MULTI- STAKEHOLDER INITIATIVES AND SECURITY SECTOR GOVERNANCE: OPPORTUNITIES AND CHALLENGES

Transcription

1 WORKING PAPER MULTI- STAKEHOLDER INITIATIVES AND SECURITY SECTOR GOVERNANCE: OPPORTUNITIES AND CHALLENGES 1 INTRO Multi- stakeholder initiatives (MSIs) 1 are increasingly recognized as having the potential to effectively address new and evolving security governance challenges, particularly those arising from the state s failure to effectively regulate private actors impacts on the security sector. The reasons for this failure are many, including the ever- expanding reach and influence of globalization internationally resulting in a shift of the centre of gravity of public- private relationships, 2 an increasing number of traditionally governmental functions being assumed and provided transnationally by private actors, and state regulatory and enforcement systems which are slow to adapt to this changing paradigm. Out of this realigning and redistribution of influence and control are emerging new communities of interest 3 and governors who cannot be defined by in terms of national or territorial labels, but who nevertheless influence and impact public goods including security. MSIs specifically endeavour to engage these new actors in a governance space, adapting internationally- agreed standards to be appropriate to apply to the private sector, and crafting new forms of multi- stakeholder oversight and governance. While it may seem unusual to involve private actors in the governance of the security sector, such initiatives arise out of the growing influence and even control that private actors exercise internationally on parts of the security sector, both as private actors providing security services to both public and private clients, as well as public security actors providing security services largely in favour of a private client, such as extractive companies or humanitarian organizations. When considering the security sector from a human security vantage point, in which safeguarding individual human rights embodies the very notion of security, the relevance and importance of MSIs becomes even more apparent. In this larger context initiatives, such as the FLA which work to prevent labour rights violations and the GNI which seeks to protect human rights within the context of the internet, are relevant. For purposes of this paper, the author considers these to be initiatives that endeavour to improve governance of the human security sector. 1 For the purpose of this paper, MSIs can be defined as initiatives in which different stakeholders participate including businesses, other non- state actors and sometimes state actors with an objective of supporting industry compliance with international legal standards, including (but not limited to) international human rights. DCAF has been deeply involved in some of the most innovative MSIs in this field, in particular the International Code of Conduct Initiative, and has seen first- hand the potential that this and other similar initiatives can offer to more effective security sector governance. 2 Allison Bailes, DCAF YB For the purposes of this paper, the author defines communities of interest as being composed of actors who share one or more common interests: Examples of such communities include human rights advocacy organizations, private security service providers, groups promoting particular political or moral beliefs, and even intergovernmental organizations created to address challenges that are common across states, such as health and human rights. Such groups have become more prevalent with the advent of new technologies such as the internet which provide low cost and easy access to communication networks.

2 The paper begins with a brief overview of rationales and objectives for creating MSIs, identifying common reasons for why they were launched and highlighting elements of private sector of control or influence over aspects relevant to the security sector. This is followed by a short presentation of common areas addressed by MSIs, including developing and setting international standards, and the crafting of mechanisms for governance and oversight of those standards. To ensure that the discussions remain practical, concrete examples of these elements will be presented in the next section drawing from actual MSIs. The International Code of Conduct for Private Security Service Providers (ICoC) and its oversight mechanism the International Code of Conduct Association (ICoCA), a MSI initiated by Switzerland and developed by DCAF in the role of project lead and neutral facilitator, will figure most prominently in these examples. These will be complemented by additional examples from other MSIs, including the Voluntary Principles for Security and Human Rights (VPs), the Global Network Initiative (GNI) and the Fair Labor Association (FLA). 4 These elements will then be analyzed, identifying challenges and opportunities, and drawing lessons from real world experiences. The paper concludes by considering the implications for other areas in which multi- stakeholder governance models may be relevant, such as internet governance. 5 2 PRIVATISING PUBLIC GOODS : THE CHANGING FACE OF THE PUBLIC SECTOR Long the established framework underpinning the traditional international order, the Westphalian model 6 has been undergoing significant transformation in recent times, particularly over the last century with the emergence of more institutionalized multilateralism. This shift has signalled a growing recognition by states of the value of collaborating together in areas where they share a common interest, as well as a move away from the individual state command and control model 7. The rise of a new understanding of privatisation in the 1980s as a means of improving efficiency and lowering costs of the delivery of many services traditionally provided by the state 8 has added a new dimension to this notion of common interests. Increasingly, private actors have a stake in supporting these common interests through the delivery of goods and services, often delivered to multiple states concurrently by multi- national corporations with presences across multiple states. Examples of such privatised public goods 9 and services include telecommunication services and 4 As an active observer to the VPs, DCAF draws on its own direct experience with the initiative as well as from additional research. DCAF has not participated directly in either the Fair Labor Association or the Global Network Initiative, the information presented is drawn from both research as well as communications with participants in the Initiative. 5 At the end of this paper, you will find an Annex containing a side- by- side comparison of the different MSIs approaches to key elements in security sector governance. 6 This refers to the Peace of Westphalia (1648) which ushered in a new international framework, in which states were deemed to be in exclusive control of all matters contained within their territorial boundaries, and which discouraged interference by one state into the affairs of another. 7 Carlo Manuel Drauth, Closing Global Governance Gaps Through Corporate Social Responsibility, Hertie School of Governance, Working Papers Series No. 54, August See Deborah Avant, The Market for Force, p. 35, Cambridge University Press (2004) 9 Public goods can be defined as being non- rival in consumption and non- excludable. An example of such a public good is human security: because the amount of human security enjoyed by one person does not affect the amount of human security enjoyed by another, it is non- rival in consumption; because we cannot limit the enjoyment of human security to only those who contribute to it, it is non- excludable. For more discussion of public goods being provided by private actors, see D. Avant, Pragmatism and Effective Fragmented

