Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Private Data Sold From Indian Call Center 212

Posted by Zonk
from the now-that-is-full-service dept.
Matt Freman writes to mention a ZDNet article on reports that private data is being sold out of an Indian call center. A U.K. television programme, 'Dispatches', follows a 12-month investigative report on illegal privacy-related activities. During the taping of the show thousands of U.K. bank customers had their personal information sold by the staff of a call center. From the article: "Indian IT trade organization Nasscom criticized Channel 4 for refusing to show it any of the footage before it was broadcast on Thursday evening. It urged the program makers to cooperate in rooting out and prosecuting any 'corrupt' call center workers. 'The whole issue of data security is a global problem,' said Sunil Mehta, a vice president at Nasscom. 'There are bad apples in every industry around the world, and these incidents happen in India and the U.K. This is not a widespread problem in India. Security measures and practices that Indian companies have are the best in the world.'"
This discussion has been archived. No new comments can be posted.

Private Data Sold From Indian Call Center

Comments Filter:
  • by weave (48069) on Friday October 06, 2006 @09:14AM (#16335981) Journal
    If a worker who works in same country as the company is caught in fraud, they are prosecuted and thrown in jail. If a megacorp outsources off-shore and the employees of that company are involved in fraud, exactly what assurances does that company or its customers have that the perps are prosecuted?

    Also, I always wondered why companies that outsource are assured their trade secrets are not sold too.

    • IANAL, but I would assume that the company is liable, not the individual. The likelihood is that the company will take action against the outsourced-service-provider. If they then choose to take action against the individual, that's their prerogative.

      That's not much of an "assurance" of prosecuting the individual, sure, but in terms of civil action you will be more likely to win compensation from a company than an individual so you're on a winner there. If it's not about the money but the principle, well,

    • Re: (Score:3, Interesting)

      by CodeBuster (516420)
      What assurances does that company or its customers have that the perps are prosecuted?

      It depends upon the country, but in popular outsourcing destinations, such as India, the assurance is basically worthless. The Indian court system is a byword for red tape, bureaucracy, and inefficiency that lends new meaning to the phrase, "waiting in hell for a glass of ice water". Nothing gets done without every petty bureaucrat getting his palm greased and even then it is not unusual for cases to spend fifty (50) y
  • by Anarke_Incarnate (733529) on Friday October 06, 2006 @09:15AM (#16335991)
    When you pay someone a wage, that relative to those of the people they deal with, they will become angry and resentful. The point of moving offshore is to save costs because the cost of living is so low, making the wages low.

    Thus, the people who know they are making a great deal less than people in the UK or US feel that they are doing this to equalize themselves. It is a psychological phenomenon. People don't just want to do well, they want to do better than others.

    • Doh, should have said "is lower, relative to"
    • Thus, the people who know they are making a great deal less than people in the UK or US feel that they are doing this to equalize themselves. It is a psychological phenomenon.

      You're completely correct, but this does not apply only to India. Wage disparity correlates more strongly with violent crime than pretty much any other social phenomenon. The way most modern cultures have evolved, the primary motivation to not steal is ethical. Punitive measures are very weak motivation by comparison. For all those

    • B.S.

      I won't even repeat such hog wash by quoting the parent post. Poor/poorly paid people don't break the law because they're poor/poorly paid. If it were that simple, why do rich people break the law also?

      Wages should be based on the value of the work, not relative to those the worker deals with, or relative to the worker's self-esteem.

      As even the parent admits, we're not talking about people on the edge of existence--someone stealing a crust of bread just to survive another day. We're talking about peop
      • They don't break the law because they are poor. They are not poor, relative to their environment. They simply see "us" as being able to absorb a loss easily, or don't care because of jealousy or simply greed and desire. This is not native to India, Pakistan, Mumbaba, Detroit, or anywhere. This is part of human nature.

