AOH :: PT-1020.HTM

Bruce Schneier on Indian call center leaking credit card data

Bruce Schneier on Indian call center leaking credit card data
Bruce Schneier on Indian call center leaking credit card data

-------- Original Message --------
Subject: Bruce Schneier on indian call center leaking credit card data
Date: Mon, 27 Jun 2005 01:20:34 +0530
From: (Suresh Ramasubramanian) 

The Sun organized a sting where they caught a call center employee selling
credit cards. This is hitting the headlines with the usual stories about the
dangers of outsourcing. Bruce has a refreshingly different, and accurate,
viewpoint, as always -


June 24, 2005
Indian Call Center Sells Personal Information

There was yet another incident where call center staffer was selling 
data. The data consisted of banking details of British customers, and 
was sold
by people at an outsourced call center in India.

I predict a spate of essays warning us of the security risks of offshore
outsourcing. That's stupid; this has almost nothing to do with 
offshoring. It's
no different than the Lembo case, and that happened in the safe and secure
United States.

There are security risks to outsourcing, and there are security risks to
offshore outsourcing. But the risk illustrated in this story is the risk of
malicious insiders, and that is mostly independent of outsourcing. Lousy 
lack of ownership, a poor work environment, and so on can all increase 
the risk
of malicious insiders, but that's true regardless of who owns the call 
or in what currency the salary is paid in. Yes, it's harder to prosecute 
national boundaries, but the deterrence here is more contractual than 

The problem here is people, not corporate or national boundaries.

Posted on June 24, 2005 at 09:35 AM

Politech mailing list
Archived at 
Moderated by Declan McCullagh ( 

Make REAL money with your website!

The entire AOH site is optimized to look best in Firefox® 2.0 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to