3 platforms, mass transit services and security services. This shift from public to private provision has important implications for traditional oversight and governance regimes, requiring the involvement of more actors, development of appropriate standards and the crafting and establishment of new kinds of governance frameworks. 2.1 SECURITY SECTOR GOVERNANCE CHALLENGES AND THE ORIGINS OF MSIS This evolution into exponentially more complex systems of provisions of goods and services on a global scale has at times confounded the standard regulatory framework where states hold oversight and enforcement powers. With globalized private actors providing services on behalf of or instead of states on a transnational scale, they often evade the oversight and accountability mechanisms that have been designed to regulate state actors. As an example, take the hypothetical scenario of a PMSC based in Dubai, managed by UK nationals and staffed with personnel of Filipino, Ugandan, Chilean and Greek nationalities hired by the US government to provide security services in Sudan. In this scenario the contracting, home or place of company headquarters, and territorial 10 states are all different, as are the states of nationality of the different members of personnel. Additionally, this fictional security team operating in Sudan could next be moved to the Democratic Republic of Congo, or to a site in northern Peru wherever their skill set and services were required by the market- - changing once again the territorial state. In the case of an incident occurring in one of those sites, the complexity of what law to apply to which actor in which territory under which jurisdiction is such that it can result in fragmented and sometimes conflicting pieces of legislation from a number of different jurisdictions applying concurrently to one operation, causing confusion and often resulting that private actors evade accountability. This challenge is becoming more pervasive as activities that were traditionally performed by the state- - and regulated by intergovernmental agreements- - are becoming privatized. Another challenge to the efficacy of the traditional state- centric governance model is the increased number of failed or failing states who are unable to exercise effective control over their own territory or citizens. Oftentimes the challenge is brought into sharp focus by a scandal (civilians being killed by private security actors, the discovery of sweatshops with child labourers, etc.), where governments have been unwilling or unable to effectively use their regulatory powers to protect the human rights of citizens. Against this backdrop, MSIs are launched with a mission to help rectify some of these wrongs, prevent future violations and improve respect for human rights by both public and private actors. 2.2 TAKING STOCK OF PRIVATE SECTOR INFLUENCE AND CONTROL Along with the realisation that the public sector is not adequately regulating private actors is the recognition that private sector actors have a measure of ownership or control and/or influence over certain elements of the security sector. Examples of this would be control / influence over the manner in which security services (both private and public) are provided, or the manner in which Governance: Comparing Trajectories in Small Arms and Military and Security Services, Oñati Socio- Legal Series, v. 3, n. 4 (2013) Law, contestation and power in the global political economy, ISSN: (2013) at p Definitions from The Montreux Document on pertinent international legal obligations and good practices for States related to operations of private military and security companies during armed conflict of 17 September 2008 which recognize cross- border or transnational state obligations under international law as triggered by the particular relationship of a private company to a state.

4 human rights are respected (right to life, labour conditions, privacy). Control / influence can be exercised both through harder contractual agreements as well as through softer means such as moral and social / reputational pressures. Recognizing which actors exercise influence and control is an essential element of designing an effective MSI. The task of identifying the right stakeholder groupings, as well as defining the participants who will constitute those groups, has historically been one of the areas of most contention in establishing MSIs and can have a significant impact on the success / effectiveness of the MSI. While a stakeholder could be broadly defined as someone who either impacts or is impacted by the subject matter at hand, what is key is that the appropriate stakeholders have governing authority, or in another words that they have the expertise and ability to credibly make decisions that other stakeholders will consent to follow 11. Different MSIs have taken different approaches to stakeholder inclusion. For example, some have included state actors while others have chosen not to. In fact many MSIs, including the ones discussed in this paper, have excluded stakeholder groups that would meet the definition above. 12 The reasons for excluding a stakeholder group can vary, including perceived conflicts of interest or damage to the independence / credibility of the initiative. Another challenge can arise when an identified stakeholder group does not want to participate, or wants a lower level of participation / responsibility than would be indicated by its level of influence or control THE NEED FOR NEW STANDARDS One of the key challenges in regulating private actors is that often the relevant existing international standards have been designed for state actors, and therefore include assumptions about powers and resources which may not be available to private actors. An example of this is the UN Basic Principles for the Use of Force and Firearms, which assumes that they will be applied to state security agents, and includes provisions that are inappropriate for private security providers, such as rules for restraining and detaining persons. In this context, it is unsurprising that one of the key elements and reasons for launching an MSI is to develop and set international standards for non- state actors, and to elaborate norms and standards for States interacting with non- state stakeholders. In undertaking this standard setting process, MSIs typically engage the different relevant stakeholders in considering existing standards, including international, national as well as from the private sector, and develop a new set of standards drawing from these sources and taking on board the real life expertise on the subject that stakeholders can contribute. Including stakeholders with a variety of different relationships to the matter at hand provides for important checks in the process. For example, including both businesses and human rights advocacy civil society organisations (CSOs) in the discussions helps to ensure that different viewpoints are represented (e.g., impactors and impactees ), as well as keeping the standards grounded in reality, so they are more likely to be useful. 11 Similar to the consent of the governed as the basis for democratic governance 12 TheICoC / ICoCA, GNI, FLA and VPs are all examples of MSIs that have taken more restrictive approaches in stakeholder participation. See discussion below. 13 See below the discussion on the role of non- state clients in the ICoC initiative.

5 2.4 CRAFTING EFFECTIVE GOVERNANCE MODELS While the face of the public sector has changed dramatically, its inner workings have largely remained the same. Even with the surge in multilateral institutions described above and the recognition that common interests can transcend borders, the standard kit for regulation still relies almost exclusively on state actors to ensure that human rights are respected and that security is maintained. This state centric paradigm can sometimes mislead the public at large on the roles and activities of the private sector. For example, during the Iraq war casualties of US contractors including private security personnel were not included in the official casualty numbers released by the US government, arguably providing a rosier picture to the American public of the war in Iraq. Excluding the vast number of private actors who increasingly directly impact public goods such as security, or who are directly impacted by them such as the civilian population in a failed state, without these interests being adequately represented in a governance framework results in governance gaps. MSIs respond to this challenge by including representatives from multiple sectors, including different areas of the private sector, as part of their governance model. The stakeholder configuration within the MSI should take into account the different stakeholder areas of influence and control, and should be designed to ensure that these are fairly represented and structured in such a way as to meet the stated objectives of the initiative. This goes both to the choice and number of participating stakeholders, as well as to the relative proportions of influence / decision- making power of the different stakeholder groups within the governance model. 14 Elements that are important for effective governance models include how decisions are taken, the manner in which compliance is verified, what information is shared publicly, and how the model is funded. Successful implementation of these elements is critical for the success of the MSI, going both to the effectiveness and credibility of the initiative. 2.5 MSIS AS FORCE MULTIPLIERS In addition to contributing to the more traditional elements of SSG, MSIs have other, arguably equally important functions. An MSI serves as an outward public face and central point of contact and information on relevant issues. It also provides a platform for dialog and discussion among the relevant stakeholder groups, serving as a place where good practices and helpful tools can be shared, and where new concerns and challenges can be raised. As such it also provides a forum for evolving existing standards and governance mechanisms to keep pace with the changing faces of industry, keeping the initiatives relevant with the passage of time. 3 MSIS IN ACTION This section aims to open a window on the structures and activities of actual MSIs, offering a practical view of the challenges identified by the initiatives, as well as describing the actions undertaken to meet those challenges. As will be seen below, while the reasons for starting each of 14 For example, one governance configuration could be a representational model with three representatives from three identified stakeholder pillars (governments, industry and civil society) each having equal weight, whereas another governance configuration could weigh the stakeholder participation, giving more seats to one stakeholder group over another, such as 6 industry representatives, 3 civil society, 3 academics. Also, governance can eschew representatives, instead letting all participating stakeholders participate in decision- making.

