Accountability, Policy & Learning Framework
This document describes the work of GNI and is designed to complement the Governance Charter that describes the way in which GNI is governed.
1.1 An essential element of GNI’s accountability framework is assessments of each participating company’s compliance with the Principles and Implementation Guidelines undertaken by independent assessors. The assessment process is in two parts:
- Self-reporting from the companies to GNI after one year of membership
- An independent assessment of each company member held every two years covering both a process review and including the review of specific cases or examples
1.2 The Assessment Process:
1.2.1 Limits on Disclosure: GNI recognizes that companies may be prevented from disclosing information by law, or may choose not to disclose information in order to preserve attorney-client privilege or protect trade secrets. At the same time, the GNI recognizes that assessors will require a reasonable level of information in order to accomplish their assessment. Among other things, GNI expects the assessors to indicate or otherwise comment where the assessor could not access information due to a company’s withholding of such information, and the withholding of that information affected the assessor’s ability to evaluate the company’s compliance with the Principles. Each company will be required to identify limitations on access to information, if any, to the independent assessor with as much specificity as is practicable.
1.2.2 Determining Compliance: It is the role of the GNI Board to review the company assessment and to conclude whether the GNI member company is making good faith efforts to implement the Principles with improvement over time. The GNI’s evaluation of compliance by participating companies will be based on an assessment of the totality of a company’s record during the assessment phase to put into operation the Principles and the Implementation Guidelines. The GNI’s evaluation of compliance will take into account the fact that participating companies will be different sizes and have different business models, circumstances, markets, products, and services, etc. The determination of compliance will be based on a review of each company’s internal systems, processes, and activities, including how the company has acted in specific cases that implicate the Principles and Implementation Guidelines.
1.2.3 Corrective Action Steps: Where a particular compliance problem or pattern of problems is identified in a final assessor’s report that has been submitted to the Board, the participating company will develop and implement a corrective action plan to remedy the identified problems and report those steps at specified intervals to the Executive Director. The corrective action plan will include measurements for achieving the intended outcomes and anticipated timeline for completion. During the creation of a corrective action plan, the Executive Director and/or relevant GNI staff or members may provide advice to the company to promote a successful remedy.
1.2.4 Special Review: If a company does not meet the participation criteria, is not in compliance, or has failed to take corrective action steps to address problems previously identified in an assessment report or otherwise, the Board may place that company under special review to permit the Board to evaluate that company’s compliance further. The Board evaluates candidates for special review, and the nature of the review necessary, on a case-by- case basis.
The special review will occur on the following terms::
- The term of the review is 120 days, unless the Board determines that the company has achieved compliance before the 120-day period has expired.
- During the term of the special review, the company shall take all necessary actions to achieve compliance.
- The Board may extend the special-review term for as long as is needed for the company to effectively address the identified problems, if the Board concludes that an extension of the special-review term is appropriate.
1.3 Reporting on Assessments:
1.3.1 Reporting is an integral part of participation in the GNI, and will:
- Provide the basis of shared learning
- Inform independent assessments of adherence to the Principles
- Enable regular communications with the public
1.3.2 Independent Assessor Reporting to the GNI: At the conclusion of each assessment, and using a reporting format agreed upon by the Board, the independent assessor will prepare a detailed report that summarizes the assessment, the relevant facts, corrective action plans (if any), and recommendations for improvement. This report will contain a qualitative evaluation of strengths, weaknesses, and opportunities for improvement in the processes the company has put in place to implement the Principles and a summary of conclusions for the GNI.
1.3.3 GNI Reporting to the Public: Following the completion of independent assessments of member companies, GNI will report publicly on the outcome of the assessments including:
- A summary of the progress made by GNI and member companies
- Collective lessons learned regarding the Principles and Implementation Guidelines, including examples of the types of requests received
- Information required to improve the understanding of threats to freedom of expression and privacy across different sectors, geographies, legal systems, and cultural traditions
- For each participating company undergoing an assessment that year, the GNI Board’s compliant or non-compliant decision
1.3.4 Company Reporting to the Public: Using a format of their own choosing, each participating company will within six months of the end of an assessment communicate to the public about the outcome of their assessment.
2.1 Policy and advocacy work is an increasingly important focus for GNI. Individually or collectively participants engage government officials to promote rule of law and the reform of laws, policies and practices that infringe on freedom of expression and privacy.
2.2 In the years since the Initiative was launched the trends around Internet freedom and privacy are going in the wrong direction in many jurisdictions around the world and there are particular challenges in both non-democratic countries and western democracies following the Snowden revelations.
2.3 The Policy committee leads the development of GNI’s policy engagement. There are representatives from GNI’s four constituencies (companies, civil society organizations, investors and academics) on the committee.
2.4 Our focus is on engagement with multilateral institutions as we see free expression and privacy, the responsibilities of technology companies and the issue of government access to data of increasing interest to the UN Human Rights Council and other institutions. GNI is an active member of the Freedom Online Coalition working group on privacy and transparency. The Freedom Online Coalition is a group of countries that have made a commitment to advance Internet Freedom.
2.5 We will also engage in particular countries where there we see opportunities to make an impact on specific policies, practices or legislative proposals. This can take the form of public statements and commentary, submissions to policy consultations, or private advocacy. Countries of particular focus have included the UK and India, as well as the United States, Thailand, and Vietnam.
2.6 Input and expertise from all constituencies are fed into the messages and the design of GNI’s policy agenda.
3.1 Shared learning is a core component of GNI. Harnessing the collective intellectual and practical experience and capability of our diverse membership enables GNI to bring unparalleled resources to bear upon new challenges at the intersection of free expression, privacy, and the Information Communications and Technology (ICT) sector.
3.2 Shared learning provides resources that help companies implement the Principles. Learning informs, and is informed by, the assessment process and paves the way for collaboration to influence policy and advance rights online.
3.3 GNI’s learning work has several different components:
- Fostering learning opportunities between different stakeholders of GNI, providing a safe space for members to work through complex issues
- Convening members and non-members of GNI for learning opportunities that build the GNI brand and voice and attract potential new members.
3.4 GNI’s learning work is governed by the Learning committee as described above.
The Learning Committee and mailing lists are the point of departure for internal learning and provide a regular venue where participants can raise issues and initiate discussions. As an open committee, any participant is welcome to join the discussions. In order to engage with a wider set of participants than those who regularly participate in these calls, GNI will encourage all participants to bring issues to the attention of the membership. For example:
- Civil society organizations may present reports or programs to discuss threats to privacy or free expression encountered.
- Investors can explain how their corporate engagement work contributes to company behavior, etc.
- Academics present the latest research and identifies areas for further research.
- Companies may speak to pressing policy issues they face, or issues that are getting attention in the press.
3.5 There is a focus on live issue calls which gives companies the opportunity to raise and receive input in a confidential setting particular challenges they are facing, or for other stakeholders to raise issues or areas of concern. Calls may also be scheduled at short notice on particular issues of focus in the media.
3.6 GNI also organizes a multi-stakeholder learning forum on an annual basis to bring together participants and other stakeholders affected by freedom of expression and privacy in the ICT sector. So far, these annual meetings have been held in Washington DC, Brussels, Silicon Valley and Geneva.