An undercover investigation by The Sunday Times recently
reported data is being sold by "corrupt Indian call centre
workers" to cyber criminals and marketing firms. The report
said that two Indians, claiming to be information technology
workers at call centres, met undercover reporters and boasted of
having 45 different sets of personal information. The data included
names, addresses and telephone numbers of credit-card holders, as
well as the cards' start and expiry dates and three-digit
security verification codes. Other information being offered
related to mortgages, loans, insurance, mobile phone contracts and
Satellite Television subscriptions.
The most alarming aspect of this case is the ease with which it
would appear call centre staff were able to misuse confidential
information. While no organisation can completely safeguard against
insider threats, measures can be taken to reduce the possibility of
data misuse by insiders and mitigate access risk.
In this instance the selling of personal data could have been
prevented or detected at an early stage had the call centres'
IT staff had effective systems in place to control and monitor user
access to confidential information. Such access risk management
systems should be capable of controlling who is accessing customer
data, how it is being used, where and when. Specific restrictions
for copying confidential data onto memory sticks or other external
devices or disabling access to such information from specific
locations or at certain times could have been implemented.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
A US district court in New York has recently ruled that ReDigi, the operator of an online marketplace for pre-owned music downloads, is liable for copyright infringement.
In a decision earlier this month, a US district court in New York has ruled that ReDigi, the operator of an online marketplace for pre-owned music downloads, is liable for copyright infringement.
A number of publications including the Financial Times, have described how US lobbyists, many working for large technology companies such as Facebook and Google, have been seeking to curb the territorial extent of the proposed EU data protection reforms.
The English Court of Appeal has recently confirmed the commercial and legal importance of database rights and, in particular, their relevance to the sports industry.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”