Progress: Procedure completed
Role | Committee | Rapporteur | Shadows |
---|---|---|---|
Lead | LIBE | PICKART ALVARO Alexander Nuno ( ALDE) | |
Committee Opinion | AFET |
Lead committee dossier:
Legal Basis:
TFEU 087-p2, TFEU 088-p2-a1, TFEU 218-p6a
Legal Basis:
TFEU 087-p2, TFEU 088-p2-a1, TFEU 218-p6aSubjects
Events
The Commission presented a report on the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program (TFTP).
The Agreement, which entered into force on 1 August 2010, provides for regular joint reviews of the safeguards, controls, and reciprocity provisions to be conducted by review teams from the European Union and the United States.
This report concerns the fifth joint review of the Agreement since it entered into force and covers a period of 35 months between 1 January 2016 and 30 November 2018.
The fifth joint review was carried out in two main stages: on 15 January 2019 in The Hague at Europol's premises and on 31 January and 1 February 2019 in Washington at the Treasury.
Main findings
The report noted that:
- the Commission is satisfied that the Agreement and its safeguards and controls are properly implemented;
- Europol is accomplishing its verification tasks;
- the TFTP remains a key instrument to provide timely, accurate and reliable information about activities associated with suspected acts of terrorist planning and financing;
- during the current review period, the EU has continued to significantly benefit more from the TFTP. It has become an increasingly important tool with the increase in the number of terrorist attacks since 2015. In some cases, the information provided under the Agreement has been instrumental in bringing forward specific investigations relating to terrorist attacks on EU soil.
Improvements
In terms of potential for further improvement, the Commission suggests that the Treasury assesses the message types and geographic regions that are the most and least responsive to TFTP searches. This could result in a more narrowly tailored request to minimise the amount of data requested from the designated provider.
The Commission further suggests that the Treasury should improve its mechanisms to review the necessity of retaining so-called “extracted data” to ensure that this data is only retained for as long as necessary for the specific investigation or prosecution for which they are used.
In this context, the Commission also requests Member States to inform Europol as a Single Point of Contact (SPoC) for subsequent information of the Treasury when a case has been finally disposed of, which should in principle lead to the deletion of extracted data relating to that case. Particular attention should also be provided to extracted data that is viewed by the Treasury analysts but not, due to considerations of relevancy, disseminated further in the context of a specific investigation.
Conclusion
The Commission considered that the TFTP remains an important instrument to provide timely, accurate and reliable information about activities associated with suspected acts of terrorist planning and financing. It helps to identify and track terrorists and their support networks worldwide.
The Commission welcomes the continued transparency of the U.S. authorities in sharing information illustrating the value of the TFTP in international counter-terrorism efforts.
A regular review of the Agreement is essential to ensure its proper implementation, to build up a relationship of trust between the contracting parties and to provide reassurances to interested stakeholders on the usefulness of the TFTP instrument.
The Commission and the Treasury agreed to carry out the next joint review of the Agreement in the beginning of 2021.
This Commission services presents a working document on the joint review report of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
To recall, the Terrorist Finance Tracking Program (TFTP) Agreement entered into force in August 2010.
This working document focuses on the following elements:
Review process
According to the Agreement, the review should have particular regard to:
- the number of financial payment messages accessed;
- the number of occasions on which leads have been shared with Member States, third countries, and Europol and Eurojust;
- the implementation and effectiveness of the Agreement, including the suitability of the mechanism for the transfer of information;
- cases in which information has been used for the prevention, investigation, detection, or prosecution of terrorism or its financing;
- compliance with the data protection obligations specified in the Agreement.
The Agreement also states that the review shall include a representative and random sample of searches in order to verify compliance with the safeguards and controls set out in this Agreement, as well as a proportionality assessment of the Provided Data, based on the value of such data for the investigation, prevention, detection, or prosecution of terrorism or its financing.
The report establishes all of the procedures applicable to the review process and the different stages of the process.
Recommendations
On the basis of the information and explanations received from the Treasury, Europol, the Designated Provider and the independent overseers, verification of relevant documents and of a representative sample of the searches run on the TFTP provided data, the Commission is satisfied that the Agreement and its safeguards and controls are properly implemented.
The review shows efforts by the Treasury to collect, analyse and make available to the review team and to the public examples demonstrating the important value of the TFTP for counterterrorism investigations worldwide, despite the limitations given by the highly sensitive nature of these investigations.
The Commission acknowledges the benefits of the close cooperation between the U.S. authorities, Europol and EU counter-terrorism authorities in assessing and communicating on terrorism-related threats ensuring that the TFTP also addresses the threat from the EU perspective. Europol is fully accomplishing its tasks and it is important that such cooperation continues to remain independent from the verification role of Europol.
The Commission suggests that the Member States consider providing regular feedback to Europol, for onward sharing with the Treasury as appropriate, on the added value of the TFTP leads received from the Treasury which could further improve the quality and the quantity of information exchanged.
Follow-up
A regular review of the Agreement is essential to ensure its proper implementation, to build up a relationship of trust between the contracting parties and to provide reassurances to interested stakeholders on the usefulness of the TFTP instrument. It has been agreed between the Commission and the Treasury to carry out the next joint review at the beginning of 2021.
The Commission presented a report on the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program (TFTP).
The Agreement, which entered into force on 1 August 2010, provides for regular joint reviews of the safeguards, controls, and reciprocity provisions to be conducted by review teams from the European Union and the United States.
This report concerns the fourth joint review of the Agreement since it entered into force and covers a period of 22 months between 1 March 2014 and 31 December 2015.
The fourth joint review was carried out in two main stages: on 1 March 2016 in The Hague at Europol's premises and on 15 and 16 March 2016 in Washington at the U.S. Treasury Department.
Satisfactory implementation : the Commission is satisfied that the Agreement and its safeguards and controls are properly implemented and that the findings of the third joint review have been followed up by the Treasury.
In particular:
the Commission is satisfied with the outcome of the discussions on the interpretation of Article 15 concerning the right of access and the manner in which the Treasury continues to assess the necessity of retaining extracted data in the sense of Article 6 (7) of the Agreement; Europol is accomplishing its verification tasks in full compliance with Article 4 on the basis of detailed and regularly updated supporting documentation received from the Treasury; the oversight mechanism is functioning smoothly and is effective in ensuring that the processing of data complies with the conditions laid down in the Agreement. All non-extracted data is deleted on a semi-annual basis in order to ensure that all such data is deleted at the latest five years from receipt; the relevant information about the process of rectification of data has been included on the Treasury's website.
Possible improvements : the Commission suggested:
that Member States should consider providing regular feedback on the TFTP data received from the Treasury which could further improve the quality and the quantity of information exchanged; that Europol should: (i) continue its efforts to actively promote awareness of the TFTP and to support Member States seeking its advice and experience in devising requests; (ii) continue fulfilling its verification role as thoroughly and independently as at present.
In conclusion , the Commission considered that the TFTP remains an important instrument to provide timely, accurate and reliable information about activities associated with suspected acts of terrorist planning and financing. It helps to identify and track terrorists and their support networks worldwide.
The Commission welcomed the continued increased transparency of the U.S. authorities in sharing information illustrating the value of the TFTP in international counter-terrorism efforts.
