techUK | Human rights in tech supply chains conference 02 April 2019 | Conference write-up


On Tuesday 2 April techUK held a conference looking at the human rights risks that exist in tech supply chains, with twenty speakers and panellists from across the tech sector, government and third sector.

Key themes and learnings

Detailed summaries of the sessions are below, but some key takeaways and themes are highlighted below.

  • Human rights by design: It is important to embed human rights across the entire organisation with training, resources and empowered staff. This must be overseen by a senior leader with direct responsibility for ensuring that the strongest possible respect for human rights exists at all levels.
  • No-one should get ahead through exploitation: There is no competitive advantage to not act on human rights risks. All firms have a responsibility to act and competitors in all sectors are working together.
  • No single operator can act alone: Leverage on suppliers and getting a wider understanding of supply chain risks means tech companies should work together to share best practice and resources (for example on auditing).
  • Acting locally: Trying to solve issues in Asia from the UK or Europe can only have limited success. Companies should use locally based auditors, partner with local NGOs and work with governments to maximise impact.
  • Audits are important: There is a tendency to discredit audits, but they remain an important tool for companies, particularly when initially engaging with a supplier and for communicating progress within the business. Worker’s voice technologies, innovative apps and other emerging technologies are likely to play a more significant role in the future.
  • Supplier engagement works better than disengagement: Speaker after speaker reiterated the importance of working with suppliers to help them understand the issues and put them right. Disengagement should be a last resort given it could make people destitute and won’t resolve issues found.
  • Get help: There are a plethora of resources, NGOs and support for companies seeking to start out on human rights, by helping businesses understand, mitigate and remediate human rights abused that occur in supply chains.
  • Legislation and stakeholder pressure are driving change: The increasing amount of legislation worldwide has moved issues like modern slavery and conflict minerals up the agenda. Firms also get pressure from their customers, staff and stakeholders to do more on human rights in a transparent way.
  • Tech is a tool and not a replacement for business processes: As in most other contexts, technology is an aid (indeed a powerful one) that can make due diligence more efficient and enable better supply chain transparency, but not the answer in itself. Technology is best used when supporting robust and clear business processes and policies.

Summaries of the panels and presentations

Introduction: Antony Walker, Deputy CEO, techUK

Antony started the event describing the challenges the sector faces with managing its own impact on the planet and workers, as well as highlighting the transformative potential in tech in helping companies manage sustainability and labour challenges.

The UN Guiding Principles and Corporate Responsibility to Respect Human Rights: Susannah McLaren, Advisor, Shift

  • Shift is the leading centre of expertise on the UN Guiding Principles on Business and Human Rights, chaired by Professor John Ruggie and co-founded by members of his core advisory team.
  • Shift builds capacity within and across businesses, governments, civil society stakeholders and international organizations to put the UN Guiding Principles into practice.
  • Between 2014 and 2018, the Business and Human Rights Resource Centre (BHRRC) reported that 15 per cent of the allegations it sought responses from tech companies for related to labour rights. The concerns ranged from restrictions on freedom of association, dangerous working conditions, unfair dismissals and sexual harassment, as well as calls for a living wage and allegations of child labour in mining. Other issues that were also reported as a concern related to security, as well as land rights and displacement. Most of these negative human rights impacts were reported to be occurring in the raw material sourcing, and manufacturing and assembly activities, of the tech sector.
  • The UN Guiding Principles – the authoritative global standard on business and human rights – were the culmination of a very extensive process of engagement over a span of 6 years, with nearly 50 international consultations and engagement with thousands of people around the globe. They were unanimously endorsed by the UN Human Rights Council in 2011.
  • The UN Guiding Principles provide a blueprint for companies to respect human rights that has three main elements:
  1. A statement of your policy commitment to respect human rights that is embedded throughout your organisation;
  2. An ongoing process of human rights due diligence; and
  3. Processes for providing or enabling remedy to those harmed, in the event that the company causes or contributes to a negative impact.
  • When assessing human rights risk, companies should start by assessing risk based on the severity of potential impacts to people, defined by their scale, scope and remendability.
  • The recent trend in hard law on business and human rights in Europe and further afield, creates further impetus for companies to respond to human rights challenges.

