Nokia revamps human rights policy, pledging to avoid “active surveillance”

Nokia is making a comeback – or so its marketers would have you believe.  While the eponymous brick phone lost market share and status over the last decade, the Finnish multinational never really went away; on the contrary, it evolved into a major (though relatively quiet) player in telecommunications infrastructure, equipment, and research.  The company solidified its position last year with the acquisition of French competitor Alcatel-Lucent.

Now Nokia has returned to the public eye with a series of bold new ventures. In the past six months, the communications giant teamed up with partners as diverse as BMW and Alphabet to explore new 5G and Internet of Things opportunities, and sued Apple in 11 countries over its use of 40 mobile phone technology patents.  

In the wake of these headlines, we want to highlight a development that has not generated quite as much buzz yet will undoubtedly shape the company’s “buzziest” ventures – the updated Nokia Group Human Rights Policy, published in October 2016. As more devices and “things” connect, Nokia’s core role in communications networking will require adhering to the rights-respecting principles of openness and neutrality.  Further, to live up to its mission of “expanding the human possibilities of the connected world,” Nokia must take responsibility for the impact its products have once they leave Nokia Bell Labs and go on the road, in our homes, workplaces, and wherever we travel.  That’s why we are excited to see Nokia taking a proactive step to protect human rights at this juncture.

New policy, renewed commitment to human rights

Access Now welcomes the new policy, which reaffirms Nokia’s commitment to privacy, freedom of expression, and freedom of assembly.  Bearing in mind the acquisition of fellow equipment and services vendor Alcatel-Lucent and the ongoing diversification of the company’s global undertakings, it is heartening to see Nokia clarify and adapt its terms to suit its evolving business model and environment.

Nokia’s customers include companies and governments, so a public expression of support for human rights, backed by explicit protective procedures, is fundamental to maintaining accountability to individual users.  We commend Nokia’s transparency in addressing contemporary human rights concerns.  The group has published a string of relevant publications since issuing its first formal human rights policy in 2010, ranging from a 2012 policy on conflict minerals, to a 2015 human rights policy revamp, to a “Q&A” that accompanies the latest version and outlines recent changes.

With world institutions focused on achieving the Sustainable Development Goals, we appreciate Nokia’s assertion of the centrality of connectivity in supporting both human rights and economic development.  Connectivity must incorporate human rights to succeed in sustainably bridging digital divides and reaching the ambitious Global Goals, such as bringing 1.5 billion people online by 2020.

The new human rights policy also builds upon Nokia’s expressed commitment to due diligence and proactive communication, plainly articulating activities that the company will and will not engage in.  Notably, the policy clearly communicates Nokia’s support for active industry-level dialogue on preserving personal privacy and security, and demands greater government transparency regarding state surveillance mechanisms and legislation.  We hope Nokia will leverage its connections in a variety of fields to apply pressure in pursuit of these objectives, especially while it is chair of the Telecommunications Industry Dialogue.  

At this stage, Access Now’s recommendations for Nokia are as follows:

  1. Define “lawful interception” and “active/passive surveillance” within formal policy

In the new policy, Nokia expressly states that it will neither engage in “active surveillance” nor sell such interception capacity to intelligence agencies, assuring stakeholders that the company grants “passive lawful interception capabilities” only to those with a legal obligation to offer them.  We appreciate Nokia’s candor and elaboration of details on this topic in the Q&A.  Here the company explains that although it must sell the “passive capability” to intercept, it has not sold an “active” monitoring center tool that can be used to record and analyze intercepted communications since “divesting that part of its operations in 2009” – that is, since facing backlash after Iranian authorities used its surveillance equipment to persecute and torture Green Movement dissidents (see our post).  We have seen companies divest or “dispose” of problematic business units, only to re-incorporate those units across the street under new names like Sinovatio.  However, Nokia claims it will not “pursue business” with intelligence agencies seeking active interception capabilities, and we therefore expect the company to avoid any collaboration with businesses currently providing active monitoring center tools.

We call upon Nokia to define and juxtapose passive and active surveillance within the human rights policy itself, rather than within the separate Q&A, in order to guarantee transparency and answerability.  We also request that the company define lawful interception and its bounds within the formal policy.  Since exploitation of Nokia’s “lawful interception” has drawn criticism in the past, the company must remain vigilant to ensure such interception is indeed lawful and complies with international human rights standards, especially as it expands into new countries and explores new technologies.  Finally, we ask that Nokia publicly report any current connection it may have with vendors of “active” monitoring centers.

  1. Clarify and codify the human rights commitment expected of business partners

While we welcome Nokia’s pledge to avoid selling products and services in situations where there is a “significant potential” for human rights infringement, we would like to know more about the human rights commitment Nokia asks of its collaborators and customers.  In light of the company’s leverage in telecommunications licensing and equipment sales, Nokia can advance global human rights simply by including specific assurances within its agreements and contracts.  We invite Nokia to formulate and/or share the human rights commitment expected of its business partners, and to incorporate it into the company’s negotiations and human rights policy.

  1. Introduce remedy to the human rights policy and dialogue

The third “pillar” of the U.N. Guiding Principles on Business and Human Rights is remedy for human rights abuses, which is vital to establishing sector-wide integrity and assuming responsibility for the role companies like Nokia play in shaping privacy and freedom of expression.  Given that Nokia previously sparked controversy for facilitating human rights violations – most famously in Iran and Bahrain – introducing remedy could help it break from its past and instead push the envelope for corporate human rights advocacy.  Nokia should incorporate a remedy plan in its human rights policy and Industry Dialogue deliberations.  Our Telco Remedy Plan policy paper is a good starting point for all relevant stakeholders.

Staying at the forefront of human rights advocacy

Fortunately, human rights policies and transparency reports are becoming more common in the tech and telecommunications sectors.  A human rights policy serves as the foundation for corporate action to protect stakeholders, and guidance uniformly promotes their institution.  The U.N. Guiding Principles on Business and Human Rights require companies to issue “a policy commitment to meet their responsibility to respect human rights.”  The Access Now Telco Action Plan identifies establishing “a rights-respecting, public statement of policy approved by the senior leadership” as a first step toward implementing rights-respecting principles.  The Ranking Digital Rights Corporate Accountability Index 2015 credits companies that “make explicit, prominent, and clearly articulated policy commitment to human rights including freedom of expression and privacy.”

Human rights policies signal to both internal and external stakeholders how companies expect their officers, directors, suppliers, and value chain to act.  Meanwhile, transparency reports reflect how these policies for respecting privacy and freedom of expression actually work in practice.  More than 60 technology companies worldwide now provide these reports, as listed in our Transparency Reporting Index.  Yet not every company is following the new norm; to date, very few equipment makers and vendors have issued transparency reports.  Cisco, among the first, disclosed that it received zero requests from law enforcement in the first six months of 2016.  We ask Nokia to release meaningful statistics on any law enforcement and third party requests impacting user rights as well – even if the number is zero.

Overall, we are happy to see Nokia taking steps to remain at the forefront of advancing human rights in the sector, particularly when it pursues new business partnerships and cutting-edge ventures.  We urge the company to embrace its unique position in the telecommunications infrastructure, equipment, and research spheres, and we hope it will inspire its customers and collaborators to follow the same path with respect to human rights.  To that end, we would be delighted to work with Nokia in its advocacy for personal privacy and freedom of expression as new markets open and technologies emerge.

This post is authored by Elena Goldstein, with contributions by Peter Micek.