Promoting Effective and Inclusive ICT Policy in Africa

Author Archives: CIPESA

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Articles by: CIPESA
17Aug

West Nile Journalists and Human Rights Defenders Condemn Cyber-attacks and Internet Abuse By State and Non-state Actors

Author CIPESA Posted on

By Hafiz Bakhit |

Arua District. Internet has broken more barriers than before as the future of media continues to turn digital especially in entertainment, news, and business.

However, Journalists and Human rights defenders drawn across west Nile region during a two-day training in Arua District, noted with concern that though the Internet has brought new and exciting communication methods that allow users to share messages more quickly and across greater distances, there is need to pay much attention to the risks involved.

These Include deliberate targeting and clampdown on human rights organisation defenders by both state and non-state actors, intimidation, arrests, Cyber attacks and harassment of social media users which have all become a serious threat to Internet freedom.

Also Key in the discussions were Digital Rights in Uganda, Combating Dis/Misinformation and Hate Speech, fact-checking to fight fake news, freedom of expression, best digital security practices, laws governing Internet use and related media laws among others.

Edrine Wanyama the Legal Officer from the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) the organization which organized the training called for more vigilance in dealing with the rising cases of Cyberbullying, invasion of privacy, identity theft, and exposure to offensive images.

“We have seen people uploading inappropriate content, embarrassing or provocative photos or videos of themselves or others, sharing personal information with strangers – for example, phone numbers, date of birth or location and other confidential personal data hence falling prey to hackers and scammers”, Wanyama Added.

He also mentioned state and non-state actors who tend to undermine internet freedom by legalizing surveillance and interception of communication, digital taxation, internet disruptions, collection of biometric data among others.

The journalists and human rights defenders noted that Orchestrators of fake news, online scammers and hackers are posing huge threat to the fundamental digital rights.

The participants therefore agreed that there is need to protect Internet Users against hackers, fake and harmful information by unscrupulous individuals or groups intended to abuse rights of others.

“Many women and children have fallen prey to child pornography, fraudsters and kidnappers who persuade their victims through all sorts of enticing posts, and as a result many unsuspecting people have fallen victim to the online scammers” noted Brian Byaruhanga, Technology Officer and human rights advocate working with CIPESA.

The question is who has the mandate to regulate the Digital space I Uganda?” asked William Amanzuru – a renowned environmental activist working with Friends of Zoka Forest in Adjumani who emphasized the urgent need for policy reviews and new laws to check the digital space.

“Government should not invest all its energy on tracking its critics such as we journalists and other human rights defenders as seen in the 2021 Elections and related scenarios but also focus on orchestrators of cyber violence against women, children and fraudsters or scammers online” says one of the Journalists who preferred to stay anonymous.

Brian Byaruhanga, urged online consumers to always practice encryption, data backups to protect data from possible threats while working online.

To limit online virus attacks, Byaruhanga implored the participants to install paid-for antivirus since unpaid for anti-virus can expose users to hackers. Byaruhanga also advises online users to avoid unsolicited email and links.

“Before you click on any link you first cross-check if at all it’s legitimate or owned by real company or group,” Byaruhanga added.

In the past few years, Uganda registered a wave of Gender based online abuse against a number of female celebrities targeted especially by their jilted lovers or unscrupulous people who were all out to blackmail them for money or selfish interests.

Nude Photos of the victims including Fabiola Anita, Martha Kagimba popularly known as Martha Kay, Judith Heard, Cindy Sanyu, Sanyu Robina Mweruka, Desire Luzinda, Zari Hassan, and herbalist Sylvia Namutebi popularly known as Maama Fiina were leaked through the social media.

There has also been increase in cases of fake news about purported death of prominent persons in the country.
Participants therefore agreed that for digital rights to be enjoyed freely, stakeholders need to strengthen Collaboration in advocacy of Digital rights issues at the various levels.

They said, technology presents various challenges to the protection of human rights such as the lack of adequate avenues to verify authenticity of information shared, violation of the right to privacy, respect to copyright issues and the right to anonymity among others hence with a shrinking civic space in Uganda, Human Rights Defenders need to be more vigilant in securing their digital environments.

These require an awareness of the digital security threats faced by Human Rights defenders, a clear understanding and implementation of internet freedom legalization affecting their works and different digital security tools that they can use to protect their online privacy.

