Tags:
Journalism of Courage
The recent case involving an employee of a Gurgaon-based marketing agency, who allegedly sold privacy data pertaining to 2 lakh British citizens to an undercover operation of the British tabloid Sun has occasioned a great deal of discussion in the media on Indian BPOs. The anti-India outsourcing campaign is also trying to extract the most out of the incident.
We need to get some perspective on this. This, after all, is an industry that employs some 400,000 employees and it is at present growing at the rate of 30 per cent. Given this, some stray incidents of this kind are bound to occur. The point is that they are very rare. As recently as April this year, a report of the UK-based Financial Service Authority had concluded that security in Indian finance BPOs was sound and, in some cases, even better than that in the UK.
This is not to underestimate the danger such exposes pose to the credibility of India’s software industry. After all, many Fortune 500 companies have chosen India as the best destination for BPO operations and to keep it that way, we would need to be alert and responsive to the bad apples in the basket.
But we also need to respond to some of the baseless arguments that are currently doing the rounds. For instance, arguments have been made that since Indian BPO workers are paid less, they are more susceptible to crime. This fails the test of logic. Recruitment procedures in the industry are known to be stringent. A few months ago, NASSCOM had highlighted the need for a data pool of BPO resources so that reference checks could be better executed in an environment where the attrition rate is very high in a growth-oriented industry.
Even on best practices as far as security is concerned, Indian companies do not lag behind. Most of them follow EU data protection provisions in their agreements. Again security issues are covered under the Indian Information Technology Act 2000 (IT Act) and violations can easily be addressed. In fact, the recent expert group’s job on the revamp of the IT Act is focussing on data protection provisions more closely. The performance of law enforcement authorities in India in handling such crimes has also been exemplary and efforts are on to broad-base such preparedness.
All these steps have helped India’s BPO industry to grow robustly in the last few years and today there are 410 players employing some 3.5 lakh employees in the arena, as of March 2005, compared to 285 a year ago. India’s export in this segment in 2004-05 has touched US$ 5.2 billion and the projection for this year is US$ 7.3 billion. What is more, industry has matured and more high-end businesses are being outsourced to the country, compared to low-end call centre operations that had dominated the scene some time ago.
All this business did not come on a platter. The fact that most MNCs today repose a great deal of trust in the Indian business environment is a result of the professionalism and confidence that mark the BPO sector. The processes employed in these centres, the adherence to best practices, and the quality of services offered — not just their cost advantages — are what makes these concerns attractive. Today most Indian BPOs have stringent HR policies. Employees are not allowed to enter or come out with any documents or electronic gadgets, including mobile phones and pens. Even their computer terminals are devoid of storage and replicating devices, including floppy drives and printers.
It is impossible to find a fool-proof solution to addressing cyber-crime. Neither laws nor technological solutions could have prevented the Gurgaon-marketing executive from getting lured by the Sun reporter. But it can be said with a measure of confidence that incidents of this kind are unusual.
Incidentally, the man who committed the crime has disputed in his letter to the management the Sun reporter’s claims that he had the data of some 2 lakh customers through a network of agents. Also, while a few banks were named in the incident whose customers’ details were said to have been leaked, the Royal Bank of Scotland — one of the banks so named — has clearly denied having any customer data in India. Only investigations will reveal how much data, and what kind of data, had actually been leaked in the Gurgaon case.
