June 2023 has been significant for corporate responsibility and due diligence. Not only has there been a headway by the European Union (EU) Parliament on its decision regarding the Corporate Sustainability Due Diligence Directive (CSDDD), finally there is also an updated version of the Organization for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprises on Responsible Business Conduct (Guidelines). The relevance of placing accountability at the doorsteps of large businesses is obvious in these moves.
Multiple analyses have pointed out the hits and misses with respect to the 2023 targeted updates to the OECD Guidelines for Multinational Entities (MNEs). However, do the targeted updates really meet the requirements of the present and the near future?
This essay argues otherwise. We have been experiencing tech’s onslaught on development for over a decade now. The past decade alone has witnessed the rise and proliferation of social media, which has exacerbated the spread of misinformation and consequent violence; the emergence of the platform economy and its precarities; the infrastructural progress by the top digital companies like Amazon, Microsoft, and Google, and a move towards digital across fields in general. The Covid-19 pandemic also enabled tech to push forward in newer ways.
Digital corporations became the top companies to watch, and their leaders took on the mantle of multi-billionaires. It is also not shocking that severe loopholes in taxation regimes enabled these corporations to continue making profits at a breakneck pace. While this peak may have plateaued or even tanked in the last few months, we continue to witness advances in the form of generative artificial intelligence (AI) and the sheer power of data.
In this light, an update to the 2011 version of the OECD Guidelines is timely. The question to ask, however, is whether the text of the Guidelines is expansive enough to cover new and emerging challenges or is the failure to include explicit issues from today’s digital experience a let-down for the forward-looking nature of the document. If the OECD Guidelines are largely amended once in 10 years or so, then what will the next decade look like with the current 2023 draft?
Digital corporations became the top companies to watch, and their leaders took on the mantle of multi-billionaires. It is also not shocking that severe loopholes in taxation regimes enabled these corporations to continue making profits at a breakneck pace.
OECD’s Targeted Updates
Much has already been written about the impressive parts of the OECD’s 2023 updates which included a long consultative process in 2022, with participation of civil society members. IT for Change also participated in the public consultation held in February 2023, and made several recommendations for the digital economy, the concerns of which continue to be inadequately addressed in the June 2023 document.
On the positive side, the recognition of the importance of due diligence frameworks and their incorporation, both upstream and downstream, along the value chains, while providing rights for all workers, is a significant move. Even the Science, Technology, and Innovation (STI) chapter has due diligence requirements, a definite move in the right direction. Additionally, the recognition of data value cycle with emphasis on “responsible data governance practices” is a significant addition.
A relevant piece of input comes right in the preface of the 2023 guidelines, something that wasn’t captured in 2011 – the definition of an MNE. “A precise definition of multinational enterprises is not required for the purposes of the Guidelines,” the text notes. The document further adds that “the international nature of an enterprise’s structure or activities and its commercial form, purpose, or activities are main factors to consider in this regard. These enterprises operate in all sectors of the economy. They usually comprise companies or other entities established in more than one country and so linked that they may coordinate their operations in various ways.”
This is especially important in the case of digital transnational corporations, that often have evaded regulation on account of not falling within traditional regulatory definitions for the products and services they offer. The OECD itself has noted how digitalization creates regulatory concerns. In that regard, the emphasis on the enterprise’s activities and its commercial purpose become significant aspects to consider.
The Science, Technology, and Innovation Chapter
The addition of “innovation” as a word in this version certainly comprises a major change in the chapter. Focusing on technology diffusion by MNEs, while a noble cause, can still lead to data extraction, a unidirectional flow of the benefits of data – away from its generators and towards such MNEs – and, subsequently, inequity. The chapter commentary is also cognizant that MNEs should consider the “long-term developmental, environmental, and societal impacts of technology.” This is important but insufficient as the text is unable to outline a number of such issues. Additionally, the commentary expands the scope of the actual text significantly – for example, developers of new technology are expected to “address ethical, legal, labor, social and environmental challenges raised by novel technology,” even as they promote technological advances. However, as to why the actual text of the provisions does not refer to this is a question worth asking.
Two significant aspects that the tech chapter also fails to address are questions concerning data and frontier tech.
[The guidelines] fails to recognize the immense value that corporations generate out of the digital intelligence they collect. Additionally, the question of data flows is only considered in the commentary where the document identifies its significance in “international commerce, information and knowledge exchange to bridge digital divides and sustainable development.”
The data question – data value, data flows, and data governance
Arguably the 2023 version of the Science and Technology chapter looks vastly different from its counterpart from 2011, which treated MNEs as tech evangelists who brought technology to underdeveloped countries. The improvement in the text is commendable. In fact, the text also covers data access and sharing with safeguards by stating, “enhance access to and sharing of data to foster scientific discovery and innovations with due regard to the protection of intellectual property rights, confidentiality obligations, privacy, personal data protection, export controls and non-discrimination principles.”
While useful, this offers only a limited view of data value, as it fails to recognize the immense value that corporations generate out of the digital intelligence they collect. Additionally, the question of data flows is only considered in the commentary where the document identifies its significance in “international commerce, information and knowledge exchange to bridge digital divides and sustainable development.” Access and sharing of data does not exist in a vacuum. Cross border data flows are a contested issue, with G7 countries pushing for free flow of data with trust and an alternative rights-based data flow emerging from other quarters. The absence of recognition of divergent opinions is a glaring flaw in the text. The OECD has also supported the G7 agenda through its digital economy paper series. However, given that several countries, many of whom are in the Global South, act as data suppliers because of their market size, a clear recognition in the Guidelines would have ensured that digital MNEs are cognizant of the same. Merely covering data theft, privacy concerns, and national security as potential harms from data flows is not enough.
