Share this content

Indian contact centres face up to data theft outrage

5th Oct 2006
Share this content

The India contact centre industry was bracing itself for the fall-out from a Channel 4 documentary which exposes data theft in the country, setting its main trade association on a desperate defensive gambit.

The documentary focuses on two middlemen, one of whom is captured on camera offering to sell a database with the credit card, passport and Internet banking details of as many as 200,000 people. The second middleman reportedly offered to sell the personal details of customers of companies like Halifax, Bank of Scotland and Woolwich for £5 each.

During the investigation for Channel 4’s 'Dispatches', one of the middlemen Sushant Chandak, offered to sell a database with credit card details of 200,000 people as commercial leads. At a meeting in Kolkata, he boasted of a network of agents in call centres across India. "I have a good rapport with them. We cooperate. I pay them, so they trust me," he says.

In addition to credit card numbers, Chandak was also offering passport numbers, driving licence numbers and personal banking details of British citizens, the report said. At a separate meeting, Chandak offered the details of 8,000 mobile phone users. He even apparently had tapes of customers being called at home from a call centre.

The second middleman, known only as Ghufran, offered details of customers with British financial firms like Halifax, Nationwide, Woolwich, Bank of Scotland and NatWest for five pounds each. He claimed the information was obtained by technical support staff who visited call centres and used memory sticks to download recent sale transactions.

A leading data protection lawyer Stewart Room - who has played a role in the documentary - has been quoted by national daily The Times of India as saying that "the evidence is so compelling" that it would trigger "an official chain reaction against outsourcing to India". He insists that the impact of the documentary will outrage customers.

The National Association of Software and Service Companies (Nasscom) is going on a damage limitation offensive, going so far as to claim that the TV firm’s year long investigation ended up with the wrong conclusions.
Sunil Mehta, Vice-President of Nasscom, has been sent to London to handle damage limitation among the UK media.

It said it had asked Channel 4 for evidence of its claims, but that the channel had refused to part with its information. A Channel 4 spokesperson said: "As a responsible broadcaster, our role is to bring our findings to the attention of the public. It is not the role of journalists or broadcasters to act as agents of the police or any other authority."

Nasscom president Kiran Karnik said: “We are concerned about the verifiability of such stories, especially sting operations where monetary inducements were provided. These operations sometimes go beyond uncovering wrongdoing and actually induce criminal activity that is then recorded and aired.”

He added that there was the suspicion that such investigations were based on international jealousy of India. "Few other countries are subject to the same level of scrutiny, [but] concern over data security is not limited to any one country," said Karnik. "Such stories go to prove the lengths to which some vested interests will go to threaten this global industry with its reputation for customer value and security."

Karnik said the TV channel’s sting operation was an attempt to induce criminal activity by offering money. "What you call a sting operation has actually tried to induce criminal activity and then make a show of it. It’s like creating a story and then printing it," said Karnik.

"We are concerned about the verifiability of such stories, especially sting operations where monetary inducements were provided. These operations sometimes go beyond uncovering wrongdoing and actually induce criminal activity that is then recorded and aired.

"In this particular case, one of the alleged criminals has stated the data he offered for sale was fake. This, and the lack of prompt cooperation by the producer with enforcement agencies, makes difficult the task of bringing to book the criminals involved."

This is not the first time that Indian BPO employees have been accused of data theft. Earlier this year, an HSBC employee in Bangalore was arrested after allegations of him stealing £2,30,000 from British customers’ accounts.

The impact of the disclosures could be significant. Already 80 per cent of people in the UK believe that financial services companies which outsource services to overseas countries are damaging their brand image.

These are the findings of a survey on behalf of the International Financial Services District Glasgow which asked more than 2,000 adults across the UK if companies which offshore operations damage their brand in doing so.

A massive 80 per cent said they thought offshoring did damage the brand with just 7per cent saying it did not. Age plays a part in attitides: 89 per cent of over 50s said they thought offshoring damaged the brand

Some 49 per cent said they would consider switching their custom because of offshoring, but in practice only one in 10 said they had already switched their custom to another company because of the offshore issue.

Jim Watson, project director for the International Financial Services District, Glasgow said that sticking closer to home would help maintain brand integrity for firms. "We are finding that companies see the benefit of locating within the UK as well as offshore," he said. "Offshoring can be appropriate in some situations, but we are seeing a trend towards ‘multi-sourcing’, where firms have a balance of onshore and offshore services.

"If brand damage is translating into increased customer churn, financial services organisations need to assess where best to locate their services. Regional financial centres in the UK, such as Glasgow, are becoming increasingly attractive to international companies which have their main operation in London."

For their part, Indian BPO firms appear to following the Nasscom party line. S Nagarajan, co-founder of one of India's largest third-party BPOs, 24/7Customer, was quoted this week as arguing: "India is one of the safest countries to do business. If the TV channel did this thing with the intention to expose, then I feel it's not fair.

"If it were a sting operation, I would still say it's unfair as these things happen in every country. In fact, it happens in larger numbers in other countries. India is very conservative and God-fearing and hence the extent of such occurrence is rare here. Also, our security norms are world-class."

The long term impact of the documentary is yet to be seen, but it’s clear that this latest row is not about to blow over.

By Stuart Lauchlan

Further reading

  • Call centre data security back on agenda after HSBC India breach
  • Powergen customer management pulls out of India
  • Apple closes Indian call centre
  • Indian call centre security in question again after another customer data breach
  • Customer data and the passage to India
  • Special Report: Is customer data safe in Indian call centres?
  • Rattling the cage
  • Outsourcing your contact centre: A poke in the eye for your customers?
  • The Outsourcing and Insourcing Conundrum
  • Offshore Outsourcing - An Industry Viewpoint
  • Replies (0)

    Please login or register to join the discussion.

    There are currently no replies, be the first to post a reply.