Corporate Social Responsibility, Data Protection and the Right to Privacy
Keywords:Data protection, human rights, CSR, Law, Human Rights, Privacy, GDPR
Technology and the internet have added a new stakeholder concern to the Corporate Social Responsibility (CSR) agenda: online privacy and data protection. This article traces the emergence of CSR on the agenda of businesses, considering developments in the United Kingdom, the United States and European Union and the business case that supports a move towards taking CSR seriously. Additionally, the article draws on views of leading theorists such as Friedman and highlights the power of consumer boycotts to pressure corporations to adopt ethical and socially responsible practices. Building on existing literature that establishes data protection as a CSR, the research outlines the legislative efforts to protect personal data and online privacy in the UK, focusing on the General Data Protection Regulation. It also considers the challenges created by Brexit and ongoing legislative efforts that attempt to limit data protection in the UK. Linking CSR and data protection to human rights, the article establishes breaches of data protections as violations of the right to privacy for which businesses should be held accountable. The paper argues that businesses are starting to pay more attention to their CSR in general and data protection as a CSR in particular. However, online privacy is still a rather new concept on the CSR agenda and businesses have to improve their efforts to ensure they have the correct framework in place to use and store data securely.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial License that allows others to read, download, copy, distribute, print, search, or link to the full text of works in this journal, or to use them for any other lawful purpose in accordance with the licence.