Ranking Digital Rights – 2018 Corporate Accountability Index

Human Rights – “Digital Rights”

Ranking Digital Rights
New America’s Open Technology Institute
April 2018 :: 148 pages
Funders: John D. and Catherine T. MacArthur Foundation; Ford Foundation; Open Society Foundations; U.S. Department of State, Bureau of Democracy, Human Rights, and Labor
PDF: https://rankingdigitalrights.org/index2018/assets/static/download/RDRindex2018report.pdf

Executive summary [Excerpts]
The Ranking Digital Rights 2018 Corporate Accountability Index evaluated 22 of the world’s most powerful internet, mobile, and telecommunications companies on their disclosed commitments and policies affecting freedom of expression and privacy. These companies held a combined market capitalization of approximately USD 4.7 trillion. Their products and services are used by a majority of the world’s 4.2 billion internet users…

The 2018 Index evaluated companies on 35 indicators examining disclosed commitments and policies affecting freedom of expression and privacy, including corporate governance and accountability mechanisms. To view in-depth results and data visualizations, download full datasets, and access related resources, news, and updates, please visit: https://rankingdigitalrights.org/index2018…

Recommendations
If the internet is to be designed, operated, and governed in a way that protects and respects human rights, we must all play our part. Companies, governments, investors, civil society organizations, and individuals—as employees of companies, as citizens of nations, as consumers of products, and as users of a globally interconnected internet—must all take responsibility and act.

Corporate transparency and accountability is incomplete without transparent and accountable governments that fulfill their duty to protect human rights. Meanwhile,
companies should be held responsible for all the ways that their products, services, and business operations affect users’ rights, over which they have any influence or control.

All companies evaluated in the Index can make many changes immediately, even in the absence of legal and policy reform. Detailed recommendations are listed throughout the Index report and in the individual company report cards. They fall under seven broad categories:

1. Strengthen corporate governance. Companies should not only articulate clear commitments to respect users’ freedom of expression and privacy, but also disclose concrete evidence that they have institutionalized these commitments through board and executive oversight, company-wide training, internal reporting, and
whistleblowing programs.

2. Get serious about risk assessment. Companies should implement comprehensive due diligence processes to ensure they can anticipate and mitigate any negative impact that their products, services, and business operations may have on users’ rights.

3. Provide meaningful grievance and remedy mechanisms. Companies should have channels for users and other affected parties to file grievances if their rights have been violated as a result of company actions. Companies should also have clearly disclosed processes for responding to complaints and providing appropriate redress.

4. Be transparent and accountable. Companies should publish regular information and data on their official websites that helps users and other stakeholders
understand the circumstances under which personal information is accessed by third parties, speech is censored or restricted, and access to a service is blocked or
restricted.

5. Strengthen privacy. Companies should clearly inform users about what happens to their information, minimize collection and use of data to what is necessary
for provision and service, and provide users with maximum control over what information they provide and with whom it is shared.

6. Strengthen security. Companies should disclose credible evidence of their efforts to secure users’ information. Specifically, they should show that they maintain
industry standards of strong encryption and security, conduct security audits, monitor employee access to information, and have an established process for
handling data breaches.

7. Innovate for human rights. Collaborate with government and civil society. Invest in the development of new technologies and business models that strengthen human rights, and maximize individual control and ownership over personal data and content.