Full text 
Procedure : 2009/2670(RSP)
Document stages in plenary
Document selected : B7-0038/2009

Texts tabled :


Debates :

PV 16/09/2009 - 5
CRE 16/09/2009 - 5

Votes :

PV 17/09/2009 - 4.3
CRE 17/09/2009 - 4.3
Explanations of votes

Texts adopted :


Texts adopted
PDF 129kWORD 47k
Thursday, 17 September 2009 - Strasbourg

European Parliament resolution of 17 September 2009 on the envisaged international agreement to make available to the United States Treasury Department financial payment messaging data to prevent and combat terrorism and terrorist financing

The European Parliament,

–   having regard to Article 6(2) of the Treaty on European Union and Article 286 of the EC Treaty,

–   having regard to Articles 95 and 300 of the EC Treaty,

–   having regard to the European Convention on Human Rights, in particular Articles 5, 6, 7 and 8 thereof,

–   having regard to the Charter of Fundamental Rights of the European Union, in particular Articles 7, 8, 47, 48 and 49 thereof,

–   having regard to Council of Europe Convention No 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data,

–   having regard to Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data(1),

–   having regard to Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data(2),

–   having regard to Directive 2005/60/EC of the European Parliament and of the Council of 26 October 2005 on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing(3) and Regulation (EC) No 1781/2006 of the European Parliament and of the Council of 15 November 2006 on information on the payer accompanying transfers of funds(4),

–   having regard to the Agreement on mutual legal assistance between the European Union and the United States of America of 25 June 2003, in particular Article 4 thereof (on identification of bank information)(5),

–   having regard to the US Terrorist Finance Tracking Program (TFTP) based on US Presidential Executive Order 13224(6), which, in the event of a national emergency, authorises notably the US Treasury Department to obtain, by means of "administrative subpoenas", sets of financial messaging data transiting over financial message networks such as the ones managed by the Society for Worldwide Interbank Financial Telecommunications (SWIFT),

–   having regard to the conditions established by the US Treasury Department to access the SWIFT data (as defined by the US representations(7)) and taking account of the information obtained by the Commission via the "eminent person" on the US authorities" compliance with the representations referred to above,

–   having regard to its previous resolutions inviting SWIFT to comply strictly with the EU legal framework, notably when European financial transactions take place on EU territory(8),

–   having regard to the negotiating directives for the Presidency of the Council and the envisaged international agreement between the EU and the US on the transfer of SWIFT data, which have been classified "EU Restricted",

–   having regard to the opinion of the European Data Protection Supervisor of 3 July 2009, which has been classified "EU Restricted",

–   having regard to Rule 110(2) of its Rules of Procedure,

A.   whereas SWIFT announced in October 2007 a new messaging structure to be operational by the end of 2009,

B.   whereas this change in messaging structure would have the consequence that the majority of the financial data that SWIFT had thus far been subpoenaed to transfer to the US Treasury Department's TFTP would no longer be made available to the TFTP,

C.   whereas on 27 July 2009 the Council unanimously adopted the negotiating directives for the negotiation by the Presidency, assisted by the Commission, of an international agreement with the US, on the basis of Articles 24 and 38 of the Treaty on European Union, to continue the transfer of SWIFT data to the US TFTP,

D.   whereas the negotiating directives, together with the legal opinion on the choice of legal basis issued the Council's Legal Service, have not been made public, since they are classified "EU Restricted",

E.   whereas the international agreement will provide for provisional and immediate application from the time of signature until entry into force of the agreement,

F.   whereas the EU itself does not have a TFTP in place,

G.   whereas access to data managed by SWIFT makes it potentially possible to detect not only transfers linked to illegal activities but also information on the economic activities of the individuals and countries concerned, and could thus be misused for large-scale forms of economic and industrial espionage,

H.   whereas SWIFT concluded with the United States Treasury Department a memorandum of understanding which narrowed the scope of data transferred and confined the scope of data searches to specific counter-terrorism cases, and subjected such transfers and searches to independent oversight and audit, including real-time monitoring,

I.   whereas any EU-US agreement must be conditional upon maintaining the protection which exists in the memorandum of understanding and the US Treasury representations, such as those that apply in the case of data subpoenaed from SWIFT's US operating centre by the US Treasury Department,

1.  Recalls its determination to fight terrorism and its firm belief in the need to strike the right balance between security measures and the protection of civil liberties and fundamental rights, while ensuring the utmost respect for privacy and data protection; reaffirms that necessity and proportionality are key principles without which the fight against terrorism will never be effective;

2.  Stresses that the European Union is based on the rule of law and that all transfers of European personal data to third countries for security purposes should respect procedural guarantees and defence rights and comply with data-protection legislation at national and European level(9);

3.  Reminds the Council and the Commission that, within the transatlantic framework of the EU-US agreement on legal assistance, which will enter into force on 1 January 2010, Article 4 provides for access to be granted to targeted financial data upon request, through national state authorities, and that this might constitute a sounder legal basis for the transfer of SWIFT data than the proposed interim agreement, and asks the Council and the Commission to explain the need for an interim agreement;