A regular review of the Agreement is essential to ensure its proper implementation, to build up a relationship of trust between the contracting parties and to provide reassurances to interested stakeholders on the usefulness of the TFTP instrument. It has been agreed between the Commission and the Treasury to carry out the next joint review of the Agreement at the beginning of 2018.
This Commission services presents a working document on the joint review report of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
To recall, the Terrorist Finance Tracking Program (TFTP) Agreement entered into force in August 2010.
This working document focuses on the following element:
Review process : according to the Agreement, the review should have particular regard to:
the number of financial payment messages accessed; the number of occasions on which leads have been shared with Member States, third countries, and Europol and Eurojust; the implementation and effectiveness of the Agreement, including the suitability of the mechanism for the transfer of information; cases in which information has been used for the prevention, investigation, detection, or prosecution of terrorism or its financing; compliance with the data protection obligations specified in the Agreement.
The Agreement also states that the review shall include a representative and random sample of searches in order to verify compliance with the safeguards and controls set out in this Agreement, as well as a proportionality assessment of the Provided Data, based on the value of such data for the investigation, prevention, detection, or prosecution of terrorism or its financing.
The report establishes all of the procedures applicable to the review process and the different stages of the process.
Recommendations : in general, the staff working document states that the Agreement and its safeguards and controls were properly implemented and that the findings of the second joint review have been followed up by the Treasury.
According to the results of the review, it was reiterated that the U.S. Government – including all departments and agencies – has not collected financial payment messages from the Designated Provider in the European Union, except as authorized by the TFTP Agreement.
The Commission acknowledges the benefits of the close cooperation between the U.S. authorities, Europol and EU counter-terrorism authorities in assessing and communicating on terrorism-related threats ensuring that the TFTP also addresses the threat from the EU perspective.
The Commission suggests that the Member States consider providing regular feedback on the TFTP data received from the Treasury which could further improve the quality and the quantity of information exchanged under the Agreement.
In addition, the Commission encourages Europol to continue its efforts to actively promote awareness of the TFTP and to support Member States.
The Commission will continue discussion on the interpretation of Article 15 concerning the right of access in light of the actual responses Treasury will provide in the future.
Lastly, the Commission recommends that the Treasury continues to assess the necessity of the extracted data in the sense of Article 6 (7) of the Agreement (in particular as regards the data retention periods).
The Commission states that a regular review of the Agreement is essential to ensure its proper implementation, to build up a relationship of trust between the contracting parties and to provide reassurances to interested stakeholders on the usefulness of the TFTP instrument.
The next joint review should take place in the second half of 2015.
The Commission presented a report on the Joint Report from the Commission and the U.S. Treasury Department regarding the value of TFTP Provided Data pursuant to Article 6 (6) of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
Joint report : in accordance with TFTP Agreement, the European Commission and the U.S. Treasury Department have prepared the joint report regarding the value of Terrorist Finance Tracking Program (TFTP) Provided Data, with particular emphasis on the value of data retained for multiple years.
The modalities of this Report have been determined jointly by the European Commission and the U.S. Treasury Department, in line with Article 6 (6) of the Agreement.
The European Commission and the U.S. Treasury Department began discussions on the modalities, mandate, and methodology for the report in December 2012.
Member States and Europol have provided written contributions, which have been considered and reflected upon in the preparation of this Report. To this end, Europol issued a questionnaire to all concerned Member States in order to collect relevant information for its input for this Report. The questionnaire aimed at obtaining a current overview of the added value of TFTP Provided Data, in relation to specific cases investigated by competent authorities in relevant Member States .
Between 1 February and 24 May 2013, the U.S. assessment team interviewed counter terrorism investigators at a variety of agencies, reviewed counter terrorism cases in which the TFTP was used, and analysed over 1,000 TFTP reports to assess the value of TFTP-derived information.
Scope and main findings : the Report focuses on how the TFTP Provided Data have been used and the value the data bring to counter terrorism investigations in the United States and the EU. It includes multiple concrete examples where TFTP data, including data retained for three years or more , have been valuable in counter terrorism investigations, in the United States and the EU, before and since the Agreement entered into force on 1 August 2010.
In addition to this Report, other examples of the usefulness and value of the TFTP data have been presented in the context of the two joint reviews, carried out in February 2011 and October 2012, pursuant to Article 13 of the Agreement.
As a whole, these factual and concrete sets of information constitute a considerable step forward in further explaining the functioning and the added value of the TFTP.
The Report also describes the methodology for the assessment of retention periods by the U.S. Treasury Department and deletion of non-extracted data. The Report demonstrates that TFTP Provided Data, including data retained for multiple years, have been delivering very important value for the counter terrorism efforts in the United States, Europe, and elsewhere.
This Report on the second joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program (TFTP) covers the period from 1 February 2011 until 30 September 2012.
Recommendations and conclusions: based on the review findings, the EU review team is satisfied that the recommendations presented in the report of March 2011 on the first Joint Review have, to a large extent, been followed up. Providing more verifiable insights into the actual added value of the TFTP, preferably by public information without endangering the effectiveness of this instrument and whilst respecting the need for confidentiality of the methods and procedures used, still remains a challenge. As already stated in the first report, transparency on the added value of the programme for the fight against terrorism would go a long way in convincing a wider audience of the real benefits of the TFTP and the Agreement and would raise the level of trust in the programme, and that such transparency should be sought wherever possible without endangering the effectiveness of the programme as such.
The EU review team is of the opinion that the review mechanism is a valuable tool for the assessment of the implementation of the Agreement and the safeguards included therein. In view of the longer period of application of the Agreement, this second review allowed a much deeper insight into the functioning of the TFTP than the first and confirmed the clear value added of this instrument in fighting against and preventing terrorism.
Overall the implementation of the agreement more than two years after its entry into force has reached a very satisfactory level with the EU increasingly profiting from it under the specific reciprocity arrangements.
To further enhance the quality of the implementation of the Agreement, the EU review team presents the following recommendations :
that the US Treasury continues to make requests (together with any supplementary documents) with detailed and regularly updated justification as currently provided, and that Europol continues to carry out its tasks pursuant to Article 4 following the high verification standards currently agreed upon; that the overseers of the Designated Provider and the EU overseers continue to carry out their supervisory tasks in a complementary way , and that the EU deputy overseer quickly becomes fully operational and integrates into the team of overseers; that the Treasury specifies more in detail to the Commission how the on-going evaluation process is carried out in practice , and that the practice of deletion of data in particular is monitored continuously; that information on the Treasury website referring to the right of rectification of data explains what a rectification means in this context due to technical constraints, and that the Treasury continues to update the website regularly, where necessary, with the support of the Commission; that Member States and, where relevant, Eurojust regard Europol as the EU's single reference point for Article 10 requests , and that, in all law enforcement cases in which requests are submitted directly to the Treasury, Member States inform Europol of such requests in a systematic and timely manner ; that any technical modalities and security arrangements agreed upon with the Treasury for the transfer of information are respected, which includes seeking prior consent from the data owner before disseminating such information, and that in the future, a consultation and coordination takes place between Europol’s Joint Supervisory Body (notwithstanding its independent status), Europol and the Commission on the planning, timing and focus of possible inspections in order to avoid overlapping activities and misleading public statements;
According to the Agreement, the Commission and the Treasury shall prepare a joint report regarding the value of TFTP provided data no later than three years from the date of entry into force of the Agreement (1/8/2013). By that same date, the Commission will present a report of progress on the development of an equivalent EU system with regard to Article 11 of the Agreement, as invited by the Council.
