EU Lawmakers Upset by Poor Protection of Swift Banking Data
Jennifer Baker writes on PC World:
A second review of the controversial Terrorist Finance Tracking Program (TFTP) has done little to allay European parliamentarians' fears of poor data security.
Last week an internal report by Europol, the European police force charged with overseeing the accord, sparked anger among Members of the European Parliament (MEPs) when it revealed that the written requests made by the U.S. for European banking data were too vague to assess whether they meet European Union data standards. But Europol went ahead and rubber-stamped them anyway. Many members of the Parliament's civil liberties committee said they felt betrayed.
On Wednesday, Isabel Cruz, chairwoman of Europol's internal oversight unit, explained that additional oral information was provided to Europol staff by the U.S. authorities, but that the content of that information is not known, again making it impossible to verify compliance with the TFTP agreement. Her report recommended that in the future, requests must contain more detailed information, specific to each request, and the U.S. authorities may need to provide certain additional information.
The TFTP (also known as the Swift agreement) came into force last August and allows the transfer of European citizens' banking data to the U.S. under certain conditions. One of these was that a high degree of data protection would be enforced and that Europol would oversee the implementation. Under Article 4 of the agreement Europol has the task of verifying U.S. requests for data. However, "we always said it had to be a legal, judicial body to verify the legality of these requests. Europol has a role which is extremely confusing," said Cruz.