Download this Paper Open PDF in Browser

Human Rights and Cybersecurity Due Diligence: A Comparative Study

28 Pages Posted: 18 Jun 2016 Last revised: 16 Sep 2017

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Date Written: June 16, 2016

Abstract

No company, just like no nation, is an island in cyberspace; the actions of actors from hacktivists to nation states have the potential to impact the bottom line, along with the human rights of consumers and the public writ large. To help meet the multi-faceted challenges replete in a rapidly globalizing world — and owing to the relative lack of binding international law to regulate both cybersecurity and the impact of business on human rights — companies are reconceptualizing what constitutes ‘due diligence.’ This Article takes lessons from both the cybersecurity and human rights due diligence contexts to determine areas for cross-pollination in an effort to provide firms with a more comprehensive view of due diligence best practices divorced from a particular technological or cultural context. In so doing, this Article uses the Guiding Principles on Business and Human Rights as a starting point, marrying this framework with the relevant cybersecurity literature and the overarching analytical framework of polycentric governance. Ultimately, the argument is made that organizations should take a wider view of enterprise risk management that combines their cybersecurity and human rights aspirations given the growing extent to which these fields are becoming interlinked under the umbrella of sustainable development.

Keywords: cybersecurity, cyber attack, human rights, Ruggie Framework, polycentric governance, Internet governance, due diligence

Suggested Citation

Shackelford, Scott, Human Rights and Cybersecurity Due Diligence: A Comparative Study (June 16, 2016). University of Michigan Journal of Law Reform, Vol. 50, 2017; Kelley School of Business Research Paper No. 16-47. Available at SSRN: https://ssrn.com/abstract=2796634

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Paper statistics

Downloads
243
Rank
105,189
Abstract Views
765