Before addressing my specific topic – civil liability of companies for human rights abuses by their subsidiaries and by contractors and sub-contractors in their value chain – it is important to consider the purposes of civil liability and how best to achieve them.
I refer to civil liability in the common law sense: liability adjudicated in a lawsuit brought by a person allegedly harmed by a legal wrong, against the responsible party, seeking reparation, which generally includes monetary compensation for injuries.
The main purposes of civil liability are twofold: to deter wrongdoing and to provide reparations for victims. However, greater benefit for human rights is likely to be achieved by the first purpose than by the second. In business and human rights civil litigation, as in many other fields, the maxim that an “an ounce of prevention is worth a pound of cure” holds true, for two reasons.
First, prevention can succeed – more often, for more beneficiaries – than after-the-fact litigation. If companies know that they may be sued for abuses for which they are directly or indirectly responsible, and will thereby pay a significant cost, they will be more likely to make serious efforts to avoid the abuse. Those efforts will benefit, not only a person or group who might be able to sue the company and prevail, but all persons potentially affected by the abuse.
The credible risk of civil lawsuits can be an important incentive to prevention. The potential costs of litigation can be significant. Even if a company being sued eventually wins, costs may include adverse publicity; potentially expensive attorney’s fees; and distraction of executive time and attention away from managing the business. And if the company loses, additional costs may include, for example, orders to pay money damages or to pay for improvements; loss of operating licenses; ESG rating agency down-gradings; and restrictions on access to debt and equity financing.
The credible risk of incurring such costs may prevent more abuses than would be remedied by any eventual lawsuits. Experience has shown that transnational civil litigation for business abuse of human rights rarely succeeds, for a variety of legal and practical reasons. Legal difficulties may include, among others, inability to pierce or circumvent corporate veils or to trace the chain of causation through the value chain to a parent corporation; inability to access internal corporate documents and even to establish corporate ownership and controls; and jurisdictional issues.
Even if legal obstacles were somehow overcome – for example, if a UN treaty on business and human rights with ambitious legal provisions for civil liability were to be adopted by a critical mass of States – the practical issues would remain daunting. How will victims fund their litigation in countries without legal aid programs or where legal aid is inadequate? Even if they obtain some funding, how will they achieve equality of arms in a suit against a well-financed corporation retaining a battery of high-priced lawyers? How can claimants hold down and manage the high costs of transnational fact-finding and language translation and interpretation?
In short, if companies can be incentivized to prevent abuse, far more potentially affected persons are likely to be protected from abuse than the comparatively small numbers who could successfully bring civil lawsuits for reparations.
Class actions affect but do not alter this comparison. In those countries where class action litigation is permitted, large numbers of affected persons could, in theory, obtain reparations. But even in class actions, the practical constraints of funding, costs, and equality of arms generally remain, in addition to the complications of giving notice to class members and meeting the procedural requirements of varying national laws.
A second reason to favor ex ante prevention over ex post litigation is that in most cases reparations cannot fully repair the damage caused by serious violations of human rights. For example, no amount of money can truly compensate for the loss of a loved one who perishes in a building collapse like that of Rana Plaza in Bangladesh in 2013. Nor could reparations make whole a person afflicted by serious, life-long health problems as a result of environmental contamination.
How, then, can we design a system of civil liability that can achieve both purposes – deterrence and reparation – while prioritizing deterrence, because it will likely produce a greater benefit in human welfare?
There are two general approaches to civil liability. One is a fault-based system. This has the advantage of seeming fair and just to most people. If corporate counsel (whether in-house or external) advise management that the company can be held liable only if it is at fault in causing injury, most executives (like most people) will recognize that this approach is fair. They may seek to avoid liability even though their company is at fault, but they will recognize that imposition of liability would not be unfair. They may even be more open to a settlement of the case on reasonable terms. In any event, they are less likely to resist a fault-based liability scheme than one which holds their company liable even when its conduct is above reproach.
Moreover, in practical terms, counsel’s advice to a corporate client on how to avoid liability in a fault-based system is relatively simple: avoid fault. Exercise due diligence and take reasonable measures to prevent human rights abuses. If there is no way to conduct a business activity without serious risk of being complicit in abuse – say, by attempting to do business under the current repressive military regime in Myanmar – the company can avoid civil liability by declining to enter the country, or perhaps by leaving if it is already there.
For both reasons – perceived fairness and a practical way to avoid civil liability by avoiding abuses – a fault-based system is likely to encourage prevention of business-related human rights abuse.
