Swiss banks slammed for Swift data searches
17 October 2006 | 10031 views | 0
Banks in Switzerland violated national laws by failiing to inform customers that the US government is scrutinising wire transfers passed over the interbank Swift network, says the country's top data protection official.
Hanspeter Thür, the Federal Data Protection Commissioner of Switzerland, says the mere possibility of the data being accessed by a third party should have been grounds enough to warn customers.
He says Swiss banks broke national data protection laws by not informing customers making international money transfers via Swift that their data could be passed on to third parties.
According to press reports, Thür says the main problem is that data was being passed out of the country without the knowledge of customers, and to areas where data protection laws are not as stringent as those in Switzerland.
However Thür's comments contradict those made by Switzerland Finance Minister Hans-Rudolf Merz who has said that the data sharing did not infringe Swiss sovereignty or the country's banking secrecy regulations.
News that the Bush administration was using emergency powers to access data on suspect wire transfers passed over Swift emerged in June this year. Shortly afterwards the Belgian Justice Ministry was asked to investigate the legality of the scheme.
Last month Belgian prime minister Guy Verhofstadt told reporters that the US should have informed both the Belgian government and EU authorities of the existence of the data sharing scheme. Verhofstadt called for talks between the EU and US to reach an agreement on privacy safeguards.
Swift has defended its compliance policies and argues that its US branch has been subject to valid and compulsory subpoenas which required it to transmit some stored message data to the US Treasury.
Swift CFO Francis Vanbever told politicians and journalists at Sibos that Swift's compliance with compulsory subpoenas from the US Treasury was legal and that Swift "strongly objected" to the opinion of the Belgian Data Privacy Commission that it had broken Belgian and EU data protection laws.