US access to EU Swift bank data agreed

US access to EU Swift bank data agreed

Summary: After EU privacy laws denied American security services access to European bank information, the parties have signed the Swift agreement to turn the taps back on

TOPICS: Security

The US and European Union have signed an agreement giving American government agencies access to all bank transactions within Europe, in the name of anti-terrorism intelligence.

The Swift agreement, named after the Belgian-based Society for Worldwide Interbank Financial Telecommunication that runs the eponymous intra-bank network, was accepted by the EU on Monday. It allows American collection of data within Europe and the transfer of information about suspicious transactions to the US. An EU official based in the US will maintain oversight for privacy and against misuse.

The agreement follows an earlier interim agreement to give the US data on all transactions, which was signed last November ahead of changes to the Swift architecture. Originally, Swift had two datacentres — one in the US and one in the EU — which mirrored all bank transactions. From 1 January, 2010, a third datacentre was used in Switzerland to maintain redundancy without having EU data in the US, which would have been against European privacy law.

The interim agreement was subsequently opposed by groups within the EU parliament, including the Progressive Alliance of Socialists and Democrats (S&D), who forced a parliamentary rejection of the agreement in February. The S&D amendments were then incorporated.

"During the last months the European Parliament was strong enough to say no to a 'security without safeguards' deal," said Martin Shulz, S&D leader, in a statement. "It is the duty of the EU and the US to cooperate in protecting citizens from terrorism, but citizens have also the right to be protected against excessive state intrusion into their lives and potential mistakes."

A further vote in the EU parliament in early July is needed to ratify and enable the agreement.

Topic: Security

Rupert Goodwins

About Rupert Goodwins

Rupert started off as a nerdy lad expecting to be an electronics engineer, but having tried it for a while discovered that journalism was more fun. He ended up on PC Magazine in the early '90s, before that evolved into ZDNet UK - and Rupert evolved with them into an online journalist.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It will be rejected again. Nothing has changed, indeed it is now worse.

    The data is sent to the US in bulk, not a targetted subset, the full data.

    The data is run through correlation queries, if a $200 move in a suspected bank account corresponds with a $100 move in your bank account with sufficient frequency, they assume a correlation and you are investigated as a potential terrorist.

    Barosso's claim that the data is private until the investigation is laughable and patently false. The data is bulk data mined.

    The claim that it's 'to protect against terrorism' is patently false, the domestic terrorism incidents we've suffered have been done with cash and for small amounts.

    Barosso asked for reciprocity, it was rejected. US doesn't want EU seeing it's internal bank transactions. I don't blame them.

    I'd remind you that EU is the worlds largest trading block, bigger than NAFTA (the North American trading block). That this is key commercial data you are handing over. The private transactions of hundreds of millions of EU citizens to a country in which they do not have a vote. In violation of their right to privacy.

    Reject again, and the individual countries need to seek prosecution of SWIFT outside the EU, since EU does not have competency to overrule individual countries on banking secrecy anyway.
  • Just got the database size, it's not even 8GB of data a day. It's less than the RAM in modern home computers.

    This means it is trivial to filter in real time on a tiny computer.

    This also means it is trivial TO COPY! So whatever protections they think they have in place will only apply to the copy they think is the only copy. But we're talking about 8GB of highly critical competitive data that any country would like to get it's hands on, that would be trivial to clone.

    So it will be cloned.
  • Another one sided "agreement". Subservient again. Open to abuse. US Constitution does not permit reciprocity, as we in the UK have already discovered, and seen that such "Treaties" will be misused; i.e. used in commercial circumstances.

    Let's develop a backbone and support the rights, privileges and privacy of own own citizens first and foremost. I would say more but it might be too rude.
    The Former Moley
  • I am a bit puzzled.
    What on earth could possibly be said that is too rude for this sell-out ?
    Treason is certainly NOT too rude.
    Selling OUR private data without our consent and for NOTHING !

    The rude ones is somebody else !
  • EU have just failed nyon four hundred million people, for everything they have done that was positive both past present and future has now being undone in a single move, all this in return for more EU powers.

    That in itself is contradiction to our freedom, so what is the point of the EU now? if not for big business's only.