This article was first published on the Cross Border Net site on August 14, 2022

the-africa-digital-rights-fund-le-fonds-africain-pour-les-droits-numeriques-fund
28Jul

How the ADRF is Building Capacity and Traction for Digital Rights Advocacy in Africa

Author CIPESA Posted on

By Apolo Kakaire |

Three years since it was launched and with USD 649,000 disbursed to 52 beneficiaries across 39 African countries, the Africa Digital Rights Fund (ADRF) is powering digital rights policy advocacy and engagement across the continent. According to several beneficiaries, the ADRF is a unique funding initiative that has broken ranks with traditional funders’ structures, and to considerable effect.

The Fund is lauded for adopting a simple application process, allowing for flexibility in implementation, breaking barriers for little-known actors, enabling grantees to build on previous initiatives to ensure greater reach and impact, and supporting local context-specific and responsive projects. This, according to grantees and collaborators who were part of a June 2022 virtual convening on ADRF advocacy experiences which was aimed at promoting learning and best practice.

The ADRF was launched in April 2019 in recognition of the growing role of technology in fostering democracy and promoting equity on the African continent amidst rising arrests of activists, network disruptions in several countries, and restrictive legislation that stifled innovation and human rights online. Moreover, assessments at the time had found that many digital rights interventions were limited in scope, thinly spread across the continent, faced resource limitations, and were often inconsistent in their engagement with digital rights work. 

“The situation called for partnerships to bring together different competences to advance digital rights on the continent through seed funding,” said Ashnah Kalemera, the Programme Manager at the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the administrators of the ADRF.  Those partnerships required provision of flexible and rapid response funding to a range of entities that did not have the ability to attract funding from traditional funders, who have stringent application requirements and lengthy grant application processing times. 

With grants ranging between USD 1,000 and USD 20,000,  ADRF beneficiaries have undertaken various initiatives focused on technology in society, the public and private sectors. Besides the funding, grantees have also received capacity building in data-driven advocacy and impact communication and media relations. Across the continent, the Fund has helped to strengthen capacity in evidence-based research, collaborative advocacy and impactful policy engagements responsive to regulatory and practice developments that affect the internet freedom landscape.

At the June convening, select initiatives in Kenya, Namibia and Somalia supported by the Fund shared their advocacy experiences. In Somalia, the ADRF-supported work of Digital Shelter has seen a major breakthrough in stakeholder dialogue and engagement on hitherto undiscussed digital rights subjects such as digital inclusion, online civic space, gender-based violence online, digital entrepreneurship, civic participation and data protection and privacy

“Prior to ADRF’s support, people in the country had no appreciation for digital rights and the consequences of internet shutdowns. The Fund helped us to engage the government to talk about policies and legislation and when the conversation started, the Minister [of Communications and Technology] was very open and he was surprised that there was a local group addressing these issues,” said Ayaan Khalif, Co-founder of Digital Shelter. “The ADRF was an eye opener and helped us partner and link with other organisations and to understand what works in other countries.” 

Aayan added that applying for the ADRF funding was an easy process. She said: “We were almost giving up on donor funding after so many rejections. The ADRF process was simple. Some donors complicate things. The [application templates] are in English but sometimes it is as if it is in another language.”

The inroads made by Digital Shelter underscore the importance of collaboration and partnership in advancing digital rights in the region. Zakarie Ismael, the eGovernment Implementation Advisor in Somali’s Ministry of Communications and Technology, stated that the government of Somalia, through the ministry has responded to the appeals of Digital Shelter and other actors by prioritising the technology sector, including through the ICT Policy and Strategy 2019-2024. That government responsiveness has been crucial to the work of digital rights activists. As Ayaan noted, “It makes it easy to make inroads when you have people backing you up in policy advocacy. Our partnership with the government has been very practical in this regard.”.

As legislative and oversight bodies, national parliaments have a key role in advancing  digital inclusion and rights-respecting digital policies and practices. Indeed, some grantees, including Mzalendo Trust in Kenya, have dedicated efforts to promoting citizen-parliamentary engagement on digital rights. With the suspension of parliamentary proceedings in Kenya at the height of the Covid-19 pandemic, the ADRF supported functionality upgrades to the Dokeza and Bonga Na Mzalendo platforms. The upgrades enabled citizen participation through remote annotation and submission of memoranda on bills including on the controversial Huduma Initiative

Mzalendo Trust has also worked to promote an inclusive digital economy in Kenya. Like Ayaan, Slyvia Katua, a Programme Officer at Mzalendo Trust, lauded the ADRF for using a simple and straightforward application process. “The application requires you to outline what issues you are targeting, what solutions you offer and what impact you foresee,” she said. 

