PL&B International E-news, Issue 30
- Indian outsourcing firms to undergo security checks
- California legislature approves outsourcing bill
- More US consumers asserting privacy rights
- Australian Privacy Commissioner investigates inaccurate credit records
1. Indian outsourcing firms to undergo security checks
India’s IT trade association Nasscom (National Association of Software and Services Companies) is to carry out security audits on its 860 members in an bid to allay privacy concerns over outsourcing to Indian service providers. Over the last year, there has been increasing pressure on European and US companies that outsource operations to foreign service providers. Last month, a workers’ union issued a complaint against UK bank Lloyds TSB, questioning whether its outsourcing practices breach EU restrictions on the export of customer data. Legal experts have predicted that the union’s complaint is likely to fail, but nonetheless negative publicity on outsourcing and privacy is threatening India’s lucrative $12.5 billion (€10.3 billion) outsourcing economy.
India does not currently have a data protection law in place, although the government may address the problem through amendments to existing legislation. Instead, most of the current safeguards are industry led. Some of the top Indian service providers already conform to BS 7799 infosecurity standards, and now the Nasscom project aims to increase the number of service providers being audited for security. The audits will be carried out this year by consultancy and audit firms PricewaterhouseCoopers, Ernst & Young, and Deloitte & Touche and forms part of Nasscom’s ‘4e’ security framework. The framework is based around four key principles:
- Engaging security experts, think tanks and academia.
- Educating industry professionals on best practice, service level agreements and model contracts.
- Enacting regulatory controls through amendments to India’s 2000 IT Act, establish background checks for staff, and conducting security audits.
- Establishing more effective enforcement through cooperation with Indian police.
2. California legislature approves outsourcing bill
US Democrat senator Liz Figueroa has received backing from the California legislature for a new state outsourcing privacy bill. The bill (SB 1451) will extend state privacy protection worldwide and allow consumers to enforce their rights in Californian courts.
Commenting on the bill, Figueroa said: “No one should be able to avoid responsibility for violating California law just because they’re in another country. If they violate our privacy, it will be our courts that make sure they are brought to justice.” The bill has now been handed over to California’s governor for final approval.
Click here for a copy of the Senate Bill 1451
3. More US consumers asserting privacy rights
A new survey published by Privacy & American Business claims US consumers are increasingly likely to actively protect their privacy. The survey found that 87 per cent of respondents had asked companies to remove their details from their marketing databases, a 29 per cent rise from 1999. 81 per cent said
they had requested companies not to disclose their details to other companies, compared to 53 per cent in 1999.
The survey also noted that most consumers are reluctant to register their details with companies unless they were confident their privacy would be protected. 65 per cent of respondents - representing 94 million consumers, according to (P&AB) – said they would not register with companies that had unclear or complicated privacy policies.
Click here for Privacy & American Business website
4. Australian Privacy Commissioner investigates inaccurate credit records
Credit reference bureau, Baycorp Advantage, has agreed to remove from its records, the details of 65,000 payment defaults supplied by failed telecoms operator One.Tel.
An investigation carried out by the Federal Privacy Commissioner’s office found that although One.Tel was passing bad debt information to credit reference agencies, it did not have systems in place to notify changes once the debts had been repaid. Commenting on the case, Privacy Commissioner Karen Curtis said, “I commend Baycorp Advantage for taking positive steps to comply with its obligations under the Privacy Act to maintain the accuracy of its credit records by removing the questionable defaults listed by One.Tel.”
For further details on the Privacy Laws & Business International Newsletter, please click here.