Lloyds TSB customer brings complaint regarding handling of personal data

A challenge to Lloyds TSB over transferring customer information to its Indian processing centre could, if successful, threaten the future of offshoring.

The case involves a Lloyds TSB customer, who has challenged the company over the eighth principle of the Data Protection Act, which prohibits the transfer of personal information outside the European Union.

The customer, backed by the Lloyds TSB Group Union, has lodged the complaint with the Information Commissioner.

But Lloyds TSB has denied it has any case to answer. A Lloyds TSB spokeswoman said: "These concerns are completely unfounded and unnecessarily alarmist. We are one of many companies with operations offshore and any suggestion that customer data is at risk is irresponsible and untrue."

A statement from the Information Commissioner's Office (ICO) appears to support this position: "There are various bases in law which can be used to legitimise the transfer overseas of personal data, consent from the individual is just one of them.

"As far as the ICO is concerned the main issue is that the information that is transferred overseas continues to enjoy an adequate level of protection as if it stayed in the UK."

Tamsin Allen, partner at Bindmans, the law firm representing the customer, said: "Our reading of the Data Protection Act is that where sensitive personal information is concerned you need informed consent to move that information outside the EU. If a customer did not give that consent the organisation would have to take this into account or risk breaching the Act."

Allen added that if the customer's complaint was upheld, businesses would have to give customers the option of being serviced within the jurisdiction of the EU where customers refused use of their information offshore.

Lloyds TSB Insurance announced last year it was piloting a 150-seat centre in India. The roles include generic reports, branch helplines, property claims, sales and training roles.