This report relates to the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
In accordance with its Article 13, the first review of the Agreement took place six months after the entry into force of the Agreement. This review has therefore primarily focused on whether all of the elements of the Agreement have been implemented and its mechanisms have been properly put into place rather than on the effectiveness of the Agreement – time was considered too short to come to a considered judgment on that.
This report was prepared by the EU delegation of the joint review team, based on the work of the joint review team and other work independently conducted by the EU delegation. The report reflects the views of the EU delegation.
This report provides a picture of the way the Agreement has been implemented during the first six months after its entry into force. The EU review team has reached the conclusion that all of the relevant elements of the Agreement have been implemented in accordance with its provisions, including the data protection provisions. The measures which have been taken to ensure such implementation by the U.S. authorities are convincing, and in some cases go beyond what is required under the Agreement. In addition, the review team has been presented with convincing indications of the added value of the Terrorist Finance Tracking Program (TFTP) to efforts to combat terrorism and its financing. The review team met with representatives of the Treasury Department, the F.B.I., Europol, the overseers and auditors appointed by the designated provider, as well as with the overseer provisionally appointed by the European Commission.
The recommendations of the EU review team focus on the desirability of providing more publicly accessible information on the way the program functions, in as far as this is possible, without endangering the effectiveness of the Program. This concerns, in particular, the overall volume of data provided to the U.S. authorities, and the number of financial payment messages accessed.
The EU review team also suggests further enhancing the Europol verification procedure referred to in Article 4. In addition, the EU review team would welcome more verifiable statistical information on the added value of TFTP derived information to efforts to combat terrorism and its financing in order to further substantiate the added value of the program. It also recommends improving some aspects of the provision of information to the general public on the rights accorded to them under the Agreement.
Lastly, the EU review team provides a recommendation on the preparation of future reviews, and suggests that the implementation of the recommendations should be the subject of future review efforts.
This report consists of four Chapters. Chapter 2 provides an overview of the background to the review and its purpose and procedural aspects. Chapter 3 presents the main findings of the review and the recommendations of the review team. Finally, Chapter 4 presents the overall conclusions.
The report is supplemented by Annex A which contains the report of the U.S. Department of the Treasury to the joint review team, including the answers given by the Treasury Department to the questionnaire sent on behalf of the EU members of the review team. This Annex also provides the statistical information referred to in Article 13 of the Agreement, which stipulates the elements to be covered by the review. Annex B presents the EU and U.S. representatives in the joint review team.
It is has been agreed that a follow up review will be carried out next year.
PURPOSE: to conclude an Agreement between the EU and the US on the processing and transfer of Financial Messaging Data from the EU to the US for purposes of the Terrorist Finance Tracking Program.
LEGISLATIVE ACT: Council Decision 2010/412/EU on the conclusion of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the EU to the US for the purposes of the Terrorist Finance Tracking Program.
BACKGROUND: the JHA Council of 30 November 2009 authorised the Presidency of the Council of the EU to sign an interim agreement between the EU and the United States on the processing and transfer of Financial Messaging Data from the EU to the U.S. for purposes of the TFTP. The interim agreement, also signed on 30 November 2009, was to have a maximum duration of 9 months.
However, on 11 February the European Parliament adopted its Resolution withholding consent for the TFTP Interim Agreement (see NLE/2009/0190 ). A letter signed by the President of the Council was delivered to the US Secretary of State on 22 February 2010 stating that as a consequence of the Parliament's Resolution, the EU could not become a party to the Interim Agreement and terminating the provisional application of the Agreement. On 24 March 2010, the Commission adopted a Recommendation from the Commission to the Council to authorise the opening of the negotiations between the EU and the US on the same issue bearing in mind Parliament’s opinion expressed in its resolution rejecting the Agreement.
On 5 May, Parliament adopted a new resolution where it expressed its views on the limits and purposes of the Agreement (all information transfer must be strictly limited to that which is strictly necessary in the fight against terrorism).
On 11 May 2010, the Council adopted a Decision, together with negotiation directives, authorising the Commission to open negotiations on behalf of the EU to make available to the United States Treasury Department financial messaging data to prevent and combat terrorism and terrorism financing. The Agreement was signed by the Parties on 28 June 2010. The Agreement should be concluded on behalf of the EU.
CONTENT: the Decision approves the Agreement between the EU and the US on the processing and transfer of Financial Messaging Data from the EU to the US for the purposes of the Terrorist Finance Tracking Program on behalf of the Union.
The main points of the Agreement are as follows:
Purpose : the purpose is to ensure, with full respect for the privacy, protection of personal data, and other conditions set out in this Agreement, that:
financial payment messages referring to financial transfers and related data stored in the territory of the European Union by providers of international financial payment messaging services, that are jointly designated pursuant to this Agreement, are provided to the U.S. Treasury Department for the exclusive purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing; relevant information obtained through the TFTP is provided to law enforcement, public security, or counter terrorism authorities of Member States, or Europol or Eurojust, for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing.
Scope of Application : it applies to the obtaining and use of financial payment messaging and related data relating to acts of a person or entity that involve violence, or are otherwise dangerous to human life or create a risk of damage to property or infrastructure, and which, given their nature and context, are reasonably believed to be committed with the aim of: (i) intimidating or coercing a population; (ii) intimidating, compelling, or coercing a government or international organization to act or abstain from acting; or (iii) seriously destabilizing or destroying the fundamental political, constitutional, economic, or social structures of a country or an international organization.
Ensuring Provision of Data by Designated Providers : the EU must ensure that providers of international financial payment messaging services (or Society for Worldwide Interbank Financial Telecommunication (SWIFT). provides the U.S. Treasury Department the requested financial payment messaging and related data.
U.S. Requests to Obtain Data from Designated Providers : the Decision makes provision for a procedure for the US Treasury to obtain data that are stored in the territory of the European Union.
Safeguards Applicable to the Processing of Provided Data : the US Treasury Department must take measures to ensure that Provided Data are processed in accordance with the provisions of the Agreement, that is: the data must be processed exclusively for the purposes in the text and it shall not involve data mining or any other type of algorithmic or automated profiling or computer filtering. The US Treasury must takes the safeguards specified in the text, which shall be applied without discrimination on the basis of nationality or country of residence.
There are provisions to ensure that the Treasury’s search of Provided Data shall be narrowly tailored, and demonstrate a reason to believe that the subject of the search has a nexus to terrorism or its financing. The Parties must recognise the special sensitivity of personal data revealing racial or ethnic origin, political opinions, or religious or other beliefs, trade union membership, or health and sexual life ("sensitive data"). In the exceptional circumstance that extracted data were to include sensitive data, the U.S. Treasury Department shall protect such data in accordance with the safeguards and security measures set forth in the Agreement.
Retention and deletion of data : during the term of the Agreement, the U.S. Treasury Department shall undertake an ongoing and at least annual evaluation to identify non-extracted data that are no longer necessary to combat terrorism or its financing. Where such data are identified, the U.S. Treasury Department shall permanently delete them as soon as technologically feasible. The general principle is that all non-extracted data received prior to 20 July 2007 shall be deleted not later than 20 July 2012. All non-extracted data received on or after 20 July 2007 shall be deleted not later than five years from receipt. Not later than three years from the date of entry into force of the Agreement, the European Commission and the U.S. Treasury Department shall prepare a joint report regarding the value of Provided Data.