6 the MSIs were remarkably similar, each MSI chose a distinct (but not completely dissimilar) path in response. 3.1 SSG CHALLENGES AND THE ORIGINS OF MSIS At the outset, the stories describing the genesis of the MSIs presented in this paper sound much the same: high profile reports of human rights abuses not being adequately handled by the state. As will be elaborated further below, the perceived inability of states to adequately meet their international obligations to protect members of the civilian population has led interested private actors, sometimes joined by state actors, to take steps to develop supplemental regimes with the primary objective to prevent such abuses from occurring in the first place. THE INTERNATIONAL CODE OF CONDUCT INITIATIVE 15 : The ICoC arose out of a climate of fear and outrage against the activities of PSCs who were perceived by many to be trigger- happy cowboys operating with impunity. During the early 2000 s, the spotlight turned onto the surge in numbers of private security personnel 16 and their alleged abuses of the civilian population in the context of the wars in Afghanistan and Iraq. A number of high profile cases which accused PSCs of committing acts of torture and murder in a legal vacuum 17, meaning that there was little or no governmental accountability for such criminal acts, served to further increase outrage and calls to action for better regulation and accountability of the private security sector. In response, a number of initiatives were launched during the mid- 2000s involving both state and non- state actors, including the precursor to the ICoC, the Montreux Document on Private Military and Security Companies (Montreux Document ). 18 When the ICoC initiative began in early 2009, it was able to build on and expand on the work of the Montreux Document. Its overarching objective is to promote the responsible provision of security services and respect for human rights and national and international law. THE VOLUNTARY PRINCIPLES ON SECURITY AND HUMAN RIGHTS. In a similar fashion to the ICoC, the VPs initiative was created to respond to human rights incidents in the context of mining and petroleum operations. Launched by the US and UK governments in This initiative aims to engage oil, mining and gas companies, governments and NGOs in a dialogue on security and human rights issues in the extractives industry, to provide guidance to extractives companies in conducting risk assessments and on their interaction with public and private security providers regarding human rights practices. THE FAIR LABOR ASSOCIATION. In response to reports of dangerous conditions and widespread use of child labour in factories, in 1996 US President Clinton brought together a multi- stakeholder 15 The International Code of Conduct Initiative refers to both the International Code of Conduct for Private Security Service Providers (ICoC) as well as to the International Code of Conduct Association (ICoCA), the oversight and governance mechanism for the ICoC. 16 See e.g., US GAO Report to Congressional Committees CONTINGENCY CONTRACTING DOD, State, and USAID Contracts and Contractor Personnel in Iraq and Afghanistan, October See e.g.,peter Singer, War, Profits, and the Vacuum of Law :Privatized Military Firms and International Law, COLUMBIA JOURNAL OF TRANSNATIONAL LAW, vol 42, pp (2004). 18 While not a MSI per se, the Montreux Document, a largely state- focused initiative of the Swiss government, helped to pave the way for the ICoC by articulating existing state obligations under the Geneva Conventions that states had towards private military and security companies operating in the context of an armed conflict, and also listed 73 good practices that were largely expressions of human rights law.

7 group of industry, human rights, labour and consumer groups known as the Apparel Industry Partnership to develop a system to assure consumers they were not buying clothing or footwear from sweatshops. Subsequently, the Fair Labor Association (FLA) was established in 1999 and has as its overarching mission to combine the efforts of business, civil society organizations, and colleges and universities to protect workers rights and improve working conditions worldwide by promoting adherence to international labour standards. 19 THE GLOBAL NETWORK INITIATIVE. In the face of increasing government pressure on companies in the Information & Communications Technology (ICT) sector to comply with domestic laws and policies in ways that may conflict with the internationally recognized human rights of freedom of expression and privacy, the Global Network Initiative (GNI) was launched in The purpose of this initiative is to provide a framework for guidance to the ICT industry and its stakeholders in protecting and advancing the enjoyment of human rights globally, in particular the rights of freedom of expression and privacy. Table 1 Objectives of MSIs Objectives of MSIs Voluntary Principles Fair Labor Association Global Network Initiative ICoC Initiative This initiative aims to engage oil, mining and gas companies, governments and NGOs in a dialogue on security and human rights issues, and guide extractives companies in conducting risk assessments and on their interaction with public and private security providers. The mission of the FLA 20 is to combine the efforts of business, civil society organizations, and colleges and universities to promote and protect workers rights and to improve working conditions globally through adherence to international standards. The purpose of this initiative is to establish a framework provide direction and guidance to the ICT industry and its stakeholders in protecting and advancing the enjoyment of human rights globally, and to ensure accountability for the implementation of these Principles. The ICoC aims to promote the responsible provision of security services and respect for human rights and national and international law. 3.2 TAKING STOCK OF PRIVATE SECTOR INFLUENCE AND CONTROL While these MSIs were created under similar circumstances, they have each taken different approaches in the stakeholders they included and the governance models they developed. For example, some have included states as stakeholders (ICoC / ICoCA & VPs), while others have not (FLA and GNI). Of particular note, both the FLA and the GNI involve a diverse group of private stakeholders, including suppliers, academic institutions and investors. In similar fashion, the ICoC initiative included provisions holding subcontractors of member companies accountable to the same requirements to prevent member companies from effectively contracting out of their responsibilities under the code. This can be explained in part by the identified influence and control these different actors exercise on the sector, as well as an assessment of where loopholes may exist. 19 Preamble, FLA Charter as amended 12 February From the FLA website, available on- line at: work/mission- charter

