Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Privacy The Almighty Buck

Indian Call Centre Worker Sells Customer Details 425

lxt writes "A British tabloid newspaper managed to buy the personal details of over 1000 bank customers from an off-shore call centre based in Delhi. An IT worker at the call centre handed over details at £4.25 per customer, as well as credit card numbers and account passwords. He claimed could sell over 200,000 account details every month. The British police force has passed on details to Interpol and the Indian authorities, in an attempt to prosecute the individual. The BBC is also covering the story."
This discussion has been archived. No new comments can be posted.

Indian Call Centre Worker Sells Customer Details

Comments Filter:
  • Well (Score:5, Insightful)

    by kutsu119 ( 883719 ) on Thursday June 23, 2005 @09:36AM (#12888620)
    Well, it was to be expected, outsourcing the jobs to a low paid area - workers that are paid fairly are less likely to cheat their employees.

    Get rid of the call centers, keep them in the country that they expect to be dealing with (UK call centers for UK clients etc)
    • Re:Well (Score:5, Insightful)

      by muellerr1 ( 868578 ) on Thursday June 23, 2005 @09:39AM (#12888657) Homepage
      Like this could never happen in the US or the UK. Nobody wants this sort of thing to happen, least of all the Indian government. They like the influx of foreign money, and they'll work hard to keep the foreign companies happy and safe to keep that money flowing in. Or at least the appearance of being happy and safe.
      • Re:Well (Score:5, Insightful)

        by aml666 ( 708712 ) on Thursday June 23, 2005 @09:49AM (#12888748) Homepage
        It's true that this can and has happened in the US (aol...). The difference is that when you do a crime in the US, the FBI and local agencies have jurisdiction.

        When crime happens to US citizens in a foreign country, we report it and hope for the best. If it happens here (US) the various agencies can force the company to change practices and enforce corporate security.
        • Re:Well (Score:4, Insightful)

          by broelofs ( 620664 ) on Thursday June 23, 2005 @01:13PM (#12891357)
          This is nothing. Wait until outsourced software gets resold by the developers in India or China. The hiring companies IP will go right out the window and be resold to ten different companies for a pittance. Then the execs at the original company will cry fowl but who are they going to complain to? The foreign government? I don't think so. The U.S. government? Nope. The U.S. can complain, but the horse already left the barn. The original hiring company will have no recourse. Their precious IP is now gone all in the effort to get a better development deal. How good will the deal be then?
      • Re:Well (Score:4, Insightful)

        by I confirm I'm not a ( 720413 ) on Thursday June 23, 2005 @09:50AM (#12888760) Journal

        Like this could never happen in the US or the UK

        My thoughts exactly. And I'd suggest that the number of UK call-centre employees being paid "fairly" is debateable - high if you believe the employers, low if you believe everyone else. This kind of crap strikes me as racism: unscrupulous employees exist in every country of the world; bad wages exists in every country; opportunities to commit fraud exist everywhere. I really hope this "outsourcing means Johnny Furrinner is stealing my job" crap is going to end soon, so we can focus on (all) our working conditions.

        (Aside: I'm an "economic migrant" working in the UK. Originally from NZ, I've lived in the UK since 1979 and in Glasgow since 1990. I've encountered far less racism/hostility than many Glaswegians, simply because I'm white and my accent sounds Scottish - and not the Asian-Scottish that makes many Scots a target for racist tossers).

        • Re:Well (Score:3, Insightful)

          by Alcilbiades ( 859596 )

          What I think people are saying is that there seems to be a higher amount of information sales now that companies have outsourced. And without jurisdiction we don't like it. Not that Indians are more criminally active just that they know and we know the reason they have a job....they will be getting paid the lowest salary of anyone in the world for doing their job and they know it won't improve cause the company will just pack up and leave.

          • What I think people are saying is that there seems to be a higher amount of information sales now that companies have outsourced.

            Aye, I accept that, and I accept that we want/deserve some oversight to prevent problems like this occuring. (I've been annoyed by the DVLA - Britain's driver and vehicle registry - being outsourced before; couldn't reschedule my driving test due to language issues ;-) I just resent the typical Slashdot rage against the tragedy of it all, when any other aspect of capitalism -

        • Re:Well (Score:3, Funny)

          by Dogtanian ( 588974 )
          I'm an "economic migrant" working in the UK. Originally from NZ, I've lived in the UK since 1979 and in Glasgow since 1990.

          Let me guess; you got fed up of the sheep and endless rain in NZ and decided the west coast of Scotland was the best place to be?

