholar at the Center for Global Communications Studies described the state of digital rights and corporate transparency in India. The government of India has come under close scrutiny for recent instances of censorship that were facilitated by the overbroad language of certain provisions of the Indian Information Technology Act, and intermediary liability guidelines made under it. She also described the dialogue that the government has initiated with powerful ICT corporations and telecommunications companies, requesting them to monitor and pre-censor content and citing concerns around national security, law and order and fragile religious sensibilities. These sorts of informal mechanisms would bypass legal procedures and make content removal effectively “invisible.” Jayaram said that efforts such as the Google Transparency Report helped demonstrate the gaps between the government’s lip service to internet freedom and its actual practices.
Certain provisions of the IT Act (and the rules and guidelines made under it) have received harsh criticism, most recently from the Parliamentary Standing Committee on the Information Technology (Intermediary Guidelines) Rules [pdf]. The report cites, among other issues, “ambiguous and over-reaching language,’ permitting censorship of material deemed “blasphemous” or “disparaging,” among other terms poorly defined by the IT Rules. The report also address certain issues with the Cyber Café Rules, which violate privacy in a quest for greater transparency and surveillance. The report critiques the Cyber Café Rules as a violation of citizens’ right to privacy, requiring, for example, that all computer screens in cyber cafés face the “open space” of the café, but unfortunately does not address the greater issue of logs of patrons’ browsing histories being maintained for a minimum of one year. Thanks to these strict regulations, Jayaram remarked, anonymity has gone “out the window.” Jayaram cited a Nokia study which showed that four out of the top five apps in India (by download) are privacy related, which shows that Indians are not as culturally predisposed to ignoring privacy as is generally believed. In the current environment of various threats to internet freedom, she is positive about the potential impact of greater corporate transparency in India.
Unlike Russia and India, Brazil has suffered from a glaring dearth of legal guidelines governing privacy and free expression online. As Director of Fundação Getúlio Vargas (FGV) Law School’s Center for Technology and Society Ronaldo Lemos pointed out, this lack stems in part from Brazil’s unique legal system, which does not follow the principle of stare decisis, commonly known as “precedent,” that undergirds the U.S. legal system, for example. The only binding legal decisions in Brazilian justice are those issued by the Supreme Court, which has not yet heard any cases regarding Brazilians’ digital rights. Accordingly, the various decisions on these rights reached in the lower courts are in no way binding on other courts and the state more generally. The resulting absence of a coherent legal regime regulating online privacy and free speech thus facilitates a remarkably large number of government content removal and user data requests, as indicated in Google’s Transparency Report (the third highest after the United States and Germany.)
That is not to say the Brazilian government has not considered more sweeping legislative action on ICT issues. According to Lemos, Brazil experienced its own version of the Unites States’ infamous debate over SOPA and PIPA in the late 2000s. Like SOPA and PIPA, the Brazilian cyber security/cyber crime legislation was struck down with the help of civil society, which demanded stronger protections for human rights. Shortly after the bill was defeated, the Brazilian Ministry of Justice and the FGV Law School worked closely together to develop the Marco Civil da Internet, which aims to safeguard citizens’ rights to privacy and internet access as well as principles like net neutrality. Described by Lemos as a “dream law,” the Marco Civil has garnered the support of Brazilian broadcasting corporations as well as major telecommunications companies. Such levels of support would not have been possible without the help of data from Google’s transparency report, said Lemos. Thus Google has had an impact not only on other ICT companies but on the legal process itself, adding to public debate in jurisdictions without strong protections for digital rights.
In stark contrast to Lemos’s optimism about digital rights in Brazil, Peking University School of Journalism and Communication Professor Hu Yong painted an admittedly “pessimistic” picture of transparency in the People’s Republic of China. Noting that Chinese companies have little to no bargaining power within the existing system, Hu doubted whether stances such as Google’s could ever gain traction with other companies in the People’s Republic of China. The current censorship regime in China is opaque, though users are sometimes notified of content takedowns. And while censorship is often accepted as a fact of life on the Chinese Internet, users have occasionally banded together to protest what they view as abuses of government and corporate power. Hu recalled a particular case in which a prominent lawyer’s online accounts and posted content were summarily deleted, prompting a huge outpouring of support from Chinese netizens on Sina Weibo, one of China’s most popular microblogging services. Chinese Internet users are thus increasingly aware of the struggles they face yet remain largely incapable of meaningful organization.
Largely, but not entirely incapable. New America Foundation Senior Fellow Rebecca MacKinnon commented on the case of Green Dam, a content censorship software the Chinese government moved to have pre-installed on all personal computers in 2009. Allegedly designed to block content inappropriate for children, e.g. pornography, Green Dam’s blacklists included a large number of “politically sensitive” websites which had no apparent relationship with child safety. In response to vigorous online protests, the Chinese government ultimately stood down, making Green Dam merely “optional.” It is crucial to note, however, that the success of this opposition was possible only due to strong push-back against the software mandate by domestic and international business, plus disunity within the Chinese government about whether Green Dam should have been mandated in the manner that it was. Since 2009, no such opposition has gained traction among Chinese netizens, and in the absence of concerted corporate support, top-level reforms, or future intra-governmental divisions, it is unlikely to do so any time soon. Nevertheless, the Green Dam case demonstrates a growing awareness of and interest in digital rights in China.
Whether Chinese companies will ever follow in Google’s steps remains unclear. It is possible, Hu conceded, that transparency could gain traction among China-based corporations if they choose to expand more internationally, as Tencent has already begun to do with its WeChat instant messaging client. Chinese companies could eventually be forced to compete with Western companies like Google and Twitter not only on quality of service but on emerging values like transparency and privacy protections as well. The Ranking Digital Rights project undertaken by the Center for Global Communications Studies in conjunction with the New America Foundation Open Technology Institute, Internews, and other partners hopes to contribute to such a future by creating the conditions for just this sort of competition.
Beyond corporate accountability, it is evident especially from the cases of Russia, China, and India that governments too must answer for their policies on internet censorship and surveillance. As Chou and the other panelists affirmed, Google’s transparency report provides a wealth of data that can be brought to bear on governments. Indeed, its potential has already been realized to some extent by elements of civil society in Brazil by generating support its Marco Civil. To the extent that others can make use of this and other data from governments and corporations alike, transparency stands a real chance of gaining global acceptance.