Would’ve, Could’ve, Should’ve: Preliminary Reflections on the EU’s New Corporate Sustainability Due Diligence Directive

 

Tara Van Ho, Senior Lecturer in Law, University of Essex

 

Photo credit: Infrogmation of New Orleans, via Wikimedia commons

 

The European Union’s Council and Parliament have agreed to a provisional text for a new directive that would require certain large corporations to undertake human rights and environmental due diligence.

 

I was reminiscing just the other day while having coffee all alone, and Lord, it took me away, back to a first-glance feeling during my first UN Forum. My hope was mixed with equal levels of scepticism about the likelihood that laws like this would be adopted let alone be effective. Over the past twelve years, the hopes and scepticism have been met in equal measure, but never more so than with this law.

 

While the final text is not yet public, a press release indicates the key expectations and components of the agreed text. MEP Axel Voss has posted the side-by-side comparator of the various drafts, including the new draft agreement. This draft confirms:

 

-          The directive will apply to large EU companies with a worldwide net turnover of €150million and 500+ employees;

-          It will eventually capture non-EU companies with €300 million net turnover generated in the EU and the Commission will publish a list of applicable non-EU companies the law;

-          Affected businesses will need to address actual and potential adverse human rights and environmental impacts in their “business chain of activities” which covers their own operations, their subsidiaries, and “the upstream business partners of the company and partially the downstream activities, such as distribution or recycling”;

-          The financial sector is (temporarily?) excluded pending a review and “a sufficient impact assessment;

-          There is a specific list of human rights and environmental protections that businesses will be expected to respect and address, and a list of obligations the breach of which will constitute “an adverse human rights impact”;

-          That list excludes from application certain ILO core conventions because not all EU member states have ratified them; 

-          Large companies will have an obligation of means to develop and implement an effective plan to mitigate their impact on climate change;

-          Those who are negatively affected (including civil society or trade unions) can bring claims for civil liability within a five-year period; and

-          At times, as a matter of last resort, businesses may need to end their business relationships where negative impacts cannot be prevented or ended.

 

This law represents progress for many in the world. If implemented in good faith, it could provide better access to remedies for victims who are negatively impacted by business operations. It should also lead to the adoption of better and greater preventative measures, avoiding the need for remediation in the first place.

 

It is the first mandatory human rights due diligence legislation to address climate change, not just environmental damage. It anticipates civil liability for businesses that breach their responsibilities. It suggests compliance with the law as a criterion for public procurement, placing the power of Member States’ purses beyond the law. The recognition that at times business relationships will need to be terminated to ensure compliance is significant and can help fill in gaps the negotiation has otherwise left unaddressed, like the issue of conflict-affected and high-risk areas (which I’ll return to later in the post).

 

I’d like to express my appreciation to the NGOs and Parliamentarians who have gotten us to this point: it is clear from the Council’s approach during negotiations that if you would’ve blinked then they would’ve looked away at the first chance. I particularly appreciate those who fought for the inclusion of international humanitarian law and specific language on conflict-affected and high-risk areas. This was needed and I was shocked by early rumours that the draft agreement excluded this issue. I’m happy those were wrong.

 

The long-awaited human rights requirements are intended to implement the 2011 United Nations Guiding Principles on Business and Human Rights (UNGPs). I remember it all too well how the EU celebrated the adoption of the UNGPs and how, together with the US and other capital-exporting states, promoted the UNGPs as the standard for businesses when addressing human rights. The EU long opposed proposals for an international treaty on business responsibility for human rights because they felt that it was unnecessary in light of the UNGPs’ existence and could distract states from implementing the UNGPs.

 

Only recently, and only because Parliament required it, the EU has joined the negotiations with all the enthusiasm of a 6-year-old child called to dinner when they’re playing with their dinosaurs (meaning: none). The new directive evidences strong disconnects from the EU’s demand that the UNGPs lead is pretty and what the EU advocates for in the binding treaty and what the directive now requires for reasons I set out below.

