Outsourcing arrangements often involve cross-border transfers of indeterminately large proportions of a client's proprietary and confidential information assets. An increasing number of companies from developing countries is contracting with financial institutions, hospitals, and insurance companies to do their back office jobs. In most cases these companies deal with sensitive information, such as financial data, medical data, payroll and benefits information, social security numbers and purchasing histories. Virtually any outsourced business process may involve privacy violations arising from mistakes or negligence. In light of these developments, this paper examines the "other side" of outsourcing and identifies its paradoxical and adverse effects. Further based on a thorough analysis of privacy law the paper also determine the risk to privacy and data security posed by the 'offshore outsourcing' and strategies employed by institutions and regulators to identify, measure, monitor, and control the risk to personal data.