Thought this news item may be of interest to the Group

David Wyatt

 http://www.theregister.co.uk/2006/08/22/terrorist_finance_snoop/

       -- snip -- 
       The US Treasury programme of snooping on international banking
       transactions to track terrorist funding had unfettered access to the
       world's private financial details for anything upto five years. 

       A spokesman for Society for Worldwide Interbank Financial
       Telecommunication (Swift) said it had won restrictions on the Treasury's
       power to see its data, which consists of records of financial 
       transactions between 7,800 of the world's financial institutions, going
       back 120 days.

       But the Treasury's snooping on international financial records, begun by
       subpoena in the wake of the September 11 terrorist attacks, was being 
       done without oversight while Swift negotiated to protect the privacy of
       the international data it held.

       "Over time we've narrowed down the scope of those subpoenas...the whole
       process has been refined," said the spokesman. 

       But he could not say how long it had taken to put the checks in place,
       nor how many records the Treasury had seen before its dogs were put back
       on the leash.

       Swift was keen to keep the Treasury's nose out of its records because 
       its clients would not take kindly to having their transactions
       scrutinised by a foreign government.

       It managed to persuade the US authorities to have their investigators
       restrained. They agreed they could only take limited batches of data, 
       rather than scan the whole lot freely. These batches could then be
       searched only for specific transactions that could be demonstrated to
       have links to terrorism. These searches were to be audited by both Swift 
       and an external auditor, Booz Allen.

       However, campaign group Privacy International said these were not
       enough. It had filed a complaint to the British data protection body,
       the Information Commissioner. It is worried that the Treasury was 
       fishing through international financial records in the hope of turning
       up terrorist finance records. It also feared the data could be used for
       other purposes, including espionage.

       Swift's CEO, Leonard Schrank, flew to London to meet Privacy 
       International on Friday. Simon Davies, a PI director, said he had told
       Schrank he wanted to see proof that the Treasury was only able to see
       records that it knew contained details of terrorist financial 
       transactions.

       "When was the last time you were satisfied with something that was
       claimed without seeing proof?" said Davies.

       "We are not prepared to accept anybody's face value assertions that 
       protections have been put in place," he said.

       He is meeting with Swift in Brussels again on Wednesday, just before the
       Article 29 Working Party of EU data protection commissioners meets to 
       discuss what to do about the situation. They want to co-ordinate their
       separate investigations of the Treasury subpoenas through the Belgian
       privacy commissioner.

       The way in which international business operates its IT infrastructure 
       has given the US government unprecedented power to view international
       financial records.

       Swift has an unspecified number of data centres around the world, each
       one storing every one of the 11 million transactions it handles on a 
       daily basis, being mirrors of one another as backup in the event of one
       of them failing. This means that a US subpoena of records kept in
       Swift's US data centre will gain access to financial transactions made 
       in over 200 countries.

       In testimony before the House Financial Services Subcommittee on
       Oversight and Investigations on 11 July, Stuart Levey, under secretary
       for terrorism and financial intelligence at the US Treasury said no-one 
       would have known about this programme (called the Terrorist Finance
       Tracking Programme) if details had not been leaked to the US papers.

       He said secrecy was one of the programme's strengths. But Republicans 
       have complained that even Congress was not aware of what was going on.

       The Washington Post likened the programme to the National Security
       Agency's mass surveillance of international telephone and Internet 
       communications without a warrant, which was recently found by a US judge
       to be illegal. It said the US government was also building
       "unprecedented" government databases of private transactions of people 
       unrelated to terrorism.

       Levey also said Swift did not supply it with individual bank account
       information.

       This is not strictly true. According to Swift, each of the "messages" on 
       its database is a record of a financial transaction. When the Treasury
       investigators get inside the encrypted electronic envelopes they get to
       see the individual bank account details of the payer and the 
       beneficiary, including the amount being transferred.(r)
       -- snip --


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^