          Oh, hang on...
      • by arete ( 170676 ) <areteslashdot2.xig@net> on Thursday June 23, 2005 @10:52AM (#12889361) Homepage
        The disease is a lack of responsibility of all kinds across our culture. Corporate execs should be personally responsible for known bad practices followed for slightly financial gain on their watch, for instance - a sense of good practices would then be taken personally by those officers.

        This is a problem exacerbated by outsourcing and also one reason FOR outsourcing this sort of thing. But it is not a problem particular to _offshoring_ - the problem is with companies' belief that contracting the work gets them free from responsibility for managing the safety of their customer's data - which they aren't very good at anyway. Offshoring makes legal enforcement trickier, but that's really not nearly the prime problem here.

        What you need is a legal system providing substantial penalties to the banks - or anyone else collecting similar information - if they "lose" your data. These penalties should start with statutory minimum class-action penalties which automatically increase over several years and then add corporate officer liability in cases of negligence, not just malice.

        Then, offshored or not, outsourced or not, they'll FIND a way to keep your information safe.

    • Re:Well (Score:2, Insightful)

      by Anonymous Coward
      workers that are paid fairly are less likely to cheat their employees [sic].

      Yeah Right.

      So that is why Barings Bank, Enron, Worldcom/MCI and other pillars of trustworthiness only exist in high paid sectors?

    • Gimme a break (Score:2, Informative)

      by Yankel ( 770174 )
      This is only making news because it's an offshore company for a Western financial institution. Maybe because companies are now supposed to tell their clients when their personal information has been compromised (which has *never* happened in house, right?).

      Is it that the low-paid workers are more likely to steal, or, that these offshore companies just have less security, and a less-thorough recruitment process? Problem that domestic businesses deal with as well.

      Enron and Parmalat have shown us that no mat
      • Re:Gimme a break (Score:3, Insightful)

        by coolsva ( 786215 )
        Its also because here in the US any one person does not usually have access to all the data. Along with outsourcing, came consolidation of job responsibilities, so the single person on the other side of the line has access to all the data to function more effectively
    • Re:Well (Score:5, Insightful)

      by AnObfuscator ( 812343 ) <onering@nOSpaM.phys.ufl.edu> on Thursday June 23, 2005 @10:00AM (#12888863) Homepage

      Not really. Halliburton, Enron, Aldelphia, AOL Time Warner, Arthur Andersen... All these scandals were pulled off not by disgruntled underpaid employees, but by high-paid execs.

      It's like the old quote, "how much money is enough? A little bit more." Basically, you can't *pay* someone to be honest. If someone is greedy, more money won't satisfy him.

      also, I'd like to point out that the workers in idea *are* being paid fairly. A fair wage is based on cost-of-living for where you live. Thus, they make *great* salaries compared to most of their countrymen. Their standard of living is *high* for their region. Most of them are quite grateful for their comparatively high-paid jobs.

      • Re:Well (Score:4, Informative)

        by jskiff ( 746548 ) on Thursday June 23, 2005 @11:38AM (#12889940) Homepage
        Halliburton, Enron, Aldelphia, AOL Time Warner, Arthur Andersen... All these scandals were pulled off not by disgruntled underpaid employees, but by high-paid execs.

        One of these kids is not like the other. Arthur Anderson's conviction was overturned by the Supreme Court. [cnn.com]
      • Re:Well (Score:3, Insightful)

        by Jeremy Erwin ( 2054 )
        The US enforces a minimum wage of IIRC $5.15 per hour. However, the law also allows restaurants to pay their waiters as little as $2.13 per hour, with the expectation that tips will make up the difference.

        Similarly, in some societies, certain functionaries are paid a small salary, with the expectation that bribes will make up the difference, In some economies (perhaps dominated by hyper-inflation) , the honest worker may not receive enough money to pay his living expenses.

        Certainly, Enron executives were
  • 200,000 accounts at $7.75 US would be 1.5 million per month. Nice side business.
  • Bring back (Score:5, Funny)

    by datadriven ( 699893 ) on Thursday June 23, 2005 @09:37AM (#12888630) Homepage
    ... the barter system. This newfangled electronic stuff just isn't working out.
  • So thats why... (Score:2, Interesting)

    So thats why outsourcing call centers to India is so cheap...
    • by daniil ( 775990 )
      That's not the reason why outsourcing call centers to India is so cheap. The real reason is your horrible (ie nonexistant) sense of humour that all the people calling you for support simply could not take. All the people in India, however, have a great sense of humour, making it a pleasure to go through the tedious troubleshooting process with them. There are so many qualified call center employees living there that the competition keeps the prices way down.
  • Lowest bidder indeed (Score:5, Interesting)

    by tomstdenis ( 446163 ) <tomstdenis@gAUDENmail.com minus poet> on Thursday June 23, 2005 @09:37AM (#12888636) Homepage
    Looks like someone in India is trying to improve their "standards of living". Now either people in India/China/etc get paid more or there is just going to be more people stealing.

