Citing the manipulation of passports by the 9/11 hijackers, as reported by the National Commission on Terrorist Attacks Upon the United States, Rep. Edward Markey (D-Mass.) this week pressed the U.S. Department of Homeland Security on data privacy as companies move business processes offshore. "As personally identifiable information belonging to American citizens is increasingly sent abroad, the risk increases that terrorists could access, manipulate and misuse this information to infiltrate the United States," Markey wrote. "Information such as names, addresses and Social Security numbers are precious assets for foreign intelligence services and terrorists who seek to fraudulently obtain travel documents needed for entry into the United States."
Dozens of travel companies have given their employees and their partners' employees access in offshore locations to records containing traveler data, and some corporations are exploring the internal handling of travel management services from abroad. Siemens Shared Services provides Munich-based conglomerate Siemens AG with various services from India, including travel expense processing and a customer service component of the North American travel management program that garners traveler feedback by e-mail. "A lot of what we do is educate the travelers on how to have a better travel experience, and it's all around data and how to collect that data in the most cost-effective fashion and being able to action it," said Siemens Shared Services president and CEO Denice Kronau, speaking last week at The Masters Program in Washington, D.C. "So, to that end, the customer service tool is executed by our team in Bangalore."
A travel manager with a defense contractor last year told
Business Travel News her company was alarmed to find out that some of its traveler profiles were being viewed in India by agents working for American Express. According to the buyer, Amex attempted to calm the client by noting that the agents were not equipped to print out the profiles, but that did not ease concern about travel and personal information on the firm's senior executives being visible not far from the purported hideout of Al Qaeda's leadership.
Rep. Markey wants to know what steps DHS is taking "to prevent foreign intelligence services or terrorist elements from deriving information about U.S. military or intelligence personnel, U.S. government officials, U.S. law enforcement personnel or other persons in sensitive positions in the U.S., based on information transferred to offshore entities for analysis or processing."
Meanwhile, the private sector is stepping forward on the issue. According to a Feb. 4 statement, the National Association of Software and Service Companies of India later this year will join DHS and India's Ministry of Information Technology, among others, in a summit "to share best practices on cyber security" and establish international legal and business standards "to deal with data protection and intellectual property rights issues." According to NASSCOM vice chairman Jerry Rao, "Security concerns must be addressed at the CEO and boardroom level of every company and by political leadership at all levels. Though India compares well with competing destinations on the security matrix, awareness about security issues is still low."
NASSCOM has called travel the biggest emerging contributor to India's domestic call center industry, after telecom and banking
(BTN, Oct. 27).