 

In this post, I provide a list of things the EU would’ve, could’ve, and should’ve done had the Council been as serious as Parliament about implementing the UNGPs. The would’ves apply to an ideal application of the UNGPs: applying to all businesses and with a more robust and comprehensive understanding of human rights. The could’ves represent those areas in need of greater development: consulting with rightsholders abroad; and clarifying that contractual clauses are not enough. Finally, the “should’ve” is applying the law to the financial and arms sectors, a bare minimum expectation under the UNGPs, the exclusion of which should embarrass Council members for decades to come (I would have said generations but that felt a tad bit dramatic).

 

Would’ve: Applied to all businesses

 

First, the UNGPs are explicit that the responsibility to respect human rights applies to all businesses at all times including small and medium-sized enterprises (SMEs). In the Geneva treaty negotiations the EU has always walked a very thin line, insisting that the treaty, like the UNGPs, should apply to all businesses, not just transnational corporations. The initial Parliamentary proposal for a directive would’ve (largely) continued this approach and complied with the UNGPs. Yet, it was clear from the Commission’s proposal and the Council’s response that we were never going to get a UNGP-compliant directive. The Directive will now only apply to large companies (and not in the financial sector, an issue I’ll return to). The press release does not indicate an intention to expand the scope of the Directive in the future.

 

Including SMEs is admittedly difficult. In the transnational context, large European companies have long forced SMEs in places like Bangladesh and Pakistan to absorb the cost of social auditing processes while insisting on contracts that limit the legal liability of European buyers and parents. This often leads to corrupt practices for certifications or in redirecting revenue for the certification away from protections or living wages for employees. That would defeat the purpose of the law.

 

EU SMEs, on the other hand, often already have a language of human rights, practices that facilitate due diligence, and networks that can support their efforts to develop in this area. A graduated expansion coupled with clauses aimed at protecting SMEs from the abusive practices we’ve seen elsewhere could’ve provided an important example of how SMEs can be included in mandatory human rights due diligence legislation. It also would’ve strengthened the EU’s position in the Geneva-based negotiations.

 

Instead, whenever the EU pushes for an expansion of the treaty, I hope states like Pakistan and Bangladesh point out the hypocrisy.

 

Would’ve: Taken a broader approach to human and labour rights

 

The UNGPs also call for businesses to account for all human rights. In Principle 12, it states that businesses should account for, “at a minimum,” the International Bill of Human Rights (the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and the International Covenant on Economic, Social and Cultural Rights) and the ILO Core Conventions. Where relevant, businesses need to rely on other standards as well.

 

The EU’s press release suggests that the directive will only invoke treaties that are universally ratified by EU member states. That would mean most of the major UN treaties are addressed but there are some disturbing omissions, including the International Convention on the Protection of All Migrant Workers and of their Families and the ILO Core Conventions. Those are rather significant omissions given issues of modern slavery in EU food supplies, and more broadly problems with the treatment of migrant workers throughout EU corporate supply chains.

 

The list also prioritises EU commitments over relevant obligations where the law has extraterritorial impacts. There should have been a recognition that at times the Inter-American and African systems on human rights can be applicable. This recognition is important as the Inter-American and African systems have produced stronger jurisprudence on various issues, including indigenous rights and community rights than Europe (significantly stronger in the Inter-American system) while the Inter-American system also produces more progressive jurisprudence on the definition and nature of reparations, and the direct responsibility of businesses. While the African system has more limited jurisprudence, its jurisprudence on land rights and community rights is similarly more advanced than the European system’s.

 

Sometimes, I miss who I used to be when I could naively believe the absence of reference to the other human rights systems was an oversight, but I fear this strengthens the case for the laws as a form of neo-coloniality by suggesting a hierarchy of rights and systems that centres European expectations in legislation that is supposed to reflect broader standards.

 

Could’ve: Undertaken Direct Consultations with Foreign Rightsholders

 

The failure to recognise the relevance of Inter-American and African jurisprudence reflects a broader procedural failure by the Commission to consult foreign rightsholders who will be affected the law. I cannot do greater justice to this criticism than Caroline Omari Lichuma has done already in her TWAIL critique of European human rights due diligence laws.

