Europe Panel Faults Sifting of Bank Data

Extracted from the New York Times
By ERIC LICHTBLAU
Published: September 26, 2006

A European Union panel has serious doubts about the legality of a Bush administration program that monitors international financial transactions, the group’s leader said Monday, and plans to recommend tighter controls to prevent privacy abuses.

“We don’t see the legal basis under the European law, and we see the need for some changes,” said Peter Schaar, a German official who leads the panel, in a telephone interview. The group is to deliver a final report this week in Brussels, and Mr. Schaar said he expected it to conclude that the program might violate European law restricting government access to confidential banking records.

The program, started by the Bush administration weeks after the Sept. 11 attacks, allows analysts from the Central Intelligence Agency and other American intelligence agencies to search for possible terrorist financing activity among millions of largely international financial transactions that are processed by a banking cooperative known as Swift, which is based in Belgium.

The European Union panel will not call for the program to be stopped, officials said. But it is expected to recommend that additional safeguards be put in place to check how financial records are shared with American intelligence officials. For the last three years, a Washington consulting firm, Booz Allen Hamilton, has audited the program, but Mr. Schaar said his panel would recommend that an outside auditor from Europe be brought in to protect against abuses.

“That’s a crucial point for us,” he said. “There must be independent supervision. We don’t see such independent supervision under the current situation, and this must be established.”
The Treasury Department, which oversees the program, declined to comment Monday on the panel’s findings.

The Bush administration has strongly defended the effectiveness and legality of the once-secret program as a tool in fighting terrorism, and it sharply criticized The New York Times for disclosing the arrangement in June. Although one government intelligence analyst was removed from the Swift team for conducting improper searches, officials at the Treasury Department and Booz Allen say they have not found any broader instances of abuse in the program.

Critics, including many privacy advocates and some banking industry executives, have questioned the propriety of giving American intelligence officials broad access, without court orders, to private data.

The disclosure of the program prompted several investigations in Europe and Canada. The European Union panel, which includes representatives from 25 countries and is formally known as the Article 29 data protection working party, would be the first international group to weigh in on the legal issues. Its findings, while advisory in nature, are expected to carry considerable influence in Europe in the debate over the program, officials say.

The European Union panel begins meeting in Brussels on Tuesday, and Mr. Schaar said he expected it would adopt a report based on a draft that has already been circulated among the members. While he would not discuss the exact language because it had not been finalized, he said the report would be “critical” of the legal basis for the American government’s use of the Swift data.

The panel, which interviewed Swift officials and other banking industry executives over the last several months, has focused on legal and policy issues. A parallel review by banking officials in Belgium is looking more closely at the actual operations of the banking program.

Joe Lockhart, a spokesman for Swift, said the group would await the release of the European Union report before commenting on its findings. But he added that “Swift complied with valid subpoenas issued by the United States Treasury Department and believes it has acted in accordance with U.S. and European data privacy law.”

The Treasury Department has used broad administrative subpoenas to get access to transactions from Swift, often millions of records at a time. While a small proportion of the transactions route money entirely within the United States, the program is focused on tracking money coming into and out of the United States or foreign-to-foreign transactions. American officials say the intelligence gleaned from the transactions has been valuable in identifying possible terrorist financiers.

Some legal experts agree with administration officials that the program is legal, while others say it appears to fall into a gray area in American law regarding the protection of confidential banking records.

But legal experts say banking privacy restrictions imposed by the European Union and others in Europe impose tight restrictions on how private banking data can be shared, even in the course of law enforcement and intelligence-gathering investigations.

“The main item from my point of view is that the fundamental civil rights of the European citizens have to be safeguarded,” said Mr. Schaar, who also serves as the federal data protection commissioner for Germany. “There are doubts about the legality of this program.”
The group’s report comes at a time of tensions between Europe and the United States over American counterterrorism policies.

Europeans have objected, for instance, to the C.I.A.’s operation of formerly secret prisons in Europe for the interrogation of “high value” terrorism suspects. And the European Union’s highest court in May struck down an agreement giving the United States access to personal details about passengers on trans-Atlantic flights, forcing the United States and its European partners to rework the agreement.

Privacy advocates, who brought formal complaints over the Swift program in 40 countries after its disclosure, say they hope that a critical ruling from the European Union working group will lead to similar changes.

“What we’re hoping is that they’ll basically tell Swift what they did was illegal,” said Gus Hosein, a senior fellow at Privacy International in London, which brought the complaints over the program. He said he expected that a critical report from the Article 29 group could lead to fuller investigations of the program, financial penalties against Swift in those countries where it operates, and possibly a suspension of the program.

As part of the European Union panel’s review, Privacy International and the American Civil Liberties Union prepared a report criticizing Booz Allen’s role in monitoring the program. The report raised questions about the firm’s objectivity, citing its long history as a government contractor and the fact that former intelligence officials are among its executives.

But Booz Allen rejected such charges on Monday. “What clients are buying from us,” said Marie Lerch, a spokeswoman for the firm, “is independence and objectivity.”