Onward Transfer : the Agreement makes provision for limiting the onward transfer of information extracted from the Provided Data following specified safeguards.
Spontaneous provision of information : the U.S. Treasury Department shall ensure the availability, as soon as practicable to law enforcement authorities of Member States, and to Europol and Eurojust of information obtained through the TFTP that may contribute to the prevention, detection, or prosecution by the EU of terrorism or its financing. Any follow-on information that may contribute to the prevention etc by the United States of terrorism or its financing shall be conveyed back to the United States on a reciprocal basis.
Cooperation with future equivalent EU system : during the course of the Agreement, the European Commission will carry out a study into the possible introduction of an equivalent EU system allowing for a more targeted transfer of data. If, following this study, the EU decides to establish an EU system, the US shall cooperate and provide assistance and advice to contribute to the effective establishment of such a system.
Monitoring of safeguards and controls : compliance with the strict counter terrorism purpose limitation and the other safeguards set out in the text shall be subject to monitoring and oversight by independent overseers, including by a person appointed by the European Commission with the agreement of and subject to appropriate security clearances by the United States. There are provisions in the Agreement on transparency, providing information to the data subject’s right of access, the right to rectification, erasure or blocking, and on redress.
Joint review : at the request of one of the Parties and at any event after a period of six months from the date of entry into force of the Agreement, the Parties shall jointly review the safeguards, controls, and reciprocity provisions set out in the Agreement. Following the review, the European Commission will present a report to the European Parliament and the Council on the functioning of the Agreement.
Legal framework for the extraction of data on EU territory : in accordance with the opinion of the Parliament adopted on 8 July 2010, the Commission is invited to submit to the European Parliament and the Council, no later than one year from the date of entry into force of the Agreement, a legal and technical framework for the extraction of data on EU territory. Within three years from the date of entry into force of the Agreement, the Commission is invited to present a report of progress on the development of the equivalent EU system. If, five years after the date of entry into force of the Agreement, the equivalent EU system has not been set up, the Union shall consider whether to renew the Agreement.
Territorial provisions : the Agreement will apply to the United Kingdom. Ireland and Denmark will not take part in the application of the Agreement.
ENTRI INTO FORCE: the Decision enters into force on 13 July 2010. The Agreement itself enters into force on 1 August 2010.
The European Parliament adopted by 484 votes to 109, with 12 abstentions a legislative resolution in which it gives its consent to the conclusion of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
Parliament invites the Commission, in compliance with Article 8 of the Charter of Fundamental Rights of the European Union, (which requires that personal data be under the control of "independent authorities"), to submit to it and to the Council as soon as possible a choice of three candidates for the role of the EU independent person referred to in Article 12(1) of the Agreement, who will be responsible for the monitoring and supervision of the strict limits on data searches with the single purpose of counter-terrorism.
Parliament indicates that the procedure to designate this person should be, mutatis mutandi, the same as that followed by the European Parliament and the Council for the appointment of the European Data Protection Supervisor.
The Committee on Civil Liberties, Justice and Home Affairs adopted the report by Alexander ALVARO (ALDE, DE) recommending that the European Parliament consents to the conclusion of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program.
On 11 February 2010 the European Parliament withheld its consent to the conclusion of the EU-US Financial Messaging Data Agreement (FMDA) in the first consent vote on an international agreement after the entry into force of the Lisbon Treaty. At the same time, the European Parliament requested the European Commission to immediately submit a new recommendation for a negotiation mandate to the Council with a view to a long-term EU-US Agreement.
On 11 May 2010 the Council authorised the Commission to open negotiations with the United States to make available to the United States Treasury Department financial messaging data to prevent and combat terrorism and terrorism financing (EU-US FMDA Agreement). The Commission concluded the negotiations on 11 June and, on 28 June, the agreement was signed and, at the same time, the Council requested the consent of the European Parliament on the draft Council decision on the conclusion of the above mentioned agreement.
The European Parliament has consistently expressed its views in previous resolutions on the negotiation mandate, outlining a number of improvements that the new Agreement should include (see in particular RSP/2010/2649 ). Compared to the first Agreement, rejected by Parliament, the present Agreement represents an improvement that has been achieved due to Parliament's consistent demands for solutions to the key issues.
In addition to the improvements within the Agreement in terms of data protection and proportionality, Council and Commission have made the legally binding commitment to set up the legal and technical framework allowing for the extraction of data on EU soil. This commitment will, in the medium term, ensure the termination of bulk data transfers to the US authorities. The establishment of a European extraction system represents a very important improvement, as the continued transfer of data in bulk is a departure from the principles underpinning EU legislation and practice. The envisaged three-step approach is most welcomed by Members and involves the following:
Step 1: The Commission will present a proposal for the legal and technical framework after one year;
Step 2: Progress report by the Commission on the EU extraction system after three years. This report will not only allow the currently elected Parliament to verify whether the commitments by Commission and Council have been fulfilled, but also to demand changes to the Agreement according to the progress of the EU extraction system;
Step 3: Possible termination of the Agreement after 5 years, if the EU extraction system has not been set up.
Although the Agreement could be further improved, according to Members, in particular with regard to the independent oversight of Europol in its handling of US requests, (which for the duration of the Agreement could be ensured e.g. by the posting of an EDPS official), Members recommend that Parliament gives its consent to the conclusion of the Agreement. Nevertheless, they consider Parliament should be involved in the selection process of the independent EU person who will be responsible for the monitoring and supervision of the strict limits on data searches with the single purpose of counter-terrorism.
The final Agreement, in combination with the legally binding commitments in the Council Decision, meets most of Parliament's demands. The committee therefore recommends that the European Parliament gives its consent to the conclusion of the Agreement.
PURPOSE: to conclude a new Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program.
PROPOSED ACT: Council Decision.
IMPACT ANALYSIS: no impact analysis was carried out.
LEGAL BASIS: Articles 87(2)(a) and 88 (2), in conjunction with Article 218 (6)(a) of the Treaty on the Functioning of the European Union (TFEU).
CONTENT: this proposal sets out the text of the new Agreement between the EU and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program.
The main elements of the this Agreement can be summarised as follows:
Purpose of the Agreement : like the previous version, the purpose of this Agreement is to ensure, with full respect for the privacy, protection of personal data, and other conditions set out in this Agreement, that:
financial payment messages referring to financial transfers and related data stored in the territory of the European Union by providers of international financial payment messaging services, that are jointly designated pursuant to this Agreement, are provided to the U.S. Treasury Department for the exclusive purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing; relevant information obtained through the TFTP is provided to law enforcement, public security, or counter terrorism authorities of Member States, or Europol or Eurojust, for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing.
Data concerned : the Agreement applies to the obtaining and use of financial payment messaging and related data with a view to the prevention, investigation, detection, or prosecution of acts of a person or entity that involve violence, or are otherwise dangerous to human life or create a risk of damage to property or infrastructure, and which, given their nature and context, are reasonably believed to be committed with the aim of:
intimidating or coercing a population; intimidating, compelling, or coercing a government or international organisation to act or abstain from acting; seriously destabilizing or destroying the fundamental political, constitutional, economic, or social structures of a country or an international organisation.
It may also concern data from a person or entity assisting, sponsoring, or providing financial, material, or technological support for, or financial or other services to or in support of, abovementioned acts.