 

While my experience suggests that many victims groups and rightsholders want mandatory laws, what they want in those mandatory laws matters just as much as the desire for a law. They had a right not just to voice their support for (or criticism of) the law but to make substantive demands for the law itself. What would the additional demands of rightsholders look like? Well, sometimes you just don't know the answer ‘til someone's on their knees and asks you for a particular legislative proposal, but a very recent study suggests that consultation might have led to different approaches to remediation, particularly for climate-related harms.

 

I often find that memories feel like weapons. In this field, we have often seen European businesses and states undertake “new” initiatives they claim are for the benefit of others without actually talking to the “others.” For example, studies suggest “social auditing” and certification schemes do not deliver on the promises European companies and social initiatives claim. This is unsurprising. Writing in the U.S., the founding father of critical race theory, Derek Bell, has explained that many “anti-racist” developments really represent interest convergence of White and Black leaders. As such, the concessions are less radical or responsive than what racialised communities would seek themselves. These additional demands, however, are often dismissed or ignored. When Dr Lichuma provided an overview of her critique at the 2022 UN Forum on Business and Human Rights, one European delegate infamously responded that Europe’s position wasn’t a matter of imperialism but of “leadership.” Real leadership, however, would reflect the results of consultations with rights-holders not just the political interests and concessions of European leaders.

 

Could’ve: Clarified that Contractual Clauses are not Enough

 

Recital 34, para 43 in the table contains an extensive discussion of the kinds of measures companies can take to comply with their human rights responsibilities. One of those is the development of contractual clauses with business partners. I worry that I've seen this film before and I didn't like the ending.

 

I’ve now mentioned twice that social auditing is a sham. There will be exceptions to this rule and I can point people to a few of my favourite exceptions, but let me reiterate what existing research indicates: social auditing is generally ineffective and often detrimental for rights-holders, providing a veneer of respectability for disrespectful practices.

 

Increasingly, it is clear that this is equally true of index listings meant to advise institutional investors on their human rights risks. Last year, the US advisory company Morningstar adopted rules aimed at exempting Israel that so fundamentally misunderstand the UNGPs that it renders all its human rights reporting questionable (short story: Morningstar concluded Israel isn’t a conflict-affected area…). More recently, index provider MSCI accepted audits from Xinjiang, China, as evidence that the car company Volkswagen was seriously addressing the issue of Uyghur forced labour. No company can adequately address the issue of Uyghur forced labour when operating in Xinjiang and (again, I cannot emphasise this enough) it is irresponsible to rely on a social audit in this context. Because these indexes set their own rules, and have no professional board standards, I can’t actually accuse them of professional malfeasance but these responses are shockingly inept.

 

Human rights due diligence is not supposed to be the same as an audit, but often businesses looking for a quick and dirty misdirection will use social audits and contractual clauses as a substitution for due diligence. I fear that if contractual clauses are allowed, due diligence will start to look more and more like social auditing and indexing and less like the robust and circular mechanism of assessment, responsiveness, and reparations than it is supposed to be.  

 

The directive could and should clarify that while contractual clauses can be important they cannot transfer legal liability. 

 

Should’ve: Applied to the Financial and Arms Sectors

 

At Recital 18, para 27, and  Recital 19, para 28, we find an effective exemption from the law for the arms and financial sectors, respectively. In Recital 19, the CSDDD excludes “downstream business partners” from the scope of due diligence obligations. I knew this was true from the press release, but seeing the blatant language was surreal. I’m laughin', but the joke's not funny at all.

 

I’m going to set aside the arms sector for now (because I’m working on a lot regarding that sector right now), but the exemption for the financial sector is gross (gross being a legal term of art, just ask anyone…). The draft agreement says that “as regards regulated financial undertakings, only the upstream but not the downstream part of their chain of activities is covered by this Directive.” In other words: the bank is not responsible for breaches caused by its financing of another’s activities no matter how much the bank should have known how its financing would be used for human rights violations.

 

Out of every group you’re concerned with protecting, out of every business and industry, it is the banks you the Council thinks can’t do due diligence?

 

Really?

 

The banks that kept looted Nazi material from their rightful Jewish owners for decades?

 

The banks that repeatedly financed South Africa’s apartheid regime, saving it when it was on the brink of collapsing?

 

The banks accused of facilitating money laundering for drug lords and terrorists?

