SWIFT agreement adopted by the European Parliament
This article is also available in:
Deutsch: Europäisches Parlament stimmt SWIFT-Abkommen zu
The European Parliament has adopted the so-called SWIFT agreement on 8 July 2010 allowing sharing EU citizens' bank data with the US authorities, but failing to stick to its initial position on privacy safeguards from February 2010.
The text was adopted with 484 votes in favour and 109 against. The supporters of the current version claim that the new text was significantly improved by gaining a number of important concessions from the US. These include the limitation of bulk data being transfer to the US or the role of Europol in overseeing the transfer process.
However, even the data protection European bodies - EDPS and the Article 29 Working Party - have underlined that the current agreement does not meet the European privacy standards.
As EDRi has explained in a FAQ made public shortly before the vote, there is no prior judicial ruling required for transfer of data, the definition of "terrorism" is very broad and there is still no legal redress available for EU citizens in the US against data transfers or the possibly serious consequences thereof.
Also, in practice, SWIFT can't currently limit data searches to specific individuals or single transactions. Actually, it will have to (and has in the past) transfer data about all transactions from a certain country or a certain bank on a certain date. There have been reports that the US Treasury has received up to 25% of all SWIFT transactions, which number in the billions each year.
As regards the Europol's position, the EU body is far from a judicial authority and it is now authorized to request information from the US searches in the transferred data, which drastically reduces any incentive to limit the transferred amount of data in the first place.
This agreement will enter into force on 1 August 2010. The current text will be valid for 5 years and then automatically extends for one year at a time. In order to terminate the agreement, one of the parties has to take an initiative. Even if it is terminated, all transferred data will remain at the disposal of US authorities. The data provided to the American authorities will be subject to a retention period of 5 years.
Agreement between the EU and the USA on the processing and transfer of
financial messaging data from the EU to the USA for purposes of the
Terrorist Finance Tracking Program (8.07.2010)
The Parliament shows the green light for the SWIFT II agreement (only in
US to access Europeans' bank data in new deal (8.07.2010)
Frequently Asked Questions on the Terrorist Finance Tracking Program /
"SWIFT" Agreement (7.07.2010)
EDRi-gram: Same privacy concerns for the new SWIFT treaty (30.06.2010)