Since the new systems architecture of the Society for Worldwide Interbank Financial Telecommunication –SWIFT- (hereinafter referred to as the "designated provider") became operational on 1 January 2010, a significant volume of the data which were previously received by the U.S. Treasury Department under the TFTP, have not been available, undermining the benefits of the TFTP not least for the European Union.
Ensuring Provision of Data by Designated Providers : the Agreement stipulates that the Parties, jointly and individually, shall ensure that entities jointly designated by the Parties under this Agreement as providers of international financial payment messaging services ("Designated Providers", i.a. Society for Worldwide Interbank Financial Telecommunication - SWIFT-) provide to the U.S. Treasury Department requested financial payment messaging and related data which are necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing ("Provided Data").
U.S. Requests to Obtain Data from Designated Providers : for the purposes of this Agreement, the U.S. Treasury Department shall serve production orders (“Requests”), under authority of U.S. law, upon a Designated Provider present in the territory of the United States in order to obtain data necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing that are stored in the territory of the European Union.
The Request (together with any supplemental documents) shall:
identify as clearly as possible the data, including the specific categories of data requested, that are necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing; clearly substantiate the necessity of the data; be tailored as narrowly as possible in order to minimize the amount of data requested , taking due account of past and current terrorism risk analyses focused on message types and geography as well as perceived terrorism threats and vulnerabilities, geographic, threat, and vulnerability analyses; not seek any data relating to the Single Euro Payments Area.
A copy of the Request shall be sent to Europol. O nce Europol has confirmed that the Request complies with the requirements of the Agreement, the Request shall have binding legal effect as provided under U.S. law, within the European Union as well as the United States. The Designated Provider is thereby authorised and required to provide the data to the U.S. Treasury Department.
Safeguards Applicable to the Processing of Provided Data : the U.S. Treasury Department shall ensure that Provided Data are processed in accordance with the provisions of this Agreement The TFTP shall avoid data mining or any other type of algorithmic or automated profiling or computer filtering . The U.S. Treasury Department shall ensure that Provided Data are processed in accordance with the provisions of this Agreement. The U.S. Treasury Department shall ensure the protection of personal data by means of a series of safeguards set out in the Agreement.
Provisions on data security and integrity are also laid down in the Agreement.
Necessary and Proportionate Processing of Data : all searches of Provided Data shall be based upon pre-existing information or evidence which demonstrates a reason to believe that the subject of the search has a nexus to terrorism or its financing . Provided Data may include identifying information about the originator and/or recipient of a transaction, including name, account number, address, and national identification number. The Parties recognize the special sensitivity of personal data revealing racial or ethnic origin, political opinions, or religious or other beliefs, trade union membership, or health and sexual life (“sensitive data”). In the exceptional circumstance that extracted data were to include sensitive data, the U.S. Treasury Department shall protect such data in accordance with the safeguards and security measures set forth in this Agreement and with full respect and taking due account of their special sensitivity.
Retention and Deletion of Data : during the term of this Agreement, the U.S. Treasury Department shall undertake an ongoing and at least annual evaluation to assess the data retention periods to ensure that they continue to be no longer than necessary to combat terrorism or its financing. Where such data are identified, the U.S. Treasury Department shall permanently delete them as soon as technologically feasible. If it transpires that financial payment messaging data were transmitted which were not requested, the U.S. Treasury Department shall promptly and permanently delete such data and shall inform the relevant Designated Provider. All non-extracted data received prior to 20 July 2007 shall be deleted not later than 20 July 2012. All non-extracted data received on or after 20 July 2007 shall be deleted not later than five years from receipt. Not later than three years from the date of entry into force of this Agreement, the European Commission and the U.S. Treasury Department shall prepare a joint report regarding the value of TFTP Provided Data, with particular emphasis on the value of data retained for multiple years and relevant information obtained from the joint review conducted pursuant to the Agreement.
Onward Transfer : provisions are laid down as regards the onward transfer of information extracted from the Provided Data. Such information shall be shared for lead purposes only and for the exclusive purpose of the investigation, detection, prevention, or prosecution of terrorism or its financing. Where the U.S. Treasury Department is aware that such information involves a citizen or resident of a Member State, any sharing of the information with the authorities of a third country shall be subject to the prior consent of competent authorities of the concerned Member State or pursuant to existing protocols on such information sharing between the U.S. Treasury Department and that Member State, except where the sharing of the data is essential for the prevention of an immediate and serious threat to public security of a Party to this Agreement, a Member State, or a third country.
Spontaneous Provision of Information : the U.S. Treasury Department shall ensure the availability, as soon as practicable and in the most expedient manner, to law enforcement, public security, or counter terrorism authorities of concerned Member States, and, as appropriate, to Europol and Eurojust, within the remit of their respective mandates, of information obtained through the TFTP that may contribute to the investigation, prevention, detection, or prosecution by the European Union of terrorism or its financing. Any follow-on information that may contribute to the investigation, prevention, detection, or prosecution by the United States of terrorism or its financing shall be conveyed back to the United States on a reciprocal basis and in a reciprocal manner.
EU Requests for TFTP Searches : where a law enforcement, public security, or counter terrorism authority of a Member State, or Europol or Eurojust, determines that there is reason to believe that a person or entity has a nexus to terrorism or its financing, such authority may request a search for relevant information obtained through the TFTP. The U.S. Treasury Department shall promptly conduct a search and provide relevant information in response to such requests.
Cooperation with Future Equivalent EU System : during the course of this Agreement, the European Commission will carry out a study into the possible introduction of an equivalent EU system allowing for a more targeted transfer of data. If, following this study, the European Union decides to establish an EU system, the United States shall cooperate and provide assistance and advice to contribute to the effective establishment of such a system.
Monitoring of Safeguards and Controls : compliance with the strict counter terrorism purpose limitation and the other safeguards set out in the Agreement shall be subject to independent monitoring and oversight. The oversight shall be subject to ongoing monitoring, including of the independence of the oversight, by an independent person appointed by the European Commission in agreement with the United States. Such oversight, subject to appropriate security clearances, shall include the authority to review in real time and retrospectively all searches made of the Provided Data, the authority to query such searches and, as appropriate, to request additional justification of the terrorism nexus. In particular, independent overseers shall have the authority to block any or all searches if it appears that one or more searches have been made in breach of the Agreement.
Jo int Review : at the request of one of the Parties and at any event after a period of six months from the entry into force of this Agreement, the Parties shall jointly review the safeguards, controls and reciprocity provisions set out in this Agreement. Following the review, the European Commission will present a report to the European Parliament and the Council on the functioning of the Agreement.
Transparency : the U.S. Treasury Department shall post on its public website detailed information concerning the TFTP and its purposes, including contact information for persons with questions. In addition it shall post information about the procedures available for the exercise of the rights, including the availability of administrative and judicial redress as appropriate in the United States regarding the processing of personal data received.
Right of Access : measures are laid stipulating that any person has the right to obtain, following requests made at reasonable intervals, without constraint and without excessive delay, at least a confirmation transmitted through his or her data protection authority in the European Union as to whether that person's data protection rights have been respected. Disclosure to a person of his or her personal data processed under this Agreement may be subject to reasonable legal limitations applicable under national law to safeguard the prevention, detection, investigation, or prosecution of criminal offences, and to protect public or national security, with due regard for the legitimate interest of the person concerned. In the case that access to personal data is refused or restricted, such refusal or restriction shall be explained in writing and provide information on the means available for seeking administrative and judicial redress in the United States.