 

The ones who facilitate tax evasion? 

 

The banks that finance dam projects in indigenous lands with such disregard for human rights that many of their logos should just be “Hi, it’s me, I’m the problem. It’s me.”

 

The banks that know how to do extensive due diligence on operational impacts when it’s in their financial interests?

 

Those banks? That’s who needs protecting with this law?

 

You cannot be serious about human rights if you are not serious about tackling the responsibility of the financial sector. When it comes to the Council members who betrayed the rights-holders with this clause, I got a list of names and yours is in red, underlined, France and Austria. France was the first to indicate resistance to the application to the financial sector, but it is Austria’s recent pressure on Ukraine, in which it leveraged international assistance for the war on the removal of Austrian Raiffiesen Bank from the list of international sponsors of war, that is perhaps the worst development in this area. People need to know this, so they know where to put pressure moving forward.

 

It appears there will be an “impact assessment” to determine if the law should apply to this industry, but that will be too little and far too late.

 

It’s also wholly unnecessary.

 

There is nothing particularly special about banks or the financial industry that makes human rights due diligence hard. They just don’t want to pay for it to be done properly. That’s not surprising. No company wants to pay for it. Disney once complained about reporting requirements before we even had any human rights due diligence laws because they didn’t way to cut into CEO bonuses or shareholder profits. The desire to not spend money on human rights due diligence is not an adequate reason for allowing those complicit in the Nazi genocide or South African apartheid or Russia’s unlawful war of aggression in Ukraine to continue to evade human rights responsibilities. If anything, their focus on profits and finances over people is exactly why this law is needed.

 

Concluding note

 

So that’s it: my would’ves, could’ves, should’ve for the EU. At times, the CSDDD provides me with hope about the direction of travel for this field, but in other areas it represents a crisis of my faith.

 

 

 

PS, Taylor Swift’s birthday was on the same day as the final trilogue. As a fun Easter Egg hunt for my fellow Swifties, I’ve sprinkled her lyrics throughout this post (13 times, obviously). I’ll send a friendship bracelet to the first Swiftie who emails me a list of all the hidden gems. Please use the subject line “T-Swift Easter Egg Hunt” in your email. My email address can be found on my Essex profile.

Brexit and business and human rights litigation in England

Anil Yilmaz Vastardis, Lecturer in Law, Human Rights Centre, University of Essex

In wake of the UK’s EU membership referendum result, people from all walks of life are wondering what will happen next. While a big uncertainty looms over the political questions surrounding the process of the UK’s exit from the EU, the repercussions go far beyond the UK – and  some of those wondering “what next” are likely overseas victims of human rights abuses by British corporations. The question remains as to what happens to all the EU law that either the UK has transposed into its legal order via acts of parliament, or that have direct application in the UK, such as EU Regulations.

Brussels I Regulation (Recast) is one of many such EU law instruments. It prescribes the rules on jurisdiction of member state courts, as well as the rules on the recognition and enforcement of judgments in civil and commercial matters within the EU. It has been predicted that the UK's adherence to the Brussels I regime “is likely to be significantly modified, if not entirely replaced, in the event of Brexit.” The authors of that piece outline the different scenarios on the fate of the English rules on civil jurisdiction post-Brexit. The course chosen may have an impact on the ability of human rights victims overseas to bring suit against multinational enterprises (MNEs) in UK courts.

Jurisdiction over Civil Liability Claims against Multinationals domiciled in England

Rights advocates are increasingly bringing lawsuits in the global north to hold MNEs accountable for human rights harm caused by their overseas subsidiaries. Among the reasons for pursuing the MNE in its “home” state (the state where they are domiciled – see Article 60 of Brussels I) are the existence of a dysfunctional legal system in the host state (place where the harm occurred) and/or a defunct or underfunded subsidiary. England is a popular jurisdiction for bringing such suits against UK domiciled MNEs. It is home to many multinationals and it offers advantages for creative litigation. Victims and their lawyers generally seek reparations from the parent entity on the basis of common law tort principles. While rights defenders are eager to hold parent companies accountable for harm inflicted by their subsidiaries, the legal landscape in the global north is fraught with obstacles to holding parent companies liable. Among them are the rules on civil jurisdiction.