Meanwhile, Josephat Vijanda Tjiho, from the Internet Society (ISOC) Namibia Chapter, appreciated the ADRF grant process for allowing them to build from one project to another. “We organised forums on digital media and elections, then stepped up to privacy and data protection especially around the Covid-19 pandemic and thereafter a campaign against online violence against women and children. Our ideas [which the ADRF supported] were building from one to the other and this made our application process quite smooth,” Tjiho said. 

ISOC Namibia conducted research and convened engagements with different stakeholders on data protection, gender-based violence online and access to information. “Based on our engagements, the Namibia Access to Information (ATI) Act was passed in June 2022 and this was partly made possible through support from the ADRF,” stated Tijho. For its campaign against gender-based violence, ISOC Namibia successfully collaborated with prominent personalities including a technologist, musician and pageant as part of the 16 Days of Activism Against Gender-Based Violence. The campaign fed directly into work on research and workshops on gender-based violence in the Southern African Development Community (SADC) region for which ISOC Namibia partnered with CIPESA, Meta, Pollicy, Genderlinks and University of Pretoria Centre for Human Rights.

According to Neema Lugangira, a Member of Parliament (MP) in Tanzania, undertaking digital rights advocacy without involving parliament has created huge gaps in ensuring that policy and legislation around digital rights are rights-respecting and are effectively implemented. She faulted civil society organisations seeking policy reforms for concentrating on other arms of the government and ignoring parliaments yet they play a key role in policy formulation and oversight. She urged ADRF grantees and other digital rights actors to actively engage MPs as part of their programming. “We should prioritise capacity building for MPs because they are ignorant about digital rights,” said Lugangira.

The experiences of ADRF grantees indicate the potential of rapid response and flexible funding in positively shaping the digital rights landscape in Africa through targeted research, advocacy and movement building.

22Apr

Advancing Internet Freedom in Africa Through the Universal Periodic Review: Lessons and Gaps

Author CIPESA Posted on

By CIPESA Staff Writer |

Since its establishment in 2006, the Universal Periodic Review (UPR) has provided a unique process for reviewing the human rights records of all United Nations (UN) Member States. Over the years, however, there has been limited participation by African civil society in the review process. In particular, there is limited work by African actors to promote internet freedom through this process.

Accordingly, since 2018, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), Small Media Foundation and a coalition of regional partners have been working to support civil society organisations across Africa to engage with the UPR process through capacity development in research and advocacy. The project has made up to 16 UPR submissions on digital rights in Africa with a focus on the Democratic Republic of Congo, Ethiopia, the Gambia, Kenya, Liberia, Malawi, Mozambique, Namibia, Nigeria, Rwanda, Senegal, Sierra Leone, South Sudan, Tanzania, Uganda and Zimbabwe

To further concretise CIPESA and Small Media’s efforts, a survey was commissioned to gauge the awareness, engagement and existing capacities of stakeholders in relation to the UPR process and their development needs with regard to UPR advocacy, campaigning, and research. Conducted between July 2019 and December 2021, the survey recorded a total of 134 respondents from all 16 countries on which CIPESA, Small Media and partners made UPR submissions focused on digital rights. The respondents included activists, academics, diplomats, lawyers, journalists, government officials, development actors, and civil society organisations. 

The survey found that there is limited participation by African civil society in the UPR process despite the review process providing a framework within which activists and human rights defenders can lobby and hold governments to account to promote internet freedom. The number of internet freedom-related submissions on Africa is still small though growing, which is a reflection of the low number of actors conducting internet freedom work and participating in UPR reviews. 

While there is a relatively high level of awareness of the existence of the UPR process, partly the result of training efforts by various organisations in recent years, the level of knowledge about the process is limited. Similarly, the level of participation in the review is moderate, with only 27% having taken part in national consultations and one in four having participated in submission of stakeholder reports. It is also noteworthy that even for those processes that many respondents had participated in, such as stakeholder submissions, those efforts were often led by entities based outside the continent. Only one third of respondents had ever received UPR-related capacity development.

The survey findings indicate the need for skills and knowledge development in UPR engagement including advocacy and follow-up on recommendations; making stakeholder submissions; and participating in national consultations and review sessions. Further, it is crucial to capacite legacy human rights organisations to embrace digital rights work. Other skills development needs identified included data collection; analysis and report writing to feed into submissions; stakeholder engagement; and diplomacy and international negotiations. 

