Spiderman’s uncle said it best: “With great power comes great responsibility.” In the midst of a global crisis where nearly every aspect of our lives is now conducted online, technology companies have seen a huge growth in their user base. The necessity and rising popularity of online services and platforms gives these companies outsize influence over the way we live our lives. With this power comes the responsibility to respect our human rights.
Disclosing threats to privacy and free expression via transparency reports is one of the best ways for companies to communicate to their users and the public the steps they take to respect human rights. The information transparency reports convey matters. Governments around the world are taking extraordinary measures to stop the spread of COVID-19. Some of these measures, such as collecting location data, may do more to erode our human rights over time than keep us safe. Transparency reports provide an important vehicle for users and civil society to push back against government abuse.
Since Google released the first transparency report in 2010, the initiative has gained traction in the tech sector, with a wide range of companies following suit. We at Access Now launched our Transparency Reporting Index in 2014 to compile these reports and highlight trends in the space. Unfortunately, we’ve seen a steady decline in transparency reporting over the last few years. Fewer companies are consistently releasing transparency reports. Our goal here is to briefly explain why this matters.
The what: what exactly is a transparency report?
A transparency report is a regularly released publication that serves to:
- review company operations that specifically impact privacy or freedom of expression,
- detail enforcement of internal rules such as community guidelines and terms of service, and
- disclose original stats on government and third-party requests for user data, content, and account restrictions.
Specifically, a transparency report should include: requests from both government and private third parties,
In addition, a transparency report should be:
- issued at least annually, and be
- easily accessible to all users. This includes, at minimum, ensuring that the reports: 1) are consistently easy to find on the company’s website, 2) use an intuitive user interface, 3) are formatted to allow users with disabilities to access, and 4) include glossaries or explanations of terms when necessary, in appropriate languages.
Though there is no standard for the frequency of transparency reporting, we find that more frequent reporting provides more useful information. Especially given that our society will transform over the next few months due to the pandemic, frequent reporting will provide crucial insight into how companies are responding.
You can find more details on how we compile our Transparency Reporting Index in our methodology.
The why: why do transparency reports matter?
As we mentioned earlier, transparency reports are one of the most powerful ways for companies to disclose threats to user privacy and free expression. They help us understand surveillance laws in different jurisdictions, provide useful information on network shutdowns and disruptions, give insight into online content moderation practices, and show us which companies are pushing back against improper requests for user information.
Transparency reports are also a resource to guide investors’ decision-making and to support their human rights advocacy. They have also become a crucial indicator in security and risk analysis for governments, companies, organizations, and individuals seeking to adopt or switch tools, services, or platforms.
Take the example of TikTok. As the Chinese-owned social media app exploded into the Western market last year, many questioned whether the Chinese government would subject users to surveillance. In response to growing pressure from human rights advocates, TikTok finally released its first transparency report last January. Though the report raised many questions, it illustrates the growing importance of transparency reporting to foster trust in companies.
The who: who should release transparency reports?
The short answer is everyone. We have compiled reports from 70 companies worldwide to date in our Transparency Reporting Index. The range of companies includes social media platforms, gig economy companies, VPN providers, telcos, and everything in between. Every company that handles user data should release a transparency report. Though transparency reporting may seem relevant only to companies in the ICT sector, companies such as automakers, healthcare device makers, and even hotels handle data on users just like traditional “tech” companies. Therefore, they too must release transparency reports.
We’ve seen more transparency reports from companies in North America than from any other region. However, transparency should not be limited by region; indeed, we are seeing new reports emerge from South Korea and Japan. Users in every part of the world have a right to know what companies are doing to secure their data. In some jurisdictions, domestic laws may limit how much a company can disclose, but this is no reason for companies to refrain from reporting altogether. It is important for users to understand how a government may limit transparency.
Where do we go from here?
The growing demand for tech tools presents a unique opportunity for companies to improve their transparency practices. To the companies who have released transparency reports over the years, we encourage you to keep up the practice of frequent, consistent reporting and to find more opportunities to provide transparency to your users in these uncertain times. To the companies new to this practice, particularly to videoconferencing and Voice over Internet Protocol (VoIP) services, now is the time to demonstrate your respect for human rights.
We depend on these services more than ever to help us maintain our lives. Issuing a transparency report is just the first step, but an important step, in promoting corporate accountability.