Right to Rectification, Erasure, or Blocking : any person has the right to seek the rectification, erasure, or blocking of his or her personal data processed by the U.S. Treasury Department pursuant to this Agreement where the data are inaccurate or the processing contravenes this Agreement. Other provisions are laid down to ensure that data received have been rectified, erased, or blocked, and whether the data subject's rights have been duly respected.
Redress : specific provisions are laid down as regards redress. Any person who considers his or her personal data to have been processed in breach of this Agreement is entitled to seek effective administrative and judicial redress in accordance with the laws of the European Union, its Member States, and the United States, respectively. For this purpose and as regards data transferred to the United States pursuant to this Agreement, the U.S. Treasury Department shall treat all persons equally in the application of its administrative process, regardless of nationality or country of residence .
Consultation : it is provided that the Parties shall, as appropriate, consult each other to enable the most effective use to be made of this Agreement, including to facilitate the resolution of any dispute regarding the interpretation or application of this Agreement. The Parties shall immediately consult in the event that any third party, including an authority of another country, challenges or asserts a legal claim with respect to any aspect of the effect or implementation of this Agreement.
Suspension or Termination : the Agreement stipulates that either Party may suspend the application of this Agreement with immediate effect, in the event of breach of the other Party’s obligations under this Agreement, by notification through diplomatic channels. Either Party may terminate this Agreement at any time by notification through diplomatic channels. Termination shall take effect six months from the date of receipt of such notification. The Parties shall consult prior to any possible suspension or termination in a manner which allows a sufficient time for reaching a mutually agreeable resolution.
Territorial application : the Agreement will only apply to Denmark, the United Kingdom, or Ireland if the European Commission notifies the United States in writing that Denmark, the United Kingdom, or Ireland has chosen to be bound by the Agreement.
PURPOSE: to conclude a new Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program.
PROPOSED ACT: Council Decision.
IMPACT ANALYSIS: no impact analysis was carried out.
LEGAL BASIS: Articles 87(2)(a) and 88 (2), in conjunction with Article 218 (6)(a) of the Treaty on the Functioning of the European Union (TFEU).
CONTENT: this proposal sets out the text of the new Agreement between the EU and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program.
The main elements of the this Agreement can be summarised as follows:
Purpose of the Agreement : like the previous version, the purpose of this Agreement is to ensure, with full respect for the privacy, protection of personal data, and other conditions set out in this Agreement, that:
financial payment messages referring to financial transfers and related data stored in the territory of the European Union by providers of international financial payment messaging services, that are jointly designated pursuant to this Agreement, are provided to the U.S. Treasury Department for the exclusive purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing; relevant information obtained through the TFTP is provided to law enforcement, public security, or counter terrorism authorities of Member States, or Europol or Eurojust, for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing.
Data concerned : the Agreement applies to the obtaining and use of financial payment messaging and related data with a view to the prevention, investigation, detection, or prosecution of acts of a person or entity that involve violence, or are otherwise dangerous to human life or create a risk of damage to property or infrastructure, and which, given their nature and context, are reasonably believed to be committed with the aim of:
intimidating or coercing a population; intimidating, compelling, or coercing a government or international organisation to act or abstain from acting; seriously destabilizing or destroying the fundamental political, constitutional, economic, or social structures of a country or an international organisation.
It may also concern data from a person or entity assisting, sponsoring, or providing financial, material, or technological support for, or financial or other services to or in support of, abovementioned acts.
Since the new systems architecture of the Society for Worldwide Interbank Financial Telecommunication –SWIFT- (hereinafter referred to as the "designated provider") became operational on 1 January 2010, a significant volume of the data which were previously received by the U.S. Treasury Department under the TFTP, have not been available, undermining the benefits of the TFTP not least for the European Union.
Ensuring Provision of Data by Designated Providers : the Agreement stipulates that the Parties, jointly and individually, shall ensure that entities jointly designated by the Parties under this Agreement as providers of international financial payment messaging services ("Designated Providers", i.a. Society for Worldwide Interbank Financial Telecommunication - SWIFT-) provide to the U.S. Treasury Department requested financial payment messaging and related data which are necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing ("Provided Data").
U.S. Requests to Obtain Data from Designated Providers : for the purposes of this Agreement, the U.S. Treasury Department shall serve production orders (“Requests”), under authority of U.S. law, upon a Designated Provider present in the territory of the United States in order to obtain data necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing that are stored in the territory of the European Union.
The Request (together with any supplemental documents) shall:
identify as clearly as possible the data, including the specific categories of data requested, that are necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing; clearly substantiate the necessity of the data; be tailored as narrowly as possible in order to minimize the amount of data requested , taking due account of past and current terrorism risk analyses focused on message types and geography as well as perceived terrorism threats and vulnerabilities, geographic, threat, and vulnerability analyses; not seek any data relating to the Single Euro Payments Area.
A copy of the Request shall be sent to Europol. O nce Europol has confirmed that the Request complies with the requirements of the Agreement, the Request shall have binding legal effect as provided under U.S. law, within the European Union as well as the United States. The Designated Provider is thereby authorised and required to provide the data to the U.S. Treasury Department.
Safeguards Applicable to the Processing of Provided Data : the U.S. Treasury Department shall ensure that Provided Data are processed in accordance with the provisions of this Agreement The TFTP shall avoid data mining or any other type of algorithmic or automated profiling or computer filtering . The U.S. Treasury Department shall ensure that Provided Data are processed in accordance with the provisions of this Agreement. The U.S. Treasury Department shall ensure the protection of personal data by means of a series of safeguards set out in the Agreement.
Provisions on data security and integrity are also laid down in the Agreement.
Necessary and Proportionate Processing of Data : all searches of Provided Data shall be based upon pre-existing information or evidence which demonstrates a reason to believe that the subject of the search has a nexus to terrorism or its financing . Provided Data may include identifying information about the originator and/or recipient of a transaction, including name, account number, address, and national identification number. The Parties recognize the special sensitivity of personal data revealing racial or ethnic origin, political opinions, or religious or other beliefs, trade union membership, or health and sexual life (“sensitive data”). In the exceptional circumstance that extracted data were to include sensitive data, the U.S. Treasury Department shall protect such data in accordance with the safeguards and security measures set forth in this Agreement and with full respect and taking due account of their special sensitivity.
Retention and Deletion of Data : during the term of this Agreement, the U.S. Treasury Department shall undertake an ongoing and at least annual evaluation to assess the data retention periods to ensure that they continue to be no longer than necessary to combat terrorism or its financing. Where such data are identified, the U.S. Treasury Department shall permanently delete them as soon as technologically feasible. If it transpires that financial payment messaging data were transmitted which were not requested, the U.S. Treasury Department shall promptly and permanently delete such data and shall inform the relevant Designated Provider. All non-extracted data received prior to 20 July 2007 shall be deleted not later than 20 July 2012. All non-extracted data received on or after 20 July 2007 shall be deleted not later than five years from receipt. Not later than three years from the date of entry into force of this Agreement, the European Commission and the U.S. Treasury Department shall prepare a joint report regarding the value of TFTP Provided Data, with particular emphasis on the value of data retained for multiple years and relevant information obtained from the joint review conducted pursuant to the Agreement.
