Internet and telecommunications companies, along with mobile device and networking equipment manufacturers, exert growing influence over the political and civil lives of people all over the world. These companies share a responsibility to respect human rights. The Ranking Digital Rights project is developing a system to evaluate and rank the world’s major Information and Communication Technology (ICT) companies on how they respect users’ rights to free expression and privacy. The first public ranking will be launched in late 2015.
Our work aims to a) inform companies, individual users, civil society, academics, investors, governments, and the public about the relationship between the ICT sector and human rights; b) encourage companies to develop, deliver and manage products and services in a manner consistent with international human rights norms; c) identify what specific legal and political factors prevent or hinder companies from respecting users’ and customers’ human rights.
This website has documented all stages of our work since we started research and consultations in early 2013. We are presently conducting a pilot study to test out the methodology and research protocols before implementing the full public ranking in 2015. For more detailed information about our work plan, timeline, and methodology please click on the menus and links at the top of the page. Recent developments are described in blog posts linked from the right-hand menu.
Last week Ranking Digital Rights’ Allon Bar gave a presentation at re:publica, Europe’s largest conference on Internet and society. This year, 7,000 attendees gathered from around the world in Berlin to discuss Internet issues across such tracks as politics and society, business and innovation, media, and culture.
Allon led a session on how we plan to rank tech companies on privacy and free expression standards. He explained how Ranking Digital Rights sheds light on how company policies and practices affect these key human rights. Allon reviewed RDR’s pilot study, highlighted the free expression and privacy concerns that RDR’s indicators address, and described how this year’s public ranking will serve as an important tool for companies, civil society, investors, users, and policymakers.
Some of the additional sessions at re:publica focused on how companies gather data, what privacy means in the big data and development context, and the need to reform intelligence oversight.
See the video of Allon’s presentation and the subsequent Q&A below.
For the second year in a row, the Ranking Digital Rights team joined hundreds of advocates, technologists, government officials, and company representatives at RightsCon, a key annual gathering focused on Internet and human rights organized by our good friends at Access. This year’s conference was held in Manila, where we were thrilled to meet activists, researchers, and company representatives from all over Asia.
We shared our pilot study results and collected valuable feedback on how the project can help others who fight to defend digital rights. In a public session focused on setting clear standards for companies, panelists Donny BU of ICT Watch Indonesia, Nighat Dad of Pakistan’s Digital Rights Foundation, and Charles Mok, a Hong Kong legislator, joined Rebecca MacKinnon to discuss RDR’s goals and work.
The companies that RDR evaluates are based around the world and operate in varied cultural environments and legal contexts. Even so, Donny BU asserted that it is fair to hold companies to standards that are grounded in international human rights principles, as RDR’s methodology does. Nighat Dad highlighted the need for more transparency on company practices, particularly when governments compel companies to act in a certain way. Citizens deserve to know if government requirements make a country’s business environment uncompetitive, Charles Mok added.
The Internet and human rights community faces myriad challenges in advocating for freedom of expression, privacy, and other online rights. RDR team members lent their expertise to several related discussions at RightsCon. We participated in the final drafting and launch of the Manila Principles on Intermediary Liability. RDR research fellow Tim Libert described his work on evaluating how mobile devices affect human rights, which relates directly to RDR’s phase two efforts to integrate software, device, and networking equipment manufacturers into the ranking. Allon Bar presented findings from the UNESCO report, “Fostering Freedom Online: The Role of Internet Intermediaries.” Rebecca MacKinnon spoke on panels about the Global Network Initiative, the need for remedy when people experience human rights violations online, the need for frameworks to address cross-border requests to remove online content, and the meaning of democracy in a networked era.
We also met with individuals from NGOs based around the world to discuss the project’s goals and how its ranking results can help other organizations in their research and advocacy work. Our first public ranking of Internet and telecommunications companies will be released in November. Prior to launch, we plan to work with a range of NGOs and researchers so that they will be prepared to use the information we publish to advance their own advocacy and research goals.
The ranking will examine publicly available information and companies’ own disclosures about their policy commitments and practices affecting users’ freedom of expression and privacy. The results and accompanying analysis will describe how companies can improve. The ranking will also highlight ways in which government regulation and laws prevent companies from respecting users’ rights. These details can help NGOs start conversations with companies about how to better respect users’ rights. In cases where government is the source of the problem, our data and analysis can provide facts that NGOs and companies can use to jointly pressure governments.
