Have you ever wondered who can see your confidential documents? I think this is a question that not many outsourcers of translations mull over on any kind of regular basis, but perhaps it’s time they start.
I was reminded of this once again today when I was involuntarily made part of a large-scale exposure, unsolicited, to a presumably confidential document by a translation agency I had never heard of or from before. This is not that rare of an occurrence in the translation business. We translators have grown accustomed to the growing trend whereby we receive emails from agencies unknown to us, companies often located in a country whose official language is neither the source nor the target language for a particular translation job. These emails often get sent straight to the cyber trash can without a second glance or thought. Some translators post them on forums, to share their outrage, make an appeal for solidarity, or not infrequently, to mock the agency crazy enough to think any of us professionals will accept such an offer. This particular agency was based in Southern Europe, yet was looking for a Dutch to English translation of a semi-legal text. Cue the alarm bells.
In sending out a mass-mailing to anonymous translators, this agency did what many before it have done (and surely what many more will continue to do, long afterwards) in its search for a low-cost translation, pitting translators against one another, asking them essentially to outbid each other for the job.
However, this time, the agency did something not many do; it included a link to a cloud-based storage platform where the recipients could download the text to be translated (source text), presumably to see if it was something they could or would want to translate. Normally, even these bargain-basement agencies will wait until they have found someone willing to do the translation for a rock-bottom price before sending the text, or include only an excerpt of the text in the offer, with the names and other crucial info blocked out or anonymised. Not this time – this agency gave us the Full Monty; all the names, dates, places, sizes, dimensions, monetary amounts and so forth were there for the recipients to feast their eyes on.
I can only assume (and hope) that the author or owner (or ‘originator’ if you will) of this document was unaware it would be sent via a link on the Internet (a no-no in and of itself – after all, how sure are we that the cloud is 100% secure?) in a mass mailshot sent to translators who made the list by sole virtue of the fact that their details are listed on a translator platform they have registered with, indicating that they work from and into the relevant languages.
This begs the question, who WAS the original outsourcer? Was it the agency that contacted me? Or was this company yet another intermediary in the (these days, often unnecessarily long) chain leading from the author/owner of the text to the ultimate freelancer who would be translating it?
Though I may never find out, I hope this serves as a lesson to anyone outsourcing translations to a company they may or may not completely trust. Translators are accustomed to signing non-disclosure agreements (NDAs) regarding the content of texts they see in the course of their translation work for a particular customer. They sign them for the translation agencies (or LSPs – Language Service Providers) that send them work, and sometimes, with direct clients savvy enough to ask for one, and almost always, with any law firms they work for. And if they don’t, they should. Or at least, the companies contracting them should require them to as a prerequisite for working for them, leaving them to hope the translators honor the agreements they sign. This will give the outsourcing company some kind of legal leg to stand on in the event the agreement is violated, or at the very least, a basis to make threats in the event of a breach, and most definitely a reason to never send them work again.
Think about it. Let’s say you own or run a company that is about to launch a very innovative, proprietary product on the market. This is something you clearly do not want shouted from the rooftops if you are worried about the competition counterfeiting or pirating your idea (an idea you haven’t patented or copyrighted yet), or are about to launch it for the first time at a trade show or other event, and do not want the news getting out prematurely (from a marketing/PR standpoint), and various other reasons you would want your information to be kept confidential. Suppose you need this document translated into several languages, and you find a translation agency offering you what you think is a good price for a professional, high-quality translation. ‘Great’ you think, ‘that’s sorted’.
You might want to ask yourself who is actually doing the translation, and does this translator even work for the agency or LSP you contracted to do the translation. Can you be sure they are not (oh horror of horrors!) just running it through a translation machine and having someone cast a glance at the final product (known as ‘post-editing’) to make sure it’s ‘okay’? (In a previous post, I briefly touched on the hazards of machine translation or MT in terms of the risks this can pose to confidentiality [http://abktranslations.com/an-open-letter-to-translation-buyers-can-you-really-afford-cheap-translations/]). When a translator uses machine translation to translate a text, he or she is feeding this content into The Machine, an enormous database, essentially making it available for future texts, and technically making it visible to anyone looking in the right place. By the same token, can you say with absolute certainty that it hasn’t been sent on by your vendor to Subcontractor A in Country X, who then, and possibly unbeknownst even to the original translation industry outsourcer, sends the text on to Subcontractor B in Country Y to make a quick profit? I think you can see where I’m going with this. Who is actually doing the translation and are they professional, reliable, trustworthy and, let’s be honest, good at what they do?
The repercussions at the end of the chain aside, let’s back up to somewhere in the middle of the chain. Who can see your documents? The person who is outsourcing the translation and the ultimate translator and possibly (hopefully, for your sake) a proofreader/revisor who either works for the agency or someone the translator has ‘on retainer’, their regular proofreader as it were, and who can also be trusted? This is the best-case scenario and one that often (or at least , should) applies. Or is it every Tom, Dick and Harry on a mass mailing list who never even asked to see the document in the first place, yet found it in their inbox one day? What if there are a couple of bad apples on that list, people perhaps with a mean streak, who, ‘just because they felt like it’, publish your document on the Internet? What then?
The possibilities and ramifications are mind-boggling.
Just saying to the company you are entrusting with your text, ‘Oh, and keep this under your hat, it’s confidential’ is far from sufficient. Have them sign an NDA or other legal document with a confidentiality clause that lays down your requirements for how documents should be handled, and what will happen if they fail to comply. If anything, it might make them think twice before sending it 1) to just any translator (or middleman agency) in Anywhereville, The Great Wide World, which happens to give them the best price and 2) to an entire list of translators, the majority of whom (if not all) it has never worked with before and has no assurance it can trust.
There are no guarantees, to be sure, but being vigilant and taking precautions certainly can’t hurt. Wise are those who consult legal experts about their rights and duties before contracting any party to provide them with translations, particularly if their documents for translation are of a sensitive nature. The message here is be careful what you send to whom, because you never know where it could end up, and who will actually see it.