    In other words, "the jig is up".

    I'm not saying "people from India are criminals". I'm saying someone [anywhere] who is paid like shit to do a job is likely going to try and supplement their income. This could [and has] just as easily happen in Canada or the states.

    Tip of the iceberg...


    • I'm not saying "people from India are criminals". I'm saying someone [anywhere] who is paid like shit to do a job is likely going to try and supplement their income.

      Adelphia Cable? Enough said.
    • by metlin ( 258108 ) * on Thursday June 23, 2005 @09:47AM (#12888733) Journal
      Well, this is where big companies come in.

      At the peak of the outsourcing boom, people were outsourcing to just about any random company without running through their credibility or history.

      As a result, they ended up having contracts with people who didn't care all that much about their data, or what it meant. This is another example of why that's so screwed up.

      Now, things will even out. All the smaller outsourcing firms will lose out and only the big players will remain - they may charge more, but they also pay more and will usually have procedures in place that will prevent this sort of thing.

      This is a good thing, because things will even out, some may choose to go to another firm, or some may come back here to the US. Either way, the market will eventually stabilize.
      • Quality. (Score:3, Insightful)

        As a result, they ended up having contracts with people who didn't care all that much about their data, or what it meant. This is another example of why that's so screwed up.

        Now, things will even out. All the smaller outsourcing firms will lose out and only the big players will remain - they may charge more, but they also pay more and will usually have procedures in place that will prevent this sort of thing.

        So you are saying that greedy managers everywhere have yet again been reminded of something the r
    • Nah, it mostly happens in places like India and China, since the grunts on the ground feel far enough removed from potential backlash that they can sneer and act with impunity.

      Over in the first world, we know exactly what response our employers will have to such fraud and corruption, and it involves fines and imprisonment.

      Its just a question of accountability, actual and perceived.

      • by tomstdenis ( 446163 ) <tomstdenis@gAUDENmail.com minus poet> on Thursday June 23, 2005 @09:59AM (#12888850) Homepage
        That's the dumbest thing I've ever read. Fraud is illegal in India [many codes]. In particular [IANAIL but...] section 423 of the Indian Penal code seems to deal with this. It's two years in prison. ;-)

        Use a google search engine next time.

      • Over in the first world, we know exactly what response our employers will have to such fraud and corruption, and it involves fines and imprisonment.

        India has a legal system too, but there as is happening here, people in despondent conditions don't care much for the consequences of law. A large middle class has something to lose, hence is very easy to keep subject to the law. As Americans get poorer, the threat of losing their homes and losing their jobs will lessen as they increasing move into shitty
    • From what I have read and seen on the TV although Indian Call Centre workers are low paid in relation to their equivalent in the West in relation to the standard of living they can enjoy from their wages they are at least the equal if not better off than their Western counterparts.

      This being the case the only reason we are not reading about a worker in a Call Centre in Edinburgh selling private information is because The Sun has not been up to Edinburgh with a suitcase of cash and offered it to anyone.

      • Yeah their wage WAS good. I've been saying this forever but the standard of living is going up.

        They have more money than the average joe. So they buy an xbox, big screen tv, air conditioner, etc..

        Everyone [exagerating but it is leading this way] has an xbox, tv, air conditioner.

        Now people want more games, bigger tvs, more etc...

        Almost...like...what...happened in the US and Canada ;-)

        So yeah, 10 years ago they were getting paid more than the average labourer or something. but now that ther
      • by BewireNomali ( 618969 ) on Thursday June 23, 2005 @10:04AM (#12888904)
        I knew two guys in college who got by on credit card scams. Those were the days when the nameless university (NYU, cough) thought it cool to put part of your social security number in your student ID number. The smart guys could derive the rest, and everyone is but a drunken night away from divulging their whole life story, so, guy #1 was caught and convicted to 11 years for credit card fraud.

        The second guy had a girlfriend who worked at a neurologist's office. Most of the patients are old with degenerative conditions. When a patient would die, the girlfriend would pass on the info, and he'd get some cards, max em out, and throw them away. He's actually a pretty successful guy now. don't think he's with the girl anymore though.

