More than half of the companies evaluated in the 2018 Corporate Accountability Index have publicly responded to our findings, thanks to a campaign by digital rights group Access Now. In September, the organization sent letters to each of the 22 companies evaluated in the 2018 Index, asking them to respond to recommendations for improving their policies and practices affecting freedom of expression and privacy.
Twelve companies have so far responded, with many reporting steps they have taken since the 2018 Index was published to improve. Letters can be viewed on the Business & Human Rights Resource Center (BHRRC) website. Below is a summary of responses:
- AT&T emphasized its commitment to respecting users’ freedom of expression and privacy, noting it received the highest privacy score among telecommunications companies over the past three Index rankings. The company stated that it although it did not join the Global Network Initiative (GNI) like many of its US and European peers, it has opted instead to independently implement and report on their progress on human rights issues. (Read Access Now’s letter, and AT&T’s response.)
- Facebook pointed to new efforts aimed at improving transparency of its policies affecting users’ rights, including its new appeals process allowing users to dispute content that has been removed. (Read Access Now’s letter, and Facebook’s response.)
- Kakao said it was actively “maximizing transparency” of its content management, data collection, and data security policies and practices. It also reported it is preparing to roll out a new user-friendly privacy portal and it is improving ways for users to improve security through a security control center. (Read Access Now’s letter, and Kakao’s response.)
- Mail.Ru stated that protecting user data is among the company’s top priorities, but did not address recommendations urging the company to publicly commit to freedom of expression and privacy as human rights. (Read Access Now’s letter, and Mail.Ru’s response.)
- Microsoft acknowledged it has a “responsibility and commitment to operate our business in a way that respects universal rights such as privacy, freedom of expression and the right to access information.” It also pointed out that it sided with consumers in recent privacy rights cases in both the United States and Europe. (Read Access Now’s letter, and Microsoft’s response.)
- MTN reported that a “project team comprising members of regulatory compliance and customer operations functions is currently working on implementation of solutions to the priority indicators identified.” (Read Access Now’s letter, and MTN’s response.)
- Oath emphasized how its Business & Human Rights Program (BHRP) has brought continued improvements in corporate transparency and stakeholder engagement. The company also acknowledged “the potential the Index has to drive dialogue on how companies can communicate about their attention to these important issues.” (Read Access Now’s letter, and Oath’s response.)
- Orange emphasized its commitment to respecting and promoting fundamental human rights, noting that it conducts due diligence on government requests to hand over user information. The company also stated it works to ensure it protects users’ data, but does not publish its process for responding to data breaches due to security concerns. (Read Access Now’s letter, and Orange’s response.)
- Samsung stated its commitment to protecting users’ privacy, and said it would consider joining multi-stakeholder initiatives to “join forces with industry peers and other stakeholders in protecting users’ personal information.” (Read Access Now’s letter, and Samsung’s response.)
- Telefónica addressed each of Access Now’s recommendations and highlighted its “active commitment” to international human rights standards for more than a decade. (Read Access Now’s letter, and Telefónica’s response.)
- Twitter said it would continue to review and improve its privacy policy and transparency reporting. It also called attention to its new policy prohibiting “dehumanizing” speech. (Read Access Now’s letter, and Twitter’s response.)
- Vodafone pointed out that the company has launched new privacy portals in compliance with the EU’s new privacy directive (the GDPR), and stated that its privacy policies are based on the principles of accountability, fairness and lawfulness. (Read Access Now’s letter, and Vodafone’s response.)
Five internet and mobile companies (Apple, Baidu, Google, Tencent, and Yandex) and five telecommunications companies (América Móvil, Axiata, Bharti Airtel, Etisalat, and Ooredoo) have not yet responded to Access Now’s letters.