8 THE INTERNATIONAL CODE OF CONDUCT INITIATIVE. Launched in early 2009 after the successful completion of the Montreux Document, the ICoC initiative endeavoured to include relevant public and private sector actors, identifying three primary stakeholder groups to participate in the initiative: governments 21, private security companies, and civil society organizations. Regarding the latter, one of the more challenging areas has been defining what criteria civil society organizations should fulfil in order to participate. This stems from the fact that from a definitional standpoint, civil society organizations can be comprised of any non- governmental group. While it is generally understood that businesses are not civil society organizations, a number of other organizations with close ties to business such as trade unions, industry organizations or non- profit human rights consultancies might fit into this category. To tackle this problem, criteria were developed for assessing CSO participants independence and reputation for promoting and protecting human rights, to be evaluated by members of the existing CSO pillar. Another stakeholder group, non- state clients, was identified and there have been discussions about including it as a fourth stakeholder pillar, but during the development of the initiative there was not sufficient interest on the part of this stakeholder group to engage more closely. Currently, a number of non- state clients are participating as observers, with discussions underway to include non- state clients more formally in an advisory group. 22 THE VOLUNTARY PRINCIPLES ON SECURITY AND HUMAN RIGHTS. Launched in 2000, The VPs was an initiative led by the US and UK governments to provide guidance to extractive companies in maintaining the safety and security of their operations within a framework that encourages respect for human rights. It includes as its main stakeholders: extractive industry companies, governments 23, and civil society groups. Regarding the latter group, criteria for CSOs similar to those described in the above section on the ICoC were developed and adopted by the initiative in It also has an observer category, to which a number of organizations such as DCAF and the ICRC belong. Of interest, one stakeholder group which has not been included in this initiative, despite being one of the subjects of the guidelines, is the private security industry. THE FAIR LABOR ASSOCIATION. In contrast to the first two initiatives, and despite being launched under a US presidential mandate, the FLA does not include direct government participation in the initiative. Instead, it consists of participants from companies (apparel and footwear name brands), suppliers, academic institutions, collegiate licensees, and civil society organizations. While ngo /labor representatives may be members of the Board, one stakeholder group that has not been specifically included in the governance framework is that of labour unions. 24 THE GLOBAL NETWORK INITIATIVE. Similarly to the FLA, the GNI opted to not include government participation. This was a conscious decision, predicated on the belief that involving governments could undermine the independence of the initiative which aims to protect both freedom of speech and the right to privacy. Instead, the initiative is composed of: large information 21 At the time of writing, member states of the ICoCA are: Australia, Norway, Sweden, Switzerland, UK and US. 22 There has also been much exchange between the ICoC initiative, and the Voluntary Principle initiative in which a significant non- state client group, extractive industry companies, constitute an important participant. 23 At the time of this writing, the states that are members of the governmental pillar include: Australia, Canada, Colombia, Ghana, The Netherlands, Norway, Switzerland, United Kingdom, and the United States 24 AFL- CIO Report Responsibility Outsourced: social Audits, Workplace certification and twenty years of Failure to protect Worker Rights, April 2013, available on- line at:

9 and communications technology (ICT) companies, CSOs, academics and investors. Investors include consideration of the issues covered in the Principles into their investment decision- making. Table 2 Stakeholder Participation Stakeholder Participation Voluntary Principles Fair Labor Association Global Network Initiative ICoC / ICoCA VP Participants consist of 3 stakeholder pillars: - States - Extractive companies - CSOs Also includes observers. The FLA participants consist of: - Companies (Name Brands) - Suppliers - Academic Institutions - Collegiate Licensees - Civil Society Organizations The Global Network Initiative is composed of members from the following stakeholder groupings: - Academics - Civil Society Organizations - ICT Companies The ICoC Association is composed of members from: - States - Private Security Companies - Civil Society Observers to the initiative will include non- state clients, academics and states which do not join as members. 3.3 THE NEED FOR NEW STANDARDS With the identification of a new set of private actors as stakeholders comes the need to identify and adapt existing international standards such that they would be relevant and effective for private actors. Furthermore, by setting standards for private actors that are coherent with those developed for public actors, this helps to both harmonize standards as well as to support behaviours that are consistent with human rights and humanitarian law, and contributes to human security. THE INTERNATIONAL CODE OF CONDUCT INITIATIVE. In terms of developing and implementing standards, one of the primary purposes of the ICoC initiative was to set international standards for providing private security services in accordance with human rights. Drawing from the previous work done for the Montreux Document, the ICoC launched a multi- stakeholder process to identify the most significant human rights challenges posed by private security companies, and then translated those standards from international human rights treaties into a format that was appropriate for the private security industry. This process resulted in the development of the ICoC, a document that offers principles and standards for the conduct of private security company personnel, as well as describing management systems and polices that private security companies should implement in order to promote a culture of human rights protection within the companies, as well as to lower the likelihood that personnel will harm the civilian population. THE VOLUNTARY PRINCIPLES ON SECURITY AND HUMAN RIGHTS. The VPs are a set of principles developed in a process led by the US and UK governments involving governments, extractive companies and CSOs that were finalised in December The principles are designed to guide companies in maintaining the safety and security of their operations within an operating framework that encourages respect for human rights. The principles set out guidance for the following activities: Risk Assessments carried out by Extractive Companies, Interactions between Companies and Public Security, and Interactions between Companies and Private Security. As an example of exploring potential synergies / benefits through cooperation of distinct MSIs operating in related fields, since the establishment of the ICoC, there has been increasing interaction with VP participants

10 regarding how the ICoC initiative can inform and support their contracts with private security companies. THE FAIR LABOR ASSOCIATION. The FLA Workplace Code of Conduct and Principles of Monitoring are the initiative s founding documents 25 developed by the multi- stakeholder task force Apparel Industry Partnership described above. The Code of Conduct is based on International Labor Organization (ILO) standards. Companies that join the FLA commit to 10 Principles of Fair Labor and Responsible Sourcing and agree to uphold the FLA Workplace Code of Conduct throughout their entire supply chain. THE GLOBAL NETWORK INITIATIVE. At the heart of the GNI are the Principles on Freedom of Expression and Privacy, which were developed by companies, investors, civil society organizations and academics, and are based on internationally recognized laws and standards for human rights, including the Universal Declaration of Human Rights ( UDHR ), the International Covenant on Civil and Political Rights ( ICCPR ) and the International Covenant on Economic, Social and Cultural Rights ( ICESCR ). Specifically, these Principles cover the following areas: Privacy, Freedom of Expression, Responsible Company Decision- Making, Multi- stakeholder Collaboration and Governance, Transparency and Accountability, and provide high- level guidance to companies in the ICT sector regarding how to respect and protect the rights of users to freedom of expression and privacy, particularly when facing government demands for disclosure of personal information and censorship of users. GNI has also elaborated a set of Implementation Guidelines, which provide ICT companies more detailed information about how to put the Principles into practice, and which create a framework for multi- stakeholder collaboration. Table 3 Setting International Standards Setting International Standards Voluntary Principles Fair Labor Association Global Network Initiative ICoC / ICoCA The Voluntary Principles are designed to guide extractive companies in the conduct of the following activities: - Risk Assessments - Interactions between Companies and Public Security - Interactions between Companies and Private Security Companies that join the FLA commit to 10 Principles of Fair Labor and Responsible Sourcing and agree to upholding the FLA Workplace Code of Conduct throughout their entire supply chain. The Code of Conduct is based on International Labour Organization (ILO) standards The GNI sets out human rights principles for ICT companies in the following areas: - Privacy - Freedom of Expression - Responsible Company Decision- Making - Multi- stakeholder Collaboration - Governance, Transparency and Accountability The ICoC identifies and translates standards from international human rights treaties into a format appropriate to guide conduct of private security company personnel, as well as describing management systems and polices that private security companies should implement. 25 The texts of these two documents can be found on- line here: english/telearn/global/ilo/guide/apparell.htm#members of Apparel Industry Partnership, last accessed