        As far as rich people being crooked too, they are also doing it to "get ahead." Part of another psychological issue is the fact that many people have a hard time knowing when they have

    • And this applies to everyone? My customers make more than I do and I would be stealing from them to make myself better than others? What a load of crap and someone thinks that insightful.
      Someone willing to steal will do so no matter how much money they make. There is no psycological phenomenon that generalizes "people" making less would steal from people making more.
    • by frost22 (115958) on Friday October 06, 2006 @10:57AM (#16337337) Homepage
      They can not even prosecute clear cut cases of murder, when there is ample proof.

      Just a somwhat current example: the murder of Jessica Lal.

      The victim, an attractive model, worked at the bar at a friend's party in a fancy restaurant. A son of a powerful politician comes in with his entourage and asks for a drink. She refuses to give him one, because the bar is already closed. The man - offended beeing refused in front of his friends - pulls a gun and shoots her direct in the face.

      Numerous witnesses. Ample evidence. OJ Simpson was a mystery compared to that. And yet, after seven years of judical wrangling, the man walks away free (not that he ever spent a day in jail). Witnesses who can not remember anything, a police that just happens to destroy or devalue all evidence - the case stinks of corruption.

      Its been a major scandal in India half a year ago. But only because the victim was well known and had many influential friends of her own. Had she been a simple rural woman, we wouldn't even know. Local observers note that affairs like that are standard practice - if you are rich enough in India, there is no law that applies to you, because everybody is corrupt and can be bought.

      Don't believe me ? Just google for Jessica Lal, and read the whole sordid story.
      • I hadn't, but I found these sites:

        News index on the case [rediff.com]
        Wikipedia entry

        However, I should be mentioned that this stuff does happen in the USA as well. If a person is wealthy+powerful enough, you can threaten, buy, "remove" or many other things to witnesses. For the police, depending on the local level of corruption or bureaucratic influence, some of these may work as well.
  • Blame it on India! (Score:4, Insightful)

    by RexRhino (769423) on Friday October 06, 2006 @09:19AM (#16336027)
    Of course, there isn't any reason to believe that private data couldn't be illegally sold in the UK... or in the U.S., or France, or Canada, or Germany, or Japan, or whereever. In fact, data theft has most certainly happened in all those countries!

    But you are going to have a salvo of posts demonizing India as a place to do buisness. People with either a xenophobic agenda, or a protectionist agenda will jump on this with the whole "India is evil! Don't outsource to India" paranoia and hysteria, when in fact there is no reason to believe your data is more secure anywhere else.

    • by Danga (307709) on Friday October 06, 2006 @09:41AM (#16336315)
      People with either a xenophobic agenda, or a protectionist agenda will jump on this with the whole "India is evil! Don't outsource to India" paranoia and hysteria, when in fact there is no reason to believe your data is more secure anywhere else.

      There is a reason to believe my data would be more secure somewhere else and for me that would be here in the US. The reason it would be safer is because if someone were to sell my information working at a company here in the US then they would be held accountable to the laws we have against that and they would pay the price because I certainly would go after them myself if necessary. If the person who sells my data happens to be in another country then I would not have the choice to go after them myself and even though they most likely would lose their job their home country may not have any laws against what they did with my information so they could basically get away with it. So while there truly are "bad apples" everywhere there would be MUCH more deterent to sell someones personal information in a country that has laws against it than in a country where those laws do not exist.

      I think if I was making $2/hr (I made that up, I don't know what the real number is but I am sure it is low compared to the US) while I knew I was being exploited for cheap labor and was offered a large sum of money in exchange for personal data knowing I would lose my job but not be in trouble legally that I would probably take the money and go hunting for a new job.

      Basically I hope that some laws are passed in the US (and other countries) that already have laws guarding personal information to make sure if companies outsource access to that information that they are only allowed to outsource it to a country that has at least the same laws in regard to personal information. The best choice would to not outsource that information at all (so if the company in another country did not persue the employee legally I could do it myself) but at least this way if someone did do something with my personal information I would have some hope that they would be punished more than just losing their job.
      • "The reason it would be safer is because if someone were to sell my information working at a company here in the US then they would be held accountable to the laws we have against that and they would pay the price because I certainly would go after them myself if necessary."

