Switched off: Tech company opacity & Israel’s war on Gaza
Updated 16 May 2024
Two months after the International Court of Justice issued its ruling, warning of a plausible risk of genocide in the Occupied Palestinian Territory (OPT), the scale of human suffering in Gaza has grown exponentially. Conditions are “apocalyptic”: as of 3 April 2024, the UN had recorded the killing of over 33,000 Palestinians, displacement of 1.7 million people, and the destruction or damage of 60-70% of all homes in Gaza since 7 October 2023, in addition to over 100 Israeli hostages still held six months after the killing of over 1,200 Israelis and foreign nationals. The Office of the High Commissioner for Human Rights has noted with alarm attacks halting “humanitarian aid and other goods necessary for the survival of the civilian population”, while the UN Committee on the Rights of the Child has warned of “catastrophic food insecurity”, as “children in Gaza are starving to death.” The Special Rapporteur on the situation of human rights in the Palestinian Territory occupied since 1967 has recently confirmed there are now reasonable grounds to believe that genocide is being committed in OPT.
As this devastation continues, the spotlight is rightly turning to the private sector – particularly technology firms – for its alleged role in augmenting the suffering of a population under siege. As various UN bodies have repeatedly emphasised, business is simply “never neutral” in conditions of conflict. To the contrary, it has specific, international obligations to avoid contributing to abuse or conflict through heightened human rights due diligence. This begins with transparency on the assessment of human rights risks and plans to mitigate them.
The conflict in OPT and Israel is a critical test for the tech industry. And yet alleged violations by tech companies operating in the region and recorded since 7 October suggest due diligence is being routinely ignored. To date, these alleged abuses have included:
- provision of the use of AI to target Hamas, accepting large civilian casualties;
- censorship and silencing of Palestinian narratives;
- unlawful surveillance;
- disinformation;
- denial of access to internet and internet shutdowns;
- failure to address hate speech and incitement; and
- the monetisation of such content.
The human consequences of these abuses can be catastrophic. These range from facilitating civilian killings in bombing campaigns; to limiting access to lifesaving information, shelter and sanctuary from bombardment; to increasing hostilities toward and discrimination against a vulnerable population; and infringing on the right to privacy of millions, amongst others.
In December 2023, the Resource Centre invited 104 technology companies operating in or providing services to OPT and/or Israel to respond to a survey focusing on transparency and heightened human rights due diligence in the context of the conflict. Our purpose was to provide a systematic picture of tech sector human rights action in the context of the conflict and humanitarian crisis in Gaza to highlight better and poor practice, and to encourage learning for enhanced respect for human rights between companies – a pre-competitive issue. As many of these companies closed 2023 posting excellent shareholder returns, they have ample resources to deliver.
This analysis has proved nearly impossible. A mere three companies - Ericsson, Hewlett Packard Enterprise (HPE) and TikTok – responded in detail with specific answers to our survey. Although Meta did not respond to our survey question directly, it provided information on the efforts it has taken to address concerns around its services in the context of this conflict.
The remaining 100 companies ignored the survey entirely.
This astonishingly low 4% response rate is unprecedented in the Resource Centre’s history. It is a damning reflection of the sector’s commitment to transparency as a foundational tenet of corporate accountability. The implications for the people of Gaza are grave.
Our analysis found:
- International standards on baseline business responsibilities in conflict unequivocally require robust human rights due diligence policy and practice. Only HPE has a human rights policy containing measures on “enhanced” due diligence in conflict areas, but all four respondees report taking steps to enhance their human rights due diligence efforts in the context of the OPT/Israel conflict (TikTok, Ericsson and Meta) or in conflict in general (HPE).
- HPE, Ericsson, TikTok and Meta report having taken risk mitigation steps in response to the crisis, but only HPE and Ericsson have stakeholder grievance mechanisms in place – a critical element in managing conflict-related hazards for business.
- Despite multiple reports on the role social media has played in contributing to abuse in the conflict, of seven social media companies surveyed, only TikTok and Meta provided detail on measures taken to combat dissemination of misinformation, hate speech and incitement to violence post- 7 October 2023.
- Ericsson provided robust information on its risk mitigation efforts, including efforts to keep communication lines open for the people of Gaza. Given the critical need for internet connectivity in the region, it is notable that other telecommunications providers – including Altice, Ooredoo, Partner Communications and SpaceX – ignored the survey and these questions completely.