Specifically on digital rights, skills building in understanding the legal and regulatory environment for the digital sector at national, regional and global levels, as well as coalition building strategies, and communications for advocacy, were identified. Other skills needed included digital security for human rights  defenders; knowledge of the full range of the UN Human Rights Mechanisms; and crafting human rights policy recommendations.

In line with the capacity gaps identified by the survey, CIPESA and Small Media convened CSOs, activists and human rights defenders from the 16 countries for a three days workshop on UPR advocacy and coalition building for digital rights. The workshop, which was held in Kampala, Uganda on March 20-22, 2022, featured sessions on local engagement and mobilisation, international and regional legal frameworks, researching digital rights and identifying policy issues, campaign and advocacy planning and impact communications, among others.  

Speaking at the opening of the workshop, CIPESA’s Programme Manager Ashnah Kalemera stated that the training sought to capacitate organisations to more effectively leverage the UPR for advancing digital rights. “Increasing African-based organisations’ participation in the UPR, national level uptake and follow up on recommendations by governments requires growing skills and engendering collaboration among stakeholders,” said Kalemera.

The workshop builds on CIPESA’s multi-country efforts in building skills and knowledge in collaborative internet policy research, research methods, communicating research, and data-driven advocacy, among others, towards a free, open and secure internet in Africa.

See the Internet Freedom and UPR in Africa Survey report here.

21Apr

Togo: Fumbling With a Digital ID While Actively Surveilling Citizens

Author CIPESA Posted on

By Afi Edoh |

For four years Togo has been inching towards issuing a digital identity (ID) card. While there are indications that 2022 may be the year in which the west African country finally delivers the long-awaited digital ID, the road ahead remains uncertain. Challenges lie both in bureaucratic delays and citizens’ caginess about handing their data to a government with a penchant for surveilling citizens and shutting down digital communications.

The Togolese government announced the e-ID Togo project in 2018, but it was not until mid 2021 that the Ministry of the Digital Economy and Digital Transformation initiated efforts to recruit a communications consultant to devise an awareness campaign to precede the registration stage and a technology solutions service provider. The International Institute of Information Technology Bangalore was awarded the system contract in December 2021.

According to the government, the e-ID project will simplify the process of updating the electoral register, facilitate access to public services and to credit, reduce fraud in the financial sector, and facilitate the targeting of social protection beneficiaries. Only 25% of the country’s population of eight million has a form of identification, with women less likely to have an identification document, which hinders their ability to open bank accounts, enrol children in school, benefit from health insurance, or get a mobile phone number. In recognition of the gaps in civil registration among citizens, the government set out to enrol citizens for e-ID even without proof of birth registration.

Togo passed Law No. 2019-014 relating to the protection of personal data in October 2019. In 2020, parliament passed Law No. 2020-009 relating to the biometric identification of natural persons, whose objective is to establish a system for identification and authentication of natural persons. The law aims to establish a “secure and reliable methodology” for obtaining, maintaining, storing and updating data on the identity of registered individuals. The law requires all citizens and residents in Togo to obtain a Unique Identification Number (NIU) by submitting their demographic and biometric data (Article 4). The biometric data specified for purposes of obtaining a NIU are photograph and / or facial recognition, fingerprints, and iris scan. The National Identification Agency (ANID) is mandated to collect biometric data for the NIU.

SIM Card Registration
In July 2021, a SIM card registration and limitation of subscriptions per individual and network campaign was launched by the telecommunications regulatory authority ARCEP, supported by leading telecom operators Moov Africa Togo and TogoCom. The SIM registration requirements include a national identity card or passport and collection of biometric and demographic data. 

But this extensive collection of individuals’ personal data raises concerns for the safety of such data. These concerns are not unfounded and they partly arise from the state’s record on respect for digital rights, which have seen it order network disruptions and use malware to target opponents and dissidents.

State Surveillance
In 2020, lingering suspicions that the Togolese government was undertaking interceptions of communications gained credence when the Citizen Lab revealed that Israeli-made spyware Pegasus, supplied by the NSO Group, was used between April and May 2019 to target Togolese civil society, including a Catholic bishop and a priest, as well as two members of Togo’s political opposition. The surveillance reportedly coincided with nationwide pro-reform protests that were forcibly dispersed. The Togolese government did not respond to the allegations, which nonetheless sparked debate within Togolese media and civil society.

Further, in October 2021, Amnesty International research found that Togolese activists had been targeted with spyware by the Donot Team hacker group based in India – the  first time that Donot Team spyware was found in use outside of South Asia. According to the report, the activists’ devices were targeted between December 2019 and January 2020, during a tense political climate ahead of the 2020 presidential election.

