Feeds

US violated world's privacy with secret SWIFT checks

SWIFT breaks EU law to comply with US law

The Essential Guide to IT Transformation

The US Treasury's Terrorist Finance Tracking programme had violated the privacy of up to 7,800 international financial institutions in its secret trawl through financial records held by the Belgian firm SWIFT.

The Belgian data protection registrar declared today that the Society for Worldwide Interbank Financial Telecommunication (SWIFT), which handles financial transactions on behalf of banks and other financial institutions in G10 countries, had violated Belgian data protection law by complying with the US Treasury's secret investigation.

"SWIFT should have complied with its obligations under Belgian data protection law," said the opinion of the Belgian Commission de la Protection de la Vie Privee today.

The firm should have informed the Belgian authorities that it was handing its clients records over the the US, and it should have complied with rules regarding the transfer of its data to a foreign country, said the opinion.

It recognised the efforts SWIFT took to comply with the US subpoenas on its data. Pressured by the US to keep the violation secret, SWIFT took its own steps to protect the privacy of its clients' data as much as it could.

But this was not enough: "SWIFT made some substantial errors of judgement in complying with the American subpoenas," said the opinion.

"From the beginning, SWIFT should have been aware that the fundamental principles of European law were to be observed, apart from the enforcement of American law," it continued.

The US Treasury had demanded to examine SWIFT's records in a hunt for terrorist financiers after 9/11.

It had unlimited access to this data for an unspecified time. The opinion said that in order to protect the privacy of its client's data, SWIFT should have ensured that the US snooping of its records was proportionate, that they were only retained for a limited examination, that the investigation was transparent to the European authorities and so on.

Yet a spokeswoman for the Belgian data protection registrar said the office would not prosecute SWIFT. She could not say why, but the opinion gave a clue.

"SWIFT finds itself in a conflict situation between American and European law," it said.

SWIFT jumped on this concession. A statement attributed to the firm's CEO, Leonard Schrank, said: "The review has raised important issues about the balance between data privacy for consumer protection purposes and use of financial data for security and counter-terrorism purposes."

He called for the US and EU authorities to formulate an agreement that "reconciled data privacy protections with today's pressing security concerns."

The Belgian opinion was going to be adopted by the European Commission's Data Protection Supervisor and form the basis of opinions formed by the registrars of all 33 countries where campaigners Privacy International filed complaints about SWIFT's co-operation with the US programme.

The Belgian registrar said it was not in the remit of today's opinion to consider whether Belgium's financial institutions had also offended its data privacy laws. Some of them at least would have been aware of the US snooping through their membership of SWIFT's co-operative board. Central banks in all G10 countries were also privy to the investigation without telling the authorities. The European Parliament is considering on Wednesday whether the ECB should be implicated. The Register found this week that it was.®

Build a business case: developing custom apps

More from The Register

next story
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Amazon says Hachette should lower ebook prices, pay authors more
Oh yeah ... and a 30% cut for Amazon to seal the deal
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
Feel free to BONK on the TUBE, says Transport for London
Plus: Almost NOBODY uses pay-by-bonk on buses - Visa
Nintend-OH NO! Sorry, Mario – your profits are in another castle
Red-hatted mascot, red-colored logo, red-stained finance books
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.