PFIR - People For Internet Responsibility
"Outsourced and Out of Control"

From "Inside Risks" -- "Communications of the ACM" (CACM)
February, 2004

PFIR Home Page

Inside Risks 164, CACM 47, 2, February 2004

Outsourced and Out of Control

Lauren Weinstein

Outsourcing (farming out production or other work) is not new. But when advanced technologies such as telecommunications and computing are applied to outsourcing, along with vast differences in pay around the world, the results can be unfair, unwise, alarming, and even dangerous. While frequently providing significant "productivity" enhancements, the associated negative risks include domestic unemployment and underemployment; privacy, security, and reliability concerns; and other serious problems.

In the past, the outsourcing of manufacturing jobs has been qualitatively different from the very broad and rapidly expanding sort of outsourcing we're seeing today. Most of the vast range of jobs now being exported to inexpensive foreign labor markets from "higher-wage" countries would be impractical to outsource in such a manner without today's inexpensively accessed communications and data infrastructures.

Improved corporate bottom lines are often cited to justify outsourcing. But the devastating impact of lost domestic employee positions cannot reasonably be ignored. Former employees are understandably bitter when their jobs are outsourced to foreign workers being paid only a small fraction of domestic wages. In at least one case, a company has used the threat of outsourcing to demand that their local employees accept basically the same low wages as foreign workers.

The ability to cheaply communicate across the globe via voice and data networks has permitted vast outsourcing of customer service, health-care transcription and medical information processing, financial and systems analysis, software development, and many other extremely technical and sophisticated tasks. Highly skilled domestic workers, including many who probably have read this column on a regular basis, have seen their livelihoods lost to technologically enabled outsourcing and are now competing with teenagers for low-pay, unskilled jobs.

As more customer-support call centers move to non-domestic locations, complaints from consumers about poor service rise. In many cases, language-related barriers cause communications difficulties. Computer manufacturer Dell, Inc. recently announced it would cease using its India-based call centers for corporate customers due to such complaints. However, ordinary non-corporate Dell consumers may still find themselves routed to offshore customer service representatives. (See callcenterinindia.blogspot.com for illuminating information about India-based call centers.)

Large-scale outsourcing is growing at a frenetic pace around the globe. Many outsourced jobs involve countries where significant privacy laws do not exist; even if those laws are improved under pressure of potential lost business, effective enforcement would still appear to be highly problematic. Customer service outsourcing can give risky access to data such as names, addresses, Social Security numbers, telephone call records, and medical information. Recently, a Pakistani subcontract worker threatened to post U.S. patients' medical data on the Web if claimed back pay was not forthcoming.

Software, sometimes of a critical nature, is now routinely subcontracted to foreign outsourced environments, bringing risks of development miscommunication or worse. The U.S. General Accounting Office noted the possibility of malicious changes to code since significant U.S. air traffic control system Y2K work had been subcontracted outside the U.S. without mandated background checks.

There are even moves to outsource computer system administration to foreign centers, often in countries with poor (if any) computer security laws, creating the possibility of massive abuse of domestic systems by distant persons who could be difficult or impossible to effectively prosecute. Thanks to subcontracting, you might not even know that the company managing your system is using such facilities and personnel.

There are many fine workers performing outsourced tasks around the world. Yet, it is more difficult to maintain control over customer information, security, development, and other critical issues, when work is performed distantly or under completely different laws. The opportunities for errors, mischief, and serious misdeeds are alarming, to say the least. Businesses and governments need to carefully consider the manners in which outsourcing can be reasonably exploited, and how it must be controlled.

--Lauren--
Lauren Weinstein
lauren@vortex.com or lauren@privacyforum.org
Tel: +1 (818) 225-2800
Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org
Co-Founder, URIICA - Union for Representative International Internet
     Cooperation and Analysis - www.uriica.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
http://www.pfir.org/lauren