The International Standards Organization (“ISO”) Social Responsibility Standard 26000 (hereinafter referred to as “ISO 26000”) is an attempt to standardize and codify the concept of social responsibility for organizations, including business. Like the E3 Plus Guidelines of the Prospectors and Developers Association of Canada (PDAC), ISO 26000 provides a high level summary of the elements of a corporate social responsibility (CSR) mandate for business. The purpose of this article is to provide an overview of ISO 26000 and consider how its implementation might relate to compliance with legal obligations.

ISO 26000 was developed through an unprecedented consultation process in terms of its inclusiveness and breadth. The standard is not without its critics. The International Organization of Employers (IOE) has expressed its view that social responsibility is too complex to be communicated in a standard, and that ultimately social responsibility should be enforced through national laws rather than employer self-regulation. Importantly, it should be understood that ISO 26000 is not a management system standard, and that no certification will be obtainable (as it is for other ISO management system standards).

The standard states that it is not intended as a basis for legal actions, complaints, defences or other claims in any international, domestic or other proceeding, nor is it intended to be cited as evidence of the evolution of customary international law. However, such caveats cannot remove the possibility that its contents, if adopted by businesses or industries, could be used as evidence of social responsibility "best practice." It is also conceivable that the standard could be used by national governments in the drafting of legislation related to social responsibility.

ISO 26000 provides definitions of key terms and an overview of the elements of social responsibility. "Social Responsibility" is defined as the responsibility of an organization for:  

  • the impacts of its decisions and activities on society and the environment;  
  • transparent and ethical behaviour that contributes to sustainable development including health and the welfare of society;  
  • taking account of the expectations of stakeholders;  
  • being in compliance with applicable law and consistent with international norms of behaviour; and  
  • integrating social responsibility throughout the organization and practicing it in relationships with stakeholders.

The social responsibility of an organization is said to extend to its "sphere of influence" which encompasses a geographic area, or political contractual or economic relationships across which an organization has the ability to affect the decisions or activities of individuals or organizations.

Social responsibility entails "Accountability" which necessitates accountability for impacts on society and the environment of the organization, and an acceptance of "appropriate scrutiny" with a concomitant "duty to respond" to criticism of organizational practices. "Transparency" is also required by the standard, and should be provided with respect to the purpose, nature and location of an organization's activity, the manner by which decisions are made, implemented and reviewed, as well as the roles responsibilities and accountability across the organization.

Organizations are also required by the standard to demonstrate "respect for human rights." This is said to involve recognition of the importance and universality of human rights, as embodied in international and domestic legal frameworks.

ISO 26000 encourages the identification of "standards and criteria" to evaluate performance. The content of such standards are generally left open. The standard expects organizations to establish oversight mechanisms and controls to monitor and enforce such standards, and to facilitate reporting of unethical behaviour without reprisal.

Respect for rule of law is flagged as essentially important to the achievement of social responsibility. Laws include those that are written, publicly disclosed and fairly enforced according to established procedures. Laws also include international norms of behaviour, and custom. Organizations should avoid "complicity" with authorities that act in defiance of law or international norms. Complicity may occur by act or omission, when an organization benefits from or stays silent about, an illegal act they knew or should have known would result in substantial negative impacts on the environment or society.

Organizations implementing CSR practices, through this standard or otherwise, should consider the following:

  • standards like the ISO 26000 are useful guidelines, but are not blueprints for social responsibility;  
  • voluntary commitments may give rise to legal obligations and should not be made without proper understanding of how they will be implemented and their associated risks and benefits;  
  • a social responsibility mandate is complicated and involves consideration of legal, customary and transnational rules - to be effective and avoid unnecessary liability such norms must be adequately mapped and understood prior to making commitments and in the implementation of a social responsibility plan; stakeholder engagement is an essential element of social responsibility and communication, transparency and accountability should be the focus of any such endeavour;  
  • however, enhanced engagement, transparency and accountability creates inherent risks (legal, political and business related) that should be fully understood in the implementation of a social responsibility program; and  
  • compliance with law and legal expectations affecting environmental and social issues will be the foundation of any social responsibility program.