The draft agreement on handing European citizens' bank account details to the US needs tightening up to better protect privacy, according to the European data watchdog.

The agreement was released in draft form by the European Commission last month. It now needs approval from the Council before negotiations with the US begin.

The European Data Protection Supervisor (EDPS) said it accepted that terrorism meant that the US had to have access to all our financial dealings via SWIFT (Society for Worldwide Interbank Financial Telecommunication, based in Belgium). The agreement to give US authorities free reign came in response to the 9/11 attacks.

Peter Hustinx, supervisor of the EDPS, said: "I am fully aware that the fight against terrorism and terrorism financing may require restrictions to the right to the protection of personal data. However, in view of the intrusive nature of the draft agreement, which allows transfers of data in bulk to the US, the necessity of such scheme should first be unambiguously established."

The EDPS said bulk transfers of data should be stopped and some form of filtering at the European end introduced.

It also suggested a considerable cut in the storage time for data which is sucked up by bulk transfers but never actually investigated. It also wants assurances that European citizens will have the same rights over their information held in the US as in Europe.

It further suggested a stronger oversight and supervision mechanisms.

The full statement is here. ®

Related stories

• Europe flashes report card on data protection (15 June 2011)

  https://www.theregister.com/2011/06/15/european_data_protect_scores/

• Europe demands right to be forgotten (4 November 2010)

  https://www.theregister.com/2010/11/04/europe_help_privacy/

• EU privacy watchdog pans passenger data plans (21 October 2010)

  https://www.theregister.com/2010/10/21/eu_privacy_watchdog_passenger_data/

• Euro bell tolls for UK's data protection regs (27 August 2010)

  https://www.theregister.com/2010/08/27/data_deadline_passes/

• Europe approves mass data transfer to US (9 July 2010)

  https://www.theregister.com/2010/07/09/eu_us_data_treaty/

• Scotland allows collection of children's DNA (6 July 2010)

  https://www.theregister.com/2010/07/06/criminal_act_passed/

• Europe approves US mass data grab (29 June 2010)

  https://www.theregister.com/2010/06/29/swift_agree_approved/

• Privacy watchdogs: Silence isn't cookie consent (28 June 2010)

  https://www.theregister.com/2010/06/28/cookie_directive/

• UK told to strengthen data protection, again (25 June 2010)

  https://www.theregister.com/2010/06/25/uk_data_protect/

• Google claims Wi-Fi slurp legal in the US (22 June 2010)

  https://www.theregister.com/2010/06/22/google_wifi/

• US attacks Europe's perv-scanners (22 June 2010)

  https://www.theregister.com/2010/06/22/airport_scanner_privacy/

• Terror data handover seriously flawed (17 June 2010)

  https://www.theregister.com/2010/06/17/eu_usa_data_agreement/

• Street View snooping sparks new watchdog site (16 June 2010)

  https://www.theregister.com/2010/06/16/streetview_snoop_site/

• Lambeth Labour party in email tapping row (10 June 2010)

  https://www.theregister.com/2010/06/10/lambeth_email_tap_row/

• Ireland publishes proposed data breach notification rules (10 June 2010)

  https://www.theregister.com/2010/06/10/ireland_data_rules/

• Europe exposes new data share deal with US (27 May 2010)

  https://www.theregister.com/2010/05/27/europe_us_data_share/