Differentiating Factors Typically, when assessing the downstream impacts of a company’s products and services, we 3 The most important considerations in evaluating focus on the end-user and the use case. the potential human rights impacts of SaaS services are who uses the service and how it is being used. In addition to these two external factors, some inherent characteristics of SaaS services related to their functionality and deployment may surface different human rights issues and provide various degrees of leverage to address them: open vs. closed platform, volume and sensitivity of data processed, level of automation involved, level of interoperability, cloud versus on-premises, sales model, level of customizability, level of substitutability. Each of these characteristics represents a spectrum; the risk profile of a SaaS service may change based on where it falls on these spectrums. Human Rights Impacts We identified five main areas of impact for B2B SaaS services: 1. Customer end-use: As they are positioned further up the value chain, one of the biggest risk areas for B2B SaaS services is customer end-use. Who uses the service, which country they are in, and what they use the service for may lead to drastically different human rights impacts. 2. Privacy and data governance: Most SaaS services rely on data input to serve their purpose. Which data is collected, how, and how that data is stored and used may impact the privacy of end-users and employees. 2 Human Rights Assessment of the Software-as-a-Service Sector
Human Rights Assessment of the Software-as-a-Service Sector Page 2 Page 4