EU police report shows holes in US data deal
US demands for EU banking data under the so-called Swift agreement are "too general and abstract" for Europol to allow a proper evaluation of the necessity of those transfers, an inspection report carried out by the police agency's own supervisory body says.
The EU-US deal, which entered into force in August 2010, allows anti-terrorism officials in Washington to get large sets of banking data, provided the EU joint-police body in The Hague, Europol, pre-authorises it.
Join EUobserver today
Get the EU news that really matters
Instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Already a member?
Giving Europol a role in this process was one of the concessions made to the European Parliament after it rejected an initial agreement.
In the official version of its report, the EU supervisory body notes that out of four data transfer requests, Europol declined none, despite having serious misgivings.
"It was found that the US requests were too general and too abstract to allow proper evaluation of the necessity of the requested data transfers. Despite this, Europol approved each request it received," the report said.
Extra information may have been given to Europol staff by the US Treasury department, but this was done "orally" and the supervisory body cannot certify or comment on those statements, it added.
The publication of the report represents another blow to the controversial agreement which some MEPs want to scrap altogether.
"It's official now: US terror investigators get such broad data from Europe, that even the supervisory body of Europol is concerned about a breach of basic data protection criteria," Green German MEP Jan Philipp Albrecht said in a press release calling for the deal to be scrapped.
The fallout from this report may also have an impact on other data transfer agreements with the US awaiting the approval of the European Parliament.
"Our support for this and other, forthcoming agreements clearly rely on the trustworthiness of our partners," Dutch Liberal MEP Sophie in't Veld said, noting that the Europol report "does not inspire much confidence."
In Germany, data protection czar Peter Schaar also asked member states to correct the "massive deficiencies" identified in the report and declassify the rest of the evaluation.
"Is Europol even able and does it want to properly acknowledge the guardian function it has been entrusted with?" Mr Schaar said, in reference to the rubber-stamped data transfer demands.