Risks across the tech sector: what have we learnt so far?

This panel looked at the current human rights risk's tech companies face, what is driving interest internally and how they are responding to potential human rights abuses.

Frameworks and governance of human rights:

  • The UN Guiding Principles: This document is vital for anchoring commitments companies make on human rights monitoring. Any business seeking to 'do more' on human rights would do well to map their risk profiles and plan responses around the thirty-one principles.
  • Governance of human rights: The trend is to have a very senior person with overall responsibility for human rights who can disseminate the policy and make sure a human rights culture is embedded. When conducting due diligence there is a need to make sure it is all done to the same standard and in line with corporate procedure but with some around specific sectoral/regional risks.
  • Industry coalitions and standards: It is difficult for businesses to understand the plethora of industry standards and NGOs active in the business and human rights arena. For standardised reporting and auditing, use industry coalitions to develop standardised procedures that can also disseminate best practice.
  • Group companies can find it difficult: For firms with a network of divisions and subsidiaries, the best way to approach human rights is to empower each division to take ownership of the risks in their area, particularly when it comes to procurement. The role of corporate is to make sure the training and best practice is shared and acted on within group companies.
  • Excessive reporting: The global trend is towards more reporting which takes a lot of time, resource and energy to comply with. This can mean the same people managing the reporting are unable to work on meaningful action.
  • Human rights impact assessments: These are the crucial ahead of carrying out due diligence and auditing of potential suppliers.
  • Leverage and shared auditing: Companies can get faster action from suppliers by acting as a collective, for example by sharing auditing and sharing risk maps.
  • Limitations of auditing: Auditing can be blunt but is still the major way most companies do due-diligence and labour rights monitoring across the world.


  • Legislation: Legislation has acted as a significant driver of human rights in business, with more laws passing globally on this subject.
  • Modern Slavery Act: The reporting requirements of the Act have been a significant driver in business understanding of their supply chains and operations. Business does not always like legislation, but it is a proven driver of change.
  • Stakeholder pressure: Pressure from staff, investors and customers has been important too in organisations. The single use plastic debate is an example of a wholesale change in business practices as a result of customer pressure.
  • However, it may not be the best solution compared to active dialogue with suppliers and sharing best practice.
  • Customer and client expectations: A question with no clear answer is whether to sell to companies that don't share values.
  • Jurisdictional challenges: There are key risks when operating in different jurisdictions. One is when a legislative requirement clashes with a firm's own commitment and managing different requirements in different areas.

Risks and mapping:

  • Service sector: There is a need for non-manufacturer tech firms to understand their risk profiles and have strategies to minimise such risks. Low risk doesn't mean no risk and companies must look at everything they are doing.
  • UK operational risks: There has been significant attention on global supply chain risks, but the UK should not be ignored. Support services and any area where there is low skilled, migrant and agency workers should be prominent on all risk registers. For example, security, cleaning and catering.
  • New market governmental risks: Due diligence ahead of entering a new market is essential and some things to look out for relate to government risks. For example, how well equipped is the judiciary, how does the government manage human rights, what frameworks are in place. Also need to factor in business culture, ownership and relationships between the state and business.
  • Human rights risks are changing: Companies need to look at how risks relating to emerging technologies are factored in to corporate planning. These include freedom of expression, the role of automation in factories and the regions where we will source new materials from.
  • Holistic view of human rights: Whilst supply chain risks are higher, data protection, equality and the right to privacy should also be in business thinking.

Operationalising and embedding human rights across an organisation

This panel focussed on how different parts of the tech sector design policies, conduct due diligence and implemented human rights across their supply chains and operations.