The main alternative to a fault-based system is, in effect, a system of “strict lability”: the company can be held civilly liable even if it is not at fault. In such a system, what incentive does a company have to behave responsibly, since it will be held liable either way – whether or not its conduct is responsible? A system of strict liability reduces the incentives to behave responsibly. It also increases incentives to avoid investing in problematic countries where risks of human rights abuses are significant, since the investing company could not avoid civil liability even if it did everything within reason to prevent abuses.
One can justify a system of strict liability in principle by characterizing it as a system for allocation of risk. Under this approach, if business activities lead to human rights abuses, imposing liability on a faultless company is simply a matter of allocating the costs of injuries – to an affluent company rather than to the often penniless residents of an affected community, or to workers who can barely get by on the scant pay they receive.
Many domestic legal systems employ some form of strict liability, for example, with regard to inherently dangerous activities such as use and transport of dynamite. But in designing a system of civil liability for business activities generally, both perceived fairness and smart incentives, for the reasons stated above, favor a fault-based system over a system of strict liability.
In the case of the draft UN treaty on business and human rights, there are also diplomatic reasons to prefer a fault-based system of civil liability. Even without a scheme of strict liability, it will be difficult enough to persuade States – many of which pay close attention to business constituencies – to join a treaty that would expose business to civil liability. With important exceptions, business will most likely continue to oppose a treaty even if it adopts a fault-based system of civil liability. However, a treaty with a fault-based system will at least deprive business of an easily articulated argument that a treaty imposing strict liability would be unfair to business.
In other words, the odds of attracting a critical mass of States to join a treaty will improve if the civil liability provisions of the treaty are fault-based, rather than imposing liability even in the absence of fault.
That brings me to the key provision of the current draft UN treaty that addresses the responsibility of a company for human rights abuses committed by its subsidiaries or by contractors and sub-contractors in its value chain. Draft Article 8.6 of the Third Revised Draft (2021) of the proposed treaty provides, in the language relevant here, that a company can be civilly liable for “failure to prevent another […] with whom they have a business relationship, from causing or contributing to human rights abuses, when the former controls, manages or supervises such person or the relevant activity, [or] should have foreseen the risks of human rights abuses in the conduct of their business activities, […], or in their business relationships but failed to take adequate measures to prevent the abuse.”
This language seems to hold a parent or lead company liable for abuses in its value chain in two situations: (1) where it “controls, manages or supervises” an entity or activity, and (2) where it foresees risks of abuses but fails to take adequate measures to prevent them.
From the point of view of a fault-based system of civil liability, there are problems with both prongs. Under the first prong, a company could be held liable for abuses it could not have foreseen whereas, under the second prong, a company could be held liable for abuses it could not have prevented.
Consider the first prong. Suppose a parent company carries out world-class, state-of-the-art human rights due diligence, but still fails to anticipate a future abuse which could not reasonably have been foreseen. As draft Article 8.6 is now worded, the company could be held liable, so long as it “controls, manages or supervises” an entity in its value chain which caused an unforeseeable adverse human rights impact. In other words, the first prong of Article 8.6 is not a fault-based system. It omits the element of foreseeability.
Unlike the first prong, the second prong does require foreseeability; it holds companies liable only for abuses they “should have foreseen”. However, as presently worded, it does not appear to require that a company had the capability to prevent the abuse. For civil liability, it requires only that the company “failed to take adequate measures to prevent the abuse.” But what if the company had no capability to prevent the abuse? Recall that, under this prong, the parent or lead company need not control, manage, or supervise the entity committing the abuse. Suppose the parent company took all the measures it could to prevent the abuse, but the measures were not adequate to prevent the abuse.
For example, the parent company may have requested the entity in its value chain to take measures to avoid the abuse. Or it may have invoked a contractual due diligence clause to require the entity to avoid the abuse. It may even have threatened to terminate its business relationship unless the entity acted to prevent the abuse. Even so, in any of these situations, the entity might simply refuse to comply with the request or accede to the threat of adverse legal or business consequences. Perhaps local law even prohibits the entity from conforming its conduct to international norms. (Consider, for example, laws mandating discrimination against women in Saudi Arabia or restricting internet privacy in China.)
Yet, in these situations, despite the parent or lead company having done all that it could to prevent the abuse, the objective result is that it failed to succeed. Under the second prong of draft Article 8.6, the company will have “failed to take adequate measures to prevent the abuse.” The company could be held civilly liable in damages for its failure.
Granted, the language of the second prong is arguably ambiguous. Perhaps it is intended to impose, not an obligation of result – to prevent the abuse – but only an obligation of means – to take measures reasonably within the capability of the parent company, even if they are not adequate to prevent a foreseeable abuse. As currently drafted, however, the second prong is open to the interpretation that it imposes an obligation of result – to prevent the abuse, regardless of whether a company has the capability to prevent it.