Several NGOs from across Asia and Latin America expressed interest in using RDR’s methodology as a template to examine or benchmark companies operating in their countries or regions. They told us it would be helpful to have the ranking results available in multiple languages and to receive training or guidance on how to apply the methodology to their local environment. RDR does not currently have resources for translation and training, but we welcome institutional partners who might be able to help us make the data and analysis accessible to more people in more languages and national contexts.
We left RightsCon excited about people’s enthusiasm for RDR, especially their desire to use the methodology we’ve developed and the data we will publish later this year. The global universe of ICT companies is much larger than what RDR (or any single organization) can currently evaluate, but if more organizations apply the methodology to their regions, develop other research projects to examine companies’ local practices and impact, and use the results to inform advocacy, we as a community can develop a more granular picture of where free expression and privacy stand in the ICT sector and where they might be headed. This will strengthen everyone’s efforts to fight for users’ rights.
From October 2014-January 2015 the RDR team and our partners at Sustainalytics conducted a pilot study to test our Phase 1 methodology on 12 Internet and telecommunications companies. We have now published the results of that study here.
Company names are redacted because the methodology was experimental. Based on what we learned, we will spend the next several weeks revising and refining the indicators and research process. We will then apply the improved methodology to a public ranking that we expect to release in November.
As you can see from the bar chart of companies’ overall scores taken from page 9 of the report (click on the image to enlarge), the best-performing company scored only 65 out of a possible 100. No other company scored above 50. The lowest-scoring company received partial points on only two indicators. (Click here to read all of the indicator questions.) To be fair, there are plenty of regulatory and government-related factors at play – and those factors will be discussed as part of the analysis accompanying company scores when the public ranking comes out. Nonetheless, we believe that all companies have substantial room for improvement, regardless of the legal and political environments in which they operate. We look forward to setting clear benchmarks for companies’ future progress when we launch the inaugural public ranking in November.
Last month we shared a draft of the pilot report with several dozen investors, human rights advocates, technologists, academics, and experts in business and human rights. We then sought their feedback either in person or via teleconference in five meetings held across North America and Europe. Some key comments are summarized near the end of the report. All of the very thoughtful suggestions we received will help us to make difficult decisions about how to revise, refine, and streamline the methodology and research process. Importantly, many companies chose to engage with our research team during the methodology development process as well as during the pilot study itself. Company feedback has been invaluable as we consider how to revise our indicators.
Further public feedback and comment on the pilot report are very welcome as we begin the revision process. Comments received before the end of March will be especially useful given that we hope to complete our revision process in April.
The RDR team is heading to Manila for next week’s RightsCon, an annual conference “bringing together civil society, engineers, activists, lawyers, companies, and governments on the subject of the internet and human rights.” The program is full of great sessions.
If you are coming be sure to join our special session, “Ranking Digital Rights: Setting Clear Standards for Companies” on Day 2, Wednesday March 25 from 9:15-10:30am in room Ruby A. The purpose is to brainstorm with the community about how the data we produce can be used by activists, researchers, and companies themselves.
We will also hold private meetings with activists and companies to answer questions and brainstorm further about how we can make sure that the ranking will be useful to them and have the greatest impact possible.
In addition to our public session and side meetings we will also be active in a number of other great panels. Please come join us! Here is a full list:
Day 1, 12:45-1:45pm – “The GNI: Responsible Company Decision-Making in the ICT Sector” (panelists include: Rebecca MacKinnon)
Day 1, 2:00-3:15pm – “Fix-it Felix: Best Practices for Remedying Violations Against Users” (panelists include: Rebecca MacKinnon)
Day 2, 9:15-10:30am – “Ranking Digital Rights: Setting Clear Standards for Companies” with the RDR team and speakers Charles Mok (Legislative Council, Hong Kong), Nighat Dad (Digital Rights Foundation, Pakistan) and Donny BU (ICT Watch, Indonesia)
Day 2, 10:45am-12:00pm – “Establishing Due Process & Transparency for Cross-Border Requests: Challenges in SEA” (panelists include: Rebecca MacKinnon)
Day 2, 12:15-1:15pm – “Fostering Freedom Online: The Role of Internet Intermediaries” (panelists include: Allon Bar)
Day 2, 3:00-4:15 – “Democracy 3.0″ (panelists include: Rebecca MacKinnon)
Research and analysis has now been completed on the Phase 1 Pilot Study conducted in partnership with Sustainalytics, a leading independent research firm with extensive experience assessing the environmental, social, and governance (ESG) performance of global companies.
