Feeds

SWIFT to stop processing EU banking data in the US

But not until 2009

5 things you didn’t know about cloud backup

Payments processing body SWIFT will stop processing European banking transactions in the US in 2009. It is planning a restructuring of its network and the building of a new operations centre in Switzerland.

SWIFT has been heavily criticised for allowing US authorities access to records of banking transactions involving European citizens. It was revealed by The New York Times last year that US intelligence agencies were allowed to view Europeans' transactions.

SWIFT argued that it was obliged to comply with US orders because it carried out hosting and processing of information in the US. European data protection officials have condemned the release of the information. European, Swiss, and Belgian data protection authorities all ruled that SWIFT had broken data protection laws in supplying the information without informing bank customers of the US surveillance.

Europe's advisory committee of privacy watchdogs, the Article 29 Working Party, has revealed that SWIFT is being reorganised to lessen the risk of surveillance, but not until 2009.

"The Working Party has been informed of recent measures taken by SWIFT with regard to transparency, as well as its decision to restructure its network," said a statement from the Working Party recounting the business of its meeting last week.

"The new structure foresees by the end of 2009 the creation of a new operation centre in Switzerland. This means personal data in intra-European transactions will no longer be processed in the US operating centre," said the body.

Brussels-based SWIFT is still under investigation by the Belgian Data Protection Authority for potential breaches of data protection legislation.

The European Commission agreed a deal with the US earlier this year on how much SWIFT data US authorities could use.

"The EU will have now the necessary guarantees that US Treasury processes data it receives from Swift's mirror server in USA in a way which takes account of EU data protection principles," said EU Commissioner for justice, freedom and security Franco Frattini in June.

"I welcome the United States' Treasury Department's unilateral representations and the opportunity the Treasury has given the European Union to have its views and concerns duly reflected in the representations."

Even after the new operations centre is built, transactions with a US element will still be processed in the US, and there is uncertainty about the location of processing of other kinds of transaction, the Working Party said.

"EU-US transactions will continue to be processed in the US. With regard to other international transactions involving both EU and non-EU banks the location of their storage is still to be defined."

The group said it approved of the changes in SWIFT. "The Working Party welcomes the clear progress made by SWIFT, especially on technical aspects of compliance with data protection principles," it said.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

The essential guide to IT transformation

More from The Register

next story
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.