I’m used to receiving changes to terms and conditions of my accounts with Citibank from time to time. The last one caught my eye:
The current terms and conditions already permit your data to be transferred to, stored and processed in other countries related to the operation of your account. [Damit, is that so?]
The effect of the new clause [from 7 September 2007] is to permit, once your data has been transferred to another country, the disclosure of your data to that country’s regulators, authorities or law enforcement agencies […]
Which makes me wonder, which countries have the data of thousands of European citizens at the moment? Or rather, is it really legal that civil servants from countries like Switzerland, Israel, India or US look into data protected by European legislation?
This happens at a time when India is still one year away from passing a law to protect business and individuals data. India’s outsourcing industry needs to comply with the EU Data Protection Directive if large companies like Citibank want to be allowed to keep their back-office processes cheap.
So Citibank advisers seem to have felt the need to change the terms and conditions ahead of this precise legal change in India.