Search Shi Tao Illegally providing state secrets November 23, 2014 HRIC Trends Bulletin on "China's Environment and Situation of Water" HRIC Statement for Tibetan Uprising Day: "March 10: Out of Exile, Into the Streets!" Where's Hu Now?: Let your voice be heard on Hu Jintao's U.S. visit HRIC Comments on HR 4780: Global Online Freedom Act of 2006 Li Zhi Appellate Ruling: English translation HRIC Testimony to "Monitoring Respect for Human Rights" Articles Alert: Feb 2006 HRIC Trends Bulletin: Media Crackdowns in China HRIC Testimony to "Internet in China" Congressional Hearing		Change text size Print this page HRIC IT Best Practices Matrix [First published in the Human Rights and Spam: A China Case Study in March 2005.] HRIC has outlined an preliminary framework for developing best practices that would help companies doing business in China to first, avoid complicity in human rights violations, and second, to exercise leadership in promoting human rights in their respective spheres of influence. The following matrix was first published in March 2005 as a part of the Human Rights and Spam: A China Case Study. HRIC is currently in the process of updating the chart and recommendations, and would welcome any input and suggestions. The IT best practices matrix focuses on three types of IT companies: information providers, hardware and software developers, and connectivity. It reflects a preliminary model for developing best practices that address both domestic implementation and cross-border impact of anti-spam technology and legislation with regards to censorship and freedom of expression; privacy and anonymity; and surveillance and security issues. For each area of concern, the framework identifies specific issues to consider in developing best practices. To operationalize practical and effective approaches will require the collaboration and creativity of multiple stakeholders, including NGOs, consumers, and business. Areas of Concern - Censorship/Freedom of Expression - Privacy and Anonymity - Surveillance and Security   Levels of Issues Types of IT Companies Examples of Companies Doing Business in China End User ISP Backbone Information Providers Portals Publication Service Providers [1] Bokee.com LexisNexis Microsoft Sony TimeWarner Yahoo! Google Notifying users when information is removed; Retrieving information or posts on public forums without revealing personal identification information. ISP liability for information transmitted over their networks; ISP record keeping of transmissions over the network; User approval of ISPs sharing information with third parties.   Hardware Software Cisco[2] IBM Microsoft[3] Nortel[4] Norton[5] Oracle User authorization of information transferred via software; Hardware linking unique token numbers to Internet requests/forum posts to specific machines. Retaining individual information on network's users and Internet activities in ISP logs; Linkages allowing monitoring of messages sent or received. Routines that regularly monitor traffic over backbone hardware or software providers' network. Connectivity China Telecom China Unicom MCI AT&T Monitoring traffic from individual user machines beyond that required to identify network abuse.   Record keeping and use of logs with any information that would identify the originating machine. // ENDNOTES [1] Recognizing that there is a great deal of overlap with individual companies acting in multiple roles offering different services. [2] For example, router, bridge, modem. [3] For example, operating system. [4] For example, switch, fiber system. [5] For example, firewall, anti-virus. //
Copyright © 2006 Human Rights in China. All rights reserved. Disclaimer  /   hrichina[a]hrichina.org  /   www.hrichina.org