Does this mean that by moving to Switzerland, they can make themselves immune to Europe's data protection laws?

SWIFT was based in Belgium when it caved to US demands, the data was *not* processed in the USA then. So what does this actually change? SWIFT can be leaned on, as long as it is multi-national.

European banks now all have the get out clauses in their terms of service. Nothing stops say, China leaning on Citibank, and Citibank handing over it's UK customer data under section 43 of it's general terms. Who would know? They're not obliged to get permission, or inform anyone, there's no UK law that would stop them.

"43.4 You consent to have your Data transferred to other countries (including countries which do not offer adequate personal data protection) and you agree that if Your data is required by another country's laws or regulatory rules to be disclosed to that country's regulators, authorities, or law enforcement agencies, that it can be so disclosed."

We need a specific law to enforce financial privacy, with specific requirements on warrants, judges, courts, you know the old fashioned things, due process and the like.

Without the stick against the banks that run SWIFT, there's not likely to be any improvement in this.