        All of which is to say - the problem is ubiquitious. Corruption is inherent with the humans dealing with the data, but I can't help but think that there must be a better way of dealing with financial data to prevent theft.

        I'm torn, because with increased attempts at security come fewer freedoms. Pretty soon you'll have to give up the Gattaca drop of blood in order to buy movie tickets. I'm not sure if that makes the world a better place.
        • by Nom du Keyboard ( 633989 ) on Thursday June 23, 2005 @11:22AM (#12889690)
          I knew two guys in college who got by on credit card scams.

          I'd say your morals are pretty suspect in this.

          Actually, they're not suspect at all. They're as bad as the people you let get away with these crimes.

          • by Anonymous Coward
            Well, he went to NYU so maybe he grew up in NYC. Some cities/neighbourhoods impress their culture on you as much as going to a seminary school everyday would. "Don't snitch if it ain't your business" is an evolutionary-enforced survival instinct in crowded urban areas.

            Besides, those may have been childhood friends. You don't rat out a mate especially when you know he'd be facing +10yrs and shower rushes.

            I had my place broken into once and completely trashed while I was on vacation. They caught the kid
          • You might know that they did it, but not have tangible evidence that would be useful to the police. "He told me last friday in the bar that he did credit card fraud five years ago" won't be enough to get an investigate. After all, it's not like the cops in NYC don't have anything to do.
    • Time to move the outsourcing to the next frontier. Say, Somalia?
  • Damn. (Score:2, Interesting)

    by psyon1 ( 572136 )
    I hope companies look at situations like this, and use it in their decision making process to decide whether or not to outsource to other companies. Its one thing if they send them source code to a project and the people sell it, but when they are giving our personal information to another company, they should be damned sure it wont be sold.
    • It has nothing to do with outsourcing [directly]. It has to do with lower pay standards.

      I'm sure if this guy got paid fairly [and competitively] he wouldn't be stealing [or less likely to be].

      Hey, if the Canadian politicians can vote themselves raises to [quote] "prevent corruption" why is it so hard to reason that the average joe employee should get paid fairly to be kept honest?

      Granted outsourcing exists BECAUSE they're lower paid staff it isn't the cause of it though. I mean I use a Dell computer he
  • I can't find the link now but I recall a year or two ago reading about a medical transcriptionist in the Indian subcontinent who threatened to publish the confidential letters about the patients of an American hospital online in a dispute over the price agreed upon.
  • by FunWithHeadlines ( 644929 ) on Thursday June 23, 2005 @09:40AM (#12888671) Homepage
    I realize some of you might not trust a London tabloid to get the facts right. So as to perform a public service, I will investigate and get back to anyone who wants more information. To do this, I'll need contact information from each of you, including your:

    • Full name
    • Home address
    • Phone
    • Mother's maiden name
    • PIN number
    • Favorite password
    Please send this information to me accompanied by a money order in the amount of $4.95 to cover my processing fees. I will get the confirmation about the tabloid article back to you ASAP.
    • by koi88 ( 640490 ) on Thursday June 23, 2005 @09:44AM (#12888715)

      Thank you for this interesting offer. It sounds like a very good service.
      Unfortunately, you forgot to include your address, so I don't know where I can send my data and the money.
      • My address (Score:5, Funny)

        by FunWithHeadlines ( 644929 ) on Thursday June 23, 2005 @09:51AM (#12888775) Homepage
        "Unfortunately, you forgot to include your address, so I don't know where I can send my data and the money."

        My most esteemed colleague,

        Please excuse my unforgiveable oversight in neglecting to put a return address. In my excitement to be making such excellent contacts in your country, I was clearly negligent. Please remit all sums to:

        Post Office Stop A
        Lagos State

        I cannot tell you how grateful I am to find such a kind and professional person such as yourself, and I look forward to a mutually beneficial financial arrangement. Please send the money right away!

  • by jockm ( 233372 ) on Thursday June 23, 2005 @09:41AM (#12888675) Homepage
    Decades ago it was the waiter or waitress at the restaurant we used to worry about. When mail order began to grow, it was the person at the other end of the line of a mail-order company. Outsourcing (in country or out of country) is just a form of concentration of this phenomena.

    Sending potentially valuable information to people in a high stress, low paying job (in country or out of country, my wife worked in a call center in college) with poor controls is a risk. We have known this since the beginning, but we just seem to relearn the lesson each time.
  • Once Again, Another Indian Call Centre Worker Found Selling Customer Details.
  • by pandrijeczko ( 588093 ) on Thursday June 23, 2005 @09:44AM (#12888709)
    For working in a call centre for one hour being moaned at by angry customers - 100 rupees.