- Failure by the majority of tech companies approached (excepting Ericsson, HPE, TikTok and Meta) to respond to a basic survey on transparency is especially concerning when compared with a previous, similar survey undertaken following Russia’s military aggression in Ukraine. In that instance 26% of tech companies approached responded to similar questions regarding operations, versus just 4% in respect of this conflict.
At a glance:
104
tech companies
were invited to respond to questions on heightened due diligence
Four
responded
Only 3 responded to specific questions: HPE, Ericsson & TikTok
One
company
has a human rights policy containing measures on enhanced due diligence in conflict areas: HPE
Five
companies
responded to questions on Ukraine and not OPT/Israel
The human rights policies and practices of the three companies that responded in detail to the Resource Centre’s survey, as well as Meta, which did not respond directly to our questions, include areas for strengthening. But, while civil society has raised concerns regarding some of these companies, their answers indicate significantly better practice in comparison with the 100 companies that fell at the first fence of accountability: transparency. The findings of this survey echo the long-stated concerns of civil society and rightsholders regarding the tech sector’s opacity and unwillingness to engage, as well as the related risks and consequences for human rights. This appears to be a policy choice – the four respondees’ answers illustrate this is not rocket science, and with adequate will and resources the risks of human rights abuse can be mitigated as well as communicated.
In the context of conflict, these risks are materially increased. It is now urgent to shift this dangerous course. Assertive action is required by tech companies, which is well-detailed in a range of UN guidance. The comprehensive response provided to the survey by Ericsson for example – from its heightened human rights due diligence efforts to robust risk mitigation undertakings – demonstrate better practice is possible. Investors and governments that facilitate corporate profits and presence in the region must now insist on heightened due diligence, risk mitigation, and stakeholder engagement in the context of this conflict – as they have in others.
Which companies responded to our survey?
Unwillingness to take even these basic first steps increases the risk of business complicity in conflict and humanitarian crisis, to the detriment of a civilian population struggling for survival.
Recommendations
For companies:
- Urgently apply the UN and OECD agreed standards for heightened human rights and environmental due diligence across operations and value chains. Ensure transparency regarding risk assessment and mitigation plans.
- Actively engage with key stakeholders representing victims and vulnerable groups on both sides in the design, implementation and monitoring of due diligence.
- Use the company’s individual and collective leverage to promote respect for law, human rights, democracy and peace, and raise awareness of potential harms and risks in conflict-affected zones, and to share learnings.
- Ensure responsible entry and exit from conflict-affected zones.
- Deliver consistent approaches to heightened due diligence across challenging business environments to respect civilians and the rules of war, and avoid double standards.
For investors:
- Develop heightened due diligence plans and actively engage tech company investees to insist on the same.
- Use collective investor voice in tech sector to demand international business standards are upheld.
- Consult with independent experts, including from civil society, on the risk of harm and mitigation measures necessary from investors to promote corporate heightened due diligence, respect for law, democracy and peace.
For governments:
- Establish legislative and regulatory measures consistent with international standards of heightened human rights due diligence, with special reference to the tech sector.
- Provide urgent guidance to business enterprises on the application of heightened human rights due diligence tailored to this conflict and other conflicts, and insist on implementation.
- Facilitate multi-stakeholder platforms to promote dialogue on business-related risks to human rights in conflict, and ways to strengthen monitoring and accountability in tech.
Introduction
International human rights standards for business operating in challenging circumstances provide clear guidance on the bounds of acceptable corporate action in conflict, and seek to ensure irresponsible business is held to account where those obligations are breached. The UN Guiding Principles for Business and Human Rights (UNGPs), supplemented with guidance from the UN Office of the High Commissioner on Human Rights, the UN Working Group on Business and Human Rights, and the UN Development Programme are well-defined: at a minimum, in conflict settings, companies must conduct heightened human rights due diligence on their operations and supply chains, and demonstrate transparency by reporting on these efforts, proportionate to the scale and severity of the risks to people.
