CWA Publishes Report Detailing Data Security Risks of Offshore Outsourcing

New ways of doing global business have brought several trends to light. For starters, more and more companies are outsourcing some of their core operations to more inexpensive destinations abroad; think call centers, help desks and back-office operations, not to mention product development and testing. Second, the trend toward being able to use and manipulate “big data” has seen companies putting more and more of their critical, private data onto the Internet while at the same time building out their security practices to keep that information safe.

While conventional wisdom has been telling many of us that the two process are incompatible, there would appear to be research to back this up now (in addition to heaps of anecdotal evidence).

A new report from the Communications Workers of America (CWA (News - Alert)) has found that there is a definitive link between damaging data leakage and offshore outsourcing, among other negative outcomes. The union is calling for new federal legislation to address overseas security breaches and encourage the return of call center jobs to the U.S. Of course, it's important to note at this time the inherent vested interest the union has in returning jobs to U.S. shores, but that doesn't mean the data breach/offshore call center link doesn't exist.

The report, called, “Why Shipping Call Center Jobs Overseas Hurts Us Back Home,” details that not only does shipping call center jobs offshore threaten the livelihood of U.S. workers and their communities, but it also opens companies and their customers to risks of fraud committed with proprietary company and customer information.

The report provides examples of what it calls “continued instances of fraud directly related to employees at overseas call centers,” including a lack of accountability and insufficient safeguards to protect consumer information from overseas security breaches; and the recent trend of sub-outsourcing in which foreign call centers located in places like India have outsourced to even cheaper labor markets, including countries such as Saudi Arabia and Egypt.

The report would appear to bolster pending legislation introduced in the U.S. House of Representatives by Rep. Tim Bishop (D-NY) and Rep. Dave McKinley (R-WV). Called the “U.S. Call Center Worker and Consumer Protection Act,” the bill, if enacted into law, would accomplish the following:

• Ban federal grants or guaranteed loans to American companies that move call center jobs from the U.S. to overseas;
• Require the list of companies that off-shore call center work to be made available to the public; and
• Require call center employees to disclose their location to US consumers, and requires that call centers transfer consumers to a call center in the U.S. upon request.

Unsurprisingly, businesses that use call centers heavily, particularly foreign call centers, are lobbying hard against the legislation.

The tipping point for the passage of the bill, however, may be the increasing number of data security breaches and outright fraud that have been experienced by many companies outsourcing critical customer care to unvetted foreign call centers. While of course data breaches and fraud can occur readily in U.S.-based call centers as well, there would appear to be a correlation between how far and wide propriety information is disseminated and the chances of that information being misused. In addition, U.S. companies cannot engage in foreign background checks as easily as they can on U.S. soil, and many nations do not have intellectual property laws that are as robust as those in the United States. Once a breach happens, a company is then at the mercy of an unfamiliar legal system in order to obtain redress.

And once valuable customer data are leaked, it becomes the customer's problem to try and contain the damage.

“There's a basic lack of security protections for your data when it's housed overseas,” said Shane Larson, CWA's legislative director. “I think that Americans would be outraged if every American knew that their data is that open to identity theft.” 

To read the full report, click here.