Stay on Top of Enterprise Technology Trends
Get updates impacting your industry from our GigaOm Research Community
The European Parliament has voted to suspend a data-sharing agreement with the U.S., which gave the Americans access to certain details of financial transactions in order to track terrorist financing. The vote comes amid growing anger in Europe over Edward Snowden’s NSA revelations – just two days ago, the Parliament’s civil liberties committee reintroduced tough proposals for new privacy law that had previously been watered down by U.S. lobbying.
The Parliament itself cannot suspend the deal, but the European Commission can, and the text approved on Wednesday said “the Commission will have to act if Parliament withdraws its support for a particular agreement.” However, the Commission has indicated that it doesn’t intend to suspend anything just yet. The text also urged EU member states to authorize a Europol inquiry into alleged U.S. hacking of Europeans’ financial records.
In the wake of 9/11, the U.S. set up something called the Terrorist Finance Tracking Program (TFTP), which gives the U.S. Treasury and the CIA access to the SWIFT database of international transactions. Once it belatedly learned of this program, the EU partnered up with the U.S. on this, on the basis that it too would get handy anti-terrorist information out of the deal.
However, there were always concerns that the U.S. was extracting more data than EU law allows, so to better safeguard the privacy and fundamental rights of its citizens, the EU wrangled a formal agreement in 2010. This agreement sets out processes for the data-sharing, including proper request procedures and provisions such as the data being deleted as soon as possible, and not being linked to any other database.
Then Snowden came along – recent revelations from his leaks have indicated that the NSA has been tapping SWIFT directly in order to extract information, thus breaking the terms of the agreement with the EU. The intelligence agency has apparently also been illegally accessing credit card transaction data in Europe, the Middle East and Africa.
Wednesday’s vote was close – 280 to 254 — but the motion to suspend the deal went through. This comes one day ahead of an EU-U.S. summit in Brussels, at which France is already set to harangue the U.S. over its alleged recording of millions of French people’s phone calls (a charge that U.S. intelligence chief James Clapper has denied).
Here’s how Jan Phillip Albrecht, the MEP who came up with the tough new data protection principles that were backed earlier this week, reacted:
“In calling for the EU-US SWIFT agreement to be suspended, the European Parliament has today sent a clear message that enough is enough. The revelations about NSA interception of SWIFT data make a mockery of the EU’s agreement with the US, through which the bank data of European citizens is delivered to the US anti-terror system (TFTP). What is the purpose of an agreement like this, which was concluded in good faith, if the US authorities are going to circumvent its provisions?
“The EU cannot continue to remain silent in the face of these ongoing revelations: it gives the impression we are little more than a lap dog of the US. If we are to have a healthy relationship with the US, based on mutual respect and benefit, EU governments must not be afraid of defending core EU values when they are infringed. EU leaders must finally take a clear and unambiguous stance on the NSA violations at this week’s summit.”
However, Home Affairs Commissioner Cecilia Malmström issued a post-vote statement that sounded considerably less strident:
“We take note of the resolution and of the European Parliament’s request to suspend the Terrorist Finance Tracking Programme Agreement (TFTP). We have already started consultations with the US under the TFTP Agreement to verify the allegations of access to financial messaging data in the EU contrary to TFTP agreement. In the framework of the consultations the US side has provided detailed explanations and assurances. We have no indications that the TFTP Agreement has been violated, but we are still waiting for additional written assurances that the Commission has requested from the US. Following the resolution, we will follow up our request for written assurance with the US without delay and keep the European Parliament fully informed. In the meantime, the provisions of the TFTP Agreement that clearly regulate the transfer of personal data, and that provide effective safeguards to protect the fundamental rights of Europeans, will remain in place.”
This article was updated at 7.30am PT to reflect Commissioner Malmström’s reaction.