        You can't be serious. You're trying to tell me that your data is safer because you have laws and accountability? People commit murders, traffick in drugs, break into homes, and yes, STEAL DATA, in the U.S. all the time, even though i
        • We're talking about India. Not some hypothetical lawless frontier.

          Depends - how much money have you got? Also, consider the case of Jessica Lal from upthread.

        • by uradu (10768)
          > You're trying to tell me that your data is safer because you have laws and accountability?

          Yes, that's pretty much how it works. You're just creating a strawman by equating relative security with absolute security. No country in the world can guarantee total data security, but there are huge differences in relative security to be found in various countries. In this respect I will have to differentiate between Europe and the rest of the world, because most (western) European countries take data privacy a
          • by Petersko (564140)
            "To use an analogy: think of movie piracy in the US vs Asia. Yes, it happens in the US as well, and there are street corners in most larger towns where you can buy pirated DVDs for dirt cheap. But if you think the US laws in that respect make absolutely no difference, you obviously haven't travelled to Asia or Russia recently."

            It's a flawed analogy because there's no real need for Asia to enforce American copyright laws. The country gains nothing by cracking down on DVD pirates. In the case of India, cr
      • I think if I was making $2/hr (I made that up, I don't know what the real number is but I am sure it is low compared to the US) while I knew I was being exploited for cheap labor and was offered a large sum of money in exchange for personal data knowing I would lose my job but not be in trouble legally that I would probably take the money and go hunting for a new job.

        You're spot-on.

        The reason why low-wage centers are always going to have more fraud (whether located domestically or off-shore) than highe
      • by dotdash (944083) on Friday October 06, 2006 @12:43PM (#16338925)
        I think if I was making $2/hr (I made that up, I don't know what the real number is but I am sure it is low compared to the US) while I knew I was being exploited for cheap labor and was offered a large sum of money in exchange for personal data knowing I would lose my job but not be in trouble legally that I would probably take the money and go hunting for a new job.

        A call center employee in India does make about $2.3 dollars per hour. However, I am really tired of people quoting these low Dollar figures for pay, while forgetting to mention that the "low pay" tends to be rather high for the local economy.

        Let me give you some estimate of costs and expenses in US Dollars. These numbers are for cities like Bangalore and lie closer to the upper limit. I have considered the kind of restaurants and other establishments a young and hip call-center employee is likely to haunt. In the interest of full disclosure: I am Indian, and am quite familiar with the goings on in India in the IT and BPO fields.

        Here is the summary before I give you the details: A call-center employee has the potential to save about 35% of his monthly pay. I wish I could do so in the US. Even by Indian standards, 35% is very good savings potential. For comparison, my sister and brother-in-law live in Bangalore, do not work in IT or BPO, and together earn less than the average call-center employee does. Mind you they both have daily expenses. They also have other expenses (schooling and feeding children mostly) an average call-center employee tends not to: The average call-center employee is single, in early 20s, and quite often not contributing much financially to his family.

        With numbers like these, I can argue that call-center employees in India have a lot less incentive to sell out. That is, people in the US might look for "supplemental income" more than an Indian call-center employee does. Now, I don't believe that is so, just like I don't believe the argument that the lower Dollar-wage makes Indians (or other nationals) sell out data.

        Here is the deal: For every 100 guys selling data, there is one guy buying it. The buyer shops in India because doing so is less expensive for him. So, how about we also look at where the buyers are coming from and what they do with it?

