RightsCon Toronto 2018

The United Nations Guiding Principles set out a clear framework of the obligations and responsibilities falling within the field of businesses and human rights. Whilst states have the ultimate obligation to ensure that human rights are protected, businesses have a responsibility themselves to respect human rights. In the ICT sector, there are clear risks to human rights that stem from the activities, products and services of tech companies. Poor data protection can result in breaches of individuals’ privacy, and potentially risks of discrimination. Providing user data to governments or third parties can also interfere with users’ right to privacy and, in some circumstances, risk their physical security. Inappropriate content regulation can hamper freedom of expression. We have seen examples of all of these in recent months and years.

Whilst many of the larger tech companies have the resources to be able to respond to the UNGP and develop internal policies and processes to protect human rights, the same cannot yet be said for many, if not most, small and medium-sized tech companies (SMEs). As these SMEs develop and grow, it is essential that respect for human rights is hardwired into their policies and processes at as early a stage as possible, to as to minimise any risks to the human rights of their users. But among tech SMEs there is often a lack of understanding of core human rights concepts such as privacy and free expression, let alone the international human rights standards set out in the UNGP.

We want to try and address this challenge and find ways to transfer the broad principles in the UNGP into practical steps that tech SMEs can take to respect the human rights of their users. In this fish bowl session, bringing together representatives of large tech companies, small and medium sized tech companies, human rights defenders and others, we hope to spark debate and discussion of practices that can be shared and steps that can be taken to build tech SMEs’ understanding of how they can respect human rights.

The session will start with a short background introduction to the issues and our experience in our project, showcasing our guide on “How to Respect Privacy and Free Expression as a Tech SME”, launched in July 2017, and which we have used as the basis for training with tech SMEs and civil society organisations in Kenya, Senegal, Nigeria, South Africa and Mexico. This will be followed by 45 minutes of discussion, with encouragement of tech companies to highlight the particular challenges they face and for participants to share or suggest solutions.

We hope that this session will lead to greater awareness amongst participants of the challenges that tech SMEs face in ensuring that they respect human rights through their activities, products and services; and the sharing of proposals, good practices and possible solutions which can be utilised to address these challenges.