SEARCH 
Global Services » Strategy » Detailed Story
Monday, December 20, 2004
The Case For Transparent Offshoring
RELATED CONTENT
ARTICLES
Before Disaster Strikes
The U.S. Presidential Race: Impact on Global Services-II
U.S. Legislative Developments Affecting Global Services
Call Center Hang-ups
Long Distance Call
BLOGS
Hide & Source
Bring back call centers, send IT jobs offshore
Will the Innovative HR Practices Bring the End of Small IT Co.s?
Are call centers not cut out for India?
Data Theft At a Contact Center: This Time in Pakistan


Role Models

Though blue-chip firms in the manufacturing and financial-services sectors were among the first in America to source products and services globally, two firms we noted that had the most transparent online privacy policies were established in the not-so-distant dot-com era.

In a survey of 6,300 consumers released in June by TRUSTe and the Ponemon Institute, eBay was named the most trusted company for privacy. We found that eBay’s candid online privacy policy (See our sidebar, this issue, Shining Light On Privacy Policies) excels at educating its community about privacy protections. The company even uses the word “outsourcing” at least once in its voluminous privacy pages. “The most telling thing about our privacy policy is the fact that eBay is built on the opposite of privacy--which is transparency,” says Hani Durzy, an eBay spokesperson. “The bottom line is that U.S. consumers trust us. We are the most trusted company for privacy according to that one survey.” Yet, even eBay does not disclose that customer data is handled by a combination of U.S.-based workers, in conjunction with captive and outsourced customer-service-center workers in Dublin, Ireland, and Vancouver, British Columbia.

If we were handing out an award to the company with the most transparent offshoring privacy policy and practices, the winner would be E-Loan. The corporate privacy statement features a section called: Does E-Loan Use An Overseas Service Provider? The disclosure states that “E-Loan may use trusted third-party service providers located overseas for processing of your loan. ... You may opt out of overseas third-party processing.” With that simple statement, E-Loan vaults itself into the avant-garde of “transparent” corporations. “I love the idea of the consumer having the choice or consumers agonizing over the decision,” E-Loan CEO Chris Larsen told us earlier this summer. The consumer is getting “more power and more responsibility.” Despite some positive press in the Wall Street Journal, InformationWeek, and elsewhere, no copy cats have emerged yet.
 
Sourcing
In preparing this report on corporate transparency with regard to globally delivered services, we studied more than three dozen corporate-privacy policies, mostly from blue-chip companies in the retail, financial services, IT, and manufacturing sectors. We utilized data from our recent Call Center Study (see September 2004, Managing Offshore in conjunction with Call Center Magazine), which measured business and consumer customer concerns about the location of customer-service centers. We interviewed more than one dozen executives, legal experts, outsourcing advisers, outsourcing providers (both onshore and offshore), and privacy leaders for this report. Perhaps the most pivotal interview was with Hewlett-Packard chief privacy officer Barbara Lawler. Lawler faces the daunting challenge of trying to balance and satisfy the competing forces of customer transparency and corporate independence.

If the issue were left up to outsourcing vendors to decide, disclosure of the service-delivery location would be nearly automatic. As a call-center provider, Amit Maheshwari, CEO of i-Vantage, has a vested interest in Americans accepting offshore customer service. He believes that transparency is a necessary step to acceptance. “This kind of divulging will become more popular and the de facto standard in the next two years,” asserts Maheshwari. “I’m predicting that as the EU’s Safe Harbor becomes prevalent in the U.S., companies might be required to proactively tell customers that a service will be processed in any of our global centers.

EDS executive Stephen Heidt, VP of portfolio management strategy, also recommends that clients disclose the service-delivery location whenever possible. EDS abides by the policy of its corporate customers, but, adds Heidt, “My view is if there isn’t the presence of some security reason, or there isn’t the presence of a legislated or prescribed reason, then why wouldn’t you [disclose it]? Because it’s just frustrating to clients if you don’t.” Interestingly, Heidt says EDS teaches its call-center operators not to respond to questions about where they are located “until they know who you are.”

Yet, possibly the point is moot. One of the most persuasive arguments put forward by opponents of offshore disclosure is that simply revealing the location of the service won’t appease American customers. “Generally, when people phone call centers, they’re going to be unhappy anyway,” contends Bryan Mekechuk, partner, Pacific Crest Consulting Group. “It doesn’t matter where the call center is located.”

Although Hewlett-Packard doesn’t specifically disclose how it routes customer data among its global centers, it is known to take a thoughtful and innovative approach to privacy matters. Where’s the payoff for HP itself? “It is a part of our risk-management strategy,” explains Barbara Lawler, HP’s Chief Privacy Officer. “We look at the value of the HP brand and what that means in the marketplace with regard to the relationship not with only our customers but potential customers and shareholders, and that’s something we want to protect vigilantly. Strong privacy protections for us reinforce that and protect that. We’re not willing to risk the damage [that] minimum -privacy practices could possibly have on HP and our brand.”

HP customer calls are handled on an economically expedient “follow the sun” model. “Today, what we would tell the customer is that, depending on when they’ve called and what the call load balancing is, or the type of question or concern they have, their call may be routed to, say, our support center in Barcelona, or Dublin, or Grenoble, or Bangalore, or potentially to a location in the U.S ,” Lawler says. Lawler readily concedes the company lacks the technology to automate this service-delivery location disclosure and does not have a policy in place that requires notifying callers about it if asked.

Lawler looks to the EU for guidance about privacy best practices. “We use Safe Harbor really as our leading edge, if you will, for privacy management,” she says. Lawler insists that HP make the same level of privacy commitment to customers, no matter where they are located in the world.