        Average Monthly Numbers

        • Pay: $444.44
        • Expenses: -$276.75 (Everyday expenses (-$150.9), and rent and other montly expenses (-$125.85)
        • Savings: $167.69 (37.7% of income)
        Everyday expenses (Note: Call centers in India give their employees free refreshments and free/subidised transportation)
        • A cup of coffee at a really fancy coffee house: $0.33 (yes, 33 cents)
        • A cup of ice cream at a really fancy parlour: $0.65 (must buy ice cream for the girl that tags along)
        • A pack of cigarettes: $1.5 (cigarette smoking seems to be on the rise)
        • A full meal at a really fancy restaurant: $2.22
        • A day pass on a city bus: $0.56 (though the average call-center employees are unlikely to take a bus: they ride bikes)
        • A can of beer: $2.00 (most people don't drink beer everyday, but I list it here in case you are wondering)
        Monthly expenses
        • Rent: $44.00 (A native is likely to live with parents, and pays well below this number)
        • Hair cut: $0.55
        • Movie tickets, for four shows: $3.00 (movies are the most popular form of entertainment)
        • Concessions at the movies for four shows: $4.50
        • Apparel for self: $10.00
        • Apparel for the person you are wooing: $10.00
        • 10 gallons of gas: $48.8 (yes, gas is that expensive)
        • Vehicle maintenance: $5.00
        Big-ticket
        • A new motorcycle: $1000.00
    • people do not act ibn a vacuum. India is ripe with corruption, and the reason is that society tolerates corruption. As long as India as society doesn't not eradicate corruption, stuff like that happens all the time.

      And yes, that means really hard punishment not only for the ccorrupt officials but also for the bribers. When was the last really rich man convicted to a really long prison sentence for corruption ? Why do politicians tolerate obviously corrupt or bribing colleagues in their mid ?

  • by Anonymous Coward
    It's good to know that there isn't anyone in America who'd do the same thing...
  • I goes without saying that the security measures in Indian companies are among the best; why, with all those CMM level 5 companies, security comes for free !
  • Courts and Law (Score:4, Insightful)

    by blueZhift (652272) on Friday October 06, 2006 @09:22AM (#16336061) Homepage Journal
    While I'm no fan of offshoring, in all fairness, it is true that data theft as described is not a problem unique to India. The real question is, how are these things handled by the courts and laws of the countries in which they occur? If there is some assurance that perpetrators will be brought to justice and things put to rights, as much as possible, then it may not be as big a deal. However, if the courts or laws are weak/corrupt and the penalties associated with data theft are laughable compared to the benefits, then you have a big problem. Many companies have been attracted to India and other countries by relatively cheap labor, but they really need to look at the rule and culture of law in any country they plan to do business in as well. This of course assumes that they are truly interested in benefitting the customer and haven't just added in data theft as a cost of doing business.
    • Re: (Score:3, Interesting)

      by happyemoticon (543015)
      The real question is, how are these things handled by the courts and laws of the countries in which they occur?

      "The Indian prosecutors had everything they needed to throw the book at them, until they found out that the police had stapled the CDs and floppies containing the data to their forms."

      (elaboration from a story I heard about Indian police a few months ago)

    • Re: (Score:3, Interesting)

      by hey! (33014)
      While I'm no fan of offshoring, in all fairness, it is true that data theft as described is not a problem unique to India. The real question is, how are these things handled by the courts and laws of the countries in which they occur?

      I think you're almost there.

      The real question is what are the risks entailed by offshoring, and how do you prepare for them? The stance of authorities in the offshore countries is just part of that.

      Let's assume for sake of argument that the law in the other country is aggressiv
    • However, if the courts or laws are weak/corrupt and the penalties associated with data theft are laughable compared to the benefits, then you have a big problem.

      The problem is how to stop these crimes, not punish people after they commit them. To this end we have to look at the motivation of the criminals. Having a lax criminal system may make them more likely to steal customer data and resell it, but it is by no means the primary factor. The main reason people don't steal is not out of threat of punishm

  • What can you say (Score:3, Interesting)

    by Garette (206805) on Friday October 06, 2006 @09:24AM (#16336087)
    A related atricle on BBC.
    http://news.bbc.co.uk/2/hi/business/5405438.stm [bbc.co.uk]
    Not every Indian is necessarily corrupt. However, even an handful can ruin the reputation of the entire bunch. The Indian Govt. has to crack down really hard on the people caught seeling the data.

    PS: I am an Indian too...
    • "Not every Indian is necessarily corrupt. However, even an handful can ruin the reputation of the entire bunch. The Indian Govt. has to crack down really hard on the people caught selling the data."

      Substitute "American" for "Indian" in that sentence. Then start going down the line with other countries. P.S. I am an American too.
  • by erroneus (253617) on Friday October 06, 2006 @09:27AM (#16336137) Homepage
    It's that it is beyond the reach of local law enforcement which complicates things.