11 3.4 CRAFTING EFFECTIVE MULTI- STAKEHOLDER GOVERNANCE MODELS At the heart of effective MSIs are the development of systems for taking decisions, designing checks and balances, implementing assurance and verification models, sharing information with the public and the modalities for obtaining sufficient funding. In the section below, the manner in which each of the four MSIs implement these systems will be presented. THE INTERNATIONAL CODE OF CONDUCT INITIATIVE. The ICoCA Board of Directors, the executive decision- making body of the ICoCA, is a multi- stakeholder entity composed of 12 members, 4 from each of the three stakeholder pillars: governments, private security companies and CSOs. Decisions 26 are taken by the Board according to a weighted- majority vote. For any decisions to be approved by the Board, at least 2 members from each stakeholder group must vote in favour, contributing to a total of at least 8 out of 12 Board members agreeing for a vote to pass. In practice, this kind of weighted majority vote supports decisions taken by consensus. 27 The ICoCA also has a multi- stakeholder General Assembly of all members to the Association, which is structured in the form of three stakeholder pillars. Importantly, General Assembly votes take place separately in each of the three pillars. Therefore, for a vote to pass, it must pass separately in each of the three pillars. This helps to ensure balanced stakeholder decision- making, even when one stakeholder pillar contains significantly more members than another. The General Assembly retains a few important powers including the approval of budgets and oversight of the Board. Of note, upon a positive vote the General Assembly can dismiss the Board at any time, providing an important check on its power. Certification, monitoring and third- party grievance constitute the core functions of the Association. 28 Upon joining, companies agree to have their implementations of the Code verified through a certification process, as well as to participate in good faith in ongoing monitoring by the Association, including participating in both reporting and field visits. Member companies also agree to ensure that persons injured by member company activities are able to obtain effective remedies by participating in a grievance mechanism, which is supervised by the Association. If companies are found by the Association to be non- compliant, they must jointly develop a remediation plan with the Association to bring the company back into compliance. If the company does not act in good faith to comply with this plan within a reasonable time, the company may be suspended or terminated. Important consequences flowing from being suspended or terminated include the failure to obtain subsequent contracts, as an increasing number of clients including states, multi- national companies, international organizations and humanitarian organizations are requiring membership in good standing to award contracts. In what could be termed as the hardening of soft law mechanisms, Switzerland has recently passed a law 29 that will require that Swiss- based companies operating abroad in complex 26 To see a list of the Board s powers, please see the ICoCA Articles of Association 8, As of the date of this writing, neither the Board of Directors nor its predecessor the Temporary Steering Committee (TSC Jan 2011 Nov 2013) has actually resorted to a formal vote, instead whenever disputes arose participants were able to find compromises that enabled them to take decisions by consensus. 28 At the time of writing, the oversight and compliance procedures are currently being developed by the Association, and therefore have not yet been fully implemented and cannot be described in great detail. Nevertheless, these activities and the vision for their implementation have been discussed extensively, drawing on the actual experiences and lessons learned from other initiatives as well as the experience and expertise of participants. The following presentation is based on the provisions of the ICoC and ICoCA Articles of Association, as well as the author s own participation in these discussion. 29 The text of the law is available on- line at the following address: gazette/2013/1651.pdf (text in French), last accessed

12 environments 30, as well as those companies hired by Swiss government abroad in complex environments to protect Swiss governmental entities such as embassies and missions, to join the ICoCA and be a member in good standing. The ICoCA takes a mixed approach to transparency. So long as a company is a member in good standing, and is complying with the requirements of the ICoC, the Association will keep sensitive information about its activities and any incidents confidential. This reflects the belief that assurance of confidentiality is necessary for companies to share sensitive information including of its potential non- compliance. Even in this last case, confidentiality is still preserved if a company recognizes the lack of compliance with the ICoC, so long as it acts in good faith in a timely manner to bring its operations into compliance with the code and the requirements of the Association. Failure to do so results in either suspension or termination of membership, which is made public on the Association s website. Also, in exceptional cases where the non- compliance is publicly known (such as high- profile incidences in the headlines), the Association may speak more frankly and publicly about its efforts to bring the company back into compliance. Finally, the Association will publish an annual report that provides information on activities and trends of companies, including where there is non- compliance, but so long as the relevant companies have met their membership obligations adequately and in good faith, these reports will be anonymised. Regarding funding, the ICoCA has a mixed funding model, currently receiving slightly more funding from governments (~55-60%) than from member companies. Future projections expect a similar formula for funding down the road, recognizing that a mixed funding model can convey more independence and credibility than one in which one stakeholder group provides most or all of the funding. THE VOLUNTARY PRINCIPLES ON SECURITY AND HUMAN RIGHTS. Since its establishment in 2000, the VPs has evolved to a more complex governance structure, recently adding a Secretariat and a Steering Committee to the Plenary for a total of three institutional bodies, and incorporating an association under Dutch law to take care of administrative matters. 31 The Steering Committee is the executive decision- making body composed of members from each of the three pillars who are selected by each of the three pillars under arrangements as determined by their respective pillar. Each pillar has four votes, for a total of twelve. Taking an approach to voting similar to that of the Board of Directors of the ICoCA, the Steering Committee requires 8 out of 12 votes of members, with no fewer than 2 votes from a given pillar. In this way, it ensures that support from all stakeholders. The Plenary is constituted by all members from all of the three stakeholder groups (but unlike the General Assembly of the ICoCA it is not divided into different pillars), meets at least annually and is chaired by a government member on a rotating basis. The Secretariat runs the day- to- day administrative tasks for the operation of the VPs initiative. In taking decisions, the Plenary and the 30 The term complex environments seems to refer to a term of the same name contained in the ICoC, which defines complex environments as any areas experiencing or recovering from unrest or instability, whether due to natural disasters or armed conflicts, where the rule of law has been substantially undermined, and in which the capacity of the state authority to handle the situation is diminished, limited, or non- existent. As of the writing of this paper, the list of areas which would qualify as complex environments has not been determined. 31 From the Voluntary Principles Multi- stakeholder Initiative Comparison Chart Oct 2013, available online at: content/uploads/2013/02/vps_icoc_eiti_comparison_chart.pdf, last accessed