4.  Welcomes SWIFT's decision in June 2007 to relocate all intra-EU financial transfer data to two European operating centres; draws the Council's attention to the fact that this decision was taken in accordance with the Belgian Data Protection Authority and the request from the EU's Article 29 Working Party and in line with the view expressed by the European Parliament;

5.  Notes that the Council did not adopt the negotiation directives until almost two years after SWIFT announced the change in messaging structure;

6.  Is concerned that, with respect to the legal basis chosen for this envisaged agreement, the legal services of the institutions have expressed divergent opinions, and notes that the Council's Legal Service is of the opinion that it is a Community competence;

7.  Believes, to the extent that an international agreement is absolutely necessary, that it must as a very minimum ensure:

   (a) that data are transferred and processed only for the purposes of fighting terrorism, as defined in Article 1 of Council Framework Decision 2002/475/JHA of 13 June 2002 on combating terrorism(10), and that they relate to individuals or terrorist organisations recognised as such also by the EU;
   (b) that the processing of such data as regards their transfer (only by means of a "push" system), storage and use is not disproportionate to the objective for which those data have been transferred and are subsequently processed;
   (c) that the transfer requests are based on specific, targeted cases, limited in time and subject to judicial authorisation, and that any subsequent processing is limited to data which disclose a link with persons or organisations under examination in the US; that data which do not disclose such links are erased;
   (d) that EU citizens and enterprises are granted the same defence rights and procedural guarantees and the same right of access to justice as exist in the EU and that the legality and proportionality of the transfer requests are open to judicial review in the US;
   (e) that transferred data are subject to the same judicial redress mechanisms as would apply to data held within the EU, including compensation in the event of unlawful processing of personal data;
   (f) that the agreement prohibits any use of SWIFT data by US authorities for purposes other than those linked to terrorism financing, and that the transfer of such data to third parties other than the public authorities in charge of the fight against terrorism financing is also prohibited;
   (g) that a reciprocity mechanism is strictly adhered to, obliging the competent US authorities to transfer relevant financial messaging data to the competent EU authorities, upon request;
   (h) that the agreement is expressly set up for an intermediate period by means of a sunset clause not exceeding 12 months, and without prejudice to the procedure to be followed under the Lisbon Treaty for the possible conclusion of a new agreement in this field;
   (i) that the interim agreement clearly provides for the US authorities to be notified forthwith after the entry into force of the Lisbon Treaty and that a possible new agreement will be negotiated under the new EU legal framework that fully involves the European Parliament and national parliaments;

8.  Requests the Council and the Commission to clarify the precise role of the "public authority" to be designated with responsibility to receive requests from the US Treasury Department, taking into account in particular the nature of the powers vested in such an "authority" and the way in which such powers could be enforced;

9.  Requests the Council and the Commission to confirm that batches and large files such as those concerning transactions relating to the Single European Payment Area (SEPA) fall outside the scope of the data to be requested by or transferred to the US Treasury Department;

10.  Stresses that SWIFT is a key infrastructure for the resilience of Europe's payment systems and securities markets and should be not be unfairly disadvantaged vis-à-vis competing financial message providers;

11.  Underlines the importance of legal certainty and immunity for citizens and private organisations subject to data transfers under such arrangements as the proposed EU-US agreement;

12.  Notes that it may be useful for the Commission to evaluate the necessity of setting up a European TFTP;

13.  Requests the Commission and the Presidency to ensure that the European Parliament and all national parliaments will be given full access to the negotiation documents and directives;

14.  Instructs its President to forward this resolution to the Council, the Commission, the European Central Bank, the governments and parliaments of the Member States and candidate countries, and the United States Government and the two Chambers of Congress.

(1) OJ L 281, 23.11.1995, p. 31.
(2) OJ L 8, 12.1.2001, p. 1.
(3) OJ L 309, 25.11.2005, p. 15.
(4) OJ L 345, 8.12.2006, p. 1.
(5) OJ L 181, 19.7.2003, p. 34.
(6) Executive Order 13224 was issued by President Bush on September 23, 2001, pursuant to the International Emergency Economic Powers Act, 50 USC, sections 1701-1706. The President delegated his authority under the Executive Order to the Secretary of the Treasury. The Treasury issued the subpoenas to SWIFT pursuant to Executive Order 13224 and its implementing regulations.
(7) Processing of EU originating Personal Data by United States Treasury Department for Counter Terrorism Purposes – "SWIFT" (OJ C 166, 20.7.2007, p. 18).
(8) Resolution of 14 February 2007 on SWIFT, the PNR agreement and the transatlantic dialogue on these issues (OJ C 287 E, 29.11.2007, p. 349); resolution of 6 July 2006 on the interception of bank transfer data from the SWIFT system by the US secret services (OJ C 303 E, 13.12.2006, p. 843).
(9) Notably the European Convention on Human Rights, in particular Articles 5, 6, 7 and 8 thereof, the Charter of Fundamental Rights, in particular Articles 7, 8, 47, 48 and 49 thereof, Council of Europe Convention No 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data, Directive 95/46/EC and Regulation (EC) No 45/2001.
(10) OJ L 164, 22.6.2002, p. 3.

Legal notice - Privacy policy