The disconnect between HQ and local subsidiaries results in less transparency and protection

By Veszna Wessenauer

The local subsidiaries of companies we rank are failing to uphold the same human rights standards as in their home markets.

The collective operations of the telecommunications companies we rank cover more than 150 companies around the world. While we only evaluate the policies of these companies in their home markets, the business operations of their subsidiaries are equally important: Together, they affect the human rights of billions of people. And nowhere is the impact of these companies’ policies felt more strongly than in regions and countries where respect and protection of human rights by government authorities—online and offline—is lacking.

Take the case of Myanmar. Months before carrying out a coup on February 1, 2021, the country’s military junta ordered telecommunication service providers, including subsidiaries of Norway’s Telenor and Qatar’s Ooredoo, to install spyware in order to intercept private communications. Following the coup, all local and international telcos were told to implement military orders to shut down the internet on several occasions.

Telenor publicly denounced the interception order and later stated that the equipment the military gave it was never turned on. Ooredoo remained silent. In a statement published on February 12 of this year, Telenor explained that “a key reason for selling Telenor Myanmar is that we do not want to activate intercept equipment.” It added: “We cannot operate under a regime that involves violating our values, international law and human rights principles.”

Yet Justice for Myanmar, a local activist group, claimed that the sale of Telenor Myanmar to Lebanese company M1 was a “cover-up” to transfer ownership of the operation to a local military-linked company, the Shwe Byain Phyu conglomerate. Shwe Byain Phyu has owned 80% of the company since May, after M1 Group validated such fears by transferring control. To mitigate the uproar caused by the sale, Telenor reached an agreement with civil society groups from Myanmar to provide training and support to former clients and employees of the operation. Ooredoo followed Telenor’s lead soon after by selling its subsidiary to Singapore-based Nine Communications Pte. Ltd. It attributed the move to a “strategic” business decision “to focus on markets where Ooredoo is leading.”

Telenor’s experience in Myanmar exemplifies how telcos with parent companies in democratic countries are often forced to contradict their stated human rights positions when operating subsidiaries in countries with weak rule of law and due process. This stems from the nature of the contractual relationships telcos must establish with governments upon entering new markets. Government contracts under which they operate set out specific terms, which, if violated, could lead to serious repercussions. Companies can be sued and the lives of their employees could be at risk, as was the case with Telenor, which feared reprisals from Myanmar’s military government.

For these and other reasons, companies sometimes comply with restrictive laws and government demands to silence and surveil dissenting voices. Yet even if a company must comply, our standards set an expectation that it be as transparent as possible about the pressures it faces, where not prohibited by laws.

Due diligence, together with transparency and consistency in standards between a parent company and its subsidiaries, can guide companies in their responses to overbroad orders from authorities and mitigate disproportionate impacts on users’ rights.

Subsidiaries of companies that we rank have shown a disturbing lack of transparency. MTN's most recent 2021 transparency report included no data for Irancell, the company's joint venture with Iran's government-linked Kowsar Sign Paniz.

Yet subsidiaries of companies that we rank have shown a disturbing lack of transparency. MTN’s most recent 2021 transparency report included no data for Irancell, the company’s joint venture with Iran’s government-linked Kowsar Sign Paniz. The report noted that this data was not included due to MTN’s “minority ownership holding” in Irancell (it holds 49% compared to KSP’s 51%). But it seems likely that the company actually complied with demands from the Iranian government to remove evidence of its efforts to surveil users and shut down networks.

Digital rights organizations across the globe have also used RDR’s methodology to document inconsistencies in policies between parent companies and subsidiaries. A 2017 report by Social Media Exchange (SMEX), a Lebanon-based NGO working to defend digital rights in the Arabic-speaking region, found that subsidiaries of Orange in both Tunisia and Morocco did not publicly disclose their privacy policies and terms of services to their users, something that was provided to users of Orange France. Similarly, a 2018 report by Internet Without Borders examining the policies of Sonatel, Orange’s Senegalese subsidiary, and Safaricom, Vodafone’s subsidiary in Kenya, found that these operating companies are much less transparent about if and how they protect users’ rights compared to their parent companies.

Additional local adaptations of RDR’s methodology have found that some companies we rank provide more robust and rights-respecting policies on net neutrality and internet shutdowns for their home market users. For example, while our findings show that Vodafone’s home operating company has commitments to net neutrality in its service-level policy documents, forthcoming research found no such commitment from Vodafone’s operating companies in Tanzania, Mozambique, Lesotho, or Albania. And when comparing our findings on América Móvil with findings from the Balkan Investigative Reporting Network, we discovered that América Móvil’s home operating company, Telcel, has a net neutrality commitment that does not appear to apply to its North Macedonian subsidiary. Finally, while Airtel’s home operating company provided information about when it may shut down the internet under government order, researchers did not find any such disclosures for its Tanzanian, Ugandan, and Zambian operating subsidiaries.

RDR has witnessed an overall trend of telcos either complying with authoritarian, non-democratic states or pulling out of states with poor human rights records in ways that appear to cause additional threats to human rights.

With these inconsistencies on both transparency and policy, plus a lack of due diligence, we have witnessed an overall trend of telcos either complying with authoritarian, non-democratic states, or pulling out of states with poor human rights records in ways that appear to cause additional threats to human rights. In order to resist digital authoritarianism globally, telcos must be accountable for their actions when they decide to enter markets with a record of abuse from government authorities. Most importantly, they must uphold human rights commitments not only in their home jurisdictions, but wherever they operate.