Screeners

One of the most difficult issues that privacy experts must grapple with is whether to seek a customer’s permission to move his or her data offshore. Yet, the consensus in America is that such permission is unnecessary on the technical grounds that the data hasn’t physically gone offshore. How is this accomplished? Thanks to software such as Citrix MetaFrame Presentation Server, customer data may be viewable by offshore workers though it remains housed on American servers. The catch is that although the offshore workers can view the data and occasionally even update a record, they cannot download data, print it, or forward it to anyone.

Pacific Crest’s Mekechuk believes that the practice has become widespread because it is inherently secure. “All people are doing offshore is seeing images through a screen,” he says. “And keystrokes and mouse clicks are going across encrypted networks.”

It sounds safe, but it’s not without controversy. “If there’s a mechanism to allow data to be viewed outside the country and then [corporations] say the data is never offshored, it’s misleading and deceptive,” charges Aftab.

IT Law Group’s Gilbert is also skeptical about this approach to protecting customer data. “The problem is that you are giving access” to offshore workers, she says. “If someone wants to take information and use it for improper purposes, the fact that they can’t download it is not a sufficient barrier for them to do whatever they want to do. You can be creative and take a camera and take a picture of a screen.”

But Lawler disagrees with both Aftab and Gilbert, noting that HP uses this approach (though not with Citrix software), apparently without problems. “I could ask an HP agent based in Bangalore or Grenoble to update certain elements of information,” she says. “We hold them to certain standards, and that’s true whether they’re based in Palo Alto, Calif., or France, or Mexico, or Singapore.”

Three other offshore vendors we interviewed vouch for Citrix. Yet, it’s not safety but economics that dictates companies try this thin-offshore-client approach, contends Traver Gruen-Kennedy, VP and Chief Evangelist at Citrix. “If you call your credit-card company and you want some information, you expect to talk to a person,” he says. “The moment you have [our] infrastructure in place, it’s only natural to follow the sun and have [customer service] workers in daylight hours.” Gruen-Kennedy is bullish about the way outsourcers and global companies have embraced his firm’s products, yet he also concedes that this thin-client approach has not been tested in the courts.

Ultimately, Lawler would like to deploy technology that enables the real-time disclosure of call-routing or customer-service handling decisions. “We would take that transparency concept and ... [disclose that] your call may be routed to any one of these locations, and this is where the service is provided based on expertise and workload.” Lawler sums up the advantages this way: “The value that we see is the transparency.”

Next Steps

  • Disclose now? I-Vantage’s Maheshwari says he would wait 18 months until the outsourcing backlash dies down before disclosing the offshoring on the Web. But, on the other hand, he adds that “a business should not lie.” Perhaps the larger guiding question is whether the location where customer data is handled is relevant to the customer.
     
  • Build a data privacy map, urges Aftab, a privacy attorney. Chart how and where your corporate data flows between shores and service providers. “Figure out what information is being collected and how it is being collected and stored,” she adds.
     
  • Ask the tough questions. Hand the data privacy map to your company’s chief privacy officer (assuming it has one), your corporate legal team (often the same person), your CFO, and CIO, too. Here are some questions to get things started: 1) Would disclosing the offshoring of customer data increase or decrease our exposure to potential privacy litigation? 2) How can we demonstrate the cost-saving advantages or quality improvements of globally-delivered services to our customers?
     
  • What to say. Try this disclosure, says Aftab. “You should know that in order to save money or in order to facilitate the management of our business, we often use offshore locations to process and store data that may include your personally identifiable information. We endeavor to secure your data and your privacy, no matter where it’s located. We have high standards, which we impose everywhere unless local laws require additional measures.”
    • Ultimately, failing to disclose the strategic role of globally delivered services is not a winning strategy for corporate America. Outsourcing opponents dominate the public discourse about America’s role in the global economy. If American corporations must offshore data (as well as some jobs) to compete effectively in the global economy, then making an affirmative case to consumers is a painful but essential step to acceptance. Otherwise, opponents will succeed in winning support for laws and regulations that undermine its competitive advantages.

    Lawler sees the long-term advantages of customer disclosure. “I think if there was consistent disclosure about where things were developed and delivered,” she says, “there would be a much broader, common understanding that it really is global, and so the perceived issues about where something’s developed or delivered are diminished.”

    Although studies show that consumers and business customers lack knowledge of offshore data-handling procedures--and fear the worst--corporate America has not proactively disclosed its offshoring practices using “touch points” such as Web sites, printed brochures including privacy statements, or during call-center transactions. Should offshore data-handling problems erupt, a proactive disclosure by corporations may help stave off serious class-action lawsuits or prevent mandates such as sweeping service-disclosure laws. Ironically, a law that makes “Serviced in India” disclosures nearly as commonplace as “Made in China” product labels may be a necessary step for Americans to grow immune to it as an issue.
    Digg Del.icio.us E-mail 
       1 [2] 
    TALK BACK
         Name:  *  Email:  *
      Subject:   
    Comment:  *
      
    PRINT EDITION
    View Digital Magazine
    Back Issues
    Subscribe

    About Global Services  |  Contact Us  |  Advertise with Us  |  Privacy Policy  |  RSS  |  Write for Global Services
    PCQuest | Dataquest | Voice&Data | Living Digital | DQ Channels | DQ Week | CIOL | CyberMedia Events
    Cyber Astro | CyberMedia Digital | CyberMedia Dice | CyberMedia | BioSpectrum | BioSpectrum Asia
    Copyright © 2008 GLOBAL SERVICES all rights reserved