    Let's say that the same crime happpens locally. Local laws are applied against local criminals. If I recall correctly, the last time this issue was discussed, "identity theft" and related fraud weren't necessarily a crime in India or at least they didn't have the same level of urgency out there. Whatever the case, there is no guarantee that the handling of these problems would reflect the same level of justice as it would locally due to disparity of law enforcement priority, communications among law enforcement, etc.

    On the other hand, if we had some sort of international treaty regarding these matters, that might balance out the problem. For example, all employees of these call centers should be made to operate under the laws of the city, state and nation of the company they are representing and if they are suspected of being in criminal violation of such laws, they should be extradited to the city, state or nation for criminal prosecution.

    But in my opinion, that wouldn't really be enough. These people are simply too far out of reach to be held accountable. I just feel like we're at risk having some rather critical information exported to other countries for processing where our laws and regulations do not necessarily apply. It's bad enough when it happens here on our own soil, but at least we can take SOME action against it. Internationally, it's just all the more complicated.
    • by fdiskne1 (219834)

      I just feel like we're at risk having some rather critical information exported to other countries for processing where our laws and regulations do not necessarily apply.

      Too late. Your personal credit information is already there. I had a problem getting a credit report from one of the credit reporting agencies. When I called them to be sure they took care of the problem, the phone was answered by someone with such a heavy Indian accent I could barely understand him. The first question out of his mouth wa

    • LoL.

      So I'm going to be paying for an $1,800 ticket to fly someone to the states for punishment now.

      By Grapthar's hammer. What a savings.
  • I watched this, (Score:4, Interesting)

    by joe 155 (937621) on Friday October 06, 2006 @09:28AM (#16336151) Journal
    last night, people were selling amazing amounts of information. One person claimed (and showed a recording as proof) to have actual voice recordings of people handing over credit card and security numbers...

    Whilst this might be just a few bad apples it does make the whole sector look bad, and I'm not sure I want to be giving my card numbers to compainies who outsource so readily without checking fully what staff are up to.

    Interestingly though was the response from the banks, which amounted to "so what". They really don't care. Whenever someone is a victim of fraud through these, or other, means they simply pay up and give the customer their money back, which apparently is cheaper than making sure that it doesn't happen - besides not everyone will notice, and they profit from the people who are scammed and don't notice

    • Re:I watched this, (Score:4, Interesting)

      by REBloomfield (550182) on Friday October 06, 2006 @09:52AM (#16336491)
      I saw it too, and realised where the three cold calls i recieved earlier this year may have originated from. I was called on my mobile by an middle eastern sounding man or woman, and told that they could move me to a much better contract, and if i was happy they could go ahead and make the change straight away as they had all the details they needed. They hung up when I demanded to know what details they had and where they got them from. Scary stuff; I'm careful with my details, and I haven't bought a mobile 'phone over the 'phone or online like most of the people mentioned.

      It was eye opening for my wife, she had no idea how easy it was to commit fraud with a few card details and the CSV number on the back. She doesn't buy anything remotely, so wouldn't know better, but i was shocked that many people could be this open to potential fraud.

    • In the U.S., the banks do not pay up. What happens is that a credit card client sees an invalid transaction; All the Client has to do is call the credit card company and state that the charge is unlawful; At this point there is some talking about how little work the bank employee must be forced to do. The credit card company will then mail a piece of paper that the client signs basically stating, "yup, that charge is bogus". What is done at the same time as mailing is that credit card transaction is reve
  • by Trifthen (40989) on Friday October 06, 2006 @09:31AM (#16336185) Homepage
    I saw this coming last year when several banks here stated they were moving many services unrelated to call centers, out of the US for financial reasons. It would appear that people generally don't care about others, which is only exacerbated by national identity detracting from emotional identification. What does an Indian care about some schmuck from the UK? About as much some guy in the UK cares about an Indian.

    Then again, it could be argued that by sending financial services to the lowest bidder, banks are encouraging wholesale fraud. It's probably a combination of many factors, these only being the low-hanging fruit. I'd like to think banks would be more responsible with our money, but apparently charging outrageous interest rates on loans and transactions isn't enough of a profit.
  • "Security measures and practices that Indian companies have are the best in the world."

