EU Lawmakers Vote to Recommend TFTP Suspension as Privacy International Seeks Redress for Breaches
The EU should suspend the Terrorist Finance Tracking Program in response to the U.S. National Security Agency’s alleged tapping of EU citizens’ banking data held by the Society for Worldwide Interbank Financial Telecommunications (SWIFT) system, the European Parliament said Wednesday. It approved a nonbinding resolution backed by the Socialists and Democrats, Alliance of Liberals and Democrats for Europe, and Greens/European Free Alliance. A resolution from the center-right European People’s Party that urged caution on suspending the TFTP (CD Oct 18 p9) wasn’t successful. Privacy International (PI), meanwhile, asked the U.S. Treasury, NSA and European privacy chiefs to address concerns that the TFTP is failing to protect Europeans’ personal data or to give them redress for violations.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The European Parliament has no formal power to force suspension or termination of an international deal, but the European Commission “will have to act if Parliament withdraws its support for a particular agreement,” the resolution said. It backed a “full on-site technical investigation” of charges U.S. authorities had unauthorized access to or created “back doors” into SWIFT servers. Any data-sharing agreement with the U.S. must be based on a consistent legal data protection framework that contains binding provision on purpose limitation, data minimization, information, access, correction, erasure and redress, it said.
In Tuesday letters made public Wednesday, PI sought information from U.S. and EU officials about how people whose rights NSA had violated could secure redress. A Sept. 18 letter from David Cohen, U.S. Treasury undersecretary for terrorism and financial intelligence, responding to allegations that NSA was processing SWIFT messages outside of the protocol of the TFTP, “gives us no comfort, as he fails to deny that financial data such as SWIFT messages may be obtained outside the Agreement, including through intelligence channels,” PI wrote to NSA Director Keith Alexander (http://bit.ly/16v5qUE). It asked Alexander to “kindly inform us of the administrative process by which Europeans who fear their data has been obtained or processed in breach of the Agreement by the NSA” can obtain redress, and what judicial remedies Europeans can pursue in the U.S. PI asked the same questions of the director of the Treasury Office of Privacy and Civil Liberties (http://bit.ly/1a0xiAl).
Other PI letters went to the U.K. Information Commissioner’s Office (ICO) and the Financial Conduct Authority (FCA). In one of two letters to the ICO (http://bit.ly/19uPHIN), PI said that it sometimes uses SWIFT’s systems for international financial transfers and wondered if the TFTP “is effectively protecting the privacy rights of European data subjects.” It asked the ICO to investigate the NSA’s purported access to SWIFT or to explain why it won’t investigate. In a second letter (http://bit.ly/HaJEzs), PI sought the privacy watchdog’s opinion on how Europeans can exercise their rights to redress under the TFTP. PI also asked the FCA to probe NSA’s access to SWIFT data ( http://bit.ly/16v4BLw).
The ICO apparently had not received the letters, but will publish a full response to PI when it does, a spokesman told us. In general, however, he said, much of the information relating to the NSA involves matters of interception which fall under a U.K. Data Protection Act exception for national security.
The U.S. government “remains in full compliance with all aspects of its obligations under the TFTP Agreement,” a Treasury spokesman for the terrorism and financial intelligence division told us. At the request of EU Home Affairs Commissioner Cecilia Malmström, the U.S. has begun a series of “detailed and intensive consultations” with the EC to respond to its concerns and questions about the media allegations about TFTP data, he said. The consultation process began last month “and has been continuing in earnest,” he said. The spokesman defended the TFTP as a “critical element” of U.S. counterterrorist finance efforts, saying it offers “distinctive value” in detecting, preventing, disrupting and prosecuting terrorism and its funding around the world.
Asked what implications, if any, the European Parliament vote could have for PI’s efforts to make governments accountable, PI Communications Manager Mike Rispoli said the organization believes that no matter what happens to the TFTP in the future, the alleged SWIFT violation took place while the treaty was in effect. Everyone whose financial data was scooped up in violation of the TFTP must have some redress, he told us. The NSA didn’t respond and the FCA said it was looking into whether PI’s letter had arrived.