Brussels, 06/07/2010 (Agence Europe) - On Thursday 8 July, the European Parliament is expected to have no difficulty in adopting the second version of the EU-US agreement on the transfer of messaging data (Swift), which will enable the US (after a six month interruption) to again access bank data transfers from Europe through the former's Terrorist Finance Tracking Program (TFTP). Parliament's civil liberties committee, responsible for this dossier, adopted on 5 July by 41 votes in favour and nine against with one abstention, the recommendation by Alexander Alvaro (ALDE, Germany) for approving the conclusion of the new agreement. If the Assembly follows this recommendation, which should, undoubtedly be the case, on Thursday at noon during its plenary session, the text will enter into force on 1 August. MEPs had rejected the previous agreement in February but since then have negotiated certain safeguards and the agreement that the Union would have a permanent system for preventing any bulk transfer to the US.
The Swift saga… In the wake of the attacks on 11 September 2001, the Swift clearing house in Belgium (the biggest financial transaction data company in the world and used by around 8300 bodies in 208 countries) was contracted to provide the US Treasury with data in its possession regarding financial transactions but this was in the absence of any international agreement and in violation of European data protection rules. In June 2006, the media shed light on the affair. In February 2007, the European Parliament adopted a resolution condemning these practices. In June 2007, the EU and the US reached an agreement, in an exchange of letters, to provide a framework for these exchanges of data. Judge Jean-Louis Bruguière was appointed as the EU representative to verify whether the (TFTP) respected the agreement. In summer 2009, the EU opened negotiations in view of concluding a provisional agreement on Swift data. On 30 November, just before the entry into force of the Lisbon Treaty, the Council of the EU signed an agreement but the Parliament rejected it in February 2010, provoking a halt on the transfer of data to the US. At the end of March, the Commission presented a new negotiations mandate for concluding a long-term agreement with the US. Following intense negotiations, a draft agreement was signed on 28 June (EUROPE 10169 and 10159).
The contents of the negotiated agreement. A European TFTP: this is the key point in the European Parliament agreement. In the long term, it will help preclude bulk data transfers. In exchange for supporting the agreement, MEPs obtained the agreement that in 12 months' time, the Commission will begin work on implementing the European equivalent of the US “Terrorism Finance Tracking Programme” (TFTP), which will put an end to non-individualised banking data. A new role for Europol: a new dimension contained in the draft agreement means that Europol will be able to block data transfers to the US. The agency based in The Hague will have to verify that each request made by the US Treasury is justified as a measure against terrorism and that the volume of data requested is reduced as much as possible. Independent control: the new version of the agreement stipulates that data used by the Americans should be done exclusively within an anti-terrorist perspective and should be supervised by independent controllers, including the person appointed by the European Commission. This individual will have the power to re-examine in “real-time” and retrospectively all searches made into the data provided, and seek, if necessary, additional justification for a link with terrorism. This individual will, in particular, have the power to block certain searches or part of them if it appears that one or several of them is illegal. Limitations: the agreement bans the US TFTP from “data mining” or any kind of automated data search, algorithmic profiling or electronic screening. Searches and Swift data will have to be based on pre-existing information according to which the subject of the search has a link with terrorism or its funding. The agreement introduces the possibility of one or two parties suspending the agreement, with immediate effect, in the event of its rules being infringed by one or other of the parties. Rights of redress and correction: according to the agreement, everyone has the right to request rectification, the scrapping or locking of the personal data processed by the US Treasury when this data is inaccurate or when the processing of it is contrary to the agreement. MEPs explained that the US Privacy Act, which protects US citizens against illegal data-processing, does not apply to European citizens, who would be the victims of this kind of processing on American soil. The new proposal, however, stipulates that everyone will be able to send a complaint to the authority in charge of data protection in the EU, which will send this request to the person responsible for private life issues at the Treasury Department. The latter will proceed to performing all the necessary verifications requested in the demand and will inform the competent data protection authority in the EU if the personal data has been rectified, erased or locked and whether the rights of the person in question have been duly respected. The agreement also indicates that all citizens, irrespective of nationality, have the right of administrative or judicial appeals and subsequent rights of compensation. Retention and erasing of data: the text indicates that the data extracted can only be retained during specific procedures and investigations for which they are used. Every year, the US Treasury will have to compose a balance sheet of non-extracted data, namely non-individualised data, which will not be used for anti-terrorist ends, and erase them. Sharing with third countries: all information sharing involving EU nationals and the authorities of a third country is subject to a prior agreement with the competent authorities of the member state concerned, except when information sharing is essential for preventing a serious and immediate threat to public security. In these cases, the competent authorities of the member state concerned will be informed as soon as possible. Next stages: if the agreement is adopted by the Parliament, it will enter into force for five years and will then be renewed every year. Nonetheless, Europeans and Americans will have to examine how well the safeguards and control systems in the agreement are working six months after it enters into force at the latest. Three years, at the latest, after entry into force of the agreement, the European Commission and the US Treasury will prepare a joint report on the benefits of the data provided in the TFTP.