Business culture

  • The need to change corporate culture: A 'human rights first' culture must be fully integrated into corporate culture, not just seen as a reporting or due diligence requirement that sits in procurement or legal departments. This requires a shift away from the traditional approach to looking at business risk to one that also puts emphasis on the negative impacts on the individuals in the supply chain.
  • Human rights risks are tangible business risks: Human rights violations are tangible business risks, since they can lead to legal sanctions, business interruptions or even threaten the long-term sustainability of the business.
  • Leadership buy in: Panellists emphasised that senior level buy in, using tangible business drivers, is key so they can take overall responsibility and ensure training and awareness is dissipated. If struggling to engage boards, showing company leaders plausible real risks and threats to human rights will likely turn heads.
  • Corporate frameworks: Human rights can be embedded by following processes for other areas that need frameworks or due diligence (for example on-boarding or finance). All these frameworks are around minimisations, measurements and reporting human rights can be assessed that way.


  • Training across the organisation: As well as discussing how to generate senior buy-in, middle management and executive training is important too. Some businesses have a programme of education and awareness, starting with procurement teams. The Modern Slavery Act has created an impetus and saw businesses use training exercises that tailored human rights to specific job functions.
  • Education of staff: Volunteering and training is an excellent way to get staff to understand the human side of what can be seen as a distant problem. Getting people out their comfort zones builds resolve to try and address human rights and sustainability issues in supply chains and vulnerable regions. Following the training, another way to operationalise human rights is empowering staff to come up with answers to supply chain or human rights issue by utilising their day-job expertise.
  • Securing time and resources: Education, a good corporate culture and understanding of the risks means companies will invest in human rights, especially if there is real or perceived pressure from stakeholders such as investors.


  • Partnerships with civil society: Having policies, procedures and due diligence is good, but companies need to partner with NGOs and organisations in the operating regions to achieve those policies and generate impact.
  • Working as a sector: Co-operation with competitors who share the same supply chains and risk profiles can magnify impact and leverage. No-one should compete on sustainability, adherence to the SDGs or human rights. This includes developing collective reporting standards, responses to bad practice and impact measurement.
  • Disclosure and supplier training: Companies are often averse to disclosing human rights abuses that exist, but disclosure is important to build trust in your reporting especially if accompanied by steps taken to remedy the abuses found. Panellists advocated against disengaging the supplier as it is better to work with organisations in the supply trains than create a risk of workers being exploited elsewhere.

Tools and technology

  • Technology in due diligence: Better deployment of tech and ICT tools in auditing and due diligence can provide a dataset that is perhaps more objective than a purely people led auditing process and helps spot patterns others may miss.
  • Technology can make things easier: Existing and emerging technologies can improve supply chain transparency and allow more in-depth analysis and risks, so should play a major role in the actual operationalisation of human rights, particularly digital identity and blockchain solutions. However, firms should be ready to act on the disclosures this will reveal and have processes to act on the risks and instances the technology finds.
  • Blockchain could be transformational: Distributed Ledger Technology is an incredible opportunity to generate data on every incident and actor in a supply chain and if integrated with other datasets.

View from a non tech sector company & how to respond when abuses are found: Carly Bilsbrough, Shop Direct

This presentation looked at how human rights risks are managed in a retail and non-tech manufacturing context.

  • Retail has changed its approach to human rights and the sector needs to demonstrate it is working internally and with suppliers.
  • Shop Direct use Shift’s guidance and Ethical Trading Institute base code as a starting point for tier one suppliers. Specific red-flags for abuse is migrant labour and fully understanding the type of abuses found.
  • Typical sorts of abuses include passport withholding, payslips not in the correct language, fines and recruitment fees, poor health and safety plus accommodation.
  • Disclosing when abuses are found is scary but recommended. If others report and you don’t you risk being perceived as not active on the issue. Also It should be accompanied by and the steps taken to tackle the abuses found. This means not just monitoring, but meaningful action.
  • Supply chain engagement is key to creating partnerships. This means audits accompanied by support, training and upskilling staff and management in-region.
  • Using local staff to manage relationships and uphold standards is key, not least because it can be hard to translate western standards into local customs.
  • Important to work with other business that share the same supply chain risks.