The purpose of the study was to test the latest iteration of our Phase 1 methodology on 12 companies. Based on what we’ve learned from the pilot, we will further revise the methodology and research process before implementing the full Phase 1 ranking for public launch in late 2015. To that end, we have written the first draft of a pilot report. Over the next several weeks we will seek feedback on the draft from stakeholders and experts. After further revision we plan to publish it later in March.
We are also pleased to announce the publication of several new documents that help to explain the research and consultation process that we undertook to develop the methodology:
- An updated discussion of Human Rights Risk Scenarios
- An background paper on the project’s Theory and Strategy
- An overview plus individual summaries of the findings and recommendations from our 2013-2014 Phase 1 Case Study Research that informed the drafting of the methodology.
Links to those documents and other resources related to the methodology development, plus links to all versions of the methodology, can be found on this page.
We are pleased to announce the release of a new report edited and co-written by several members of the Ranking Digital Rights project team and affiliated research partners, published this week by United Nations Educational, Science, and Cultural Organization (UNESCO). Fostering Freedom Online: The Role of Internet Intermediaries examines in detail how legal, regulatory, and commercial frameworks help or hinder Internet companies’ ability to foster free expression online.
Research for the 200-page report, supported by the Internet Society, Open Society Foundations, and the University of Pennsylvania’s Center for Global Communication Studies was conducted in the first half of 2014 by a global team working in North and South America, South and East Asia, Europe, Africa, and the Middle East. They examined 11 Internet services with a focus on search engines, social networks, and Internet service providers (ISPs) operating across 10 countries. The result is a uniquely global perspective on how information flows online as well as how content gets restricted, by whom, and under what circumstances.
According to the UN Guiding Principles on Business and Human Rights, governments have the primary duty to protect human rights, including freedom of expression and the right to privacy (which itself is considered a prerequisite for freedom of expression). All companies, including those that operate Internet platforms and services, also have a responsibility to respect those rights. The report takes stock of how companies are doing in this regard, and how governments either help or hinder companies from upholding their human rights responsibilities. It identifies two broad categories of problems:
Governments are making it hard for companies to respect users’ free expression rights. The problem exists to varying degrees across the gamut of political systems and cultural contexts. The report identifies cases around the world in which laws, government policies, and regulations – even those enacted by well-meaning public servants seeking to address genuine problems of crime, terror, and child protection – not only erode free expression rights online but also cause companies to carry out censorship and surveillance, affecting speech that should be protected and respected under human rights law.
A major culprit is law that holds companies legally responsible – liable – for what their users say and do. The legal term for this is “intermediary liability.” While countries like China have long blacklists of words and phrases that companies must delete if they want to stay in business, censorship can still be heavy in some democracies. Facebook received more government requests to censor content in India than in any other country where it makes an effort to operate (Facebook is blocked in China).
Companies are not transparent enough about how they restrict content and collect or share user data. Despite the clear problems that governments cause, companies are not doing enough to minimize users’ freedom of expression from being unduly restricted when they comply with government demands or enforce their own terms of service. Companies also need to be more transparent about how these actions affect users’ ability to express themselves or access information – as well as clarify who has access to users’ personal information and under what circumstances.
A growing number of companies, mainly in the US and Europe, have started to issue transparency reports with data about the number of government requests they receive and how many they comply with. But many companies report more extensively on user data requests than on censorship requests, and many do not report any information at all about requests for content restriction or how they comply.
Vodafone started to report last year about the law enforcement requests it receives for user data and bulk surveillance. But it is not transparent about content removals, including its role in a voluntary scheme in the UK to protect children from age-inappropriate content. In mid-2014 the non-profit Open Rights Group found that the system blocked adults from accessing content that included an article about postpartum depression and the blog of a Syrian commentator. Also, while companies like Twitter report extensively on content restrictions in response to legally binding external requests, they provide no information about content removed to enforce their private “Twitter rules.”
The report does not argue that people should be free to do anything they want online regardless of consequences. Rather, restriction of speech or interference in peoples’ privacy should be “necessary and proportionate,” based on clear legal authority to address a specific threat or crime, and should be as narrowly tailored as possible. Accountability mechanisms are key. Recommendations to governments and companies include:
- Laws and regulations affecting online speech must undergo due diligence to ensure they are compatible with international human rights norms.