Network Disruptions

During the February 2020 elections, authorities disrupted access to messaging services (WhatsApp, Facebook Messenger, and Telegram). Later that year, the Economic Community of West African States (ECOWAS) Court of Justice ruled that the 2017 internet shutdown in Togo was illegal and an affront on the right of freedom to expression. 

According to Access Now, the court ordered the government of Togo to pay two million francs (USD 3,459) to the plaintiffs as compensation, and to take all the necessary measures to guarantee the implementation of safeguards with respect to the right to freedom of expression of the Togolese people.

Privacy and Data Protection

Togo’s laws provide safeguards against unlawful surveillance and unauthorised access to data whilst also granting authorities sweeping powers to violate privacy. Law No. 2012-018 on electronic communications provides for privacy of communications but article 92 empowers the Prime Minister, and the Ministers responsible for the economy and finance, defence, justice, and security and civil protection, to trigger the interception of communications and electronic content.

The biometrics identification law requires the National Identification Agency to encode and encrypt data on its registry and only allows access to authorised agents (article 10, 21 & 22). Violation of the obligation of non-disclosure of personal data, identity theft and unauthorised processing of personal data are punishable with fines ranging from one million to 10 million Central African Francs (USD 1,747 to 17,472), imprisonment between one and five years, or both.   

Article 94 of Togo’s 2012 electronic communication law obliges encryption service providers to comply with lawful interception orders, with refusal to provide secret decryption codes to government agencies punishable with a fine of between USD 3,544 and USD 14,178. Cryptology services providers are required to retain for one year, content and data allowing the identification of anyone who has used their services, and to provide the technical means that enable the identification of those users. The service providers are required to avail this data, on request, to the investigating judge, Prime Minister, Minister for the Economy and Finance, the Minister of Defence, the Minister  of Justice, and the Minister of Security. The multiple officials who access data – similar to the various officials that can trigger the interception of communications – offers wide latitude for abuse of citizens’ data privacy rights.

Digital Exclusion
In the wake of Covid-19, Togo initiated a relief programme for vulnerable citizens whose livelihoods were affected by the state of emergency. As at March 2021, the programme, known as NOVISSI, had disbursed a total of 13.3 billion francs (USD 22 million) to 819,972 citizens via mobile money.

However, the programme was criticised for requiring applicants to possess a voter’s ID card. During the last electoral census, opposition parties called on the population to boycott the exercise, which meant that some citizens had not renewed their voter ID cards. There were also cases of unscrupulous individuals utilising the voter’s ID details of other citizens to fraudulently benefit from the programme. As a result, the government temporarily halted the program to allow for physical verification of beneficiaries at dedicated centres.

Way forward

Whereas the various sanctions within the existing legal framework might be a deterrent against unauthorised access to and misuse of personal data, there is wide latitude for state agencies and officials to access the data, which could be abused. This calls for a review of the provisions to ensure they uphold citizens’ right to privacy and data protection, with adequate oversight and redress mechanisms. Further, the e-ID should be rolled out in a manner that ensures agency and dignity, without enhancing exclusion and surveillance. 

15Apr

CIPESA Makes Submission to the OHCHR on Human Rights in the Tech Sector

Author CIPESA Posted on

Submission |

The Collaboration on International ICT Policy for East & Southern Africa (CIPESA) has made submissions to the Office of the United Nations High Commissioner for Human Rights (OHCHR) on how businesses in the technology sector can improve the observance of human rights. 

The submissions, made in February 2022 in response to a call for inputs on the application of the United Nations Guiding Principles on Business and Human Rights (UNGPs) to the activities of technology companies, will feed into a report the OHCHR will submit to the Human Rights Council in June 2022. 

Below is a summary of CIPESA’s submission.

Emerging Trends

The digital age presents new challenges and ways of working that necessitate a review of how the UNGPs can be applied in the technology sector. Increasingly, states have become purchasers of digital technologies from technology companies to facilitate the implementation of various national programmes which present previously unforeseen risks to privacy as they facilitate mass surveillance. Commonly implemented national programmes posing threats to individual privacy include national digital identification systems, voter registration using digital biometric systems, mandatory SIM card registration, smart cities programmes, and installation of national video surveillance (CCTV) programmes integrating facial recognition systems.

Furthermore, digital technologies have fallen prey to retrogressive legal measures undertaken by states. Across Africa, countries have enacted legislation which compel telecommunications service providers to embed capability within their systems to facilitate the interception of communications by state security agencies, and the state acquisition of software and hardware equipment to facilitate surveillance and interception. 

