The Forum Network is a space for experts and thought leaders—from around the world and all parts of society— to discuss and develop solutions now and for the future.
Not a day goes by where we do not see a new break-through in advanced digital capabilities. The private sector is racing ahead, and governments are struggling to keep up. If we want people and societies to benefit from the digital transformation and innovation, we need internationally agreed standards that are fit for the task. This is why, in June of this year, fifty-one governments agreed on a new set of OECD recommendations on responsible business conduct in the development and use of technology.
These new recommendations on responsible tech have been introduced as part of the updated OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (the MNE Guidelines). These Guidelines set out government-backed recommendations for businesses to align their conduct with the need for open, inclusive, and sustainable markets based on the rule of law, human rights, and protection of the planet.
The MNE Guidelines are addressed to actors across the full technology value chain including the development, financing, sale, licensing, trade, and use of technology; gathering and using data; and scientific research and innovation. Critically, the MNE Guidelines emphasise that actors in technology value chains should not only conduct due diligence on adverse impacts they themselves may cause, but also on adverse impacts that may be caused by other actors linked to their operations, products, or services. These updates to the MNE Guidelines are a massive shift in the source code for RBC as it applies to science, technology, and innovation.
The MNE Guidelines were first adopted in 1976 and most recently updated at the June 2023 OECD Ministerial Council Meeting. The chapter on Science, Technology and Innovation has seen the biggest changes to reflect the increasing need for coherent government-backed frameworks on responsible development and use of technologies.
The MNE Guidelines are aligned with and complementary to the UN Guiding Principles for Business and Human Rights (UNGPs), which lay out governments’ responsibility to protect human rights and provide access to remedy, and corporate responsibility to respect human rights. These frameworks expect businesses to contribute to sustainable development and to conduct due diligence to prevent and address adverse impacts. They continue to be the international source code for understanding the role of business in society.
What does this update mean for companies? A ‘whole-of-value chain’ approach to business responsibility
In practice, though to varying degrees, many of the largest and most impactful tech companies are already implementing their own policies on human rights due diligence. Companies are conducting and publishing human rights impact assessments of new tech; setting out principles for responsible design and innovation; engaging with stakeholders; participating in grievance mechanisms; and adapting sales processes to include human rights risk reviews.
More on the Forum Network: Will AI take my job away? by Marcelina Palamar and Willemien Bax
The recent OECD Forum virtual event: How AI Might Change Our Jobs & What We Can Do About It explored how we could harness the many benefits of rapidly developing AI while also addressing its significant risks.
Company action, however, is often limited to a narrow set of issues based on specific frameworks, targeted towards a few actors in the value chain (e.g., data protection, exporting surveillance equipment, content moderation, cybersecurity, gene editing, etc.). The MNE Guidelines provide an overarching framework that sets out the roles and responsibilities of all the actors in the value chain to address a broader set of issues affecting society.
This means that responsible business conduct is not just limited to highly visible tech companies. It also extends to actors directly linked to those technologies, such as actors supporting the development of new technology and users of products and services. For many technology value chains, this could include content creators, data curators, digital infrastructure providers, researchers, hardware manufacturers, and investors. It also includes actors outside the technology sector that rely on digital products and services such as in healthcare, retail, agriculture, extractives, and manufacturing.
The MNE Guidelines specify that all these value chain actors are expected to build and use leverage (including collective leverage) to influence the entity causing the adverse impact, in order prevent, mitigate, or remedy the impact. This makes the MNE Guidelines a unique and especially powerful tool in interconnected digital economies. In practice, for example, this could involve:
- Collective action and a common due diligence approach for information and communications technology (ICT) companies operating in high-risk jurisdictions;
- Investment firms supporting the adoption of RBC practices by AI companies in their portfolios; and
- AI developers participating in multi-stakeholder consultations, risk assessments and public safety demonstrations.
The MNE Guidelines also encompass a broad set of impacts; issues that go beyond – and may not neatly fit into – traditional human rights impact assessments, such as impacts on democracy, social cohesion, climate change, the environment, consumer safety and labour.
Emerging standards and policy coherence
There has also been a global trend towards using – voluntary or mandatory – risk-based due diligence approaches to help govern business conduct in tech. Given the cross-border nature of many tech products and services, interoperability, consistency and coherence between emerging frameworks and standards is critical.
Governance approaches will naturally differ according to policy priorities and contexts. However, a proliferation of measures which are not aligned can lead to fragmentation, overlap, and in some cases conflicting laws. This can mean unnecessary compliance costs for business, it can generate confusion in the market, and in the end possibly undermine the desired policy outcomes.
The recent OECD Declaration on Promoting and Enabling RBC in the Global Economy, signed by 50 governments and the EU last February, stresses the importance of coherence in RBC policies. On tech specifically, the G7 Action Plan for promoting global interoperability between tools for trustworthy AI, Leader’s Statement and Tech Minister’s Statement all emphasised the need for a convergence around a common, international standard on responsible AI.
The OECD is well placed to guide the development and use of tech in a way that benefits people and planet through a coordinated response, one that is based on multi-stakeholder cooperation and an existing government-backed framework.
AI has captured significant attention from policy makers and regulators – and for good reason. With its incredible potential comes real risks to human rights, labour, and democracy, including bias, discrimination, manipulation of consumers, the accelerated polarisation of opinions, privacy infringement, and widespread surveillance.
In the EU, the Digital Services Act places risk-based due diligence obligations on very large online platforms and search engines for harms stemming from their services and algorithmic systems. With the proposed Artificial Intelligence Act (AIA) and Corporate Sustainability Due Diligence Directive (CS3D) both currently in negotiation in Brussels, AI companies and their business relationships could soon see increased mandatory due diligence in the future.
As part of a new project on RBC for Trustworthy AI, the OECD Working Party on Responsible Business Conduct (WPRBC) and Working Party on AI Governance (AIGO), together with a multistakeholder Network of Experts on AI, will be developing a series of papers on how RBC can be practically applied by companies in the AI value chain.
The objective of this work is not to create an additional standard, but rather contextualise existing, government-backed frameworks in the context of the broader ‘whole of value chain’ approach taken by the MNE Guidelines. This will apply to the broadest number of stakeholders and function as a focal point for alignment for other frameworks, a ‘framework of frameworks.’
Ultimately, through developing a common understanding of the impacts of AI and expectations on all actors across the sector, the OECD can help meet the demands of our governments for policy coherence and also provide clarity to companies seeking to maximise the positive impact of new tech by first doing no harm.
To learn more, read 2023 update of the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
The OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (the Guidelines) are recommendations jointly addressed by governments to multinational enterprises to enhance the business contribution to sustainable development and address adverse impacts associated with business activities on people, planet, and society. The Guidelines are supported by a unique implementation mechanism, the National Contact Points for Responsible Business Conduct (NCPs), established by governments to further the effectiveness of the Guidelines.