As noted by Reference Data Review last month, consensus remains out of reach on the subject of bank data transfer between the US and Europe across the Swift network. European politicians are keen that bulk data transfers of sensitive customer data across the network for counter terrorism purposes be avoided and that this data instead be processed within Europe.
US and European regulators are seeking to come to a new agreement on the transfer of personal data across the financial network to the US Treasury Department for anti-terrorist financing measures, following the rejection of the Swift proposals in February. There is a degree of concern about the use of bulk transfers, as some regulators feel this not an appropriate model, given that data that may not be required could be transferred along with the data that is required. Politicians feel this type of transfer is therefore an infringement of European Union legislation and should be prevented.
European politicians have also called for strict implementation and supervision safeguards, monitored by an appropriate EU-appointed authority on the day to day extraction of and use by the US authorities of all such data. Furthermore, they have specified that the maximum storage period of this data must not exceed five years and that it may not be disclosed to third countries.
The European Parliament wants access to any documents that demonstrate the need for the scheme and it also wants to know whether the envisaged agreement will guarantee the same rights to European citizens as to Americans in the event of any abuse of the data. This is in light of the fact that the rights guaranteed under the US Privacy Act can be invoked only by citizens and permanent residents of the US. Politicians are also keen for a European judicial authority to take part in the oversight of the extraction process in the US.
The European Commission is hoping to have an agreement on the subject signed by June, but consensus on the issue has proved harder to achieve than first expected. Much the same as the debate ongoing about data repositories, Europeans are not keen to hand over control of their data to the US and would prefer the extraction of data to be performed and overseen in Europe.
The fact that the data issue has become so politicised of late has meant that this often overlooked area of the industry is finally getting an intense degree of attention. However, as has been proved with the slow process involved in ISO standards development and implementation, political concerns do pose some degree of threat to data standardisation in the long term. Of course, Europeans have every right to be concerned about data security in the case of bulk transfers but politicians also need to be wary of holding back progress on important issues due to turf war considerations.