These basic expectations of business to properly assess human rights risks and avoid contributing to the drivers and perpetuation of conflict has formed the basis of the Resource Centre’s monitoring of tech company approaches to their heightened due diligence responsibilities in the context of OPT/lsrael since 7 October 2023. In December 2023, we invited responses to a human rights due diligence survey from 104 tech companies, including internet service providers, social media firms, software companies (including those that provide military and defence solutions), hardware and electronics companies. These were selected based on their mentions in news articles on the conflict, reports by digital rights organisations highlighting harms impacting people, and research projects exposing companies’ involvement in the conflict.
This follows our similar work tracking companies' approaches to heightened due diligence in the context of the 2021 coup in Myanmar and the 2022 Russian invasion of Ukraine.
Analysis of company responses
This briefing concerns a sector frequently recognised as high-risk for human rights violations, operating in and providing services to a deadly conflict zone and site of humanitarian disaster. Transparent, heightened human rights due diligence should be an unquestionable priority for these businesses.
TRANSPARENCY
Shockingly low response rates, with disparities between company responses to Ukraine and OPT/Israel human rights due diligence surveys
Clear, consistent and ongoing communication on human rights policies and practices in a conflict zone is an essential first step in heightened human rights due diligence. Of the 104 companies to which the Resource Centre sent a human rights due diligence survey, a mere four responded. Three companies provided specific responses to the questions: Ericsson, Hewlett Packard Enterprise (HPE), and TikTok. Meta did not directly address the survey questions, but it provided information on steps taken in respect of the conflict, including an independent human rights due diligence report and implementation plan, plus its dedicated website outlining the steps taken during the conflict.
Moreover, the response rate stands in some contrast to similar work undertaken on human rights due diligence efforts by companies operating in Ukraine in the aftermath of the Russian invasion. There, we employed a similar methodology and sent a survey to 72 tech companies, of which 26% responded. Moreover, five technology companies (Hewlett-Packard Inc., Booking.com, Siemens, X Corp., and Amazon.com) did not respond to the OPT/Israel survey but did respond to the Ukraine survey. Eleven companies operating in both conflict zones did not respond to either survey (Airbnb, Apple, Cloudflare, Dell Technologies Inc., DJI Technology Co., Google, Huawei Technologies, Microsoft, Spotify, Telegram and Texas Instruments).
HEIGHTENED HUMAN RIGHTS DUE DILIGENCE POLICIES AND PRACTICES
Policy commitments appear mixed, but all responding companies have taken steps to enhance human rights due diligence in OPT and Israel
The UNGPs note that all business enterprises are required to exercise human rights due diligence proportionate to the scale and severity of the risks to people. Ensuring a business has a policy on heightened human rights due diligence for conditions of conflict is a key step to ensuring a sustained commitment to these principles, as in these circumstances, due diligence by businesses should be heightened accordingly. UNGP 12 is also clear businesses must consider international humanitarian law (IHL) in circumstances of armed conflict to aid in avoiding risk of complicity in IHL breaches, and thus it should inform due diligence policies and practice.
These companies have serious allegations against them - yet, of the companies which responded to the survey, only HPE reported having a human rights policy in place that includes measures on “enhanced” due diligence in conflict areas. Ericsson acknowledged it does not have a standalone policy on conducting heightened due diligence but stated “conflict is an important factor in relation to the identification and assessment of human rights impacts across Ericsson’s value chains…that is included in its overall human rights due diligence.” TikTok and Meta did not provide information about how heightened due diligence is addressed in their policies.
Heightened human rights due diligence policy commitment is an area tech companies should strengthen to mitigate their potential roles in perpetuating or exacerbating the conflict, and to ensure internal, sustained accountability.
Explicit policies aside, Ericsson, HPE and TikTok all responded regarding enhancements made to human rights due diligence in conflict. Ericsson considers conflict a significant factor in its identification of human rights risks. It explicitly highlighted the conflict in Gaza has spurred further due diligence efforts – the only firm to provide such information. Ericsson reviewed external reports of mobile network failures in Gaza, confirmed the outages weren’t linked to its operations, identified personnel safety as the top risk, and closely monitored the situation. HPE provided more general information: it considers enhanced due diligence in conflict areas, applying “processes for identifying and assessing activities with heightened risk and potential impact, and prioritising areas where potential harm could be most probable, severe, widespread, and irremediable”.
TikTok was the only company to acknowledge IHL in relation to its business operations in OPT and Israel.
