If the company engages in zero-rating, it should conduct regular, comprehensive, and credible due diligence, such as through robust human rights impact assessments, to identify how all aspects of its zero-rating policies and practices affect users’ fundamental rights to freedom of expression and information, to privacy, and to freedom from discrimination, and to mitigate any risks posed by those impacts.
Elements:
- Does the company assess freedom of expression and information risks associated with its zero-rating programs?
- Does the company assess privacy risks associated with its zero-rating programs?
- Does the company assess discrimination risks associated with its zero-rating programs?
- Does the company conduct additional evaluation wherever the company’s risk assessments identify concerns?
- Do senior executives and/or members of the company’s board of directors review and consider the results of assessments and due diligence in their decision-making?
- Does the company conduct assessments on a regular schedule?
- Are the company’s assessments assured by an external third party?
- Is the external third party that assures the assessment accredited to a relevant and reputable human rights standard by a credible organization?
Definitions:
Clearly disclose(s) — The company presents or explains its policies or practices in its public-facing materials in a way that is easy for users to find and understand.
Human Rights Impact Assessments (HRIA) — HRIAs are a systematic approach to due diligence. A company carries out these assessments or reviews to see how its products, services, and business practices affect the freedom of expression and privacy of its users.
For more information about Human Rights Impact Assessments and best practices in conducting them, see this special page hosted by the Business & Human Rights Resource Centre: https://business-humanrights.org/en/un-guiding-principles/implementation-tools-examples/implementation-by-companies/type-of-step-taken/human-rights-impact-assessments
The Danish Institute for Human Rights has developed a related Human Rights Compliance Assessment tool (https://hrca2.humanrightsbusiness.org), and BSR has developed a useful guide to conducting a HRIA: http://www.bsr.org/en/our-insights/bsr-insight-article/how-to-conduct-an-effective-human-rights-impact-assessment
For guidance specific to the ICT sector, see the excerpted book chapter (“Business, Human Rights and the Internet: A Framework for Implementation”) by Michael Samway on the project website at: http://rankingdigitalrights.org/resources/readings/samway_hria.
Zero-rating program — “Zero-rating” refers to the practice of not charging users for data used to access certain online services or platforms. Zero rating is regarded as a type of network prioritization which undermines the principle of network neutrality.
Indicator guidance: “Zero-rating” refers to programs—which can be offered by both telecommunications companies and by platforms, in partnership with telecommunications companies—that provide access to certain online services or platforms without counting against a person’s data plan. Many telecommunications providers, including RDR-ranked companies, offer such programs, either as the sole provider of the program or in partnership with social media platforms, such as Facebook’s “Free Basics.” These types of programs are a form of network prioritization that undermine net neutrality principles—and can trigger a range of other possible human rights harms, including by undermining the right to freedom of expression and information. In addition, Global Voices Advox has identified Facebook’s Free Basics as “a mechanism for collecting profitable data from users,” raising serious privacy concerns about the program. Zero-rating programs can also be discriminatory in the sense that they prioritize certain types of data over others, either on the basis of the protocol in question (HTTP, HTTPS, VoIP, etc.) or on the basis of the content (i.e., prioritizing one social networking site over another). This discrimination (against types of data) can in turn lead to human rights harms that affect people based on their personal characteristics, including gender, race or ethnicity, language(s) spoken, and myriad other traits.
This indicator examines whether companies conduct robust, regular, and accountable impact assessments of the effects of zero-rating programs on users’ human rights. Companies that offer such programs should conduct assessments of how these programs may impact users’ rights to expression and information, privacy, and non-discrimination. These assessments should be part of the company’s formal, systematic due diligence activities that are aimed at ensuring that a company’s decisions and practices do not cause, contribute to, or exacerbate human rights harms. Assessments enable companies to identify possible risks of zero-rating programs and to take steps to mitigate possible harms if they are identified.
Note that this indicator does not expect companies to publish detailed results of their human rights impact assessments, since assessments may include sensitive information. Rather, it expects that companies should disclose that they conduct HRIAs and provide information on what their HRIA process encompasses.
Potential sources:
- Company CSR/sustainability reports
- Company human rights policy
- Regulatory documents (e.g., U.S. Federal Trade Commission)
- Reports from third-party assessors or accreditors
No Comments