SWIFT to stop processing EU banking data in the US
But not until 2009
Payments processing body SWIFT will stop processing European banking transactions in the US in 2009. It is planning a restructuring of its network and the building of a new operations centre in Switzerland.
SWIFT has been heavily criticised for allowing US authorities access to records of banking transactions involving European citizens. It was revealed by The New York Times last year that US intelligence agencies were allowed to view Europeans' transactions.
SWIFT argued that it was obliged to comply with US orders because it carried out hosting and processing of information in the US. European data protection officials have condemned the release of the information. European, Swiss, and Belgian data protection authorities all ruled that SWIFT had broken data protection laws in supplying the information without informing bank customers of the US surveillance.
Europe's advisory committee of privacy watchdogs, the Article 29 Working Party, has revealed that SWIFT is being reorganised to lessen the risk of surveillance, but not until 2009.
"The Working Party has been informed of recent measures taken by SWIFT with regard to transparency, as well as its decision to restructure its network," said a statement from the Working Party recounting the business of its meeting last week.
"The new structure foresees by the end of 2009 the creation of a new operation centre in Switzerland. This means personal data in intra-European transactions will no longer be processed in the US operating centre," said the body.
Brussels-based SWIFT is still under investigation by the Belgian Data Protection Authority for potential breaches of data protection legislation.
The European Commission agreed a deal with the US earlier this year on how much SWIFT data US authorities could use.
"The EU will have now the necessary guarantees that US Treasury processes data it receives from Swift's mirror server in USA in a way which takes account of EU data protection principles," said EU Commissioner for justice, freedom and security Franco Frattini in June.
"I welcome the United States' Treasury Department's unilateral representations and the opportunity the Treasury has given the European Union to have its views and concerns duly reflected in the representations."
Even after the new operations centre is built, transactions with a US element will still be processed in the US, and there is uncertainty about the location of processing of other kinds of transaction, the Working Party said.
"EU-US transactions will continue to be processed in the US. With regard to other international transactions involving both EU and non-EU banks the location of their storage is still to be defined."
The group said it approved of the changes in SWIFT. "The Working Party welcomes the clear progress made by SWIFT, especially on technical aspects of compliance with data protection principles," it said.
Copyright © 2007, OUT-LAW.com
OUT-LAW.COM is part of international law firm Pinsent Masons.
Sponsored: Global DDoS threat landscape report