13 Steering Committee strive to achieve consensus. Where that is not possible, then a positive vote requires 75% of the vote of all members present at the plenary. The Voluntary Principles does not have an oversight or accountability function as such, although its articles of association envisage the possibility that a company can be deemed inactive or expelled upon a vote of the Plenary. 32 As part of its Strategy Paper, the VPs envisage developing a Verification process, including designing a [c]redible method for assessing implementation 33 by member companies. The Voluntary Principles approach takes a participant approach to transparency. Upon joining, member companies and governments are requested to develop an action plan for implementation, and to report on the progress made on an annual basis. These reports, which often include detailed information about incidents where human rights were impacted, are then shared among members of and observers to the initiative, but no further. Members and observers are required to sign an affirmation that they will keep this information confidential, and will not share it beyond the participant body. Funding for the VPs comes from both government and company members, who are assessed roughly the same level of fees (~$25,000 / year). As there are significantly more company members than governments 34, the majority of funding comes from member companies. FAIR LABOR ASSOCIATION. The FLA is governed by a Board of Directors that consists of six business representatives, six Labour / NGO representatives, six university representatives and a Chair. The industry board members are selected by the Business Caucus, or the group of participating companies who have fulfilled the requirements to join the FLA. In response to the difficult question of how to select appropriate CSO participation, the Labour/NGO board members are chosen by a majority of the then- serving Labour/NGO board members, thereby relying on the judgment of the previously selected members. The college or university affiliate board members are selected by the University Advisory Council, a group of participating universities. The Chair is nominated by a multi- stakeholder committee and confirmed by a supermajority of the Board. In order to join, participating companies and suppliers must submit a monitoring plan detailing their internal compliance arrangements, provide an annual report detailing their activities to implement the FLA Code of Conduct in its operations, and participate in the Sustainable Compliance Initiative (SCI) programme, in which they submit to FLA monitoring 35, including unannounced factory visits, and to participate in its third party complaints and investigations processes which address workers' rights violations. FLA aspires to a policy of complete transparency of its findings, publishing all results from assessments, findings from unannounced visits, and its third party grievance procedures on its website. This material also includes the agreed plans of action and timelines to respond to findings of noncompliance. In terms of funding, most of this comes from participating companies and 32 Ibid., Section XIII. 33 Voluntary Principles Strategy , available on- line at: content/uploads/2014/05/voluntary_principles_strategy_- _ pdf, last accessed At the time of writing there are 9 governmental members and 26 company members. 35 For more information monitoring and compliance, please visit

14 participating suppliers. 36 The lack of diversification of funding sources has caused some critics to doubt the initiative s independence. 37 GLOBAL NETWORK INITIATIVE. GNI is governed by a Board of Directors which is composed of eight representatives from companies, four from non- governmental organizations, two from the academic community, two from the investor community, and an Independent Chair. The primary purpose of the Global Network Initiative's Board of Directors is to further the Principles and to oversee the organization to fulfil the vision of the GNI. Participating companies agree to submit to independent assessments of their compliance with the principles. The independent assessors will prepare detailed reports explaining each company s responses to specific government demands, and evaluating the effectiveness of the company responses individually and overall in implementing the Principles. Where appropriate the independent assessors will recommend steps the company should take to better implement the Principles in the future. Each company will have the opportunity to review and respond in writing to the independent assessors' draft report and final report. The company s responses to the independent assessors' draft and final reports are provided to the organization s staff for further review and evaluation. Ultimately the Board of the Organization will assess whether the company is in compliance with the Principles and this determination will be made public in an annual report. The Global Network Initiative takes a qualified approach to transparency: participating companies submit to independent assessments of their compliance with the GNI principles, the reports of which are shared with GNI and the concerned companies, but not with the general public. Instead, GNI s Board prepares an annual report in which the main highlights of the company assessments, including challenges identified and actions taken, are described. Importantly, the concerned company where a challenge has been identified is named in these annual reports. GNI receives its funding from a number of sources: companies pay a membership fee based on a sliding scale according to revenue. Non- company participants give a nominal contribution of between $100 and $1,000. Foundations also provide funding for GNI. The author was unable to find any public information on the percentage breakdown of these funding sources. Table 4 Multi- stakeholder Governance Models 36 For more information on FLA dues, please visit: 13.pdf 37 See e.g., Critics Question Record of Monitor Selected by Apple, by Steven Greenhouse, NYT, 13 February 2012, available online at: question- record- of- fair- labor- association- apples- monitor.html?_r=0, last accessed

15 Multi- stakeholder Governance Models Voluntary Principles Fair Labor Association Global Network Initiative ICoC / ICoCA Equal representation of 3 pillars on Steering Committee. No weighted voting in Plenary. Participating companies can be either declared inactive or can be expelled by vote of the Plenary. Board of Directors with 6 business reps, 6 Labour / NGO reps, 6 university reps and Chair. Participating companies and supplier agree to submit to FLA monitoring, including unannounced factory visits and to participate in its third party complaints and investigations processes which address workers' rights violations flagged by union representatives, workers, or local CSOs. Board of Directors with 8 reps of ICTs, 4 from CSOs, 2 academics, 2 investors. GNI participating companies agree to undergo independent assessments of their compliance. Based on this, the GNI Board makes a determination of the company s compliance, which is then communicated publicly in its annual report Equal participation & voting weight of governments, PSCs and CSOs in both Board and General Assembly Oversight and compliance functions are carried out through certification, monitoring and third party grievance. Non compliant companies membership can be suspended or terminated. 4 SSG CHALLENGES AND MSI RESPONSES: COMPARATIVE ADVANTAGES AND CHALLENGES The foregoing sections have considered the theory behind and presented models of some MSIs. This section aims to take an analytical approach, comparing how the different models approach particular challenges, and identifying trends, good practices as well as persistent challenges and weaknesses of MSIs, with a view to identifying lessons learned. 4.1 FILLING IN REGULATORY GAPS: ADVANTAGES AND LIMITS OF MSIS This paper began by presenting MSIs as a way to supplement some of the gaps in traditional, state- based regulation of private actors. What has not been heretofore presented are the limits of MSI approaches to governance, some possible unintended consequences of MSIs on state regulation, as well as some promising trends in making MSIs more effective. While it is uncontroversial that many states lack the resources to exercise effective control over parts or all of their territories, and therefore are unable to adequately protect the human security of its civilian population, what is more problematic are those situations in which the state is able but unwilling to do so. Against this backdrop, there have been suggestions by some CSOs and states that relying on MSIs instead of using hard law to hold companies accountable is a way for states to avoid fulfilling their obligations to protect their civilian populations, thereby supporting impunity of companies. 38 As a counter point, some states have called into question the ability of enduring 38 See e.g., discussions of the open- ended intergovernmental working group to consider the possibility of elaborating an international regulatory framework on the regulation, monitoring and oversight of the activities of private military and security companies.