    For having to having to chase payment defaulting customers - 150 rupees.

    For handing over personal bank information - priceless.

    For everything else, there's "EmbezzleCard".

  • by Andrewkov ( 140579 ) on Thursday June 23, 2005 @09:44AM (#12888712)
    Well, the good news is that you're allowed to chop off the offenders hands when caught.
    • by crazyvas ( 853396 ) on Thursday June 23, 2005 @10:18AM (#12889019)
      One of my hopes when reading /. is that the level of education of people here is at least slightly above average. I don't know where you're from, but the sad fact is that both in the US and in parts of Europe, many people are unaware of the basic geographical and cultural differences between middle eastern countries like Saudi Arabia and far eastern countries like India.

      In terms of law, India is /far/ more advanced than many countries in the world.

      - Separation between religion and state (expressed in the constitution as the nation being secular) actually works in India unlike many countries. India currently has a Sikh Prime Minister and a Muslim President. Whats more, our Muslim President has an advanced enough and open enough view of religion that he is a scholar and a practitioner of the often contradictory Hinduism and Islam.

      - India is the worlds largest democracy. There's a billion people in India, and there's no country with a population even close to it thats a democracy in which the democratic process works as well as it does in India. And you honestly think that a working democracy would make laws to chop hands off citizens?

      - Like mentioned in a previous post, India has joined other progressive (read non-US) countries in placing more value on human life - the death penalty exists, but is very rarely used. I think in the past several years, 1 person has been executed.

      Please quit making completely unwarranted, unjustified, and most of all, uneducated comments. Your time is better spent actually looking up some information Wikipedia or elsewhere on the web every now and then. There's nothing healthier than doing that.

  • The Sun (Score:5, Insightful)

    by CmdrGravy ( 645153 ) on Thursday June 23, 2005 @09:45AM (#12888720) Homepage
    So the Sun offers an unspecified number of Indian Call Centre workers vast amounts of money to provide them with some confidential information and eventually one of them does.

    The point of this story is what exactly, that everyone has their price ?
    • The point of this story is what exactly, that everyone has their price ?

      If you outsource to a country which pays significantly lower wages to reduce your own costs, then that "price" also becomes significantly lower.

    • Re:The Sun (Score:3, Interesting)

      by Sique ( 173459 )
      The point is that there should be mechanisms in place to prevent this or at least to trigger immediate action if it happens.
      And the prices seemed to be predetermined, and the guy from the tabloid just had to ask. It was not that he was offering too much money per record. Validated postal addresses have been sold for more on a regular base. And you got the credit card information thrown in for free with this guy.
      Normally bribing someone to give you sensitive information costs much more.
    • Re:The Sun (Score:3, Interesting)

      by Beautyon ( 214567 )
      that everyone has their price ?

      It demonstrates most simply, that the price of harvesting people's information is much less than the rewards you will reap after having paid for the files.

      Approx £4 sterling per account, withdraw £100 per account on average.....PROFIT!

      And once the 'authorities' find out who did it, what can they do to that person? Put them in gaol. What can the buyer of the call centre service do to the company that provided the service? Put them out of business. Niether of the
    • Perhaps the point is that that price is significantly lower for poor Indian call centre workers? I'm sure if you offered someone in my office enough money they'd sell you personal details, but not for $4 each.
  • by LegendOfLink ( 574790 ) on Thursday June 23, 2005 @09:48AM (#12888739) Homepage
    You: "Dammit, my identity got stolen, I'll have to call my bank."


    CS: "Hello sir, my name is Rodney, how may I help you?"

    You: "What's with the delay?"

    CS: "Hello sir, my name is Rodney, may I help you today?"

    You: "Um...OK, my identity got stolen. Can you help me?"

    CS: "OK, sir, first reboot your PC."

    You: "Wait a sec, this isn't a tech call."

    CS: "Tell me your personal information, so I can find out your account."

    You: "OK..."
  • There's been a lot of focus on internet security and encryption of sensitive data. But as we see - it's not during the transaction that it's dangerous. It's at the end point. Do you thrust whom you're giving your details?
  • by Y2 ( 733949 )
    Rather than modding you all Troll or Flamebait, I challenge all of you kneejerks who say higher pay => more honesty (or lower pay => less honesty) to show some evidence for that claim.
    • Rather than modding you all Troll or Flamebait, I challenge all of you kneejerks who say higher pay => more honesty (or lower pay => less honesty) to show some evidence for that claim.

