BUSINESS & HUMAN RIGHTS LAW: An Introduction to Global Market Leaders
Introduction
Since the 2011 adoption of the UN Guiding Principles on Business and Human Rights (UNGPs) and the corresponding updates to the (recently renamed) OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (the “OECD Guidelines”), global business and human rights developments have proliferated. Business and human rights-related legislation continues to emerge in jurisdictions across the globe, and a growing number of companies around the world are either currently obliged, or soon will be required, to conduct human rights due diligence and to report publicly on human rights impacts in their businesses and value chains. An even broader cohort of companies now find themselves subject to pressure to implement human rights policies and procedures for reasons that go beyond legal compliance, including:
- shareholder expectations;
- lender and financier requirements;
- customer and counterparty due diligence processes; and
- ESG indices.
Business and Human Rights Legislation
Business and human rights legislation can be categorised into several different types. First, there are reporting or public disclosure laws. These variously require companies to publish information about human rights risks and how these are being managed by the company, either in the context of specific human rights issues (such as the UK, Canadian and Australian modern slavery laws) or as part of a broader set of sustainability disclosures (as in the case of the EU Corporate Sustainability Reporting Directive (CSRD)).
A different model of legislation that has emerged, principally in Europe, is the mandatory due diligence law. Examples include:
- the French Duty of Vigilance Law (Loi de Vigilance);
- the German Supply Chains Act (Lieferkettengesetz);
- the Norwegian Transparency Act; and
- the EU Corporate Sustainability Due Diligence Directive (CS3D), which took effect in July 2024 and will apply to companies from 2027.
While these laws differ in terms of scope and specific requirements, all oblige companies to take steps to identify how they may negatively impact on rights-holders through their activities and business relationships, and to then implement measures to prevent or mitigate such impacts.
Finally, human rights-related import bans have increased in prominence. Notably, in the United States the government has enacted the Uyghur Forced Labor Prevention Act and enforced long-standing legislation in the form of the Tariff Act to prohibit the importation of goods suspected of being wholly or partly produced using forced labour. The EU is in the process of enacting similar legislation, while Canada and Mexico have enacted similar forced labour-related import bans, with the EU set to follow suit by the end of 2024 with the EU Forced Labour Regulation..
Despite the distinguishing characteristics of these legislative models, there is a continuum between them. For example, the rationale behind legislation that only requires disclosure by a company of key human rights risks and measures implemented to address them is that the company will, in practice, have to undertake due diligence in order to report such information.
These laws also share common features. Unlike certain previous sector- or issue-specific legislation, these new laws are cross-sectoral and commonly require consideration of the entire spectrum of internationally recognised human rights, as well as environmental harms. By focusing on global supply and value chains, they have transnational implications for companies beyond the legislating jurisdiction. By way of example, CS3D will apply to non-EU companies generating a minimum prescribed turnover in the EU single market.
Moreover, the imperative to conduct due diligence pursuant to these laws envisages the implementation of risk-based measures that extend to multiple tiers of the value chain. Accordingly, even where foreign companies or smaller entities might fall outside the scope of a particular law, they may nonetheless be expected to comply with corresponding requirements imposed by counterparties which are bound by these laws, including business partners, customers or financial service providers.
Notably, the responsibility to respect human rights under the UNGPs and OECD Guidelines extends not only to a company’s upstream supply chain (that is, the way products are manufactured) but also to potential human rights impacts in the downstream value chain resulting from the way the company’s goods or services are used. There is some variance in terms of the degree to which such downstream impacts are addressed in the emerging laws described above.
Business and human rights legislation is developing alongside other related sustainability laws and regulations, which may not directly impose due diligence duties but incorporate key human rights due diligence principles. For example, the EU Sustainable Finance Disclosure Regulation (SFDR) incorporates the UNGPs into its Principal Adverse Impacts regime, and the EU Taxonomy Regulation similarly requires alignment with the UNGPs (and the OECD Guidelines) before an activity may qualify as “sustainable”.
In addition, the EU’s Battery Regulation, Conflict Minerals Regulation and Deforestation Regulation all incorporate requirements to perform supply chain-related due diligence concerning human rights issues. Although these laws are, on the whole, being developed to be complementary to each other, as well as to CS3D, practical challenges may arise for businesses from divergences in terms of the specific due diligence and reporting obligations that each law imposes.
Civil Claims, Enforcement and Stakeholder Pressure
The above statutes have opened up new ways to bring civil claims and regulatory complaints against companies. For example, only a few months after the German Supply Chains Act took effect in 2023, NGOs began filing regulatory complaints against global brands for alleged breaches of the law relating to worker safety in the supply chain. Similarly, French courts have begun handing down judgments in claims brought against companies under the French Duty of Vigilance Law.
In addition to claims asserting breaches by companies of new statutory obligations, claimants continue to use more traditional avenues of civil remedy to raise novel arguments. In jurisdictions including the UK, Netherlands, USA and Canada, various tort claims have been brought against companies alleging liability for harms relating to the acts of third parties overseas, such as subsidiaries and suppliers. Recent cases also include claims against auditors and accreditation bodies where facilities or products are certified as meeting certain standards, but where human rights issues are subsequently alleged.
Customs authorities, particularly in the USA, have with increasing frequency imposed import bans on goods suspected of having been made partly with forced labour. Succeeding in having such “withhold release orders” lifted invariably involves demonstrating the sufficiency of the company’s due diligence and satisfying other requirements, including remediation.
Companies also face broader pressure as NGOs and activists use a combination of litigation, regulatory complaints and media campaigns, often as part of a co-ordinated strategy. OECD National Contact Points (NCPs) also provide a forum for complaints against companies concerning alleged breaches of the OECD Guidelines, and shareholders are increasingly raising resolutions that seek to compel the disclosure of information on human rights issues.
The Way Forward
Large numbers of companies have publicly committed to respecting human rights and implementing the expectations of the UNGPs and OECD Guidelines into their business practices. The complexity of the due diligence steps required to give effect to this ambition will vary between businesses and will change over time as a company’s operating context evolves.
For a multinational corporate group, expediency will often weigh in favour of a group-wide approach to developing policies and procedures. In doing so, it is important to manage potential legal risks, including by ensuring compliance with the patchwork of national laws that may apply. The global legal landscape will continue to develop in the meantime, including regarding the human rights risks of new technologies such as artificial intelligence.