In England, the forum non conveniens doctrine (FNC) used to be a major challenge to bringing suit against an MNE domiciled in England for harm caused overseas by its subsidiaries. The FNC allows English courts to refuse to exercise jurisdiction over a case if another forum is clearly better suited to adjudicate the case, due to for instance location of evidence and witnesses. A number of cases brought in England were protracted due to a battle over FNC. Claimants had to demonstrate substantial denial of justice in the host state legal system in order to convince English courts to exercise jurisdiction (see Connely v RTZ Corporation, Lubbe v Cape Plc).

Article 2 of Brussels I and its interpretation by the Court of Justice of the EU (CJEU) in Owusu v Jackson blocked the use of the FNC doctrine by English courts in civil liability suits filed against MNEs domiciled in England. According to Article 2 ‘persons domiciled in a Member State shall, whatever their nationality, be sued in the courts of that Member State.’ There is no indication here as to whether this rule would prevail if the lawsuit concerns events that occurred or harm suffered overseas (i.e. outside the European Union). In Owusu v Jackson, the CJEU held that Article 2 precludes a member state court from "declining  to exercise jurisdiction on the ground that a court in a non-EU would be a more appropriate forum" and thus jurisdiction shall be exercised over the UK domiciled MNE even if the dispute has certain connections with a state outside the EU.

Years need not be wasted fighting a jurisdiction battle

Article 2, read together with Owusu, brought an end to the protracted litigation over whether a lawsuit against an MNE domiciled in England should be adjudicated by English courts or the courts of the host state. Admittedly, adjudicating the dispute before English courts does not guarantee the liability of the parent company. That depends on whether the facts of the case warrant holding the parent liable under the law applicable to the substance of the case (which is likely to be the law of the country where the harm occurred – see Article 4 of the Rome II Regulation).

Nevertheless, the defeat of the FNC defence was not in vein. Even though we are yet to see a ruling that holds the parent company liable for harm caused by an overseas subsidiary, lawyers continue filing strategic cases with English courts with the confidence that they would not lose years battling an FNC challenge. MNEs are less able to protract litigation through jurisdictional questions, draining victims of the funds necessary to support the litigation. Brussels I gives victims a real chance to plead their case before home state courts, and thus attract more public attention to the alleged wrongdoings of MNEs that sometimes paint a ‘socially responsible’ picture to their consumer base in the global north. Finally, the concern of fighting such a claim on its substance pushes major MNEs like Royal Dutch Shell to offer out of court settlements to victims for amounts much greater than they would have offered in the absence of such concern. Although such settlements prevent the development of legal precedent in this area, they provide much needed relief to individual victims.

If the UK leaves the EU and no longer complies with Brussels I, without a post-exit deal between the two entities that incorporates equivalent provisions, the FNC defence is likely to be resurrected in business and human rights litigation against MNEs domiciled in England. This would be a big step back for access to justice in England for overseas victims of business abuse.

Barnard & Peers: chapter 9, chapter 27

Photo credit: the times.com

JHA4: chapter II:8

New EU human rights reporting requirements for companies: One step beyond the current UK rules

Anil Yilmaz (Lecturer in Law, University of Brighton) and Rachel Chambers (PhD candidate, University of Essex)  

Background

Among the core objectives of the EU set out in Article 3(3) of the Treaty on the European Union is the creation of an internal market and sustainable development of Europe “based on balanced economic growth and price stability, a highly competitive social market economy, aiming at full employment and social progress, and a high level of protection and improvement of the quality of the environment.” The Single Market Act 2011 fleshed out the features of a “highly competitive social market economy” and provided that it called for new business models where environmental and social concerns “take precedence over the exclusive objective of financial profit.” In this respect, the Act outlined the allocation of tasks for achieving this goal between itself and the industry. While the European asset management industry was asked to use their leverage to promote socially and environmentally responsible businesses, the EU would take action, inter alia, to ensure a level playing field by introducing new rules on environmental and social reporting. Stemming from the Act was also the adoption of the Commission’s 2011-2014 Corporate Social Responsibility Strategy, which reaffirmed the objective of establishing EU rules on social and environmental reporting.  Although CSR has been on the EU agenda for a decade, the 2011-2014 Strategy put forward a more rigorous definition of CSR and demanded better alignment with global approaches to CSR, including implementation of the UN Guiding Principles (UNGPs).  Within the Strategy, the Commission announced its intention to build on the existing reporting requirements for companies.

