Quick Navigation Links About UJ - FAQ - Case Studies - Key Services - Additional Services - Specifikt Svenskt - News - Links

Archived News

EU panel says SWIFT broke European data privacy laws

The European Union's Data Protection working party ruled, on 22 November 2006, that the Brussels-based international banking network SWIFT had broken EU and Belgian law in secretly allowing the US Treasury Department to tap into its records after the 11 September terrorist attacks.

The EU Working Party immediately called for talks with SWIFT and other financial bodies on data transfers to the US, but uncertainty surrounds the next step.

"SWIFT has to change their system," said Peter Schaar, head of the EU's Article 29 Data Protection Working Party. "We hope we find ways to find a situation of compliance with EU law.” He said the panel would also contact financial institutions to look for "alternative ways to communicate data" either within or outside of SWIFT's system.

SWIFT, which handles global financial transfers, is a cooperative owned by roughly 7,800 financial institutions in more than 200 countries that use it. Under European law, companies are forbidden from transferring confidential personal data to another country unless that country offers sufficient protections. The EU does not consider the US to be a country that offers adequate legal protection of individual data.

Belgium's own data watchdog concluded in September that SWIFT had flouted European privacy rules, calling the disclosure of secret financial transfers "a gross miscalculation.

The Belgian federal prosecutor's office has launched a preliminary investigation into SWIFT to ascertain whether there are grounds for prosecution. But Belgian Prime Minister Guy Verhofstadt said he would seek no action against SWIFT but would push for EU-US negotiations to create common privacy rules.

In a recent European Parliament hearing, members criticised SWIFT and the organisations that oversaw it, saying they had ignored privacy rules by failing to inform European institutions or citizens about the information transfers. Several called on SWIFT to move its operations in the US to Canada to prevent the US government from breaching European civil liberties.

Others demanded to know why they had learned of the transfers from newspaper reports rather than from the European Central Bank, which knew of the transfers as early as June 2002

SWIFT has argued that cooperation with the US Treasury Department in counterterrorism investigations had been "absolutely legal" and had been essential in helping authorities prevent terrorist attacks. SWIFT's chief executive Leonard Schrank said: ""This is about providing financial data for counterterrorism and data protection. Just to talk about data protection and privacy, which is what the European data privacy authorities are focusing on, is a small part of the total."

The EU and US started talks in November to establish common guidelines over data privacy rules. Divergent transatlantic views over data privacy rules in the fight against terrorism were highlighted in the SWIFT case but also in talks over air passenger data sharing, on which the EU and the US clinched a deal last month.

Back to Top

Compliant XHTML | CSS | 508 | AAA

© Copyright 2005 Utlandsjuristen. Art Direction & Photography by Kamilian. Designed & Developed by iWeb