To remind you of the American view, SWIFT is about the fight against international terrorism with the help of European bank data. “The threat of terrorism the United States and the European Union are facing is ongoing, and with this agreement, all our citizens will be safe”, Obama said in a written statement in which he naturally welcomed the approval by the European Parliament.
The financial services authority SWIFT, which is based in Belgium, is now able again to transmit data on cross-continental bank transfers of EU citizens and companies to the United States starting 1st August 2010 – for a whole five years. With that, the name, address and bank details of a European bank customer can be determined as soon as they transfer money to non-EU countries.
During the first vote on SWIFT in February this year, a number of points were put forward by the MEPs to explain why the agreement had to be seen critically:
* The fact that all data from European bank transfers is automatically given to the United States
* The unlimited storage of data
* The fact that no distinction is made between bank transfers within the EU and to non-EU countries
* The uncertainty regarding the disclosure of information to third countries such as Russia or China
* The important fact that the Europeans do not have comparable access to data of American bank customers
* European citizens should in the future be able to obtain information on the use of their data from their national ministry for data protection. They can also request corrections, deletions and blockages. What they cannot do, however, is go to court.
* The amount of data that is to be submitted should be kept at a minimum level
* Only bank transfers to non-EU countries will be checked
* EU officials should monitor the evaluation of data in the United States
The latter is seen as a single concession of the United States towards the Europeans – it is just questionable whether the concessions on the European side have not been much greater. Peter Schaar is one of the critics, being the German government’s representative on data protection. According to him, the “Commission’s negotiated draft does not fulfil the minimum data security requirements”. His counterpart on the European level, EU data protection representative Peter Johan Hustinx, agrees with him. Particularly criticised is the fact that because of technical difficulties, no individual data of terror suspects can be transmitted directly but instead a datagram is submitted in which much information on numerous respectable citizens can be included.
Since Europe has not been technically and legally able to evaluate the data itself, the European Commission will work on plans for the implementation of a European evaluation over the coming twelve months. “This”, says Hustinx, “data protection officials will have to monitor closely in future.”