      I wish I had mod points right now - I'd mod you up ;-)

      Apparently xenophobia is alive and well in some areas of /. - A person steals because they're dishonest, not because they're Indian, American or because they're underpaid.

  • Not Just in India (Score:4, Interesting)

    by ehaggis ( 879721 ) on Thursday June 23, 2005 @09:52AM (#12888779) Homepage Journal
    I know many will make the claim, "It's because it's in India with low paid workers." Let's remember the news in the US this year. How many breaches of security (CitiGroup, FDIC, Lexus Nexus, more [google.com] have resulted in lost or stolen personal information in the United States of America? How many of these breaches were by high paid workers? It is not a matter of where or who lost or stole information. The core issue is the ignorance of the value of information. Personal information is the new commidity and big corporations have not had the epiphany or received the memo saying so. When they and consumers realize there is real money at stake, all will stand up and take notice.
  • While it's nice that Interpol has alerted the proper Indian authorities, what if there are no laws governing this apparent injustice? The way the story reads, it sounds like the Indians should start conforming to our rules if they don't already. Maybe Interpol is dictating how the indians will treat hash/pot smokers soon enough.
  • Prisons (Score:2, Funny)

    by jaygatsby27 ( 894445 )
    Thank goodness they don't have call centers like this in prisons. I thank god every day that there is no way my personal information could make its way to foreign terrorists who could use it to raise funds for their operations. The US and British governments would never allow that to happen. No matter how important commerce is to the US, they would never put it before the safety, health and well-being of its citizens. (this email written in 1980, left in Draft folder for 25 years and only now mailed).
  • by Colin Smith ( 2679 ) on Thursday June 23, 2005 @09:54AM (#12888802)
    They are required by law to put provisions in place to make sure that customer data isn't revealed.

    The act *is* flawed in that it allows data to be sent to countries without similar data protection if they have a contract in place, it shouldn't allow that in the first place. But the contract in place with the oursourcing organisation should make sure that they have sufficient safeguards in place to stop this, the fact that it's happening says that the outsourcing companies are in breach of contract and the banks haven't put sufficient safeguards in place, an offence against the data protection act, 1998.

    We need some prosecutions against CIOs, CEOs and the like. A couple of years in prison would improve their attitude to data protection.
    • DPA (1998) Breach (Score:3, Informative)

      by SkiifGeek ( 702936 )

      I was waiting for this response.

      I think that the Data Protection Act is a wonderful idea, along with all the other privacy related laws that the EU and the US have implemented.

      Unfortunately, they all suffer the same weakness - people. No matter how well written the laws become, there will always be someone who has access to valuable information who is willing to sell / destroy / manipulate it for profit.

      I think that, in addition to the laws currently on the books, that they should get extended to provi

      • Re:DPA (1998) Breach (Score:4, Interesting)

        by Colin Smith ( 2679 ) on Thursday June 23, 2005 @10:46AM (#12889297)
        There are things which can be done, as other posters have mentioned, segregation of duties and access, data obfuscation to minimise the kind of damage done. Sounds like none of that was implemented.

        " in addition to the laws currently on the books, that they should get extended to provide real penalties to companies and people in breach."

        Absolutely. A law without enforced penalties is a waste of time and money. There *has* been an offence against the DPA here, the customer data is evidence. The law requires proactive implementation of safeguards to stop it happening, though it doesn't specify what those safeguards should be.

        At the moment, people found guilty of an offence can only be fined a maximum of £5000 (Per offence?). I think that we need prison as an option.
  • Scum (Score:2, Insightful)

    by t_allardyce ( 48447 )
    Hopefully they will clamp down hard on this. The data protection act is one of the best laws there are and I want it fully enforced, and I want call centre jobs back here - i don't care if theres a shortage of workers, i would rather wait 10 minutes on hold.
  • If Hollywood can do it, why can't I? I'd like my credit card numbers, SSN, etc to be unreadable outside the country (OK, I'll leave one credit card universally accessible for travel to foreign countries). In fact, I'd like to take it a step farther. I'd love some DRM on my data so that my bank can't pass it to who knows who 3rd-party companies for marketing opportunities.

    I know, I know, I don't own my own data (the bank compiled it and thus the bank claims ownership of it). But a consumer can dream,
  • "You know the government will be keen to get companies to use ID cards as the sole/principal form of identification for entering contracts with the public.

    You know that access to ID card information would inevitably lead to disclosure of NIR information.

    You know that the government wants to involve offshoring to deal with NHS queries.

    You know that either your ID would be successfully hijacked or that an intercepted 'ID theft' attempt would lead to a suspension of your ID information and thus access to a

  • So we've not only outsourced our call centers, now we've outsourced our criminals too?

