COVID-19 and Beyond: Technology, Responsible Decision Making, and Public Health Emergencies

Authors

• 

  Lindsey Andersen

  Associate Director, Human Rights, BSR

  

  ---

  

  Lindsey Andersen

  Associate Director, Human Rights, BSR

  

  San Francisco

  ---

  Lindsey works at the intersection of technology and human rights, helping both tech and non-tech companies identify and address human rights impacts associated with the development and use of technology and effectively incorporate business and human rights practices. Her focus areas include content governance, end-use risks of tech products and services, and the implications of artificial intelligence (AI) and other emerging technologies.

  Prior to joining BSR, Lindsey worked with digital rights organization Access Now to drive the conversation on the human rights implications of AI. As part of this, she wrote the foundational report Human Rights in the Age of Artificial Intelligence. Lindsey previously worked at Internews, implementing a large portfolio of internet freedom projects across Latin America, which focused on equipping journalists and human rights defenders with digital security skills and defending the free and open internet. Lindsey has worked and lived across Latin America and is fluent in Spanish and Portuguese.

  Lindsey holds a Master’s in Public and International Affairs from Princeton University and a BA in Political Science and International Studies from the University of Nebraska-Lincoln.

  Close
• 

  Dunstan Allison-Hope

  Senior Advisor, BSR

  

  ---

  

  Dunstan Allison-Hope

  Senior Advisor, BSR

  

  San Francisco

  ---

  Dunstan leads BSR’s work at the intersection of technology and human rights.

  Previously, Dunstan led BSR’s information and communications technology, heavy manufacturing, and human rights teams.

  He brings significant experience working on a diverse range of engagements and issues, including human rights due diligence, privacy and freedom of expression, sustainability reporting and strategy, and stakeholder engagement.

  Dunstan facilitated the multistakeholder process of developing global principles on freedom of expression and privacy, which led to the launch of the Global Network Initiative in October 2008. He also helped create the Electronic Industry Citizenship Coalition, a collaborative initiative of more than 100 ICT companies improving conditions in their supply chains. Dunstan participated in the process of creating the Global Reporting Initiative G3 guidelines, and he is a regular commentator on issues of corporate accountability, reporting, and human rights. He also co-authored the 2010 book Big Business, Big Responsibilities.

  Prior to joining BSR in 2004, Dunstan was part of British Telecommunications' corporate responsibility team.

  Dunstan has an M.Prof. in Sustainable Development from Forum for the Future.

  Close

• Susan Morgan

  Senior Advisor, BSR

  ---

  Susan Morgan

  Senior Advisor, BSR

  ---

  Susan has over 20 years of experience working in the public and private sectors and philanthropy. Her focus is the societal impact of technology.

  Now a freelance consultant, she was the first Executive Director of the Global Network Initiative, a D.C.-based multi-stakeholder initiative focused on the responsibilities of technology companies to protect the free expression and privacy rights of their users when receiving government requests from around the world. She was employed by British Telecom (BT) for 10 years until 2010, which included six years focused on corporate responsibility, leading BT’s strategy, policy, and public reporting across the company on those issues. In the last three years, she worked at the Open Society Foundations, one of the world’s largest philanthropic organizations, developing international grant-making strategies on disinformation, the online public sphere, algorithmic discrimination, and big data.

  She has a B.A. and a M.A. in Politics from Durham University in the U.K.

  Close
• 

  Lale Tekişalp

  Associate Director, Technology Sectors, BSR

  

  ---

  

  Lale Tekişalp

  Associate Director, Technology Sectors, BSR

  

  San Francisco

  ---

  Lale works with BSR member companies across industries to incorporate human rights into business operations and strategy. She focuses on the intersection of human rights and technology, and she leads the Tech Against Trafficking collaborative initiative.

  Prior to BSR, Lale worked with the Partnership on AI to help build its AI for Social Good strategy. Previously, she held several different marketing roles at Microsoft, where she played a key role in establishing the company's cloud business across Turkey, the Middle East, and Africa.

  Lale holds a MBA from UC Berkeley's Haas School of Business, where she focused on responsible business and social sector leadership. She received a BA in Political Science and International Relations from Bogazici University in Istanbul, Turkey.

  Close
• 

  Jenny Vaughan

  Managing Director, Human Rights, BSR

  

  ---

  

  Jenny Vaughan

  Managing Director, Human Rights, BSR

  

  San Francisco

  ---

  Jenny leads BSR’s human rights team and portfolio across consulting and collaboration. In addition to directing BSR’s Human Rights Working Group, Jenny leads human rights assessments and partners with companies to develop human rights strategies and stakeholder engagement plans. She works across industries with a focus on energy, technology, and conflict-affected and high-risk contexts.

  Prior to joining BSR, Jenny worked at Mercy Corps for over a decade in field management and advisory roles to prevent and mitigate conflict, promote inclusive economic development, and build civil society capacity. As the organization’s first Peace and Governance Director in Myanmar and later as the Director of the Peace and Conflict technical advisory team, she designed and implemented programs to reduce violence, promote peace and development, and address critical and emerging threats like climate change, disruptive technology, and poor governance. She has experience in context analysis, stakeholder engagement, negotiation, project design and implementation, and strategic planning. Jenny has lived and worked in countries including Myanmar, Indonesia, Nepal, Israel/Occupied Palestinian Territories, Ethiopia, Kenya, Uganda, Nigeria, Central African Republic, and Cameroon. 

  Jenny holds a MA in International Relations from the Johns Hopkins School of Advanced International Studies and a BA in Psychology from the University of Wisconsin at Madison.

