In 2004, Yahoo China handed over account information of an email user to China’s state security bureau that was used to prosecute journalist Shi Tao. Two years later, Microsoft and Google were accused of censoring China’s burgeoning online community. These incidents sparked multiple congressional hearings, a lawsuit, shareholder resolutions, and a change in how the public viewed the responsibilities of technology companies. Gone were the days when technology firms could plead deference to local law as an excuse for contributing to serious human rights violations.   

The Alphabet Inc. campus, also known as Googleplex, in Mountain View, California.

In the years since, many more governments have begun to aggressively assert control over the Internet by enlisting the help of technology firms as agents of censorship and surveillance. How has Silicon Valley responded? Can they be trusted to safeguard rights in the face of commercial interests? A report released today by the Global Network Initiative (GNI) attempts to shed some light on these questions.

In 2008, Human Rights Watch helped launch the GNI to press companies to adhere to human rights standards. Companies that join GNI must implement a set of principles to respect freedom of expression and privacy of users worldwide, regardless of whether governments themselves are meeting their own rights obligations. Though the GNI is a voluntary initiative, the companies must allow independent third-parties to regularly assess compliance with rights standards.

The report – which examines compliance by Facebook, Google, LinkedIn, Microsoft, and Yahoo – shows some signs of progress, such as the implementation of more systematic policies for how to respond to government requests and examples of how companies were able to minimize harm or be more transparent to users. Some of these strategies have now become industry-wide best practice, like the publication of transparency reports on how companies have responded to government requests for user data. 

But many challenges remain, particularly with assessing companies on how they protect privacy in a post-Snowden era. We have almost no information to assess how they are responding to specific national security requests, since companies are often prohibited from disclosing them in the United States and elsewhere. 

GNI is a work in progress; the tension between corporate interests and human rights is ever-present and evolving, and the report notes recommendations for improving company practices. But companies that have joined the GNI have at least shown a willingness to open up their operations to some external scrutiny.

No GNI company is perfect and users should continue to ask hard questions when they make mistakes or fail to live up to human rights commitments. Users should also ask companies who have not joined the GNI how they protect human rights – and how they will demonstrate it. At a time when the threat to online activists is growing, on a medium where tech companies are the overwhelming gatekeepers of the platforms people use to speak, today’s report is one more tool that can help users decide whether companies deserve their trust.