Tools, guides and benchmarks

This panel examined what support and help there is for businesses including guidance documents, software tools and benchmarking.

  • techUK human rights policy template: techUK has launched a new guide for firms seeking to develop a human rights policy. This can be used by any organisation but aimed at smaller businesses who may not have the resources or internal expertise to develop their own. Will be the first of a series of guides from techUK on helping firms in their sustainability.
  • Cyber risks self-assessment guidance: techUK and DIT have published refreshed guidance on how cyber security firms can self-assess potential human rights risks relating to their export destination and end use. There is a grey area of cyber-technologies not covered by export control laws such as the Dual Use Regulation and Wassenaar but could still be misused. Again, this guidance is targeted at SMEs.
  • Convergence of tech tools: Convergence of AI, Blockchain and IoT along with a core digital backbone are key enablers for achieving an autonomous supply chain and could provide the necessary due diligence to run ethical business operations.
  • SME engagement: Getting SMEs to engage with associations and cross-industry initiatives is difficult, which is why guidance documents are important. SME engagement has also been low in initiatives. The European Partnership for Responsible Minerals recognises this and is developing a tool that SMEs can use to understand and act on their supply chains risks.
  • Importance of industry-wide initiatives: Companies of all sizes were urged to look at initiatives such as the Responsible Business Alliance and the European Partnership for Responsible Minerals. These all have resources and guides for business, as do organisations such as the Ethical Trading Initiative, Ardea, BHRC and KnowTheChain.
  • Implementation: Tools and software for human rights monitoring and due diligence should be designed at the start of any new market entry programme. Having a set purpose and goals helps and the tools can be implemented to meet the purpose, other than being an afterthought.
  • Role of the CHRB benchmark: The CHRB methodology is grounded in the UN Guiding Principles. Members expressed some concerns that CHRB assessment is based on publicly available documentation and not all the possible sources on information that is not in the public realm.
  • Benchmarking drives action: Comparing companies against each other via a competitive scorecard has driven action from business leadership and investors, and indeed can be used to help identify gaps in company's due diligence.
  • ICT in the CHRB benchmark: The benchmark is being extended into ICT and the methodology and scores are published online (linked to in Appendix 1). CHRB held a consultation on how to score manufacturers that techUK contributed to.
  • Further techUK activity: techUK was challenged on what more support can be done for business and human rights, particularly for SMEs. techUK is planning to support peer-review for Modern Slavery Statements and could do sessions on policies and guidance. SMEs interested were encouraged to participate in the Sustainable Supply Chain group and to engage in other techUK groups and events covering other human rights issues (data ethics, AI ethics, privacy etc).

Risks businesses overlook: Bill Skeates, Supply Chain Manager, Sky

  • Getting human rights right is an important part of your reputation, public perception and legal compliance.
  • This means thinking downstream, where products go at the end of life as well as upstream (where products are made).
  • Typical risks in the electronics manufacturing sector include child labour, excessive hours, fines and subtraction of wages. Migrant and agency work is where abuses are most likely to be found.
  • Businesses need to consider all their operations and support services, not just those related to product manufacturing. This includes logistics, packaging, cleaning, facilities management, catering and those producing promotional materials.
  • Raw materials are furthest away from the manufacturer, therefore working through the RBA or other initiatives is the best way to minimise raw material human rights.

Future-gazing: future tech sector human rights risks

This panel discussion focused on the emerging human rights issues the sector will face, the impact of new technologies and how the responses will shift over time.

