AOH :: ISN-3110.HTM

Call center sting... details after the show

Call center sting... details after the show
Call center sting... details after the show 

India Infoline News Service
Oct 06, 2006

We have no further update from them (Channel 4) on their intent to share 
the details: NASSCOM

UK-based Channel 4s sting operation, a year long effort to locate 
security lapses in the call center industry has caused a flutter and 
(National Association of Software and Services (NASSCOM) sought evidence 
behind the report and co-operate fully and wholeheartedly. This would 
have enabled prompt action against the alleged criminals. But Dispatches 
refused to provide that information, prior to airing of the programme.
We have no further update from them on their intent to share the details 
of persons shown in the program who have "sold'' the data to Channel 4. 
However, we will pursue it further to ensure that criminals, if any, are 
rightly taken to the concerned authorities, said Kiran Karnik, 
President, NASSCOM.

Karnik added, We take any alleged breach of security extremely 
seriously. The fact that there was no suggestion of customers suffering 
financial loss in Dispatches' report does not diminish the priority we 
give to all security issues. An investigation by the Indian police is 
already well underway and we call upon Dispatches' full and complete 
cooperation with their inquiries.

NASSCOM has filed a complaint on behalf of the IT industry and the 
Criminal Investigation Department of the West Bengal Police has 
registered an FIR and started investigations under the Criminal 
Procedure Code. The Police have confirmed that Sushant Chandak's 
residence in Kolkata was also searched on Wednesday evening, the entire 
family is missing. The authorities are in the process of locating 
Sushant Chandak and gathering evidence relating to the allegations.
The NASSCOM President added, The Dispatches programme made it clear that 
data security is an international issue that is not unique to any one 
country. In India we are seeking to lead the way to even more stringent 
security standards.

Earlier Karnik had expressed concern about the verifiability of such 
operations, especially due to monetary inducements. He said, "These 
operations sometimes go beyond uncovering wrongdoing and actually induce 
criminal activity that is then recorded and aired.

Taking all possible steps to prevent such unpleasant corporate 
occurrences, NASSCOM is determined to ensure:

* Setting up a national registry of employees in the IT software and 

* Training enforcement officials and creating awareness in the judiciary 
  in India on cyber crimes, also conducting Cyber Safety Weeks for 
  consumer awareness

* Establishing a Self-Regulatory Organization

* Working closely with the Indian Government to evolve amendments to 
  India's already-tight laws to ensure the globally best cyber 
  environment, the final changes of which have been incorporated, and is 
  likely to be placed before the Parliament during the Winter session
Following a recent investigation of call centre's in India, the UK's 
Banking Codes Standards Board reported: "Customer data (in India) is 
subject to the same level of security as in the UK. High risk and more 
complex processes are subject to higher levels of scrutiny than similar 
activities onshore...  A separate recent report by the UK's Financial 
Services Authority noted that "There is no evidence to suggest consumer 
data is at greater risk in India than in the UK."
Ahead of these developments the National Association of Outsourcing 
(NAO) has commented on the issue, stating that the breaches reported by 
the Dispatches are unrefutable but the organization is aware of how 
seriously the Indian industry broaches the issue of data protection and 

NAO that is in close conjunction with Indian trade bodies and the Indian 
Government, maintains that some people actively enticed by financial 
gains and have been tempted to break the law and their companys code of 

The UK-based association has identified key issues of data security that 
UK companies must bear in mind when they offshore to other countries. 
The top most pointer holds that Indian employees are no less errant that 
than employees in the UK or anywhere else and it is impossible to ensure 
that every employee is 100% trustworthy.

On the management front, NOA holds that companies err in thinking that 
offshored units require minimal management, while actually the reverse 
is true. Increased distance calls for increased management to ensure 
adherence to company procedures in every location.

The association states that Indian call centre employees are more 
vulnerable as they are paid much lesser than employees in UK. But call 
centre security are air tight as there is not only physical security but 
also the following of standards like BS7799 to ensure that good 
operating procedures are in place. Call centre employees only have 
access to information they need and do not have the technology at their 
fingertips to copy or send this information to unauthorised sources.

The organisation not only communicates potential problems but also has 
best practise guides that advice companies to understand the business 
reasons behind outsourcing and the outcomes wanted or not wanted and 
precautions that can be taken to ensure no leakage of customer 

Among this entire upbeat, hissing in the youth centric industry, a very 
different view comes from the President of the Call Centre Association 
of India, Sam Chopra. "Frauds in the Indian BPO industry account for a 
fraction of a per cent of data theft. Data security is a matter of 
concern, however, such cases exist in minuscule numbers across all 
industries and any generalization on the entire industry based on a 
particular incident would be unfair, said Chopra. He also mentioned that 
unless concerned companies are named, no action can be taken.

Donate online for the Ron Santo Walk to Cure Diabetes! 

Site design & layout copyright © 1986-2015 CodeGods