Citibank – data protection and outsourcing to India


I’m used to receiving changes to terms and conditions of my accounts with Citibank from time to time. The last one caught my eye:

The current terms and conditions already permit your data to be transferred to, stored and processed in other countries related to the operation of your account. [Damit, is that so?]

The effect of the new clause [from 7 September 2007] is to permit, once your data has been transferred to another country, the disclosure of your data to that country’s regulators, authorities or law enforcement agencies […]

Which makes me wonder, which countries have the data of thousands of European citizens at the moment? Or rather, is it really legal that civil servants from countries like Switzerland, Israel, India or US look into data protected by European legislation?

This happens at a time when India is still one year away from passing a law to protect business and individuals data. India’s outsourcing industry needs to comply with the EU Data Protection Directive if large companies like Citibank want to be allowed to keep their back-office processes cheap.

So Citibank advisers seem to have felt the need to change the terms and conditions ahead of this precise legal change in India.

2 thoughts on “Citibank – data protection and outsourcing to India

  1. For the curious, my logs show that this post was duly visited by Citicorp Global Information Network ( from New York, United States on 26th October 2007 at 05:20:00, the same day it was published.

  2. Pingback: The Childrens Mutual, Capital One and other Junk Mail — Acute accent

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.