Onward Transfer : provisions are laid down as regards the onward transfer of information extracted from the Provided Data. Such information shall be shared for lead purposes only and for the exclusive purpose of the investigation, detection, prevention, or prosecution of terrorism or its financing. Where the U.S. Treasury Department is aware that such information involves a citizen or resident of a Member State, any sharing of the information with the authorities of a third country shall be subject to the prior consent of competent authorities of the concerned Member State or pursuant to existing protocols on such information sharing between the U.S. Treasury Department and that Member State, except where the sharing of the data is essential for the prevention of an immediate and serious threat to public security of a Party to this Agreement, a Member State, or a third country.
Spontaneous Provision of Information : the U.S. Treasury Department shall ensure the availability, as soon as practicable and in the most expedient manner, to law enforcement, public security, or counter terrorism authorities of concerned Member States, and, as appropriate, to Europol and Eurojust, within the remit of their respective mandates, of information obtained through the TFTP that may contribute to the investigation, prevention, detection, or prosecution by the European Union of terrorism or its financing. Any follow-on information that may contribute to the investigation, prevention, detection, or prosecution by the United States of terrorism or its financing shall be conveyed back to the United States on a reciprocal basis and in a reciprocal manner.
EU Requests for TFTP Searches : where a law enforcement, public security, or counter terrorism authority of a Member State, or Europol or Eurojust, determines that there is reason to believe that a person or entity has a nexus to terrorism or its financing, such authority may request a search for relevant information obtained through the TFTP. The U.S. Treasury Department shall promptly conduct a search and provide relevant information in response to such requests.
Cooperation with Future Equivalent EU System : during the course of this Agreement, the European Commission will carry out a study into the possible introduction of an equivalent EU system allowing for a more targeted transfer of data. If, following this study, the European Union decides to establish an EU system, the United States shall cooperate and provide assistance and advice to contribute to the effective establishment of such a system.
Monitoring of Safeguards and Controls : compliance with the strict counter terrorism purpose limitation and the other safeguards set out in the Agreement shall be subject to independent monitoring and oversight. The oversight shall be subject to ongoing monitoring, including of the independence of the oversight, by an independent person appointed by the European Commission in agreement with the United States. Such oversight, subject to appropriate security clearances, shall include the authority to review in real time and retrospectively all searches made of the Provided Data, the authority to query such searches and, as appropriate, to request additional justification of the terrorism nexus. In particular, independent overseers shall have the authority to block any or all searches if it appears that one or more searches have been made in breach of the Agreement.
Jo int Review : at the request of one of the Parties and at any event after a period of six months from the entry into force of this Agreement, the Parties shall jointly review the safeguards, controls and reciprocity provisions set out in this Agreement. Following the review, the European Commission will present a report to the European Parliament and the Council on the functioning of the Agreement.
Transparency : the U.S. Treasury Department shall post on its public website detailed information concerning the TFTP and its purposes, including contact information for persons with questions. In addition it shall post information about the procedures available for the exercise of the rights, including the availability of administrative and judicial redress as appropriate in the United States regarding the processing of personal data received.
Right of Access : measures are laid stipulating that any person has the right to obtain, following requests made at reasonable intervals, without constraint and without excessive delay, at least a confirmation transmitted through his or her data protection authority in the European Union as to whether that person's data protection rights have been respected. Disclosure to a person of his or her personal data processed under this Agreement may be subject to reasonable legal limitations applicable under national law to safeguard the prevention, detection, investigation, or prosecution of criminal offences, and to protect public or national security, with due regard for the legitimate interest of the person concerned. In the case that access to personal data is refused or restricted, such refusal or restriction shall be explained in writing and provide information on the means available for seeking administrative and judicial redress in the United States.
Right to Rectification, Erasure, or Blocking : any person has the right to seek the rectification, erasure, or blocking of his or her personal data processed by the U.S. Treasury Department pursuant to this Agreement where the data are inaccurate or the processing contravenes this Agreement. Other provisions are laid down to ensure that data received have been rectified, erased, or blocked, and whether the data subject's rights have been duly respected.
Redress : specific provisions are laid down as regards redress. Any person who considers his or her personal data to have been processed in breach of this Agreement is entitled to seek effective administrative and judicial redress in accordance with the laws of the European Union, its Member States, and the United States, respectively. For this purpose and as regards data transferred to the United States pursuant to this Agreement, the U.S. Treasury Department shall treat all persons equally in the application of its administrative process, regardless of nationality or country of residence .
Consultation : it is provided that the Parties shall, as appropriate, consult each other to enable the most effective use to be made of this Agreement, including to facilitate the resolution of any dispute regarding the interpretation or application of this Agreement. The Parties shall immediately consult in the event that any third party, including an authority of another country, challenges or asserts a legal claim with respect to any aspect of the effect or implementation of this Agreement.
Suspension or Termination : the Agreement stipulates that either Party may suspend the application of this Agreement with immediate effect, in the event of breach of the other Party’s obligations under this Agreement, by notification through diplomatic channels. Either Party may terminate this Agreement at any time by notification through diplomatic channels. Termination shall take effect six months from the date of receipt of such notification. The Parties shall consult prior to any possible suspension or termination in a manner which allows a sufficient time for reaching a mutually agreeable resolution.
Territorial application : the Agreement will only apply to Denmark, the United Kingdom, or Ireland if the European Commission notifies the United States in writing that Denmark, the United Kingdom, or Ireland has chosen to be bound by the Agreement.
Opinion of the European Data Protection Supervisor on the proposal for a Council Decision on the
conclusion of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program (TFTP II)
In his Opinion, the EDPS welcomes the fact that he is consulted and recommends that his Opinion is mentioned in the recitals of the proposal. He also notes that, further to the decision of the European Parliament of 11 February 2010 to withhold its consent with regard to the interim agreement signed on 30 November 2009, the new draft aims at addressing in particular the concerns with regard to the protection of personal data, a fundamental right which after the entry into force of the Lisbon Treaty has acquired even more relevance in the legal framework of the European Union.
The EDPS considers, however, that there are several some open questions to address and states as follows :
The EDPS acknowledges that this proposal envisages certain substantial improvements with respect to the interim TFTP I agreement, such as the exclusion of SEPA (Single Euro Payments Area) data, a more limited definition of terrorism, and more detailed provisions on data subjects’ rights. He notes however, that an essential prerequisite to the assessment of the legitimacy of a new TFTP agreement should be met. The necessity of the scheme must be established in relation to already existing EU and international instruments.
There are key elements to improve in order to meet the conditions of the EU legal framework on the protection of personal data, such as:
· ensuring that bulk transfers are replaced with mechanisms allowing financial transaction data to be filtered in the EU, and ensuring that only relevant and necessary data are sent to US Authorities;
· considerably reducing the storage period for non- extracted data;
· entrusting the task to assess the requests of the US treasury to a public judicial authority, in line with the negotiating mandate and the current EU legal framework;
· ensuring that the data subjects’ rights conferred by the proposal are clearly stated and effectively enforceable also in the US territory ;
· enhancing the independent oversight and supervision mechanisms, by:
· ensuring that the tasks and role of both the person appointed by the European Commission and the representatives of European data protection authorities are well defined and that they are put in a position to act independently and to effectively carry out their supervisory tasks;
· ensuring that joint reviews take place regularly and that their outcome is linked to the duration of the agreement through a sunset clause;
· extending the information available to independent overseers and data protection authorities;
· avoiding that the agreement limits the powers of European data protection authorities.
