This presentation was made on October 24 2017 to the 3^rd session of the UN open-ended intergovernmental working group on transnational corporations and other business enterprises with respect to human rights, that is beginning negotiations, in Geneva, on developing a binding treaty.

My organization is a member of the JustNet Coalition[1], which comprises 35 civil society organizations active in the field of information and communication technologies, and in particular Internet governance and e-commerce.

I associate with all the comments made on Monday by other civil society organizations.

Some states have referred to the Guiding Principles. But those principles are not adequate to address the issues arising from the activities of trans-national corporations. For example:

• Paragraphs 1 and 25 provide that states are obliged to protect human rights within their territories and/or jurisdiction. It is silent regarding the obligations to protect human rights when trans-national corporations violate them outside of the states’ territory or jurisdiction.
• Paragraph 11 provides that companies SHOULD respect human rights. This is shocking language: companies MUST respect human rights.
• Paragraph 23(a) provides that companies SHOULD comply with all applicable laws. Again, this is shocking: companies MUST comply with the law.

I’m not surprised that private companies are stating that the Guiding Principles suffice, because the Guiding Principles don’t require them to do anything.

Further, the Guiding Principles do not create new international law obligations.  But that’s what we need: new international law obligations.

Let me give you one obvious example: privacy, in the context of data protection.

It is not disputed that privacy is a human right. And it is not disputed that collection and monetization of personal data may violate the right to privacy. But national data protection laws vary widely around the world, and trans-national corporations use click-through terms and conditions that in effect given them full control of personal data.

Do you use Facebook? Have you read their terms and conditions? They have full rights to all of your data.

This is not acceptable. Data protection is just one area where we need to move forward, with a binding international instrument.

In our view, that instrument should have a specific section on the obligations of digital trans-national corporations, because of the special issues that arise in the information and communications technology sector, in particular relating to the Internet.

I will conclude by stating that I’m surprised to hear the European Union, and several of its Member States, argue here that no additional binding international instruments are needed, when they argue exactly the opposite in the World Trade Organization, in particular by proposing binding norms regarding e-commerce, including regarding the free flow of data. In our view, those proposals, if adopted, would severely threaten the human right to privacy.

So we need an instrument negotiated in this body, with inputs from civil society, and not provisions negotiated in secret in the World Trade Organization, where civil society has essentially no voice.

- Richard Hill, IT for Change / Just Net Coalition.  rhill@alum.mit.edu