    And what about the rest of world like US, Japan, Europe ?

    Well, I guess the "best in the world" just follow "cutting edge", "breakthrough", "leading", "enterprise", "professional" in the list of expressions Marketing department sucked the meaning.

    Mind you, I'm not bashing India, that happens everywhere: in Europe Spain, France and Belgium all declared at various time that they have the best healthcare system in the world .
  • Why should IT and manufacturing be the only ones benefiting from offshoring? Let crime do so also!

    (I think this might be a joke, but its not funny.)
  • by Fastolfe (1470) on Friday October 06, 2006 @09:41AM (#16336313)
    If the company designed its security and auditing correctly, call center employees should never have the ability to do this in the first place. Why are they trusting call center employees with wholesale access to customers' private data? Competent companies will require the employees to provide an explanation every time they access a record, and these will be tied to their phone records to make sure they are only accessing information relevant to their current task. A good audit trail, flagging unusual access behavior, combined with limiting access only to individual records at a time would have stopped these breaches.

    Yes, some of these outsourced call centers are inexpensive because they don't do things like this. But you get what you pay for, right?
  • by Serveert (102805) on Friday October 06, 2006 @09:43AM (#16336353)
    I don't believe in cuttting corners, I don't think that's a long term strategy. For example, I don't hire people I don't trust. I hear people talking about outsourcing and they mention giving them a part of the non-critical portion of the code. Why bring these people on board who you don't trust? Short term profit? What about long term profit when these people you don't trust steal the rest of your code and compete against you?

    Or, since you're just looking at them on a cost basis, paying them as little as possible, they aren't motivated. So their productivity is lower. I believe you should hire people and give them ownership and high pay. That's a long term strategy. All these companies outsourcing right now are going to get a rude awakening down the line.
    • I believe you should hire people and give them ownership and high pay. That's a long term strategy.

      In general I agree with you, but sometimes outsourcing does make sense. The conditions for this are, tasks that are outside the core competency of your organization, where there is sufficient competition, and where failure is not disastrous. The company I work for treats us very well. We also outsource some work to foreign nations. The thing is, we make sure the code we contract them for is modular and whi

      • by Serveert (102805)
        Not to criticize your organization specifically, what you says is the case at most companies, even ones I have worked at. They outsource for cost and personell reasons(can't find enough talent).

        But in starting my own company, I have yet to run across this personell problems. The reason is, over the years, I have kept in contact with the well paid but very productive people I have worked with. At this point I have a short list of extremely amazing employees who would drop what they're doing to work for my co
        • But in starting my own company, I have yet to run across this personell problems. The reason is, over the years, I have kept in contact with the well paid but very productive people I have worked with. At this point I have a short list of extremely amazing employees who would drop what they're doing to work for my company when the time comes.

          This is how a lot of companies start, including this one. Fast forward about 5 years down the road when you've grown to 100+ employees, most of whom were referred by

  • to discover people making 15% of 1st world wages can be corrupted with large amounts of money for valuable private data.

    It would be no different in the 1st world-- except it would take about six times as much money to corrupt them at the same level.

    • It would be no different in the 1st world-- except it would take about six times as much money to corrupt them at the same level.


      Bull. People steal for pennies. It's not the value, but the idea. I've seen executives with $100K annual salaries lose their jobs for pilfering from the "Ferengi Cafe" and taking advantage of a broken vending machine. One manager at my former company stole a $500 laptop.
      • A lot of people are ethical.

        Lost wallets get returned *with the money* every day.

        The manager may have felt justified to steal the $500 laptop because the company worked him a lot of uncompensated overtime and didn't deliver on its promises to him. Not saying he's right- just saying people steal easier when they feel really it is a reckoning.

