This post was contributed by Dan Bross, Senior Director of Corporate Citizenship at Microsoft
Trust is a word that is getting lots of “play” currently. Trust in government – trust in corporations – and of course trust in each of us as individuals. Last month in Davos, Edelman released their 2014 Trust Barometer showing that “business has recovered trust from the crisis period because it is seen as having made demonstrable strides in transparency, supply chain and product quality.” As I’ve written before, trust is earned and organizations cannot expect to be trusted inherently.
That is especially true in the area of human rights. When issues of human dignity and freedom are on the line, a company’s statement about their commitment to human rights can easily come off as platitudes. To speak with any credibility, companies must demonstrate their commitment to human rights through actions – not just words. As outlined in the UN Guiding Principles on Business and Human Rights, companies have a responsibility to analyze their human rights impacts and have processes in place to minimize negative impacts and to seek opportunities to advance their obligation to respect the human rights of their rights holders.
That’s easy to advocate for but sometimes hard to do in practice.
Meaningful information may include extremely sensitive data and sometimes there are even legal restrictions on what companies can share. For instance, Microsoft and other technology companies were legally barred from sharing the number of legal orders we receive for customer data under the US Foreign Intelligence Surveillance Act (FISA). Microsoft and other tech companies eventually sued the US government challenging this ban and negotiated a settlement that let us share information publicly. That’s not a move we made lightly but it let us provide concrete evidence of a point we’ve been making in a more generalized way since last summer: that we have not received the type of bulk data requests that some of our stakeholders believed we had based on reports of bulk requests to telephone companies.
Building trust through goes beyond simply disclosing information. As an example, Microsoft came together with a few other technology companies, human rights advocates and other civil society groups, investors, and academics to found the Global Network Initiative (GNI), a group to promote and advance freedom of expression and privacy. That group developed assessment protocols and commissioned independent third party assessors to analyze cases of how we responded to government censorship and data requests. Based on those assessment reports, GNI issues its own public report of whether participating companies are following the principles and policies we’ve adopted to promote freedom of expression and privacy. Thus through the GNI we can offer interested people an independent assurance that we’re doing what we say we’re doing even for some of the most sensitive decisions we make.
Multi stakeholder frameworks like the Global Network Initiative, Global Reporting Initiative and the UN Guiding Principles on Business and Human Rights can be enormously helpful in advancing common approaches to complex human rights issues. However it may be possible to have too much of a good thing. The number of issue-specific and sector-specific standards and certifications continues to mushroom. There are also new entrants into the field of corporate social responsibility broadly, including the Sustainable Accounting Standards Board (SASB) and the International Integrated Reporting Committee IIRC). In talking to colleagues within Microsoft and at other companies, I have come to the conclusion that the number of these initiatives is starting to lead to more confusion than clarity on what responsible companies should disclose to their stakeholders.
Rather than reinvent the wheel or search for the one perfect set of metrics, companies may get more done by focusing on deeper ongoing engagement with the stakeholders who matter most to them—responding quickly and thoughtfully to external inquiries and proactively seeking opportunities for stakeholder engagement.
Right now, in my view, the world does not need yet another reporting standard (or set of standards). What is needed is a greater number of companies serious about engaging with stakeholders to make principled and informed decisions that are good for business and for society.