Prior to the adoption of the recent amendments to Directive 2013/34/EU on company reporting, EU law made the following requirement on companies, not necessarily including small and medium‐sized enterprises (SMEs): “To the extent necessary for an understanding of the company’s development, performance or position, the analysis [in the annual review] shall include both financial and, where appropriate, nonfinancial key performance indicators relevant to the particular business, including information relating to environmental and employee matters.” In November 2010, the European Commission had launched an online public consultation to gather views on the disclosure of non-financial information by enterprises. The consultation had sought both to expand the subjects of such disclosure and to make the requirements more effective.

In January 2013, following the adoption of the 2011-2014 CSR Strategy, the European Parliament adopted two resolutions reiterating the importance of company transparency on environmental and social matters and calling for specific measures to combat misleading and false information regarding commitments to CSR and relating to the environmental and social impact of products and services.   The resolutions expressly acknowledged the role of the UNGPs in improving standards of corporate practice. The European Commission went one step further in its proposal of 16 April 2013, by suggesting an amendment to existing accounting legislation to improve the transparency of certain large companies on social and environmental issues, in particular with regard to human rights impacts.  The European Parliament and the Council reached an agreement on 26 February 2014; the European Parliament adopted the amendments to Annual Financial Statements Directive 2013/34/EU on 15 April 2014; this was adopted by the Council of the European Union on 29 September 2014.

The Reforms

The amendments introduce compulsory reporting of non-financial information by certain large undertakings. Under the new Article 19a certain large undertakings governed by the law of a member state are required to include a non-financial statement in their annual management report, ‘to the extent necessary for an understanding of the undertaking’s development, performance and position and of the impact of its activity.’ Recital 14 determines the personal scope of the reporting requirement based on the number of employees, balance-sheet total and the net turnover. ‘Certain large undertakings’ within the meaning of Article 19a are public-interest entities which have 500+ employees (in the case of a group of companies with the parent governed by a member state law, number of employees will be calculated on a consolidated basis). Public interest entities are defined in Article 2(1) of the Directive as including listed companies, credit institutions, insurance companies and any other entity designated by member states as a public interest entity due to the nature or size of their business.  The press release announcing the adoption of the Directive by the Council says that some 6,000 public interest entities in the EU will fall under its scope.

 Non-financial information encompasses “as a minimum, environmental, social and employee matters, respect for human rights, anti-corruption and bribery matters”.  The statement will contain a brief description of the company’s business model, a description of the company policy in those areas and its outcome, main risks faced by the company, including those arising from its business relationships, and how these are managed and the due diligence processes it employs to identify, prevent and mitigate adverse impact. Companies can avoid reporting on one or more of these issues if they do not pursue policies on those issues and provide a ‘clear and reasoned’ explanation of this choice. There is an additional exemption from reporting in exceptional cases where disclosure of such information would seriously harm the commercial position of the company and non-disclosure does not prevent a fair assessment of company’s impact and risk.

Recitals provide some examples of what should be included in the report for each item and refer to a selection of national and international frameworks for further guidance that companies can rely on. In the meantime, the Commission will prepare general and sectoral non-binding guidelines for non-financial reporting.  Member states will have two years to incorporate the new provisions into domestic law, which will be applicable in 2017.  In terms of enforcement of these obligations, Recital 10 requires member states to establish effective national procedures to ensure compliance with non-financial reporting requirements. Finally, it is up to the member state implementing the directive to require independent verification of the non-financial information contained in the report.