    Well there can only be one answer: India needs to outsource it's police system to catch their criminals. Some country further down the economic chain. Perhaps there are some Zulu warriors who could use some means of "persuasion" to get a confession.

    At some point, of course, outsourcing has its limits. Cheaper is not always better, nor is cost always the major factor in development and support.
  • If you provide people the opportunity to steal, someone will take advantage. It does not matter whether the person is rich or poor. Certain corporate executives are being prosecuted for looting their companies even though their salaries were in the millions per year.

    If one employee can walk off with thousands of customers' private data, then the system is putridly designed.

    Three things need to happen:

    1. Track down and prosecute the employee.
    2. Find out who else is doing the same thing and prosecute them.
  • by dajak ( 662256 ) on Thursday June 23, 2005 @10:12AM (#12888971)
    The British police force has passed on details to Interpol and the Indian authorities, in an attempt to prosecute the individual.

    They are barking up the wrong tree. If only the individual in another jurisdiction is liable to sanction, why is it allowed for British banks to move personal information to foreign countries in the first place? Shouldn't the bank be fined for failing to protect personal information of British citizens?

    Abuse of power by employees is not something new or interesting, but the accountability issue is. Personal information should only be moved between countries with similar protections against abuse. Having said this, I don't know anything about British law on this issue.
    • Normally companies do their due diligence well and only give out critical data important to conduct a transaction. That means, to verify the CC number, the system asks you to punch in and/or the CSR just validates the last 4 digits, CVC number etc. A good system in place has these checks in place to ensure no one person has access to all the data. it is when companies try to cut corners and go for the cost savings, that they give all data out and enjoy the 'shareholder enrichment process'
  • It seems like every day I am hearing about some company losing hundreds of thousands of credit card data files, putting millions at risk for a major incovenience -- at the least, they have to chage the credit card number and if they have accounts set up with vendors based on those cards, then they have to go and update those too. Obviously, that's the least-case scenario.

    My take is that credit card companies are going to have to change the way that credi cards work to slow this down. While no technology
  • by It doesn't come easy ( 695416 ) * on Thursday June 23, 2005 @10:14AM (#12888989) Journal
    Companies outsource jobs primarily because it is cheaper than providing the job themselves (this is especially true for jobs outsourced to other countries). We all know that. Part of the reason the jobs are cheaper to the company is because they do not have to worry about a host of expenses, including for example the cost of complying with governmental regulations related to the outsourced job.

    I personally believe, however, that a company should still be required to enforce all regulations which protect the citizens of the source country (in this case, the UK). If it turns out the company is not able to force compliance with the governing regulation for whatever reason then it should be illegal to outsource that particular function. And if they are able to force compliance then the source company should be held liable for failure to comply by the outsourcing company with all of the associated penalties. The result would be that the source company could not avoid the cost of insuring regulations were followed and the outsourcing company would incur the cost of compliance as well.

    This would have at least two effects. The cost of outsourcing would be more in line with competition in the source country and the citizens of the source country would not lose the protection afforded them by law.
  • by thewiz ( 24994 ) * on Thursday June 23, 2005 @10:15AM (#12888995)
    There have been studies that have shown that, when companies pay less than market-value for the jobs they have, employee theft goes up. To think that people in India are willing to work for a pitance of what workers in countries like the US and Europe make is ridiculous. When corporations bombard people with images of countries that have a standard of living higher than their own, it's not long before they want that standard of living too.

    All people want to be able to make their lives better; for themselves and their family. When the impoverished see wealthy people eating steak, the bowl of gruel in front of them doesn't look very tasty. When people see something they really want, wether it's a plate of food or a life style, they will beg, borrow and steal to get it.

    The solution? Companies need to pay people enough money that the employee can see they are making progress towards their dreams and goals, not just getting by from paycheck to paycheck.
  • It WILL get worse (Score:2, Insightful)

    by Goose3254 ( 304355 )
    There is a significant segment of the US Banking, Insurance and Healthcare billing infrastructure that is managed off-shore. This means that someone in India has all the admin rights they need to packet sniff, say, an ATM connection or a mainframe access that some clerk in Boise uses to input your info for that mortgage/car loan/credit card. Chew on that for a second.

