Belgian PM: Data Transfer Broke Rules

Both SWIFT and the U.S. authorities say records were subpoenaed as part of targeted investigations into suspected terrorist activity.

SWIFT CEO Leonard H. Schrank said the report "raised important issues about the balance" between data privacy and use of financial data for terrorism investigations. He said the company "wholeheartedly supports calls for U.S. and EU authorities to work together to develop an improved framework to reconcile data privacy protections."

Belgium's Prime Minister Guy Verhofstadt gestures as he addresses the media in Brussels, Thursday, Sept. 28, 2006. Prime Minister Guy Verhofstadt said Thursday the transfer of confidential banking records from the Belgian-based SWIFT company to U.S. authorities for use in anti-terror probes violated European Union data privacy rules. (AP Photo/Yves Logghe) (Yves Logghe - AP) QUIZ What percent of U.S. tweens own a mobile phone? A. 15 percent B. 25 percent C. 35 percent D. 55 percent • Test Your Knowledge -- More Questions washingtonpost.com Video Mash-Up Readers have the opportunity to create their own interview clips opposite Post political reporter Dana Milbank. We provide the questions, you provide the answers! Create Your Own Mash-Up   Partnership Resources for anyone who runs a small business or wants to start one, featuring advice and solutions. • Use the Weak Economy as Your Success Springboard • Is This the Year the Dreaded "Death Tax" Dies? • Keeping Your Day Job • Starting a Business • Small Business on the Net • Home-Based Businesses » RESOURCE CENTER Save & Share Tag This Article  Saving options 1. Save to description:  Headline (required)  Byline 2. Save to notes (255 character max):  Blurb 3. Tag This Article

It defended its secret deal with the U.S. Treasury, saying it only transmitted a "limited subset" of data to U.S. officials. "SWIFT did its utmost to comply with the European data privacy principles of proportionality, purpose and oversight ... and in the meantime we will continue to work with our members to resolve any data privacy concerns."

The report said it could not accept arguments from SWIFT that the data transferred to U.S. authorities came only from the company's U.S. subsidiary, and not from its global headquarters outside Brussels, and thus did not have to comply with Belgian or EU rules.

The report on the Belgian investigation was eagerly anticipated by the European Commission, which cannot launch a probe of its own under EU law or impose sanctions against those who violate the 1995 data law, but can draft new recommendations to EU governments on beefing up data protection regulations.

EU spokesman Friso Roscam Abbing said it was not known if the Commission could take any action.

European data protection officers agreed Tuesday to continue their fact-finding inquiry into SWIFT, and to meet again in November to consider recommendations.

Under current rules, each EU government is responsible for application and enforcement of the common EU data privacy law.

The U.S. Treasury has acknowledged that since the Sept. 11 attacks, it has tracked millions of confidential financial transactions handled by SWIFT.