  • Emerging tech: The efficiencies of AI and automation offer could lead to a further margin squeeze resulting in some suppliers potentially resorting to labour exploitation and cutting corners on safety and labour rights.
  • Gig economy: Labour is moving from permanent or fixed term contracts to zero hours or gig economy platforms. Companies using this labour will have to adjust how they think about human rights as more people move to the 'gig economy'.
  • Data privacy and ethics: These are considerations and should not be ignored in human rights discussions, particularly on the processing and use of data.
  • Human rights by design: Making sure business processes have respect for human rights from the start is a way to make sure you're always reacting, especially when entering new markets/sectors or operating in new regions.
  • Inherent discrimination: Equality and accessibility are emerging human rights risks, so businesses need to ensure this strand of human rights is protected when new tools and practices are developed internally or with suppliers.
  • Migrant workers/refugees: Population shifts are bringing new types of migrant workers and refugees into the supply chain for most businesses. Understanding the risks these people face and solutions around digital identity and access to redress will be increasingly important.
  • Climate and human rights: There is a need to mitigate what businesses are doing in the environment so they are not contributing to irreversible climate change that will hurt communities. It was noted that vulnerable communities are based in important tech and ICT manufacturing centres.
  • Due diligence: Industry needs to set the standards on emerging human rights risks. Legislation is reactive and slow to respond, so industry must take the lead in interrogating emerging human rights risks.
  • RegTech: New software and services aiding firms in their compliance are coming online and regulation technology is a booming sector. Businesses should map out and understand what tools are coming online to help risk mapping.
  • Collaboration: Vital to work with NGOs, academics and unions when mapping future risks or operating in new regions. Without effective collaboration the supply chain risks will only be partially mapped out. One piece of advice is to engage with organisations you'd rather not speak to in order to get a frank and more independent view on what a business can do.
  • Future pressures on industry: Surveys show 'Gen Z' see human rights as a major issue. Therefore, customer pressure will lead to more investor pressure for companies to push for change.
  • Shifting economics: Consumers (particularly younger ones) have less access to capital and are open to new ownership models. As they change what they spend money on, companies need to be aware of the labour and human rights risks that could emerge from these new business models.

Five next steps

  • Stay involved: Delegates wishing to keep involved with the techUK work on sustainability and business and human rights were encouraged to sign up to the techUK Sustainable Supply Chain Group. Email Susanne.Baker@techUK.org or Craig.Melson@techUK.org for more information.
  • Further techUK activity: techUK will be updating guidance on how to write a Modern Slavery Statement and running a peer review on drafting.

Appendix two: Speaker list

  • Antony Walker, Deputy CEO, techUK
  • Susannah McLaren, Advisor, Shift
  • Emiko Singh, Associate, White & Case LLP
  • Laura Okkonen, Senior Human Rights Manager, Vodafone
  • Helen Grundy, Sustainability Specialist, Hitachi
  • Richard Phillips, Director, Legal Initiatives (CORE), Accenture
  • Colleen Theron, Director Ardea International
  • Pratap Tambe, Head, TCS Blockchain, Tata Consultancy Services
  • Charlotte Kirby, VP Global Strategic Relations, Salesforce.org
  • Latifa Chomoko, Senior Corporate Sustainability Manager, PWC
  • Carly Bilsbrough, Global Operations Manager, Responsible Sourcing, Shop Direct
  • Rae Lindsay, Partner, Clifford Chance
  • Dan Neale, Programme Director, Corporate Human Rights Benchmark
  • Susanne Baker, Head of Environment and Compliance, techUK
  • Lt Col Mark Davis, Military Advisor Department for International Trade
  • Mayank Chandla, Procurement Technology Lead, IBM
  • Bill Skeates, Senior Compliance and Supply Chain Manager, Sky
  • Vinous Ali, Head of Policy, techUK
  • Felicitas Weber, KnowTheChain Lead, Business & Human Rights Resource Centre
  • Charlotte Brierley, Senior Responsible Business Manager, Sky
  • Jason Harrison, Client Director, Sopra Steria

Appendix three: Exhibiting organisations


Created with images by Nina Ž. - "untitled image" • Esteban Lopez - "untitled image" • Tomasz Frankowski - "untitled image"