Analysis

The adoption of this Directive was hard fought for, and can be seen as a major achievement –both in terms of the content of the reforms but also the symbolic step which their adoption represents.   These are a broad set of reporting requirements, wider than comparable UK law as they include anti-bribery and corruption as well as environmental, social and employee matters and human rights.  By requiring reporting “of the impact of [a company’s] activities” and of the “principal risks related to those matters linked to the undertaking's operations” these provisions focus effort on what is important – reporting the actual human rights risks/impacts to/on society of a company’s operations and prioritising the most severe risks.  This compares favourably to UK non-financial reporting which, as explained below, is focused essentially on providing information to shareholders on which they can assess the financial performance of the company.  The requirement for group reporting of these issues in consolidated statements will allow stakeholders to be informed about the impacts of subsidiaries as well as their parent companies. Business partners are also covered but reporting on risks from supply chains and business relationships is only required “if relevant and proportionate”. The inclusion of risk management processes such as due diligence is useful when trying to understand how companies are tackling the issues which they face in this realm.

However, there are a number of shortcomings in the new Directive.  It does not cover many companies: the original Commission proposal was for it to apply to around 18,000 companies – listed and non-listed – that were of a certain financial size and had 500 employees or more.  As stated above, the adopted proposal only covers around 6,000 “public interest” companies.  The failure to include listed SMEs (although member states can choose to include them) is particularly difficult to understand given that these companies already have to file annual reports, and that despite their size, these companies can have significant human rights impacts.  The methods for enforcement of the obligations and independent verification of the reports are left to member state discretion, which can create inconsistencies in the application of these rules, and ultimately a lack of “teeth” if companies fail to comply.

Does it improve existing UK requirements?

 

The new UK requirement to compile a strategic report which must, to the extent necessary for an understanding of the development, performance or position of the company’s business, include, amongst other requirements, information about social, community and human rights issues came into force in October 2013.  The inclusion of a test of materiality in the statutory guidance on the new statutory regime was controversial.  Under the heading of “Materiality” the guidance recommends that companies include human rights-related information “if its omission from or misrepresentation in the strategic report might reasonably be expected to influence the economic decisions shareholders make on the basis of the annual report as a whole” – as noted above the new European requirement takes a different, and from a human rights protection point of view better, stance by looking at impact on society.

Enforcement of the UK law is weak, a situation which will not be changed by the new EU law. In the UK, the Conduct Committee of the Financial Reporting Council is responsible for monitoring the compliance of the strategic report with the Strategic Report Regulations. It may investigate cases where it appears that required information has not been provided, and has the power to apply to the court for a declaration that a strategic report does not comply with the requirements and for an order requiring the directors to prepare a revised strategic report.  The equivalent powers under the previous statutory regime were seldom used.  Since compliance with the new EU non-financial reporting requirements will be overseen by member state regulators, it is crucial that they have qualified staff with the appropriate human rights expertise to draw on when assessing whether the information required has been provided.

 

 

Barnard & Peers: chapter 9, chapter 14

Assessing the new EU Council Guidelines on Freedom of Expression - online and offline

Professor Lorna Woods, University of Essex; co-author, Steiner and Woods, EU Law 

Yesterday the Council of the European Union adopted guidelines on freedom of expression.  As these guidelines were adopted by the Foreign Affairs Council, it is not surprising that they are aimed at implementation within the Union’s Common Foreign and Security Policy, like the ten previous guidelines on issues such as torture, the death penalty and human rights defenders.  So, while the guidelines are ‘guided’ by the EU Charter, as well as any relevant EU treaty provisions, the principal sources referred to are the provisions in the United Nations’ International Covenant on Civil and Political Rights (ICCPR) as well as the UN Human Rights Committee’s General Comment 34 on Freedom of Expression.  The list of sources contained in the Annex is far wider, however. It is also worthwhile noting that there is some discrepancy between what the EU asks of others – especially would be Member States via the Copenhagen criteria applied to planned accession candidates – and the recent practice of its own Member States (whether that be Hungary or the United Kingdom).

The Guidelines follow what might be termed a standard human rights approach to freedom of expression: that is, that freedom of expression should be interpreted broadly and exceptions narrowly (referring to the list of possible exceptions set out in Article 19(3) ICCPR as well as Article 20(2) ICCPR, on hate speech) and subject to the tests of legality, necessity and proportionality.  In explaining the significance of freedom of speech, the Guidelines refer to the significance of that freedom (especially that of the media) in democracy, but they also refer to the human element: that speech is important for self-fulfilment and autonomy, including the development of one’s identity in society, and not just instrumentally in the search for ‘truth’ or the ‘right’ political answer – important though that may be. Having said that, much of the specific points relate to the role of journalism and the media, with the underpinning assumptions about the role of the media as watchdog of those in power. 