        I bet people that new "bob" the vending guy wouldn't steal from him while people that don't have no problem stealing from the vending machine- since they've lost money
  • by aldheorte (162967) on Friday October 06, 2006 @09:53AM (#16336509)
    This is just the tip of the iceberg. Consider what happens to code development shipped offshore. It amuses me that businesses with strict non-open source code policies offshore code development because it's pretty much a de facto, if unofficial, grant of open source. It's even worse when people use offshore resources for "secret" prototype development and the such in an attempt to save money on project startup. I cannot think of a worse venue to put confidential new development into.

    This problem is a compound problem. First you have low wage workers that are more likely to succumb to temptation of selling such secrets. Second, you have jurisdictional problems - technically you could make a legal claim through treaties and the like, but the hassles and delays would take years and years to resolve and probably give no real satisfaction (this is why I say de facto in the above, even if you disallow something, if there is no real useful legal remedial process behind it, whatever agreed is basically unenforcable). Third, there are cultural problems where intellectual property and consumer privacy are fairly artificial constructs of the legal systems of developed countries.

    The bottom line is that this is only going to get worse and I imagine that Western companies will soon face legal liability for outsourcing in two ways:

    1. To shareholders for assigning development to offshore resources that results in compromise of trade secrets or the like.
    2. To consumers for breaches of privacy and resulting identify theft and the like.

    The companies will argue that they entered into contractual agreements with third parties so it wasn't their fault, but I suspect that many of these cases could and will be successfully pressed on the basis of a lack of due diligence, especially against the backdrop of known incidents such as this.
    • This is just the tip of the iceberg. Consider what happens to code development shipped offshore.

      It would be easy for someone to slip in a virus to round off the fractions of a cent in the interest computations and put the remainders in an account.

      You just need someone who knows the credit union software to install it.

      • Yeah, like Michael Bolton and Samir. Just make sure Lundberg doesn't catch you, or he'll make you come in on Sunday....
      • by wbean (222522)
        It would be easy for someone to slip in a virus to round off the fractions of a cent in the interest computations and put the remainders in an account.

        It's not that easy. You calculate the interest on an account and post the credit to the account and the debit to interest paid. The debit and the credit have to match. There's nothing left over for the rogue programmer.
        • Just because this one scam is guarded against doesn't mean that there aren't many more that could be prepetrated.
          • by wbean (222522)
            Absolutley! It's just that I've been hearing about that penny rounding scheme since the mid-sixties (yes, I'm that old) and have never been able to trace it to an actual incident.
            • by mcmonkey (96054)

              Absolutley! It's just that I've been hearing about that penny rounding scheme since the mid-sixties (yes, I'm that old) and have never been able to trace it to an actual incident.

              Of Course. When I^W^WIf someone were to actually pull off such a plan, you'd never hear about. No one would even know the money was missing.

              When the best capers are over, no one knows anything is missing.

  • by nuggz (69912) on Friday October 06, 2006 @09:58AM (#16336567) Homepage
    These type of "fear the indian call center" play really well because they hit such a high number of issues.

    ID theft- scary, currently a nice hot issue.

    Privacy - little recourse for violations,

    Offshoring - They're stealing jobs!!
    Jobs people don't want. FWIW there are some larger call centers in various parts of North America that are growing.

    Indian accents - some people have trouble with them.

    Racism - Some people just don't like them even if we solve all the other issues.

    This is just cheap shot journalism at an easy target that gets people upset. This same type of privacy violation can and does happen in every part of the first world.
    • nonsense (Score:2, Informative)

      by Anonymous Coward
      if you had watched the program you would of seen them talk to UK callcenter employees who could supply the same data, the only reason they went to India was because of the numbers, UK employees wanted 10-50 times what the Indians wanted for each piece of data and they (indians) could supply them in much larger quantities (100,000 fresh details per month) so as responsible jounalist do they followed the big fish not the little minnows

    • Re: (Score:3, Insightful)

      by jnf (846084)
      I didn't RTFA, but it should hit a very important point. When I worked in the banking industry we had four or five bases of operation in India, we then had a problem that no one really wanted to talk about- we couldn't do background checks on the employee's in India, so we were not even in compliance with our own policies. This was a huge issue because these people had access that ranged from nothing to administrative access over all of the workstations and some of servers.

