Public Interest Registry takes steps to assess and address human rights impacts

Digital 6 min read
Public Interest Registry takes steps to assess and address human rights impacts - Digital

Summary

ARTICLE 19 and the Danish Institute for Human Rights (DIHR) have recently collaborated on a project to assist the Public Interest Registry (PIR), operator of .ORG and other top-level domain names, in its human rights efforts. This project is part of a wider project by ARTICLE 19 and DIHR to work with pioneer internet registries and registrars to develop a tool and methodology for Internet infrastructure providers to assess their human rights impacts (https://www.article19.org/resources/assessing-human-rights-impacts-internet-registries/). Thus far, the project has included collaborations with the Dutch Internet domain registry SIDN in 2017, Blacknight Internet Solutions LTD in 2018 and, most recently, PIR in 2020.

In January 2020, ARTICLE 19 and DIHR began work to carry out a human rights assessment workshop with domain name registry PIR. Such a process has only, to our knowledge, been conducted by two other internet registries and registrars before: the Dutch Internet domain registry SIDN and Blacknight Internet Solutions LTD. PIR is the first generic top-level domain (gTLD) registry to undergo this assessment. Our work with PIR has now been completed. Our key observations are below.

UN Guiding Principles on Business and Human Rights and Internet Infrastructure Providers

In 2011, the United Nations Human Rights Council endorsed the UN Guiding Principles on Business and Human Rights (UNGPs), which apply to all companies, including internet infrastructure providers. Generally, it is expected that all companies exercise due diligence in their efforts to respect human rights and thereby avoid causing or contributing to adverse impacts on human rights. This requires companies to proactively monitor their operations and impacts for human rights concerns and provide remedies in case such concerns do arise.

Assessing Gaps and Impacts

We would like to thank PIR for agreeing to participate in the project and for its cooperation during the review. As with prior assessments conducted, our observations and recommendations were submitted in a report to PIR. Through our collaboration, PIR will continue their efforts to further prevent and mitigate any adverse human rights impacts, as our observations include recommendations on how PIR can do so. Apart from considering potential impacts related to PIR’s provision of services, our methodology looks at the full range of human rights impacts. Therefore, it also included looking at PIR as an employer and procurer of goods and services, as well as its role in relation to the environment and local communities.

Our methodology involved a high-level gap analysis of PIR’s policies, operations, and safeguards therein to assess what is incomplete, missing, or could be improved. This analysis involved reviewing PIR’s public and internal documents and holding a workshop together with PIR staff and management. During the workshop, DIHR and ARTICLE 19 conducted a session with PIR staff on the basics of corporate human rights due diligence and discussed initial findings with responsible PIR staff to assess their relevance.

Our Findings in the PIR Assessment

First, our findings determined that PIR had already set clear statements around ethics and morals as well as clear commitments to privacy and due process. However, it did not have a human rights policy or an explicit commitment to international human rights in its existing policies, an important first step toward proactive human rights due diligence as prescribed by the UNGPs.

Second, we found that PIR as an employer often goes beyond state and national legal requirements, and generally lives up to international standards and recommendations. This particularly includes matters relating to labour law, especially on issues of working hours, wages, and leave.

Third, PIR has yet to draft a partner and supplier code of conduct to create a structured approach for consideration of human rights in its procurement processes and supplier relationships.

Fourth, PIR was aware of its impact on the environment and the potential related human rights impacts and was working to mitigate them (e.g. in relation to extensive travel) and has begun taking a more structured approach to its impacts.

Fifth, we found that PIR has a number of policies aimed at reducing negative impacts of its own measures in relation to domain suspensions and takedowns, as well as policies aimed at limiting the potential harms caused by registrars or registrants, e.g. in relation to child sexual abuse materials (CSAM). While aspects of human rights due diligence are in place in practice, human rights is not explicitly mentioned in policies or in contracts with third parties related to the provision of services.

Additionally, we found that, at the time of the assessment, there could be more involvement of external stakeholder groups, including rights holders, in the assessment of impacts of products, services, and policies.

Some of our recommendations include the following, which cut across the entire organization:

  • PIR should develop and incorporate a human rights policy or an explicit commitment to international human rights in its existing policies.
  • PIR should update its employee handbook and related policies to explicitly address human rights and restate its privacy protections and expectations.
  • PIR should develop up a Business Partner/Supplier Code of Conduct that clearly sets out PIR’s expectations around human rights and that can be used to improve the practices of the third-parties with whom PIR engages.
  • PIR should ensure that its annual report has data shared with a human rights focus.

See the model assessment tool and methodology
See the PIR news piece