Feeds

SWIFT to stop processing EU banking data in the US

But not until 2009

Choosing a cloud hosting partner with confidence

Payments processing body SWIFT will stop processing European banking transactions in the US in 2009. It is planning a restructuring of its network and the building of a new operations centre in Switzerland.

SWIFT has been heavily criticised for allowing US authorities access to records of banking transactions involving European citizens. It was revealed by The New York Times last year that US intelligence agencies were allowed to view Europeans' transactions.

SWIFT argued that it was obliged to comply with US orders because it carried out hosting and processing of information in the US. European data protection officials have condemned the release of the information. European, Swiss, and Belgian data protection authorities all ruled that SWIFT had broken data protection laws in supplying the information without informing bank customers of the US surveillance.

Europe's advisory committee of privacy watchdogs, the Article 29 Working Party, has revealed that SWIFT is being reorganised to lessen the risk of surveillance, but not until 2009.

"The Working Party has been informed of recent measures taken by SWIFT with regard to transparency, as well as its decision to restructure its network," said a statement from the Working Party recounting the business of its meeting last week.

"The new structure foresees by the end of 2009 the creation of a new operation centre in Switzerland. This means personal data in intra-European transactions will no longer be processed in the US operating centre," said the body.

Brussels-based SWIFT is still under investigation by the Belgian Data Protection Authority for potential breaches of data protection legislation.

The European Commission agreed a deal with the US earlier this year on how much SWIFT data US authorities could use.

"The EU will have now the necessary guarantees that US Treasury processes data it receives from Swift's mirror server in USA in a way which takes account of EU data protection principles," said EU Commissioner for justice, freedom and security Franco Frattini in June.

"I welcome the United States' Treasury Department's unilateral representations and the opportunity the Treasury has given the European Union to have its views and concerns duly reflected in the representations."

Even after the new operations centre is built, transactions with a US element will still be processed in the US, and there is uncertainty about the location of processing of other kinds of transaction, the Working Party said.

"EU-US transactions will continue to be processed in the US. With regard to other international transactions involving both EU and non-EU banks the location of their storage is still to be defined."

The group said it approved of the changes in SWIFT. "The Working Party welcomes the clear progress made by SWIFT, especially on technical aspects of compliance with data protection principles," it said.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.