    Off-shoring data entry was bad, off-shoring call centers marginally worse, but giving the ability to bring most of our monetary system's in
  • Wait... (Score:3, Insightful)

    by johansalk ( 818687 ) on Thursday June 23, 2005 @10:18AM (#12889015)
    I thought a recently-introduced European law (THANK GOD FOR EUROPE!) prevented the export of client data to outside of Europe without their consent. Did any of those banks and companies inform their customers that their data will be exported and specifically seek their consent for that?
    • You give consent (Score:3, Insightful)

      by wiredog ( 43288 )
      By doing business with them. It's not their problem if you failed to read the entire page of disclosures that was printed in Flyspeck 3 font.
  • by dindi ( 78034 ) on Thursday June 23, 2005 @10:19AM (#12889021)
    when I arrived here to Costa Rica first, to set up some network stuff and firewalls, I was told that the previous tech was chased by the neighbour outside with a gun in hand because he stole casino player data ....

    well, before you think that it was your average latino guy that carries a gun i have to tell that it was a US businessman who operates a casino here ...

    well I think if instead of the police, some big guy chases you down the street with a gun every time you touch data that does not belong to you - really makes the point ... and would keep people selling other's sensitive info ...

    "where there is gambling, there are criminals"
  • by PsiPsiStar ( 95676 ) on Thursday June 23, 2005 @10:29AM (#12889121)
    I've worked in a call center in the Philippines. For background, the Philippines is another popular call center location for US companies since there are fewer accent problems and the culture is remarkably American. The Phils is a better location for call centers than India, excepting the technology related fields, though the pool of workers with the proper skills is close to exhausted for the time being.

    Anyway, at one point, a guy used someone's credit card to buy roses for his girlfriend. That's below criminal, and into the "just plain stupid" range.

    After that, the company locked down everything. No cell phones on the floor, etc. Reps who regularly deal with sensitive e-mail don't even have access to e-mail. Access to sites like Yahoo is blocked from their computer and I'm not sure what else

    While all activity is monitored, last I heard they were looking for a way to automate their search for suspicious behavior. (scanning logs for when a user opens notepad and types a credit card number. Probably not too hard in Perl, but I don't know the language.)

    People talk about lower standards of living in other countries, forgetting that this is partly made up for by the fact that it's a lot CHEAPER to live overseas than in the United states. So while poverty in 3rd world countries is rampant, if you pay someone a halfway decent wage, the money goes a long way there.

    And when you get down to it, it would be pretty tough to run a call center in the US staffed with college grads, like you could do in the Philippines, and keep it open 24 hours a day.

    The fact that it's harder to prosecute people overseas is a problem. The company I worked for was based in the US, though, so it was still liable under US law. And I think that the company's potential liability was a selling point with potential clients.

    Of course, one element in every crime is opportunity. The black market in the Philippines seemed much bigger than in the states which should increase the opportunity to sell things a person shouldn't be selling, be they pirated DVDs or CC#s
  • follow up on this (Score:3, Insightful)

    by phorm ( 591458 ) on Thursday June 23, 2005 @10:33AM (#12889164) Journal
    One of the big problems with outsourcing is the lack of control over the outsourced workers/company/etc. In particular, there is a problem with convicting somebody who resides in a different country with different laws, etc. Even when the laws add up on both sides, it's often hard enough to make the system "work" on a local/federal level, with internationally being even more difficult.
  • by j_kenpo ( 571930 ) on Thursday June 23, 2005 @10:37AM (#12889205)
    This kind of thing happens because we let it happen. Yet we still hand our money over to these companies so they can continually screw us over, outsource our jobs, and give us seriously inferior service and lose our personal information to foreign criminals, incompetent courier services, and bad security practices. We, as customers, have the right to hold these companies accountable for this kind of crap by how we choose the services we use. If you don't like Indian Outsourcing, then do not use the services of companies that use it. Take your money elsewhere. Convince someone else to do the same. Eventually, if you hit them in the wallet, it will affect their bottom line enough and they will reverse the trend. They did this very well in the 60's and it was called a boycott. We should also petition our representatives to create laws to outlaw handling of customer personal information by citizens of foreign companies, except in circumstances where International Commerce is taking place (IANAL, so the specifics would need to be addressed by those that are). While it will not eliminate this sort of crime, it would go a long way in isolating it to a region of the world where the victims at least understand the laws and can have some small chance of seeing justice served. Wishful thinking, I know, but at least it gives the illusion that something is being done.
  • by alan_dershowitz ( 586542 ) on Thursday June 23, 2005 @10:54AM (#12889377)
    A while back, a hospital outsourced it's medical record processingt to Pakistan. PAKISTAN.

    Link [sfgate.com]

    So anyway, a worker with all those medical records contacts the hospital and ransoms their records. Great fun.

"Turn on, tune up, rock out." -- Billy Gibbons