Original URL: https://www.theregister.com/2006/10/04/ecb_swift_hearing/

European Central Bank wants EU protection from US

Denies responsibility for past intrusions

By Mark Ballard

Posted in Legal, 4th October 2006 19:00 GMT

The European Central Bank has put its weight behind transatlantic talks that the EU hopes will secure the privacy of European citizens from the prying eyes of US anti-terrorist investigators.

Jean-Claude Trichet, ECB president, declared his support for the talks at a European Parliament hearing, after being pressed by MEPs to explain why the ECB had hidden its knowledge of a secret US anti-terrorist intelligence investigation, the Terrorist Finance Programme, from other EU authorities.

The EU is investigating alleged widespread privacy violations by the US investigation in the subpoenas it made for world-wide financial records held by the Society for Worldwide Interbank Financial Telecommunication (SWIFT), the Belgian firm that handles instructions for most of the world's financial transactions.

Since being exposed by the New York Times in June, the US use of SWIFT has fuelled tensions in Europe over what is perceived to be the America's persistent violation of European civil liberties in its hunt for terrorists.

Those European organisations which complied with the secret US investigation without telling the EU have jumped on the crux of the transatlantic wrangle as a defence against the criticism levelled at them.

"I would say that there is a case for a clarification of the border of the interface between data protection and the fight against terrorism...at the global level," Trichet told a joint committee hearing before the European Parliament today.

He admitted to MEPs that it and the G10 central banks that make up SWIFT's oversight committee were told about the US subpoenas in February 2002. The banks kept schtum because they believed it wasn't their job to consider the privacy of SWIFT's data.

"The task of protecting personal data is outside of the remit of the Group's oversight function, since it is unrelated to the functioning of market infrastructure and financial stability," said Trichet.

But he was pressed by MEPs to consider the idea that data privacy was essential for financial stability. Should financiers think their transactions were being watched by US intelligence without any oversight, they might lose faith in the system.

"If we had an immense, totally tragic problem of data protection, perhaps it would entail some consequences in terms of financial stability," conceded Trichet.

"But we know that terrorist activities have an impact on financial stability, because we experienced 9/11," he added.

The defence the financiers used was that they had not broken any European privacy law by co-operating with the US investigation. If the EU authorities were upset, perhaps they ought to look at the legislation. Perhaps global data protection legislation was needed to deal with global transfers of data like those handled by SWIFT?

Francis Vanbever, chief financial officer of SWIFT, went as far as to say that data protection legislation was out of date because it had been introduced in 1995, long before the current war between the US and disenfranchised Muslims.

But it was noted that the powers the US has used to get hold of SWIFT's data were attained in the 1970s. And EU data protection chiefs claimed existing law was adequate to deal with the situation. They just had to decide what to do.

Both the the European Commission and the Article 29 Committee, which advises the European Parliament on data protection issues, were still making their minds up. SWIFT had been found in breach of Belgian data protection laws last week, but the Belgians decided not to prosecute. They understood how SWIFT was stuck between the US intelligence rock and the EU privacy hard place.

The Europeans might not be so understanding. They accused both the ECB and SWIFT for trying to shirk their responsibilities for the privacy breaches of their clients' data.

There is some exasperation in Europe that everyone else - the world's financial system, the US authorities and numerous lawyers - appeared to know about the US investigation, but that the EU hadn't a clue.

Trichet said the ECB had been prevented from telling other EU authorities because of a confidentiality agreement it had signed with SWIFT. The Belgian firm, similarly, had been unable to tell the authorities because of an agreement it had signed with the US.

Europeans are getting miffed about the US trampling on their toes when it goes terrorist hunting. The CIA's "rendition" flights of suspected terrorists in and out of European airports is still a hot potato in Brussels.

Airline passenger records are another bone of contention, with the European Court of Justice this year ruled the EU had been acting outside of its legal competence to agree to share passenger data with the US. The EU has no competence over security matters. It is aware that its competence over the SWIFT matter is in question, but is determined to fight for it on economic and privacy grounds.

As if to rub salt in the wounds, the US has refused to give the EU the same assurances over its access to passenger records that it gave SWIFT over access to bank data, noted Stavros Lambrinidis, vice president of the Parliament's Human Rights committee.

Europe's position should be formulated by the end of the week before it goes into talks with the US over the boundaries between civil liberties and security.

SWIFT's position that existing law was inadequate to deal with the unique problems that led the US to mount its unprecedented investigation added credence to its assertion that it broke no data protection laws.

"There was no reason for us to consult the EC because we believe we respected the law," Francis Vanbever, SWIFT's chief financial officer, told the hearing.

In other words, SWIFT and the central banks had not thought that any political or administrative involvement was necessary to protect itself from US intrusions. Their lawyers had advised them as much and they stuck to that position until the investigation was exposed.

Yet now it is in the open, and SWIFT's co-operation with it has been found in breach of data protection laws, the Belgian firm has declared its support for EU involvement.

"We believe that the issue of balance between the need to fight terrorism and the right to privacy can only be resolved by political leadership," Vanbever told the hearing. ®