Due Diligence and Civil Liability: Comments from multi-stakeholders

About the authors: Christopher Patz is a Policy Officer at the European Coalition for Corporate Justice (ECCJ), which works to develop a European framework for human rights and environmental due diligence whilst enhancing accessing judicial remedy for victims. Previously he worked on judicial and non-judicial cases against European brands and private auditors for their involvement in factory fires and collapses in South Asia, which he documented in the film Discount Workers. He holds an LLB and Graduate Diploma in Legal Practice from the Australian National University.


With the long-awaited passage of the European Parliament’s Corporate Due Diligence & Corporate Accountability legislative report the EU co-legislator has, for the second time in six months, officially called on the European Commission to bring forth EU Due Diligence legislation with improvements on access to judicial remedy for victims; specifically civil liability rules for harm occurring in the value chains of EU companies.

The Corporate Due Diligence legislative report duly acknowledges that the right to effective remedy is an internationally recognized human right; that remediation for harm is part of the corporate duty to respect human rights; and that States have an obligation under Pillar III of the UNGPs to enhance access to judicial remedy for victims of corporate abuse (Recital 55). It clearly states an object of the legislation is to provide for a value chain civil liability regime in order to ensure victims’ access to remedies (rt 1.3).

It provides for a civil liability regime (Art 19.2) whereby a European company is liable for any harm arising from adverse impacts to human rights, the environment or good governance (e.g. through bribery or corruption) that it; or a company that it controls; has caused or contributed to; by acts or omissions.

In devising this civil liability regime, the report imports definition from the OECD Due Diligence Guidance and EU Competition law, namely the notion of ‘contribute to’ (Article 3(10)) and “control” (Article 3(9)) respectively. These are not definitions currently commonly used in Member State courts in civil liability cases. By intentionally introducing these specialized terms in the context of civil liability together with their definitions, the parliament is giving a clear indication of what harm scenarios it expects to see covered by future civil liability provisions of the forthcoming EU due diligence directive.

Liability Scenario 1: A company’s own causation of harm

The report affirms the status quo in all EU jurisdictions that a company is liable for any harm that it itself has caused.

Liability Scenario 2: A company’s own contribution to harm

The report provides that a company is liable for any harm that it has contributed to in its value chain.

The notion of contribution to harm originally derives from the UNGPs which distinguishes it from causing harm. The parliamentary report uses the OECD definition, which covers activities of a company that, together with those of another entity, cause harm; or activities of a company that facilitate or incentivize another entity to cause harm. The report therefore foresees a company will be liable for harm caused by any other entities in the value chain that it itself has facilitated or incentivized. The mere existence of a business relationship, or activities which create the general conditions in which harm is made possible, is not enough for ‘contribution’ to harm. Rather the act or omission in question should “substantially increase” the risk of harm by another entity. Factors to be taken into account include (i) the degree to which the company’s activity increased the risk of the harm occurring; (ii) the foreseeability of the harm; (iii) degree to which the company actually mitigated the harm by the other entity.

A company’s predatory purchasing policies that put severe pressure on supplier factories are acts that substantially increase the risk of harm to workers by a factory’s management; such policies facilitate and incentivize harm to workers in the form of gross (often unpaid) overtime and resulting workplace accidents (a foreseeable and well-documented result of said purchasing practices), and can thus amount to contribution. An OHCHR report finds that changing product requirements for suppliers at the eleventh hour without adjusting production deadlines and prices can push suppliers to breach labour standards in order to deliver.

Likewise, an omission to adequately monitor a supplier factory for proper fire safety measures would substantially increas the risk of harm to workers; facilitating and incentivizing lax workplace fire preparation by the factory management. That fire would result as a result of the omission is, in various sectors in many countries, sadly and totally foreseeable.

Liability Scenario 3: Liability for harmed caused by a controlled entity

The following two scenarios may be conceived of as a vicarious liability regime, whereby one entity is deemed responsible for the harm of another, similar to that of an employer/employee relationship in law.

“Control” in defined as the possibility of one company to exercise decisive influence over another, in particular by ownership of the latter’s assets; or contracts or other means that confer decisive influence on the latter’s decision-making bodies and processes, with regard to all factual circumstances.  The definition derives from EU competition law and would easily cover wholly or majority-owned subsidiaries; whereas for minority-owned subsidiaries this would depend more heavily on the facts. Noteworthy perhaps in light of recent judicial developments is that Royal Dutch Shell owned only 30% of its Nigerian subsidiary; and that in emerging UK jurisprudence ‘control’ is not understood as strictly as a determining factor in establishing a duty of care.

The parliament’s report provides that prima facie evidence of ‘control’ by victim claimants will shift the evidentiary burden onto the company in order for it to then produce evidence in its own possession to the contrary (recital 53).

By virtue of the report’s provisions, a European oil company which either controls or has the possibility to control a foreign subsidiary could be liable for harm the result of oil spills caused by the foreign subsidiaries’ operations.

Liability Scenario 4: Liability for a controlled company’s contribution to harm in the value chain

A company will also be liable for the harm that has been contributed to by a company that it controls or has the possibility to control. That is to say, an EU company will be liable for any harm by a third party that its foreign subsidiary either facilitated or incentivized, by way of act or omission. As above, the controlled company’s acts (e.g. purchasing practices) or omissions (failure to adequately or regularly guarantee factory fire safety measures) must substantially increase the risk of the harm by the third entity; said harm ought also be foreseeable.

According to the report’s provisions, a European mining company could therefore be liable for the harm perpetrated by a local security company employed by its foreign subsidiary. The foreign subsidiary’s omission/failure to take adequate measures to ensure that the security force does not commit acts of (sexualized-)violence, substantially increased the risk of the harm to local indigenous communities by the latter. Again, sadly and unfortunately such harm is foreseeable in various countries all over the world.

Each of these case scenarios has been argued before courts by victims and each has failed due to well-know barriers to justice. In fact of roughly 35 cases brought in the last decade against EU companies in EU courts for human rights harms in third countries, just one civil liability case has succeeded on the merits. It is the reason we have pillar III of the UNGPs and it is the reason these provisions have been drafted by the JURI committee and adopted by the European Parliament; in order to correct this dramatic State failure. On the basis of the report’s provisions, all of these case scenarios are intended to be covered. The Commission’s proposal must of course ensure that to be the case. 

In response to the above cases, the report makes clear that having a due diligence strategy in place and conducting due diligence will not per se automatically absolve companies from liability (Art. 19.1; Recital 52). It nonetheless provides companies the opportunity to defend themselves from liability if they can prove all due care to prevent the harm was taken, or that the harm would have occurred despite them having taken all due care (Art. 19.4). Obviously each case would be highly fact sensitive and require various determination by judges.

Finally, it also provides that these provisions should apply in cases brought by foreign claimants by virtue of an overriding mandatory provision, regardless of the applicable law (i.e. the law of where the harm occurred). Given that the stated objective of the legislation is to enhance access to remedies for victims (Art 1.3) it would be contrary to the objective of the report if the effect was to displace the application of foreign law where in fact that would provide a better remedy for victims. This question implies that future amendments to Rome II Regulation on applicable law will be necessary. The report also requires that statutes of limitations do not represent a barrier to bringing transnational corporate abuse claims (Art ; recital 54); as has tragically been the case in numerous recent cases.


Suggested citation: C. Patz “Due Diligence and Civil Liability: Comments from multi-stakeholders”, Nova Centre on Business, Human Rights and the Environment Blog, 18th March 2021.