(June 17, 2010) On June 15, 2010, the European Parliament (EP) having rejected a previous draft agreement in February 2010 between the European Union and the United States on bank data transfer to combat terrorism, strongly criticized the second version of the agreement for not fully complying with EU rules on privacy and personal data protection. The data transfer in question is undertaken by the SWIFT company, located in Belgium. The EP's chief concern remains that the bulk transfer of data will continue to be filtered in the United States, rather than being filtered in the EU prior to the transfer to the U.S., as demanded by the EP. As Justice Commissioner Cecilia Malmstrom stated, SWIFT lacks the technical capability to filter out single communications between individuals or organizations suspected of being involved in terrorist activities. The filtering task is assumed by the U.S. Treasury Department through its “Terrorism Tracking Funding Program,” established in the aftermath of the 2001 terrorist attacks in the U.S. The U.S. counterclaims that the bulk data is encrypted, that therefore it can be accessed only when the Treasury Department conducts a specific name investigation, and that no data mining is permitted.
The new draft also contains a provision pertaining to the involvement of the European Police Office (EUROPOL) in the data transfer process: EUROPOL will authorize requests for transfers from the EU to the U.S. While the Socialists in the EP expressed serious concerns about the role of the EUROPOL, the Justice Commissioner endorsed the idea of EUROPOL's involvement “as the only legal solution” to the data transfers from the EU to the U.S.
To assuage the EP's concerns, the new version of the agreement provides for the involvement of EU and U.S. auditors. The American ambassador to the EU, William E. Kennard, characterized the new draft as “a positive step” that “incorporates important changes to accommodate the concerns” voiced by the European parliamentarians, especially Social Democrats, Greens, and Liberals. While the draft agreement has received the approval of the European Commission, it must still obtain the consent of the EP and the Council of the EU. (Valentina Pop, MEPS Threaten Second Veto on EU-US Bank Data Deal, EU OBSERVER (June 16, 2010), http://euobserver.com/9/30294/?rk=1.)