Will Europe block a US anti-terrorism program?

BRUSSELS, Belgium — The fate of the United States government’s Terrorist Finance Tracking Program (TFTP) may hinge on how Jeanine Hennis-Plasschaert’s week turns out. And it’s not looking particularly rosy for the TFTP at the moment.

Hennis-Plasschaert, a Dutch member of the European Parliament (MEP), was on Wednesday named as the rapporteur for the Committee on Civil Liberties, Justice and Home Affairs on the question of whether to approve a nine-month interim agreement on U.S.-EU sharing of European banking data known as the “SWIFT" program while a longer-term framework is worked out.

And prospects for the interim agreement do not look good. "We’re heading for a ‘no,’" Hennis-Plasschaert said Friday.

SWIFT is a Belgium-based organization that since 1973 has run a network over which most of the world’s banks now exchange millions of messages per day. The records include account details and private data on clients, whether individual, corporate or government.

Shortly after 9/11, the U.S. government used a special administrative subpoena to access SWIFT records for the then-secret TFTP. The access and the program became public — including to the Belgian government — only in 2006 through articles in the New York Times, Wall Street Journal and other news organizations.

Europeans were shocked, not just that millions of data records had been secretly handed over to the U.S., but that there was apparently nothing the EU could do about it, even though the transfers were found to have broken Belgian and EU privacy laws. SWIFT was also bound by U.S. law to comply with the subpoenas. The company emphasized that it had fought diligently to put in place practices that reduced the amount of data the U.S. could obtain and that its compliance was “legal, limited, targeted, protected, audited and overseen.”

At the time, Bush administration officials told the New York Times that leads provided by SWIFT data were invaluable to capturing terrorists and, as one example, had been directly responsible for leading them to the man believed to be behind the 2002 Bali bombing, Riduan Isamuddin, known as Hambali.

Now new powers vested in the European Parliament by the Lisbon Treaty, which went into effect Jan. 1, give it the power to end the program, and the data-sharing.

As rapporteur, Hennis-Plasschaert must weigh numerous legal and political opinions on the intersection of privacy protection, intelligence-gathering and transatlantic cooperation on counter-terrorism, find common ground on those subjects among lawmakers from 27 countries and draft a recommendation. The action she recommends could change how the private financial information of the 500 million European Union citizens is managed.

And she has fewer than nine working days to do it. This Thursday the committee is due to vote on the interim agreement drawn up between officials from the U.S. and the EU’s executive branch, the European Commission, then approved at a European Council meeting of all 27 justice ministers. The interim agreement would allow the transfers of SWIFT’s private banking data to continue while applying more filters to what gets shared and more safeguards on its use and retention. 

Though completed and approved by EU justice ministers on Nov. 30, the agreement was only delivered to the European Parliament Jan 25. It was held up, the commission said, by the need to get it translated into the multiple languages of the 27 EU member states. The agreement goes into effect Feb. 1.

Judging by Hennis-Plasschaert’s mood as she headed into what must have been a heck of a weekend, it may turn out to be a very provisional deal indeed, since the full parliament could vote it down Feb. 9. 

And Hennis-Plasschaert thinks that’s not just possible, but probable, given the sense she’s getting from colleagues and advice from European Parliament attorneys.

"Let’s be clear, we’re heading for a ‘no,’” said Hennis-Plasschaert late Friday. “We feel that [the agreement] is being imposed on us, first of all by the U.S. authorities a few years ago, and then by Council more or less acting like the U.S. authorities’ lapdog, and now they expect us to have a similar attitude. ” 

Hennis-Plasschaert acknowledged that some would wonder whether parliamentary opposition reflects bitterness over the way the agreement was handled or genuine concerns about the content. She insisted MEPs are concerned about both: “It’s clear the way Council, but also the United States authorities, have been treating the European Parliament is just unacceptable, but this cannot be a reason to vote down the agreement.”

Hennis-Plasschaert said a rejection of SWIFT would, rather, be based on the amount of data being given to U.S. authorities without “targeting” data that might actually be terrorist-related, and a lack of follow-up on what happens to data once it is in the hands of U.S. authorities. 

“The sharing of transatlantic data is extremely important,” she said. “But we also know that some of the agencies — including the [U.S.] National Security Agency — have trouble processing this data, connecting the dots, as Obama said himself. It’s not that the more data you receive, the more leads you will have.”

The issue of data-sharing within U.S. intelligence came to the fore after an attempted bombing of a Northwest flight from Amsterdam to Detroit on Christmas Day. It turned out that U.S. authorities had been warned about the bomber, but that his name had not reached a list where he would have faced increased scrutiny before boarding a flight.

Lee Tien, an attorney who works on privacy issues for the San Francisco-based non-profit Electronic Frontier Foundation, agreed. Tien said he’s not suggesting there shouldn’t be any transfers of banking data, but that the “data-mining” possible with massive data transfers such as SWIFT’s “raise enormous privacy and accountability issues that can be very difficult to evaluate without strong oversight and compliance mechanisms.” 

Tien also applauded the European Parliament for raising the question. “The SWIFT revelation in 2006 made clear to all that, as in the U.S., the drive to fight terrorism imposes great costs not only on privacy,” he said, "but also on political accountability because of arguments about the need for national security secrecy.” 

But proponents of the agreement say rejecting it might spare EU citizens’ privacy, but would ultimately make them less safe. Jonathan Faull, who heads the commission’s justice department, pressed that point to the Civil Liberties Committee last week. “This agreement,” he emphasized, “is important for our — not the United States’ — our security.” Counter-terrorism leads obtained by the U.S. are passed back to the competent authorities in member states, Faull said. 

But there are other arguments that could undermine the commission’s hopes for the agreement. For example, EU member states already provide the U.S. with data similar to SWIFT’s based on bilateral agreements, calling into question warnings that ending the agreement would create a security gap.

One of the agreement’s biggest threats could come from within the commission itself: Information Society Commissioner Viviane Reding said last week that she would be looking very carefully at the program. “I remain to be convinced that all these SWIFT transfers are necessary, proportionate and effective to fight terrorism,” Reding said. “I want to make sure that our EU legislation and international agreements are based on evidence rather than on emotional responses to the latest scare.”

Reding will be sworn in as the new justice commissioner on Feb. 10.