MITIGATING RISK & TRACKING EFFECTIVENESS
All responding companies provided information on their risk mitigation practices, although less detail on tracking effectiveness of these practices.
Risk mitigation and monitoring due diligence impacts is fundamental to ensuring company efforts are fit for purpose and improve human rights performance over time. Only Ericsson and HPE responded to questions regarding the existence of stakeholder grievance mechanisms in operation in the conflict as an aid to identifying and mitigating risks. Ericsson operates a dedicated Ericsson Compliance Line. HPE also operates an independent grievance mechanism, and generally aims to “identify, understand, and mitigate risks while seeking input from affected parties, including workers and rights holders”. HPE reported it has not received grievances regarding current business operations in OPT and Israel.
Companies were also asked to reflect on the possibility of responsibly scaling down or disengaging from the region as the conflict wears on. Only Ericsson responded, stating it is “closely monitoring the situation and continues to support its customers in Israel and the State of Palestine, with the primary objective of maintaining mobile communication services”. It also highlighted its commitment to holistic assessment of risks when considering leaving a market.
Ericsson also provided important reflection on steps taken to maintain connectivity and prevent internet and communications shutdowns in OPT and Israel, as specific risk mitigation requirements of telecommunications providers. This includes provision of support and spare parts to mobile operators in both Israel and the State of Palestine, as well as a commitment to providing customary technical support to its customers. Ericsson emphasised its continuous focus on data privacy while ensuring networks remain operational.
As set out above, of the social media companies approached for this survey, including Meta, TikTok, X, Telegram, Pinterest, Google and Snap, only TikTok provided a detailed response to the survey about its measures to combat the dissemination of misinformation, hate speech and incitement to violence. TikTok launched a “command centre” and allocated dedicated resources to help prevent the spread of harmful content using evolving automated and manual processes to remove such content.
Specifically, TikTok reported since 7 October it has removed over 1.5 million videos and suspended more than 46,000 livestreams in OPT and Israel for violating its Community Guidelines, including content promoting Hamas, hate speech, terrorism and misinformation. Globally, it removed tens of millions of pieces of content, over 169 million fake accounts, and more than 1.2 million bot comments on content with hashtags related to the conflict during the same period.
Although Meta did not respond to our survey question directly, it did provide information on its efforts to combat misinformation and hate speech on its dedicated website.
STAKEHOLDER ENGAGEMENT
Further commitment to stakeholder engagement is essential for the sector generally, and particularly in the context of conflict.
Stakeholder engagement is a cross-cutting theme in the UNGPs, as companies are required to consult with affected stakeholders, their proxies and experts who are able to inform about harms caused by their operations. This is of critical importance in the context of conflict. Engagement plans and regular identification of affected stakeholders and their representatives are essential parts of this process, to which tech companies should commit to avoid blind spots with significant consequences.
The response rate to the Resource Centre’s survey, combined with historical concern by civil society regarding limited engagement by the tech sector, is notable in this respect. Only Ericsson and TikTok specifically responded to related questions, with Ericsson highlighting participation in discussions on heightened due diligence in conflict-affected areas as well as specific engagement with humanitarian organisations on OPT and Israel. TikTok referenced consultations with OHCHR and a number of civil society groups.
EXERCISING LEVERAGE
No companies have reported using their leverage – an area for improvement.
Companies should exercise leverage to change the thinking and behaviour of those increasing the likelihood of conflict or risk to human rights to limit their impact, pursuant to UNGP 19. None of the surveyed companies provided information about their leverage practices or public statements regarding the ongoing conflict, although HPE referenced using “internal and external channels” to condemn the actions of Hamas and express sorrow for “the subsequent loss of all civilian life regardless of citizenship or nationality”. Company responses to this survey question highlight an area for improvement for the sector.
This briefing was revised on 16 May 2024 when some inaccuracies in our data set regarding company contacts were brought to our attention, which we have since corrected.
Further reading
More on business and human rights in the Occupied Palestinian Territory and Israel
Spotlight: Israel and OPT
The latest news and resources on businesses' human rights responsibilities in Israel and OPT
Accountability in conflict: The problem of tech company opacity
Phil Bloomer asks what heightened due diligence efforts have been undertaken by tech companies
Heightened human rights due diligence for business in conflict-affected contexts
Guidance from UNDP and the UN Working Group on Business and Human Rights