The Proposed Technology Code of Conduct IFC has played in important role in working with industry, investors and other stakeholders to develop standard-setting frameworks.
For example, IFC’s Performance Standards on Environmental and Social Sustainability, the Corporate Governance Development Framework, and the Operating Principles for Impact Investment have been adopted as baseline standards across many DFIs and private sector investors.
In recent years, IFC clients have demanded more detailed guidance in managing the risks arising from the adoption of disruptive technologies, particularly in markets where clients move faster than regulators. That is why IFC has taken the initiative to canvass good practices and gaps in existing frameworks, and to take into consideration the needs of IFC’s clients, to develop a draft Technology Code of Conduct (“the Code”) and related tools to operationalize the principles of the Code.
1 Benefit: Technology should provide customers, individuals, and communities with access to products, services, and capabilities that benefit them.
2 Inclusiveness: Technology should be designed and developed in a manner that ensures outcomes reflecting the requirements and values of individuals and communities expected to use or benefit from the technology.
3 Fairness: Technology should be designed, developed and used in a fair and non-discriminatory manner. Technology providers should avoid anti-competitive or unfair commercial practices that unreasonably impede technology access and adoption.
4 Transparency: Affected individuals, communities, and stakeholders should be provided with access to information sufficient to understand the risks, opportunities, and impacts of the technology.
5 Informed Consent: Affected individuals and communities should be provided with the right to give meaningful informed consent before using the technology.
6 Validation: The claimed principles, norms, and outcomes of the technology should be validated by training and confirmation against scenarios and datasets appropriate to the envisioned purpose, risks, stakeholders, and implementation scale.
7 Security: Technology should be designed, developed and used in line with technical and organizational safeguards sufficient to assure its secure use and protect against misuse, especially in relation to personal data.
8 Responsibility: Technology providers and the technology developed shall comply with applicable law and should respect human rights. Technology providers should assist public authorities to understand the risks, impacts, and opportunities of the technology in order to develop effective policy and regulatory frameworks.
9 Accountability: Technology providers should be accountable for the performance and foreseeable ethical implications of the technologies they develop and for managing evolving and emerging issues from continuous technology improvement. This includes ensuring that affected individuals and communities have recourse to judicial and administrative remedies, as well as appropriate mechanisms for consultation and redress.
10 Governance: Technology providers should maintain governance and management systems appropriate to the purpose, scale, and potential impacts of the technology to assure reasonable control over such impacts. Technology providers should seek to avoid, minimize, and mitigate potential risks and impacts, including environmental, social, governance, and privacy risks and impacts.
11 Proportionality: Application of these Principles should be scaled to risks and adverse impacts of the technology, and in the case of early stage technology providers, to their maturity, financial resources and capacity.
12 Continuity: Any transfer of technology, including any licensing or joint venture arrangement, or any change in control transaction, should be made with due regard for the continued application of these Principles.
In summary, the principles in the Code are organized into three tiers, from most conceptual to most operational:
The three Core Values—Benefit, Inclusiveness, and Fairness—provide the underlying, absolute priorities and provide a reference point for resolving potential conflicts and inconsistencies in the implementation of the safeguard and building block-level principles.
The six Safeguards—Transparency, Informed Consent, Validation, Security, Responsibility, and Accountability—build on the Core Values and provide a basis for developing concrete, practical tools, processes, and systems needed to achieve outcomes consistent with the Core Values.
Finally, the three Building Blocks—Governance, Proportionality, and Continuity—provide the overall framework and inform, integrate, and establish realistic expectations for the tools and approaches to be developed.