  Close

In May 2020, a Korean man visited a series of bars and clubs in the Itaewon district of Seoul. The next day, he tested positive for COVID-19 and the Korean Center for Disease Control and Prevention snapped into action. To find out who the man might have come into contact with they combined different data sources, including credit card transactions from the clubs and bars he visited and GPS locations of mobile phones in the area at the time.

Some of this information was shared with the media, who reported the places the man had visited and noted that some were gay clubs. This led to the LGBTIQ+ community being blamed for new COVID-19 cases and resulted in a surge in discrimination in a country where stigma against queer communities remains high.

The data collection and sharing practices of South Korea’s contact tracing system effectively risked the forced outing of LGBTIQ+ Koreans. One man told The Guardian, “My credit card company told me they passed on my payment information in the [Itaewon] district to authorities. I feel so trapped and hunted down. If I get tested, my company will most likely find out I’m gay. I’ll lose my job and face public humiliation.”

As countries around the world continue to battle outbreaks of COVID-19, South Korea has been held up as an example of how to successfully limit the spread of the pandemic. Widespread technology and data use, from contact tracing to quarantine enforcement, has been a key part of this success. Many other countries have taken note and attempted to follow suit by integrating technology into their own responses. While this can be a win for public health and safety, the example above shows how technology and data use for pandemic response can facilitate human rights violations.

In the current COVID-19 landscape, data and technology solutions can be used for many positive outcomes, such as facilitating “back to work” efforts, enhancing research into COVID-19 vaccines and treatments, and allowing the resumption of economic activity while also protecting public health. However, these uses may also result in the infringement of privacy rights, new forms of discrimination, and harm to vulnerable groups. Some governments are using the emergency as an excuse to expand their power, leading to concerns that initiatives launched to address COVID-19 could become permanent forms of state surveillance.

As the providers of data and digital infrastructure, technology companies are often central in public health emergency response efforts. A company's responsibility to respect human rights does not disappear during a public health emergency—indeed, the severity of adverse human rights impacts makes it even more essential that companies undertake robust human rights due diligence.

A company's responsibility to respect human rights does not disappear during a public health emergency—indeed, the severity of adverse human rights impacts makes it even more essential that companies undertake robust human rights due diligence.

With the support of Microsoft, BSR developed a human rights framework for responsible business decision-making before, during, and after public health emergencies. The framework is intended to be used as part of human rights due diligence to guide business decisions related to technology and data use in response to public health emergencies. It is informed by a combination of international human rights law related to states of emergency; allowable limitations and derogations of rights; relevant regulations, standards, and principles grounded in human rights; and lessons learned from past emergencies.

There are various human rights norms, principles, and standards that can help navigate a pathway through these dilemmas. For example, Article 4 of the International Covenant on Civil and Political Rights (ICCPR) and its accompanying General Comment 29 allow governments to derogate from specified human rights during times of public emergency. The Siracusa Principles, adopted by the UN Economic and Social Council in 1984, describe limitations on the restriction of human rights that governments may apply for reasons of public health or national emergency.

However, three factors are challenging the application of these principles today:

• Changes in the digital realm: Ever-more-powerful computing, massive growth in the availability of data, increasingly sophisticated artificial intelligence capabilities, and the centrality of digital infrastructure in everyday life have transformed the opportunities and risks associated with the use of digital technologies for public health.
• Increased involvement of companies: These principles were written for governments rather than companies, yet today the private sector has a far more significant role and power in the fulfillment of human rights than when the principles were drafted.
• Complexities of a global pandemic: These principles were not written to address the complexities of a global pandemic, and new insights about their implementation are emerging in real time.

In addition to the framework, BSR’s report, Decisions, Decisions, Decisions. Responsible Decision-Making Before, During, and After Public Health Emergencies, makes recommendations for companies to help ensure they take rights-respecting approaches to future public health emergencies. These can be summarized as follows:

Act: What Companies Should Do Internally

Although responding to public health emergencies requires swift action, companies must still carry out human rights due diligence to identify, prevent, and mitigate their human rights impacts and foresee the possible impacts of their decisions. The framework outlined in the report can help companies balance privacy rights with the protection of public health.

In their quest to take action, companies should also take care to avoid known pitfalls of applying technological solutions to social problems. This includes things like ensuring a tech or data-based solution is the right one for the given context, working with appropriate government authorities, creating effective escalation processes for handling government requests and contracts during times of emergency, and avoiding open-ended projects.

Enable: How Companies Should Work with Others

Public health solutions are seldom executed from start to finish by a single company. Businesses therefore must be as transparent as possible about the work they are doing and effectively engage with relevant stakeholders, including other companies in the industry and governments, who are often the customers for technology solutions. Through transparency and working with their peers, customers, and partners, companies can create more effective public health solutions and prevent scope creep or misuse.

Influence: How Companies Should Influence Public Policy

Governments have the obligation to protect human rights and therefore have an important role to play in ensuring that pandemic solutions do not unduly limit the rights of their citizens. As governments come to companies with various health emergency-related requests, companies have an opportunity to advocate for rights-respecting approaches and push back on requests that cross the line. Companies can also advocate for standards or regulations that provide clarity on the on the balance between privacy and public health, as well as stronger health data regulations that close loopholes related to non-traditional health data. When companies are required by a government to share data beyond what is necessary and proportionate, they should push back as much as possible.

When companies are required by a government to share data beyond what is necessary and proportionate, they should push back as much as possible.

Although COVID-19 may be the first truly global pandemic of the modern age, it certainly won’t be the last—in fact, experts expect that pandemics will become increasingly common, and business involvement in addressing them will only grow. However, while the public health crises of the future may share some features with the COVID-19 pandemic, they may vary in other ways too—such as different dynamics of transmission, severity of the illness, availability of treatment, and the necessary control measures—and it will be important to both take the lessons learned from COVID-19 and be able to apply them in different contexts.