- Policies at the national, regional, and international level that affect online speech need to be developed jointly by representatives of all affected stakeholder groups (such as industry, civil society groups, and technical experts).
- Transparency about censorship is just as important as transparency about surveillance. Transparency from governments and companies about how their censorship and content restriction processes work, in addition to public reporting about the amount and nature of content being restricted, is essential to prevent abuses and improve accountability.
- Companies that “self-regulate” by using private terms of service to restrict content that the law does not forbid, or which comply with extra-legal blacklists generated by non-governmental groups, must be transparent with the public about what is being restricted, under what circumstances, by whose authority.
- Governments and companies need to set up effective mechanisms for people to report abuses and grievances, as well as processes through which aggrieved parties can obtain redress.
Organizations such as Freedom House and the World Wide Web Foundation annually rank governments on how well they protect Internet users’ rights. Ranking Digital Rights is in the process of developing a parallel methodology to measure and compare companies’ respect for users’ rights around the world. Our first public ranking is scheduled for launch in late 2015. The UNESCO research helped our team refine our thinking about what standards companies should be expected to uphold despite the challenging and constantly changing patchwork of legal environments in which they operate.
In early December for the third year in a row, the United Nations Office of the High Commissioner for Human Rights convened its annual Forum on Business and Human Rights. The purpose of the forum, according to the official website, is to operationalize core principles for business in respecting human rights around the world, in all sectors:
The United Nations Forum on Business and Human Rights is a space for representatives and practitioners from civil society, business, government, international organizations and affected stakeholders to take stock of challenges and discuss ways to move forward in carrying out the Guiding Principles on Business and Human Rights – a global standard for preventing and addressing the risk of adverse impacts on human rights linked to business activity.
The full three-day program can be downloaded here. I also recommend watching the videos of some of the plenary sessions, available here. I represented RDR for the first time at the forum on three different panels:
On the opening day, I was invited to represent RDR in a session called “Ranking business and human rights: The potential of benchmarking corporate respect for human rights” alongside leaders of the Access to Medicines Index, Oxfam’s Behind the Brands, plus a newly-launched project – even younger than RDR – called the Corporate Human Rights Benchmark.
On day two I discussed ways that civil society and researchers have engaged with Internet companies on free expression and privacy issues in a session called “Respect in practice – progress and challenges in implementing the corporate responsibility to respect Embedding the UN Guiding Principles in decision-making and processes“.
On day three, I moderated a session called The Right To Privacy in the Digital Age. Despite the fact that the panel started at 8am, the discussion was lively and rich, thanks to the insights of a diverse range of panelists. Here is the video:
This week marks the launch of our Phase 1 Pilot Study in partnership with Sustainalytics, a leading independent research firm with extensive experience assessing the environmental, social, and governance (ESG) performance of global companies.
The purpose of this pilot study is to test RDR’s newly revised Phase 1 Methodology in preparation for the 2015 launch of a full annual ranking of several dozen of the world’s largest publicly traded Information and Communication Technology (ICT) companies.
Over the coming month, Sustainalytics analysts will use the newly revised methodology to evaluate 12 publicly traded Internet and telecommunications companies operating around the world. This Phase 1 Pilot methodology is the product of extensive research followed by stakeholder consultation on two earlier drafts (archived here and here).
We are contacting the 12 companies this week to let them know that they have been selected for this pilot. They will be invited to review the initial research results for their own companies before Sustainalytics completes its analysis, after which RDR will work with Sustainalytics to finalize internal and public reports on the pilot’s findings.
While a public report on the lessons learned from the pilot study will be published in the first quarter of 2015, the actual company scores calculated for the pilot study will not be publicly released. Rather, we will use the data gathered from the pilot phase to further refine and adjust the methodology for use in the fully public, inaugural ranking on a much larger selection of companies that will be published in late 2015. We will also organize meetings and calls with stakeholders in the first quarter of 2015 to gather feedback on the pilot findings that will help us to maximize the ranking’s effectiveness and impact.
We are grateful to the many research partners and funders who have enabled the project to reach this exciting stage. RDR staff Priya Kumar and Allon Bar have worked tirelessly over the past months as well. We would also like to thank the hard-working team at Global Integrity who have built the back-end research management system for this pilot study with their research platform, Indaba.