PL&B International E-news, Issue 52

1. EU Data Protection Supervisor Rules on SWIFT Secret Data Protection Breaches

Peter Hustinx, the European Data Protection Supervisor, adopted an opinion on 1 February directed at the European Central Bank (ECB) as overseer and user of the SWIFT international financial transactions system based in Belgium. Unlike his more usual role in advising on EU proposals with data protection implications, this opinion is a judgment that the scrutiny of SWIFT financial transactions in secret by the US Treasury violated European data protection law. His opinion is directed at the European Central Bank because it is one of the European institutions which it is his duty to advise.

He uses his power under the regulation regarding personal data processing by EU institutions to urge the ECB to explore ‘solutions to make its payment operations fully compliant with data protection legislation and take appropriate measures as soon as possible.’ He invites the ECB to report back on the measures taken to comply with his opinion by April at the latest. After the report he will consider, ‘taking into account possible coordination with other data protection supervisory authorities, any further action’ on the basis of his powers. The ‘further action’ obviously could include the imposition of sanctions.

Considering the ECB as policy maker he ‘stresses that it would not be acceptable that the architecture of the European payment systems would continue to allow and facilitate that personal data relating to any euro payment between Member States are transferred to third countries in breach of the data protection legislation and made available - routinely, massively, and without appropriate guarantees – to third countries’ authorities.’ He calls on the ECB ‘to ensure that European payment systems…are fully compliant with European data protection law.’

He concludes that ‘a wide range of EU and international instrument aimed at fighting crime and terrorism while ensuring protection of fundamental wrights are already available’ and should be fully exploited before proposing new international agreements. ‘In any case, the fight against crime and terrorism should not circumvent standards of protection of fundamental rights which characterise democratic societies.’

Click here for further information about subscribing to the international newsletter.

Copyright Privacy Laws & Business 2007