India Infoline News Service
Oct 06, 2006
We have no further update from them (Channel 4) on their intent to share
the details: NASSCOM
UK-based Channel 4s sting operation, a year long effort to locate
security lapses in the call center industry has caused a flutter and
(National Association of Software and Services (NASSCOM) sought evidence
behind the report and co-operate fully and wholeheartedly. This would
have enabled prompt action against the alleged criminals. But Dispatches
refused to provide that information, prior to airing of the programme.
We have no further update from them on their intent to share the details
of persons shown in the program who have "sold'' the data to Channel 4.
However, we will pursue it further to ensure that criminals, if any, are
rightly taken to the concerned authorities, said Kiran Karnik,
Karnik added, We take any alleged breach of security extremely
seriously. The fact that there was no suggestion of customers suffering
financial loss in Dispatches' report does not diminish the priority we
give to all security issues. An investigation by the Indian police is
already well underway and we call upon Dispatches' full and complete
cooperation with their inquiries.
NASSCOM has filed a complaint on behalf of the IT industry and the
Criminal Investigation Department of the West Bengal Police has
registered an FIR and started investigations under the Criminal
Procedure Code. The Police have confirmed that Sushant Chandak's
residence in Kolkata was also searched on Wednesday evening, the entire
family is missing. The authorities are in the process of locating
Sushant Chandak and gathering evidence relating to the allegations.
The NASSCOM President added, The Dispatches programme made it clear that
data security is an international issue that is not unique to any one
country. In India we are seeking to lead the way to even more stringent
Earlier Karnik had expressed concern about the verifiability of such
operations, especially due to monetary inducements. He said, "These
operations sometimes go beyond uncovering wrongdoing and actually induce
criminal activity that is then recorded and aired.
Taking all possible steps to prevent such unpleasant corporate
occurrences, NASSCOM is determined to ensure:
* Setting up a national registry of employees in the IT software and
* Training enforcement officials and creating awareness in the judiciary
in India on cyber crimes, also conducting Cyber Safety Weeks for
* Establishing a Self-Regulatory Organization
* Working closely with the Indian Government to evolve amendments to
India's already-tight laws to ensure the globally best cyber
environment, the final changes of which have been incorporated, and is
likely to be placed before the Parliament during the Winter session
Following a recent investigation of call centre's in India, the UK's
Banking Codes Standards Board reported: "Customer data (in India) is
subject to the same level of security as in the UK. High risk and more
complex processes are subject to higher levels of scrutiny than similar
activities onshore... A separate recent report by the UK's Financial
Services Authority noted that "There is no evidence to suggest consumer
data is at greater risk in India than in the UK."
Ahead of these developments the National Association of Outsourcing
(NAO) has commented on the issue, stating that the breaches reported by
the Dispatches are unrefutable but the organization is aware of how
seriously the Indian industry broaches the issue of data protection and
NAO that is in close conjunction with Indian trade bodies and the Indian
Government, maintains that some people actively enticed by financial
gains and have been tempted to break the law and their companys code of
The UK-based association has identified key issues of data security that
UK companies must bear in mind when they offshore to other countries.
The top most pointer holds that Indian employees are no less errant that
than employees in the UK or anywhere else and it is impossible to ensure
that every employee is 100% trustworthy.
On the management front, NOA holds that companies err in thinking that
offshored units require minimal management, while actually the reverse
is true. Increased distance calls for increased management to ensure
adherence to company procedures in every location.
The association states that Indian call centre employees are more
vulnerable as they are paid much lesser than employees in UK. But call
centre security are air tight as there is not only physical security but
also the following of standards like BS7799 to ensure that good
operating procedures are in place. Call centre employees only have
access to information they need and do not have the technology at their
fingertips to copy or send this information to unauthorised sources.
The organisation not only communicates potential problems but also has
best practise guides that advice companies to understand the business
reasons behind outsourcing and the outcomes wanted or not wanted and
precautions that can be taken to ensure no leakage of customer
Among this entire upbeat, hissing in the youth centric industry, a very
different view comes from the President of the Call Centre Association
of India, Sam Chopra. "Frauds in the Indian BPO industry account for a
fraction of a per cent of data theft. Data security is a matter of
concern, however, such cases exist in minuscule numbers across all
industries and any generalization on the entire industry based on a
particular incident would be unfair, said Chopra. He also mentioned that
unless concerned companies are named, no action can be taken.
Donate online for the Ron Santo Walk to Cure Diabetes!