[PeterisP]

Retailer customer service people generally do not need compliant desktops, because the systems they can access should not be storing protected data - maybe it would contain masked PAN i.e. the last four digits, but definitely nothing more.

For phone authorizations (if they are used - it may be a regional thing as most smaller online retailers here won't do it at all, banks really frown on merchants who do so because of risks and make it really expensive), generally the agent would use a similar interface as an online customer (encrypted channel, yadda yadda), and the card information would not be stored anywhere on that machine. Whether all kinds of PCI DSS security requirements would apply to these workstations is debatable, your mileage may vary, I've seen them considered out of scope - but in that case it wasn't really a call center for taking transactions but a support call center that might also handle a phone authorization in rare cases.

In any case, for a call center the biggest PCI compliance problem IMHO is handling the sensitive data in call recordings.