Giving Compass' Take:

• Ranking Digital Rights provides its 2019 companies and trends - highlighting changes and accomplishments for investors and consumers. 

• How can funders helpt to incentivize protection of digital rights by companies? Should this data influence your investments? 

• Learn about impact investing.


The 2019 RDR Index ranked 24 companies on 35 indicators across three categories evaluating their disclosure of commitments, policies, and practices affecting freedom of expression and privacy. The RDR Index evaluates policies of the parent company, operating company, and those of selected services (depending on company structure).

Most companies improved scores in at least one area, and many made significant improvements in the past year. Yet companies still fell short:

  • Privacy: Companies still do not adequately inform people about all the ways user information is collected and shared, with whom, and why.
  • Expression: As companies struggle to curb extremism, hate speech, and disinformation, most lacked transparency about how they police content or respond to government demands.
  • Governance: Most companies failed to anticipate and manage privacy and expression risks caused by their business models, and by the deployment of new technologies.

Companies that led the RDR Index have stronger governance and oversight over human rights. Yet oversight and management of human rights risks faced by users remains inconsistent and uneven. Few companies provide effective grievance and remedy mechanisms.

Nearly all ranked companies made some improvements to their disclosures of policies and practices affecting privacy in the past year. But companies that led the Privacy category of the 2019 RDR Index distinguished themselves by going beyond minimum legal requirements—at least in certain areas, even if they were deficient in others.

The RDR Index provides a clear standard for investors to use in evaluating company respect for users’ digital rights. Shareholder value is put at risk not only by security breaches, but also when companies fail to identify and mitigate broader human rights risks across their business operations.