16 states 39 to effectively regulate private security companies operating beyond their territorial borders, stating that a combination of oversight and governance by the ICoCA, plus a state s leverage as key buyer as the most effective approach to regulate private security actors. 40 This portrays the non- territorial state not as unwilling, but as effectively unable to regulate beyond their territorial borders. The truth likely lies somewhere between these two positions. While MSIs through their multinational networks can oftentimes reach further than individual states, and are able to positively influence their behaviour, it is clear that these initiatives cannot avail themselves of criminal jurisdiction, and therefore cannot hold private actors criminally accountable. Instead, by putting private actors on notice and making them aware of how they should be performing activities, MSIs can be seen as strongly preventive in their approaches to better protect human security. Yet preventive does not equate fail- safe. The three MSIs that have been in operation for a longer time, FLA, VPs and GNI have each faced significant challenges during their tenures along with significant crises in confidence. For example, the revelations of Edward Snowden detailing the extent to which the US government was using the internet to invade the privacy on its own citizens was a blow to the very essence of the GNI, eliciting questions about what realistically could such an organization accomplish in the face of US power, and prompting some participating organizations to leave the organizations. 41 Perhaps what would be more realistic is to adjust expectations for what MSIs are able and not able- - to accomplish. Clearly, MSIs do not have at their disposal many of the important coercive powers associated with state command and control, but as we saw at the beginning of this paper, governments are also finding that their powers can be limited in reach and ill- adapted to regulating private actors operating globally. The author would suggest that effective regulation of private security actors requires an interlocking framework of national, regional, international and private control mechanisms using consistent standards, and that MSIs can have an important role to play within this system to contribute to the ultimate goal of protection of human rights. Furthermore, an emerging trend of states strongly encouraging through their procurement policies or even requiring industry member adherence to and compliance with MSIs as a matter of law gives some more teeth to soft law approaches of MSIs TAKING STOCK OF PRIVATE SECTOR INFLUENCE AND CONTROL In considering who should take part in a MSI, a number of questions first need to be answered: who are the right stakeholders to participate in the initiative and how are they chosen? What kinds of expertise do they bring to the initiative, whom do they represent, and where do they hail from? 39 The author uses enduring states to mean the opposite of failed states 40 UK Report to OHCHR June 2012, available online here : 41 See EFF quits Global Network Initiative over NSA surveillance revelations surveillance- revelations- prompt- eff- resignation- from- global- network- initiative.html 42 Reference to Swiss Law in note 28. UNDSS has issued Guidelines onuse of Private Security Companies requiring membership in the ICoCA, available on- line here: vices.pdf, last visited Furthermore, US and UK security procurement policies encourage the use of ICoCA member companies.

17 Taking a closer look at industry participants, all of the MSIs discussed in the paper have included participants of the principal industry to be regulated, however there has been variation in whether or not other members along the supply chain have been included. Both the FLA and GNI have been more inclusive in this respect, including suppliers and investors. A similar logic can be found in the ICoC s requirements that member companies have responsibilities to ensure subcontractor compliance with the Code, in effect preventing member companies from effectively contracting out of their due diligence responsibilities under the Code. Enlarging stakeholder participation to include a larger section of the supply chain would seem to provide more assurance that the initiatives standards and principles would be adhered to, eliminating or lessening pressures from suppliers or contractors to take shortcuts that might lead to non- compliance. In line with this thinking, the failure of the ICoC initiative at this point in time to fully engage clients is a potential weakness of the initiative, since client buy- in that recognizes the value of Association membership and would favour or ideally require it of its security providers is a powerful driver in growing membership and supporting compliance with the Code. Turning to the CSO sector, while selection of the right kind of civil society participants has been one of the more challenging aspects of MSIs, there seems to be an emerging trend that the qualities of independence and human rights advocacy are essential, and that these sometimes very subjective criteria can be best assessed by the existing CSO members of the initiative. While this approach makes sense given the special role of CSOs as watchdogs that helps to bring credibility to these initiatives, it does create a situation where the selection of the first members of the CSO pillar are particularly important, as they will then set the tone for all subsequent members. Governmental participation or lack thereof has also been a subject of some contention in MSIs. Indeed, among the MSIs discussed in this paper there appears to be two schools of thought on the value of government participation in initiatives which endeavour to fill some governance gaps found in state regulation: one which sees governmental participation as undermining the independence and effectiveness of the initiative (GNI and FLA) and another which seeks to engage governments in constructive dialog with private stakeholders, bringing their experience in regulation and governance to the table to help evolve multi- stakeholder approaches. One pervasive weakness of MSI participation in governance, particularly within the government stakeholder groups, is the disproportionately higher representation of states from very similar economic and cultural backgrounds (Northern European / Anglo- Saxon) than from the rest of the world. The lack of diverse geographical and developmental diversity in the initiatives means that these viewpoints are underrepresented in MSIs, and could mean that important considerations are not included in discussions. Including more diverse government participation is a priority for the two MSIs discussed that include government participation, with the recent adherence of Ghana to the VPs hopefully being a harbinger of more diverse nations to join. While at the time of writing the government pillar of the ICoCA lacks diversity, it has had more success in getting broader cultural and geographic representation in both the CSO and industry pillars. 4.3 CONSTRUCTING THE GOVERNANCE FRAMEWORK While each of the MSIs presented in this paper takes a different approach to governance and compliance, there are some common elements and emerging trends that are worth examining further.