      Think about that for a moment a
    • Re: (Score:3, Insightful)

      by geekoid (135745)
      Offshoring - They're stealing jobs!!
      Jobs people don't want. FWIW there are some larger call centers in various parts of North America that are growing.

      Jobs people don't want? what you mean like programming? or the thousands of people that have been fired so there call center/support job can go to india?

      To say migrant works do jobs most people don't want is true(ever pick strawberries for a day?); many people want office jobs.
    • by MrMickS (568778) on Friday October 06, 2006 @11:01AM (#16337383) Homepage Journal
      The programme did speak to someone working in a call centre in the UK. That person pretty much said that the security was so lax that any of the breaches levelled at India could also take place within UK call centres. So the programme wasn't making cheap shots.

      The difference between India and the UK was the manner in which this data was marketed. Outside Hyderabad, which had G.Bush visiting and high security at the time of the investigation, the personal information was being dealt as any other commoditiy. That is, openly traded. The makers of the programme weren't able to gain access to data as readily within the UK. The speculation, as it was untested, as to why this was the case was down to jurisdictional issues.

      A large number of UK companies have taken advantage of the services supplied by Indian call centres. The security of data is a genuine concern. The numbers being talked about were in the 50,000 - 100,000 new leads per month. This is fraud on a large scale even if its only being carried out by a relatively small number of people. Some of the sample data, which when challenged was said to be made up, was used to track one person down that was prepared to appear on camera and confirm it as true. Interestingly this data was obtained because the person had a credit check done in a UK shop which happened to go through to an Indian call centre.

      Incidentally the programme did say that the information was garnered not from banking call centres but mostly from ones used by mobile phone companies. The implication being that the banking call centres had a higher level of security.

    • by mutterc (828335)

      There's also "anti-corporatism":

      The U.S. government apparently doesn't have a problem pushing for harsh copyright laws in other countries, so that foreign citizens in foreign countries can get taken down if they pirate American entertainment content.

      No effort though on trying to get laws enacted that protect regular American people, though. Even all put together, we're not nearly as important as Disney.

      On the other hand, it's not like American data-protection laws are any good either; you don't own yo



    • How could they grow if people didn't want those jobs?

      This is just cheap shot journalism at an easy target that gets people upset. This same type of privacy violation can and does happen in every part of the first world.

      People are upset because they're losing their livelihoods or at the very least having to accept a lower standard of living (or are afraid of it happening to them) which, funnily enough, is not racism or stupidity but perfectly understandable. Do you have positive news for those people or just
  • Not suprised (Score:2, Insightful)

    by CaptScarlet22 (585291)
    Money talks in any language....
  • Legal recourse (Score:3, Informative)

    by dodobh (65811) on Friday October 06, 2006 @11:09AM (#16337487) Homepage
    The law is being made a lot more stringent, and every person whose personal data has been compromised can get compensation upto 5 crore INR (50 million INR) as civil damages, as well as criminal action leading to fines and/or imprisonment. Under Indian law, any affected individual can bring a criminal lawsuit, without having to wait for the government to intervene.

    http://tech.groups.yahoo.com/group/cyberlaw-india/ message/2848 [yahoo.com]
  • Of course there are bad "apples" in every industry, in every country. That's why we have laws against bad "apples", government oversight of industry, reporting requirements, consumer watchdogs... a whole infrastructure the people use to protect ourselves from irresponsible and criminal corporations.

    US corporations often avoid handling data inside the US because even our crude and inadequate privacy laws still add costs and risks to those operations, but overseas there's little to no risk to the US operation
  • If they're doing this with personal information, just imagine what they're doing with code and other sensitive information!

    GJC
  • ...I bet you can bribe Indian workers for 1/6th what you can bribe American workers for.
  • Almost every post here is just anti-outsourcing. How about fixing the source of the problem: a few numbers (social security, credit card) are required to get anything done, and these same numbers can be used to destroy your identity. This is what makes the data so valuable in the first place. I can't believe that all the money saved by outsourcing is not enough to provide a more secure platform for online commerce. Changing laws in one country is not a solution by itself in a global economy. This will just

3500 Calories = 1 Food Pound

Working...