In addition, some states have taken advantage of digital tools to carry out cyber attacks, censor online content, disseminate propaganda and disinformation. Moreover, many African governments have adopted laws limiting anonymity and the use of encryption.

Pressure on tech companies

Some governments continue to apply undue pressure on technology companies including social media platforms to provide personal information, take down content, and shut down the internet. Others have adopted repressive legislation to control the spread of information on social media, or to regulate internet intermediaries by placing undue liability on them for content on their platforms. During the Covid-19 pandemic, states developed various contact tracing systems and applications without adequate legal frameworks, or an assessment of the human rights impact of the applications. Also, state responses to hold companies accountable remain ad hoc, fragmented and not aligned with international standards.

Questionable company practices
Across the continent, social media, online search, fintech and advertising companies have adopted business models that are based on surveillance capitalism and thus continue to threaten the privacy of users, in some cases without users’ explicit knowledge or consent. Further, social media platforms have also contributed to the spread of harmful content online, which companies have failed to take effective measures to address. Also, social media content policies do not always adopt definitions of content that are rights-respecting, and their practices around content moderation are problematic. Content is often moderated using automated systems which lack local context, are discriminatory and embed bias.

Moreover, some platforms’ practices around content takedowns remain inaccessible, their content policies are not uniformly applied, and redress mechanisms do not always apply the rules of natural justice. In addition, some companies have continued to develop and sell surveillance technology to autocratic governments on the continent, which is subsequently used against human rights activists, government critics, and opposition leaders, which further exacerbates risks to human rights.

Trade of privacy for business continuity

The total sum of the government measures coupled with the pressure imposed on tech sector players is continent-wide trade of privacy for business continuity by technology companies. This is commonly seen in state surveillance through electronic technologies, including interception of communications, hacking of information of target persons especially political dissidents, activists and human rights defenders. The tech sector has, however, not done enough to ensure that individual privacy is guaranteed for their customers. 

In a continent where strong privacy laws remain scanty, the increased usage of online platforms and social media in the absence of adequate safeguards and oversight over companies remains a critical risk for privacy rights. The enjoyment of human rights and freedoms, especially freedom of expression and  access to information, association, assembly and movement have sharply declined.

Recommendations

Addressing human rights risks in business models:

  • The commitment to respect human rights as envisaged by the UNGPs  should be integrated at all levels in the company hierarchy and embedded across all its functions and processes.
  • Companies should take steps to mitigate risks within their existing business models, and continuously innovate new business models that are rights-respecting.
  • There is a need for continued research to promote greater understanding of the human rights risks in technology business models on the continent. 
  • Multistakeholder engagement should be promoted as it is a critical avenue to promote shared understanding of the human rights risks and impacts of technology in Africa.

Human Rights Due Diligence and end-use

Companies should do the following:

  • Conduct due diligence to identify, prevent or mitigate risks of harmful impact on their business. The due diligence should be conducted from project design and development phase of new products, services and solutions, and thereafter periodically through the lifecycle including promotion, deployment, sale and use.
  • Assess and monitor the effectiveness of their responses to human rights risks, with results of

such assessments guiding decision-making.

  • Review their state clients’ human rights records and ensure they do not develop, sell or offer

them technology products, services or solutions that contribute to or result in adverse human

rights impacts.

Accountability and remedy 

  • Companies should be transparent and accountable in how they address their human rights impact. Such transparency and accountability can be enhanced through periodic reporting to external stakeholders including through public reports.
  • Create platforms and avenues for engagement, information sharing and feedback between technology companies and various stakeholders.  
  • Implement credible and effective complaints reporting and handling mechanisms.
  • Companies should put in place measures to monitor and promote rights-respecting and responsible business practices and culture, and to remedy and mitigate adverse impacts caused by their actions.

The State’s duty to protect

  • Put in place administrative, policy, legislative, institutions to hold technology companies accountable for human rights violations, provide effective remedies for victims of rights violations related to technology, require companies to conduct due diligence and to have proper safeguards to protect the public from harm.
  • Develop laws, policies, regulations, standards, and guidance, including at the regional level to embed and ensure responsible business practices by technology companies and greater respect for human rights in the digital context.
  • Take measures to promote the use and adoption of digital technologies and address the growing digital divide, including by removing barriers to internet access and digital technologies.

See the full submission here.

1 50 51 52 53 54 67