The guidelines also note the horizontal nature of freedom of expression – especially relevant in the context of the Internet and social media, when expression is not just about public institutions and the media speaking to a passive audience (which was the model for much of the previous case law) but also the right of individuals to speak to one another and to receive each others’ views. This point has been given a higher profile in the approach of the Inter-American Court of Human Rights than traditionally has been the case in relation to Article 10 ECHR and Article 19 ICCPR. Despite this emphasis, there is recognition of the both the relationship between privacy and freedom of expression and the tension between them. Interestingly, in this document the former aspect – through consideration of the impact of surveillance on speech - may have a higher profile than the latter.

The guidelines identify some areas of priority action, and in some respects these areas of action are no surprise, starting with the need to end the impunity of those who take action against individuals for exercising their right of freedom of expression – notably journalists and media workers. In addition to condemning such actions, the EU will apparently call on the relevant state actors to take action against such threats of violence as well as violence itself.  If the EU does take action, it may provide incentives for some governments to take note of the UN General Assembly resolution on the subject, as well as the Action Plan to end impunity. In the tools section, the guidelines provide:

Abusive restrictions on freedom of expression and violence against journalists and other media actors should be taken into account by the EU when deciding on possible suspension of cooperation, notably as regards financial assistance.

This is a proposal that some involved in the campaign against impunity have been suggesting for some time.  How it works in practice remains to be seen.

The Guidelines identify the need to ensure that laws are not used to suppress freedom of expression, and that media regulation is appropriate to ensuring freedom of expression. Note that some of the points in this section go further than the regulatory position required of the Member States of the EU, specifically as regard the independence of regulatory bodies. While the EU’s communications package and the data protection regime expect that there be independent regulatory bodies, there is no such provision in the Audiovisual Media Services Directive, and there is little transparency of media ownership – both to be encouraged according to these guidelines.

The Guidelines also note the importance of freedom of expression in cyberspace, and in particular focus on the need to ensure non –discriminatory access to the Internet – though there is less detail on what this actually means beyond support for the multistakeholder model of Internet Governance – as set out by EU strategies, rather than those identified in the Internet Governance Forum or Netmundial, although engagement with these is envisaged in the tools for action. The Guidelines do note the role of private companies, and set out best practice guidelines reflecting back the UN Guiding Principles on Business and Human Rights, as understood through the EU guidance note for ICT companies on business and human rights.

The first action point, however, is ‘action at the international level to develop best practices and respect for human rights with regard to the export of technologies that could be used for surveillance or censorship by authoritarian regimes’.  The position as regards the United States is not addressed. The significance of the need to protect against excessive surveillance is, however, repeated and its adverse effect of freedom of expression noted.  Thus the guidelines specify that EU action will include the promotion of ‘the exchange of good practices to ensure that the legislation and procedures of States regarding the surveillance of communications and the interception and collection of personal data are based on the rule of law, subject to independent, effective and domestic oversight mechanisms and uphold obligations under international human rights law, including the principles of proportionality and necessity’, something which some Member States may need to think about.  The call to comply with Council Common Position 2008/944/CFSP on exports of specified military technology does not add much, but the statement that ‘the EU will ensure a structured and consistent approach to export controls of certain sensitive information and ICT items’ is potentially far reaching, though what is envisaged by this statement is unclear. Is there a concern about mobile technology that has had back doors engineered into it (at the request of certain Western governments) for example? The next sentence refers however to specific surveillance/censorship technology, suggesting a far narrower field of concern.

Finally, the Guidelines contain plans for evaluation, specifically envisaging a report in three years’ time. While some aspects may show signs of fitting in with global concerns – such as the concerns about the violence against journalists now high on the UN’s agenda or the global revulsion at mass surveillance, it remains hard for the EU successfully to preach certain behaviours when its own Member States have at best a patchy record in these areas.


Barnard & Peers: chapter 9, chapter 24