Technology companies typically begin to think about corporate social responsibility in the context of "giving back to the community" once they have become large, established market players with a track record of profitability. This is far from an ideal approach to CSR, however, because having a proper CSR framework in place right from day one can young companies avoid problems that can stymie their growth or tarnish their reputation permanently.
Consider, for example, the many networking hardware companies that manufacture products intended to block out inappropriate Internet content at work and at home, only to find that their products are being used to repress human rights in a country where they have never done business before. Or consider the social networking site that changes its terms of service in a way that it thinks is entirely innocuous, but which its users find to be an unacceptable invasion of their privacy. In both circumstances, not having processes in place to predict and avert the human rights consequences of routine business decisions can permanently harm a company's reputation with key stakeholders -- including customers and investors.
Early stage technology companies don't need elaborate corporate social responsibility policies, but they do need to keep three things in mind:
First, they needed to consider the human rights impacts of every new product they make in every new market where it is sold or potentially accessible.
Second, they need to build “privacy by design” by minimizing data collection and incorporating encryption and anonymization technologies to the greatest extent possible.
Third, they need a plan for responding to government requests and dealing with other situations that weren't or couldn't be anticipated. The plan does not need to detail every aspect of the response, but it should identify the key internal and external stakeholders who should be consulted in dealing with the situation.
Having even a basic corporate social responsibility framework in place not only helps young companies avoid incidents that cause them repetitional harm, but it also engenders confidence among users and investors that the company can respond in a thoughtful manner to the many challenges it will inevitably face in the future.