1. Technology and Revolutions: Technology companies play an increasingly important role in enabling and supporting the end user's capacity to exercise his or her rights to freedom of speech, access to information, and freedom of association. ICT companies should respect those rights in their operations and also encourage governments to protect human rights through appropriate policies, practices, legal protections, and judicial oversight.
2. On Human Rights: In both policy and practice, technology companies should apply human rights frameworks in developing best practices and standard operating procedures. This includes adhering to John Ruggie's Protect, Respect, and Remedy framework outlined in the UN Guiding Principles on Business and Human Rights.
3. Frontline Lessons from Other Sectors: Technology companies should look to the innovative examples and incorporate important lessons from other sectors, such as the apparel and extractive industries. The experiences of these sectors can and should guide them as they develop their human rights policies. These must be reflected in their operating practices in a transparent and accountable manner.
4. On Internet Regulation: To ensure innovation and the protection of human rights, internet regulation should only take place where it facilitates the ongoing openness, quality, and integrity of the internet and/or where it enables or protects users' ability to freely, fully, and safely participate in society. To achieve this end, it is critical that ICT corporations engage in multistakeholder dialogue.
5. Human Rights by Design: During the research, development, and design stages, technology companies should anticipate how and by whom their products and services will be used. Developing a human rights policy and engaging in due diligence at the earliest stages helps companies prevent crises, limit risk, and enable evidence-based assessment of company activities and reporting.
6. Encryption of Web Activity: Effective internet security is essential to ensuring freedom of speech, privacy, and the right to communicate. Technology companies must provide a basic level of security (e.g., HTTPS and its improvements) to their users by default and resist bans and curtailments of the use of encryption.
7. Getting Practical: Technology companies should implement human rights-respecting policies and practices in their day-to-day operations. These companies should utilize multi-stakeholder and cross-sector dialogues to review challenges faced within their markets with a view to improve their best practices.
8. Coding for Human Rights: Recognizing the human rights implications in code, engineers, developers, and programmers should ensure that technology is used in the exercise of fundamental freedoms, and not for the facilitation of human rights abuses. Technology companies should facilitate regular dialogue between engineers, executive leadership, and civil society to ensure that all parties are informed of the potential uses and abuses of their technologies.
9. Social Networking: Social networking platforms are both increasingly important to their users' capacity to communicate and associate online and are most used when customers trust the service's providers. When companies prioritize the rights of their customers, it is good for the long-term sustainability of their business, their brand, and their bottom line.
10. Intermediary Liability: In an era of computer-mediated communications, freedom of speech, association, and commerce increasingly depend on internet intermediaries (e.g., broadband service providers, web hosting companies). These intermediaries should not be required to determine the legality of, or held liable for, the content they host.
11. Legal Jurisdiction in a Borderless Virtual World: To foster the continued growth of an open and interconnected internet, technology companies should work alongside governments and civil society to ensure that users' rights are protected to the fullest extent possible. Governmental mandates that infringe upon freedom of expression and other human rights should be interpreted so as to minimize the negative impacts of these rules and regulations.
12. Visual Media and Human Rights: Technology companies should pay special attention to the unique human rights challenges of visual media technologies and content—especially on issues such as privacy, anonymity, consent, and access.
13. Social Media in Times of Crisis: Technology companies should resist efforts to shut down services and block access to their products, especially during times of crisis when open communications are critical. Blanket government surveillance of corporate networks should be resisted. Moreover, the burden of proof for privacy-invasive requests should lie with law enforcement authorities, who should formally, through court processes based on probable cause and rule of law, request a warrant for each individual whose information they would like to access.
14. Privacy: Technology companies should incorporate adequate privacy protections for users by default. Furthermore, technology companies should resist over-board requests from governments to reveal users' information, disclose no more information about their users than is legally required, and inform their users so that they can choose to legally respond to these requests. Furthermore, technology companies should be transparent about how user data is collected, processed, and protected—including disclosures of unauthorized access to user data.
15. Mobile and Telcos: Telecommunications companies must protect their users' fundamental human rights, including support for the protection of human rights in their operating licenses, and ensure that the free flow of communication is not curtailed or interfered with, even in times of crisis.
The big thing missing here is the subtext: While it's incredibly important to ensure that human rights are fulfilled in the use of information and communication technologies, it does us no good to simultaneously ignore abuses in their manufacture. My hope going forward is that this framework can be deepened to explicitly include the supply chains and labor rights problems associated with the ICT sector. The freedoms these magical gadgets enable must extend all the way down to the minerals.