Feeds

US authorities had free rein over world's bank data

Article 29 working party tackle SWIFT

Choosing a cloud hosting partner with confidence

The US Treasury programme of snooping on international banking transactions to track terrorist funding had unfettered access to the world's private financial details for anything upto five years.

A spokesman for Society for Worldwide Interbank Financial Telecommunication (Swift) said it had won restrictions on the Treasury's power to see its data, which consists of records of financial transactions between 7,800 of the world's financial institutions, going back 120 days.

But the Treasury's snooping on international financial records, begun by subpoena in the wake of the September 11 terrorist attacks, was being done without oversight while Swift negotiated to protect the privacy of the international data it held.

"Over time we've narrowed down the scope of those subpoenas...the whole process has been refined," said the spokesman.

But he could not say how long it had taken to put the checks in place, nor how many records the Treasury had seen before its dogs were put back on the leash.

Swift was keen to keep the Treasury's nose out of its records because its clients would not take kindly to having their transactions scrutinised by a foreign government.

It managed to persuade the US authorities to have their investigators restrained. They agreed they could only take limited batches of data, rather than scan the whole lot freely. These batches could then be searched only for specific transactions that could be demonstrated to have links to terrorism. These searches were to be audited by both Swift and an external auditor, Booz Allen.

However, campaign group Privacy International said these were not enough. It had filed a complaint to the British data protection body, the Information Commissioner. It is worried that the Treasury was fishing through international financial records in the hope of turning up terrorist finance records. It also feared the data could be used for other purposes, including espionage.

Swift's CEO, Leonard Schrank, flew to London to meet Privacy International on Friday. Simon Davies, a PI director, said he had told Schrank he wanted to see proof that the Treasury was only able to see records that it knew contained details of terrorist financial transactions.

"When was the last time you were satisfied with something that was claimed without seeing proof?" said Davies.

"We are not prepared to accept anybody's face value assertions that protections have been put in place," he said.

He is meeting with Swift in Brussels again on Wednesday, just before the Article 29 Working Party of EU data protection commissioners meets to discuss what to do about the situation. They want to co-ordinate their separate investigations of the Treasury subpoenas through the Belgian privacy commissioner.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.