While the recognition of the data value cycle is important, the chapter stops short of defining expressly the minimum standards and obligations of data governance. The text includes a description of what these standards and obligations must have – “codes of conduct, ethical principles, rules regarding manipulation and coercion of consumers, and privacy and data protection norms,” which is useful as it provides some ground for incorporating norms for data collection, use, and storage. However, at the very least, purpose limitation, data minimization, storage limitation, and similar considerations identified in EU’s General Data Protection Regulation (GDPR) could have been expressly codified into the Guidelines.
Leaving questions of technology solely to “voluntary, safe, secure and efficient transfer of technology, and know-how on mutually agreed terms” is a limited view of the fast-paced digital world today. In the last few months, generative AI models like ChatGPT, GPT4, Dall-E, and Midjourney have taken the world by storm. There is also cryptocurrency, blockchain, metaverse, and a host of other developments that have emerged in the last few years. The complete absence of references to frontier tech, especially AI and its uses, makes the 2023 Guidelines particularly ill-equipped to address newer developments in the digital space.
While the commentary recognizes that STI is an evolving topic and states that the scope is kept “broad and inclusive” to account for future risks, in reality it may serve to function in the opposite way. A clear parallel emerges with the 2011 version of the text and its ability to address concerns around technology in the last five years. The 2023 text, by not recognizing the power and impact of frontier tech, is potentially setting itself up to be insufficient in addressing specific digital challenges. It also enables corporations to function without the necessary accountability frameworks. The first-mover advantage, which also comes with lower regulatory compliance, has often been the reason why tech corporations have succeeded in becoming market leaders. In light of the fact that even the EU is working towards an AI Act, critique notwithstanding, there is enough evidence to understand that globally, policy directions have recognized the importance of express regulation for certain frontier tech. In that regard, the Guidelines have fallen short.
The complete absence of references to frontier tech, especially AI and its uses, makes the 2023 Guidelines particularly ill-equipped to address newer developments in the digital space.
Non-Standard Work Arrangements
The Guidelines had the opportunity to reaffirm the establishment of gig work as a regular feature of the workplace, but failed to do the same. While the text does refer to “contractual arrangements” and urges companies to meet their standards, which may extend to some platform workers, it does not include an express recognition to ensure that there is scope for claiming those rights. As such, it is almost anachronistic in 2023 to not acknowledge the role of platform work given its immense impact. Provision 4(b) under Chapter IV on Employment and Industrial Relations requires MNEs to provide wages, benefits, and conditions of work comparable to other employers in host countries.
In the absence of comparable employers, MNEs have to provide the “best possible wages, benefits, and conditions of work, within the framework of government policies and applicable international standards.” This becomes particularly tricky in the case of platform work, where MNEs have continued to establish poor standards not just in Global South countries, but also in the Northern countries, preferring to keep work arrangements contractual and precarious. Domestic law frameworks also have lagged considerably behind, which enables digital-first MNEs to have suboptimal policies with regard to their workers. In fact, oftentimes MNEs even refuse to accept that workers have any relationship with the company outside a contract which establishes the worker as “independent”. This independence, of course, is far from reality since workers are tied closely with the business logic of the MNE and often find themselves managed by algorithms, unable to make decisions that place their interests ahead of the corporation’s.
The environmental due diligence requirements are one of the improvements in the text of the Guidelines. So much so that under Provision 5 of Chapter VI (on Environment) it states that there should be sustainable use of technology, with capabilities of durability, reparability, and reuse. This is significant as technology corporations are some of the most complicit actors of environmental harm today, not only due to the massive energy use, but also mining of minerals, especially in Global South countries. Due diligence requirements when corporations have business relationships in these regards are important to note.
However, it is also important to note that the text doesn’t refer to newer technologies that are persistent drains of energy resources and require large server farms to sustain. Blockchain and cryptocurrency have been known for drawing large swathes of energy. In the absence of any recognition of these technologies and their impact on the environment, it is questionable if the Guidelines do justice to concerns of sustainability. Additionally, planned obsolescence is a feature of today’s technology market and the limitless growth that corporations seek to achieve. It remains to be seen if complaints within the framework of the Guidelines can be introduced through the National Contact Point process for devices that cease to remain functional because a newer, faster option is available.
Taxes on digital corporations continue to be some of the lowest. Digital MNEs are able to locate their intellectual property, on which they rely immensely, in tax havens and pay little to no tax. The Guidelines do not offer much for tax reforms, but in fact refer to the OECD’s Inclusive Tax Framework on Base Erosion and Profit Shifting as a way of increasing transparency in the system. However, the effectiveness of this framework has been critiqued.
Without tax reform, the large profits that these transnational corporations make – although these have been impacted because of a potential slowdown – enable them to entrench themselves and become dominant in the market. Research shows that urgent tax reform is required to ensure digital corporations pay taxes in accordance with the revenues they make.
Domestic law frameworks also have lagged considerably behind, which enables digital-first MNEs to have suboptimal policies with regard to their workers. In fact, oftentimes MNEs even refuse to accept that workers have any relationship with the company outside a contract which establishes the worker as “independent”.
While it is not easy to foresee where technology will go next, it is fairly certain that regulatory systems will continue to play catch up. An opportunity like the updates to the OECD MNE Guidelines is significant in that regard, especially to influence the agility of regulatory systems. At present, the Guidelines may not be ready to address all of the emerging questions around the digital world. However, it is possible that other regulatory regimes take note and move in a direction that is cognizant of the realities of the present day world.