FRAMINGHAM, 17 MARCH 2011 - A second review of the controversial Terrorist Finance Tracking Program (TFTP) has done little to allay European parliamentarians' fears of poor data security.
Last week an internal report by Europol, the European police force charged with overseeing the accord, sparked anger among Members of the European Parliament (MEPs) when it revealed that the written requests made by the U.S. for European banking data were too vague to assess whether they meet European Union data standards. But Europol went ahead and rubber-stamped them anyway. Many members of the Parliament's civil liberties committee said they felt betrayed.
On Wednesday, Isabel Cruz, chairwoman of Europol's internal oversight unit, explained that additional oral information was provided to Europol staff by the U.S. authorities, but that the content of that information is not known, again making it impossible to verify compliance with the TFTP agreement. Her report recommended that in the future, requests must contain more detailed information, specific to each request, and the U.S. authorities may need to provide certain additional information.
The TFTP (also known as the Swift agreement) came into force last August and allows the transfer of European citizens' banking data to the U.S. under certain conditions. One of these was that a high degree of data protection would be enforced and that Europol would oversee the implementation. Under Article 4 of the agreement Europol has the task of verifying U.S. requests for data. However, "we always said it had to be a legal, judicial body to verify the legality of these requests. Europol has a role which is extremely confusing," said Cruz.
On Thursday, the first joint E.U.-U.S. review of the agreement was presented, however only the views and recommendations of the E.U. team were revealed. "All the relevant elements of the agreement have been implemented in accordance with its provisions, including the data protection provisions," claimed Home Affairs Commissioner Cecilia Malmström. However, even she conceded that there was a need "to implement increased transparency and more written information to Europol."
The report's main recommendation is that Europol receive as much information as possible from U.S. authorities in written form. Further recommendations aim at increasing the transparency of the program and further enhancing Europol's verification procedure so that U.S. requests are substantiated in a more verifiable way. The EU review team also recommends that more feedback be sought on how much added value the agreement brings to counter-terrorism work, so that this can be followed up as part of future reviews.
Sign up for CIO Asia eNewsletters.