Majority of MEPs' responses are positive. The three main groups at the assembly (Conservatives, Liberals and Socialists), but not the Greens and the GUE, reaffirmed on Tuesday 6 July, their support for the agreement. Mr Alvaro, the rapporteur on this case, welcomed the agreement and stated that, “the word impossible does not exist if there is political determination and that Parliament is able to introduce improvements to this now acceptable agreement”. He informed sceptical MEPs that, “thanks to the future European TFTP, we have laid the basis for a medium-term solution for preventing bulk transfers to the US”. Nonetheless, he urged the European Commission to develop this new system in the next five years. Ernst Strasser (EPP, Austria) said that this agreement marked, “a great success” of the European Parliament from both a political point of view and a point of view of the contents contained in the text. His colleague, Carlos Coelho (Portugal), nevertheless, indicated that there were doubts about the role of Europol, which according to him, “is not a legally independent agency”. Claude Moraes (S&D, United Kingdom) said that this is not a perfect agreement but it does include key elements in data protection. He also declared that they had put a stop to the binary bulk approach, thanks to a European system. Timothy Kirkhope (ECR, United Kingdom) said that it was an improved agreement and that they should be pleased with the legal appeal mechanism as well as those for locking and verifying data, and the prospect for developing a European TFTP. A veteran on these questions, Sophie In't Veld (ALDE, the Netherlands) indicated that she would vote in favour of the improvements brought by Parliament, despite the many hesitations she had regarding it at a legal level, “those who vote no will bear a lot of responsibility” in terms of security, she said. Hélène Flautre (Greens/EFA, France), said that the two main groups had set up a smokescreen on the dossier, “this agreement is not entirely different from the previous one on the main points: bulk transfers, five years of retention, no appeal for citizens, Europol is not an institution with a legal personality”. She said that in the context of the Belgian Presidency, they had puffed out their chests and were now bowing down, “which is not good news for European citizens”. Rui Tavares (GUE/NGL, Portugal) deplored the fact that the contents contained in the agreement had not changed. He said that they still contained bulk transfers and said that these transfers would be around 90 million a month, 1 billion a year. He said the legal repercussions from such an agreement would have to be looked at because Europol is not the agency responsible for protecting the data of citizens. Batten Gerard (EFD, United Kingdom) said that this agreement was illegal under legislation on data protection in his country. Daniël van der Stoep (NI, the Netherlands) said that he supported this agreement, which was aimed at fighting Islamic terrorism. The Belgian justice minister, Stefaan De Clerck, expressed his determination to close this dossier as quickly as possible under his Presidency. He said that this agreement was a very good result and better than the previous one in the sense that it represented greater balance between security and data protection. He said that it was too simplistic to criticise the Americans without doing anything and, “I really hope that a European TFTP will see the day in the next five years and that we will not just simply place our trust in the Americans”. The European Commissioner for Home Affairs, Cecilia Malmström, who supervised the negotiations, provided assurances that this agreement is the result of tough negotiations and compromises, “it is still not 100% satisfactory but many improvements have been brought to it”. The Commissioner pointed out that, “this agreement ensures a high level of personal data protection, whilst ensuring a high level of security, which allows lives to be protected in the US and European Union”. The Commissioner hopes that the agreement submitted to MEPs will be adopted on Thursday. Tomorrow, EUROPE will return to the point of view in the US, as well as concerns expressed by those in charge of data protection in Europe. (B.C./transl.fl)