The Panama Papers leak shook society and seriously undermined public trust in both business and government. The Papers revealed how anonymous companies have been used to hide corruption, finance terrorism, help the wealthiest avoid tax and launder money made through criminal activities like human trafficking and the drug trade.
The majority of companies are used for legitimate purposes, but exposés like this and research conducted by groups like the Stolen Asset Recovery Initiative clearly demonstrate that corporate structures can also be used to facilitate unethical behaviour.
A legitimate aim and force for public good
Fortunately, governments across the world are starting to take action. In 2016, the UK became the first G20 country to establish a publicly accessible central register which shows who really owns and controls UK companies, sparking plans by several countries to follow suit. It’s an exciting move, which creates huge public benefit and can help both strengthen the social contract and market competitiveness.
As Robin Hodess, Director of Governance and Transparency at The B Team explains, “The corporate ownership data in public registers can be used to help ensure that companies are genuine rather than shells, with the aim of strengthening market integrity and increasing competitiveness.”
By making company ownership data open, easily accessible and publicly available, civil society, investigative journalists, law enforcement and other players can scrutinise data and combine it with other datasets, increasing the likelihood of spotting criminal activity. If publicly available, company ownership data can also streamline due diligence processes for financial institutions. Over time, public availability will improve data accuracy by enabling greater oversight and scrutiny. As public company ownership information becomes a global norm, it will deter actors from using corporate structures for questionable purposes out of fear of public exposure.
What about Privacy?
Despite the obvious public good in improving corporate transparency, some critics raise concerns that this infringes on the privacy rights of company owners. Anxiety about data protection is understandable in the wake of companies like Facebook exploiting personal data for commercial purposes. The right to privacy is linked to autonomy and dignity and it’s important to respect it.
However, as OpenOwnership’s Head of Policy, Zosia Sztykowski, explains, “Publishing information about who owns companies is fundamentally different. This is about changing the role that companies play in society. We often forget that the legal form that we call a company can’t exist without the state, and agreements between states. Therefore, they have the right, and even the responsibility, to ensure they serve the social good. Open beneficial ownership data can help do just that. All while also providing desirable incentives for legitimate businesses, including reducing their risk of being exposed to bad actors and supporting the stability of economies globally.”
Privacy is a critical right, yet it isn’t absolute. When someone has a substantial ownership stake in a company, they gain a whole range of benefits, including protection from personal liability. Surely, in exchange for this privilege, governments can make sure that companies are used for their intended purposes? In the name of prosperity and economic development, many countries have made it deliberately easy to open a company. This is all well and good, though unfortunately it’s had the unintended consequence of turning the corporation into an easily accessible escape vehicle for money launders. Governments must balance personal freedoms with a responsibility to create a fairer society.
Is it lawful to publish open beneficial ownership data?
Recent research from Engine Room, OpenOwnership and The B Team found that, according to a human rights legal framework, it is reasonable, lawful and effective to publicly publish beneficial ownership data in open data formats. In many countries, laws and legislation require the public disclosure of beneficial ownership information, exempting this information from data protection restrictions.
Where this isn’t the case, provided the beneficial owner gives consent, publication of this information remains legal even when data protection laws are in place as it serves a legitimate aim. When neither data protection laws nor legislation requiring the public disclosure of beneficial ownership information exist in a given jurisdiction, companies are free to disclose data about their beneficial owners, provided it doesn’t violate other legal principles like breach of confidence.
Perceived risks to publicly publishing information about who owns and controls companies include kidnapping, identity theft, blackmail or government interference. Such concerns are amplified in particular contexts, such as living under authoritarian regimes or being famous. To date, there are no documented examples of harm arising when company ownership information has been open and freely available, nor is there evidence that greater transparency has increased incidences of kidnapping or blackmail. Moreover, this risk is most serious when information has already been published online in other formats. Despite such risks being incredibly rare, we must take them seriously as their consequences could be grave and far-reaching.
So how can we mitigate these risks? Firstly, we must carefully consider justified exemptions, tailored to country context. Let’s be clear here: being wealthy is not reason enough to be granted an exemption. Yet being a vulnerable person, such as having a religion or sexual orientation not recognised by their country, could be. We need to ensure that a carefully designed and narrowly defined exemption process exists to allow those with legitimate security or privacy concerns to request that their details aren’t published in the public domain. Such applications could be verified and judged by an independent body. These exemptions are likely to be few and far between. Of the more than one million UK companies analysed by OpenOwnership and Global Witness, 270 entities claimed exemption with the government only granting five requests.
To comply with data protection laws, while mitigating risks and respecting an individual’s ultimate right to privacy, we need to ensure that the information we collect is proportional to our aims. In other words, we must publish the minimal amount of information needed to identify the true owners of companies-excluding information like residential addresses,which could potentially threaten security.
A Balancing Act
While we can’t foresee all the potential uses of this data, some of which may be unintended, organisations like OpenOwnership will work with information commissions to stay on the cutting edge of data use and responding rapidly to any unintended issues that arise.
As Zosia Sztykowski explains, “Privacy concerns must be taken seriously, but when the publication of open beneficial ownership data is implemented correctly, the key risks can be mitigated and should not be a barrier to enabling the significant commercial and public benefits it can bring about. This is a necessary step in fostering the greater openness that we need to reduce crime and corruption, stabilise markets and foster trust between governments, companies and the citizens they serve.”
A summary of the issues outlined in this article can be found below in the short report, entitled Privacy or Public Interest? Making the case for public information on company ownership, produced by OpenOwnership, The B Team and The Engine Room. A more detailed report is available here.
Photo by Markus Spiske