18 One of these is the trend of independent assessments. Both FLA and GNI have developed programmes and systems for monitoring and assessing member company performance, and the ICoCA is currently developing similar mechanisms as part of its governance mechanisms. While the VPs do not currently have such mechanisms, members have indicated a willingness to develop a Verification process, including a [c]redible method for assessing implementation. Independent assessments are a form of private oversight, filling in some governance gaps left by the failure of states to effectively oversee companies. Another trend is that of stakeholder pillars choosing their representatives on the Board / executive decision- making body of the MSI. This selection process is used by all four MSIs, and indicates that stakeholder members on the executive decision- making body are representative of their stakeholder group, which by making the determination of how their representative will be chosen offers a consent to be governed by the chosen representative. This helps to fill in some of the democratic deficit governance gaps, by involving affected parties in the process to choose representatives. Finally, another emerging trend is that of weighted stakeholder voting, whereby successful votes by the executive governing body require support from all stakeholder groups, helping to ensure that the views of one stakeholder group are not eclipsed by the rest of the stakeholders. The governance structure of the ICoCA goes one step further in weighted stakeholder voting by extending it to the general membership of the Association, also dividing the General Assembly into three stakeholder pillars, and requiring a positive vote from all three pillars on the matters in which it has competence. Importantly, one of these powers, the right to dismiss the Board, provides a check on the executive body. 4.4 LEARNING LESSONS AND CONTINUOUS IMPROVEMENT As a final note, MSIs excel at fostering communication and supporting effective dialog among a variety of stakeholder groups with very different viewpoints of and stakes in the sector. Not only does this make stakeholders aware of a broader set of issues and challenges than they would were they to keep communications to their own stakeholder group, it also provides a forum to share lessons learned, good practices, and to develop responses to new challenges as the initiative evolves and matures. All of the MSIs profiled in this paper demonstrate continuous learning, further developing and amending existing standards, procedures and guidelines to respond to new and emerging challenges and opportunities. This dynamism and responsiveness is crucial to support effective responses to market forces that impact our human security in new, sometimes troubling and often surprising ways. 5 CONCLUSION: LESSONS LEARNED AND LOOKING FORWARD Taken together, these different multi- stakeholder models offer some common elements and lessons learned that can provide guidance for future initiatives endeavouring to establish multi- stakeholder governance models. In summary, the following elements and action points support effective multi- stakeholder governance: Set the Stage: Identify and Articulate Purpose and Objectives

19 Before launching an initiative to improve governance, it is important to clearly identify what you are trying to accomplish through the initiative. This can be done by first identifying the relevant challenges and governance gaps, and then by setting out a framework for meeting those gaps. For example, in its preamble the ICoC first identifies the challenges posed by the PSC sector, stating that the activities of PSCs can have potentially positive and negative consequences for their clients, the local population in the area of operation, the general security environment, the enjoyment of human rights and the rule of law. It subsequently states that the purpose of the ICoC initiative is to set forth a commonly- agreed set of principles for PSCs and to establish a foundation to translate those principles into related standards as well as governance and oversight mechanisms. 43 These statement clearly set the stage for the ICoC initiative by setting out the challenges it is trying to address, and then setting out a framework for addressing those challenges which include developing principles and standards for private security providers as well as to develop governance and oversight mechanism. After articulating a clear purpose and objects, a multi- stakeholder initiative can then begin the process of defining scope, participants and procedures. Identify the Players: Define Stakeholder Participation When clear objectives have been identified, then defining stakeholder participation becomes possible. Relevant stakeholders are those who can contribute significantly in achieving the objectives of the initiative, bringing practical experience and expertise in the industry or subject matter from different perspectives, including those of the impactors and the impactees. Furthermore, these stakeholders, particularly those participating in the governance framework, need to gain the confidence and consent of their peers to represent their interests within the framework. Set International Standards and Provide Guidance for Implementation One of the key elements of MSIs is to develop international standards that are appropriate for private actors, taking internationally- agreed international standards such as those found in international human rights treaties and humanitarian law and translating them into standards that can provide practical guidance for private sector behaviours and activities. These standards should complement and reinforce national and international laws and regulation, contributing to interlinked systems of governance and oversight that help to close governance gaps that are found in each of the different systems of governance. Develop the Multi- Stakeholder Governance Model The multi- stakeholder governance model depends upon both the defined objectives of the initiatives and the identified stakeholders. Of primary importance is to ensure that each stakeholder group has appropriate influence and say in the governance model, so decisions taken truly reflect all defined stakeholders points of view. The weighted majority voting structure found in the Boards of the of the VPS and ICoCA offer examples of how decisions can be truly multi- stakeholder and enjoy legitimacy across different stakeholder groups. The addition of a three stakeholder pillar voting structure in the General Assembly of the ICoCA further support multi- stakeholder decision- making, and provides a check on the Board against abuses of power. Develop Oversight and Assurance Mechanisms 43 ICoC, para. 5 (November 2010)

20 MSIs are increasingly developing oversight and compliance mechanisms to provide a measure of assurance that participating stakeholders are complying with the objectives and standards of the initiative. In order to accomplish this, MSIs are taking some innovative approaches, using the leverages of both reputation and market forces / supply chain to give their mechanism some real teeth. Identifying the pressure points where a multi- stakeholder governance model can wield some meaningful influence is key to developing effective oversight and accountability mechanisms, and to help ensure the effectiveness of the MSI. Examples of this include the ICoCA with its certification, monitoring and grievance functions, and GNI with its independent assessments. Importantly, these oversight and assurance mechanisms are not criminal accountability mechanisms, but can support both the prevention of crimes as well as help inform state judicial procedures by offering standards for how the private actor should operate. Determine Level of Transparency While full transparency is often called the ideal, most MSIs have some level of qualified transparency in order to support as much information- sharing from the target stakeholders as possible. FLA aspires to provide complete transparency on the information it collects from companies, while both the ICoCA and GNI filter the information they release publicly, and the Voluntary Principles restricts the bulk of the information it receives from its members to the initiatives participants. Of note, the ICoCA can use disclosure of information as a carrot / stick to encourage good faith compliance, protecting the information of even those companies that are not compliant so long as they work in good faith with the Association to remedy the non- compliance, but releasing information of their suspension or termination if they fail to remediate in good faith. Identify a Sustainable and Credible Funding Model Finally, it is important to identify a sustainable funding model that on one hand provides sufficient funds to carry out the objectives of the initiative, but on the other hand endeavours to support independence and credibility by not making it too dependent upon one stakeholder, in particular the one that is the target of the regulation. Most MSIs apportion funding among the different stakeholder groups taking into account the ability and means of the stakeholder to pay. Funding arrangements that depend largely on the industries that the initiative is trying to oversee have drawn LOOKING FORWARD: NEW HORIZONS IN MSIS? These lessons that can be learned from the experiences in MSIs / multi- stakeholder approaches to governance are interesting not only from the point of view of what they tell us about what has been done, but they also can offer guidance for future SSG endeavours where MSIs may be used to improve governance. One such potential area that has been receiving a lot of attention of late is that of cyber security / internet governance. Cyber security / internet governance shares many points in common with the other areas discussed in this paper. In like manner to the other initiatives presented in this paper, the area of cyber (human) security has recently been plagued with scandal arising from the revelations of governmental abuses 44 of privacy via the internet. In particular, members of the internet governance 44 In particular, the exposure of US information- gathering practices using the internet shared by Edward Snowden in 2013.