Fortunately, if there is will by the drafters, the issues I raise are easily remedied. On the first prong, inserting the words “reasonably foreseeable” before “human rights abuses” would cure the problem. On the second prong, inserting the words “reasonably within their capability” after the word “measures” would eliminate the ambiguity.
Such an approach would be consistent with the United Nations Guiding Principles on Business and Human Rights. The Commentary to Principle 22 makes clear that companies do not have a responsibility to remediate adverse impacts on human rights caused by contractors and subcontractors in their supply chain. The Commentary states as follows: “Where adverse impacts have occurred that the business enterprise has not caused or contributed to, but which are directly linked to its operations, products or services by a business relationship, the responsibility to respect human rights does not require that the enterprise itself provide for remediation, though it may take a role in doing so.” (Italics added.)
Companies are thus not “require[d]” to remediate abuses caused by their contractual or sub-contractual suppliers. On the other hand, the situation is more complicated in regard to subsidiaries. The Commentary states that, where a business enterprise itself causes or contributes to an adverse human rights impact, even one that, “with the best policies and practices”, the enterprise “has not foreseen or been able to prevent”, the responsibility to respect human rights “requires active engagement in remediation” by the enterprise.
This refers to a parent company’s own conduct. It is not clear whether this vague language also applies to subsidiaries (regardless of whether they are first level or lower-level subsidiaries). However, short of the parent company’s divesting the subsidiary, the legal relations between parents and subsidiaries do not necessarily give a parent the ability to control the conduct of a subsidiary. A subsidiary is a separate corporation, with a separate board of directors, who may or may not overlap with executives or board members of the parent. The percentage of ownership by a parent in a subsidiary may vary, as do contractual provisions governing the extent to which a parent can or does supervise a subsidiary. Nor is it clear that the “active engagement in remediation” required of a company, parent or otherwise, necessarily entails civil liability and reparations.
These ambiguities are not a problem where legal liability is not at issue. The flexibility they afford may even be an advantage in a set of Guiding Principles. However, a legally binding treaty requires greater precision in language imposing civil liability on companies. The rule of law requires that persons subject to a law be given reasonably “clear” notice of what conduct is prohibited and what conduct is required by the law.
Nonetheless, some representatives of victims advocate a treaty that would impose civil liability on companies regardless of fault. Although intended to protect victims, incorporating such strict liability could stand in the way of achieving any treaty at all. Moreover, if a treaty imposing liability regardless of fault were to be adopted by States, it could weaken the incentives for business to conduct serious human rights due diligence. Yet human rights due diligence, executed seriously, will likely prevent far more abuses than are likely to be remedied – once harm has already been inflicted – by any scheme of civil liability.
 See, e.g., Report of the UN High Commissioner for Human Rights, Improving accountability and access to remedy for victims of business-related human rights abuse, 10 May 2016, doc. A/HRC/32/19, § 2: “At present, accountability and remedy in such cases is often elusive.”
 See generally, R. Meeran and J. Meeran (eds), Human Rights Litigation against Multinationals in Practice, Oxford, Oxford University Press, 2021.
 See, e.g., C. Warren-Smith et al. (eds), Class and Group Actions Law and Regulations 2022, International Comparative Law Guide, acessible online at https://iclg.com/practice-areas/class-and-group-actions-laws-and-regulations.
 See, e.g., All Answers ltd, Fault Is the Cornerstone of the Tort Law, December 2021, accessible online at https://www.lawteacher.net/free-law-essays/contract-law/fault-is-the-cornerstone-of-the-tort-law-contract-law-essay.php?vref=1.
 See, e.g., United Nations Guiding Principles on Business and Human Rights, Principle 19 Commentary: “There are situations in which the enterprise lacks the leverage to prevent or mitigate adverse impacts and is unable to increase its leverage. Here, the enterprise should consider ending the relationship, taking into account credible assessments of potential adverse human rights impacts of doing so.”
 In common law systems, strict liability is often said to have been first recognized by the British Law Lords in Rylands v. Fletcher, L.R. 3 H.L. 330 (1868).
 For a theoretical analysis, see Marl Geistfeld, “Risk Distribution and the Law of Torts: Carrying Calabresi Further”, Law & Contemporary Problems, vol. 77, n° 165, 2014.
 See generally the statements of business support for mandatory human rights due diligence in Companies and Investors in Support of mHRDD, accessible only at https://www.business-humanrights.org/en/big-issues/mandatory-due-diligence/companies-investors-in-support-of-mhrdd/.
 World Justice Project, The four universal principles [of the rule of law], accessible at https://worldjusticeproject.org/about-us/overview/what-rule-law. The four principles “were developed in accordance with internationally accepted standards and norms, and were tested and refined in consultation with a wide variety of experts worldwide.”