Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
May 8 --There are “no indications” that financial transaction data held by the Belgium-based Society for Worldwide Interbank Financial Telecommunication (SWIFT) have been accessed by government intelligence agencies outside established legal channels, the Belgian and Dutch data protection authorities said May 8.
SWIFT provides a financial transaction messaging service used by more than 10,000 financial institutions internationally.
Belgium's Commission for the Protection of Privacy (CPVP) and the Dutch Data Protection Authority (CBP) said in a joint statement that they had concluded an investigation that started in November 2013 into the security of SWIFT's computer networks and “did not find any violations of legal security requirements.”
In addition, there was no evidence that “third parties have had or could have had unlawful access to financial messaging data related to European citizens,” the DPAs said.
The CPVP and the CBP started a joint investigation into SWIFT in response to reports originating from former U.S. National Security Agency contractor Edward Snowden that intelligence agencies had unlawfully accessed SWIFT financial transaction data.
The DPAs wouldn't disclose further information about their investigation. CPVP spokeswoman Eva Wiertz told Bloomberg BNA May 8 that “we are bound by professional secrecy and cannot disclose any more details,” and that no report on the investigation would be published.
A European Parliament official, who asked not to be named, told Bloomberg BNA May 8 that the lack of detailed information about the CPVP/CBP investigation meant it was unclear to what extent the SWIFT systems had been tested for evidence of surveillance breaches.
It is unclear whether the investigation “really solves the problem,” the official said.
The U.S. can access data held by SWIFT via the Terrorist Finance Tracking Program (TFTP), an EU-U.S. agreement in force since Aug. 1, 2010, under which U.S. authorities can carry out targeted searches of SWIFT data to identify financial transaction information related to suspected terrorist activity.
In a September 2013 letter to the European Commission, the EU's executive arm, U.S. Treasury Under Secretary for Terrorism and Financial Intelligence David S. Cohen answered European Union concerns about surveillance of SWIFT data, saying that the U.S. only obtained SWIFT data through the TFTP, or as part of information provided by financial institutions in response to subpoenas.
But in a nonbinding resolution adopted in October 2013, the European Parliament called for suspension of TFTP on the basis that it didn't adequately protect the data of EU citizens transferred outside the EU .
In March 7 prepared testimony to the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE), Snowden repeated the allegation that government surveillance agencies had targeted SWIFT for surveillance .
The call for suspension was reiterated in March in the final report of a European Parliament inquiry into the mass electronic surveillance of European Union citizens .
Claude Moraes, a British center-left member of the European Parliament who drew up the final report of the mass surveillance inquiry, told Bloomberg BNA May 8 that the conclusion of the Belgian/Dutch investigation into SWIFT was “an important development, and any follow-up to our inquiry would certainly take on board these findings.”
The European Parliament inquiry wasn't a “forensic” inquiry, and was unable to prove the allegations that SWIFT data were being illegally accessed by intelligence agencies, Moraes said.
SWIFT said in a May 8 statement that it was “pleased to confirm that the authorities have concluded there are no indications that third parties have had, or could have had, unlawful access to financial messaging data.”
SWIFT added that “the authorities have also verified that there have been no violations of the security obligations under EU data protection law.”
To contact the reporter on this story: Stephen Gardner in Brussels at firstname.lastname@example.org
To contact the editor responsible for this story: Donald G. Aplin at email@example.com
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)