PURPOSE: to sign a new Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program.
PROPOSED ACT: Council Decision.
BACKGROUND: the JHA Council of 30 November 2009 authorised the Presidency of the Council of the European Union to sign an interim agreement between the EU and the United States on the processing and transfer of Financial Messaging Data from the EU to the U.S . for purposes of the TFTP. The interim agreement, also signed on 30 November 2009, was to have a maximum duration of 9 months.
However, on 11 February the European Parliament adopted its Resolution withholding consent for the TFTP Interim Agreement. A letter signed by the President of the Council was delivered to the US Secretary of State on 22 February 2010 stating that as a consequence of the Parliament's Resolution, the EU could not become a party to the Interim Agreement and terminating the provisional application of the Agreement. No data were ever transferred under the Interim Agreement.
On 24 March 2010, the Commission adopted a Recommendation from the Commission to the Council to authorise the opening of the negotiations between the European Union and the United States of America to make available to the United States Treasury Department financial messaging data to prevent and combat terrorism and terrorism financing. On 11 May 2010, the Council adopted a Decision, together with negotiation directives, authorising the Commission to open negotiations on behalf of the European Union. On 10 May 2010, the European Parliament adopted a resolution on the Recommendation from the Commission to the Council to authorise the opening of the negotiations The Agreement was initialled by the Parties on 11 June 2010. The Agreement has a duration of 5 years.
The Terrorist Finance Tracking Program (TFTP) has generated significant intelligence which has benefitted Member States' fight against terrorism. The purpose of the Agreement is to ensure the continuation of the TFTP by making available to the United States Treasury Department financial messaging data stored in the EU for the purposes of the Terrorist Finance Tracking Program (TFTP). Since the new systems architecture of the Society for Worldwide Interbank Financial Telecommunication –SWIFT- (hereinafter referred to as the "designated provider") became operational on 1 January 2010, a significant volume of the data which were previously received by the U.S. Treasury Department under the TFTP, have not been available, undermining the benefits of the TFTP not least for the European Union.
This Agreement is therefore necessary to enable the functioning of the TFTP without the limitations derived from the designated provider's new systems architecture and ensure that the TFTP can produce EU - and wider global – security benefits .
Following the termination of the provisional application of the Interim Agreement, data stored by the designated provider in its EU server remains inaccessible to the Treasury Department for the purposes of the TFTP. It is necessary to sign this Agreement as rapidly as possible in order to make these data available to the United States Treasury Department for the purposes of preventing and combating terrorism and terrorist financing.
IMPACT ASSESSMENT: no impact analysis was carried out.
LEGAL BASIS: Articles 87(2)(a) and 88 (2), in conjunction with Article 218 (5) of the Treaty on the Functioning of the European Union (TFEU).
CONTENT: the proposed signature of the new Agreement the European Union and the United States aims at preventing and combating terrorism while respecting fundamental rights, and notably the protection of personal data. The Agreement aims to ensure full respect for fundamental rights enshrined in Article 6 (2), of the Treaty on European Union, in particular the right to privacy with regard to the processing of personal data as stipulated in Article 16 of the Treaty on the Functioning of the European Union and for the principles of proportionality and necessity regarding the right to respect for private and family life and the protection of personal data as set out in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union.
In addition, the Agreement provides for:
significant safeguards for those whose data is processed by the designated provider within the European Union if it is transferred to the Treasury Department under this Agreement; transparency of the use of data; measures concerning access, blocking and rectification of data; measures on administrative redress on a non-discriminatory basis and the availability of a process for seeking judicial redress under U.S. law, regardless of nationality or place of residence.
Where leads resulting from the data are shared with third parties, the Member State concerned will be consulted as appropriate.
The Agreement offers a strengthened process for the European Union to review its functioning, and to monitor the independent oversight of the TFTP.
The Agreement should be approved by the European Parliament.
BUDGETARY IMPLICATION: this proposal has no implication for the European Union’s budget.
Documents
- Follow-up document: COM(2022)0585
- Follow-up document: EUR-Lex
- Follow-up document: EUR-Lex
- Follow-up document: SWD(2022)0357
- Follow-up document: COM(2019)0342
- Follow-up document: EUR-Lex
- Follow-up document: EUR-Lex
- Follow-up document: SWD(2019)0301
- Follow-up document: COM(2017)0031
- Follow-up document: EUR-Lex
- Follow-up document: EUR-Lex
- Follow-up document: SWD(2017)0017
- Follow-up document: EUR-Lex
- Follow-up document: COM(2014)0513
- Follow-up document: EUR-Lex
- Follow-up document: SWD(2014)0264
- Contribution: COM(2013)0843
- Follow-up document: EUR-Lex
- Follow-up document: COM(2013)0843
- Follow-up document: SWD(2012)0454
- Follow-up document: EUR-Lex
- Follow-up document: SEC(2011)0438
- Final act published in Official Journal: Decision 2010/412
- Final act published in Official Journal: OJ L 195 27.07.2010, p. 0003
- Results of vote in Parliament: Results of vote in Parliament
- Decision by Parliament: T7-0279/2010
- Debate in Parliament: Debate in Parliament
- Committee report tabled for plenary, 1st reading/single reading: A7-0224/2010
- Committee report tabled for plenary, 1st reading/single reading: A7-0224/2010
- Amendments tabled in committee: PE445.662
- Committee draft report: PE445.596
- Legislative proposal: 11222/2010
- Legislative proposal published: 11222/2010
- Document attached to the procedure: OJ C 355 29.12.2010, p. 0010
- Document attached to the procedure: N7-0030/2011
- Document attached to the procedure: COM(2010)0317
- Document attached to the procedure: EUR-Lex
- Preparatory document: COM(2010)0316
- Preparatory document: EUR-Lex
- Preparatory document: COM(2010)0316
- Preparatory document: EUR-Lex
- Document attached to the procedure: COM(2010)0317 EUR-Lex
- Preparatory document: COM(2010)0316 EUR-Lex
- Document attached to the procedure: OJ C 355 29.12.2010, p. 0010 N7-0030/2011
- Legislative proposal: 11222/2010
- Committee draft report: PE445.596
- Amendments tabled in committee: PE445.662
- Committee report tabled for plenary, 1st reading/single reading: A7-0224/2010
- Follow-up document: EUR-Lex SEC(2011)0438
- Follow-up document: SWD(2012)0454
- Follow-up document: EUR-Lex COM(2013)0843
- Follow-up document: EUR-Lex COM(2014)0513
- Follow-up document: EUR-Lex SWD(2014)0264
- Follow-up document: COM(2017)0031 EUR-Lex
- Follow-up document: EUR-Lex SWD(2017)0017
- Follow-up document: COM(2019)0342 EUR-Lex
- Follow-up document: EUR-Lex SWD(2019)0301
- Follow-up document: COM(2022)0585 EUR-Lex
- Follow-up document: EUR-Lex SWD(2022)0357
- Contribution: COM(2013)0843
Activities
- Alexander Nuno PICKART ALVARO
Plenary Speeches (3)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (A7-0224/2010, Alexander Alvaro) (vote)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (debate)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (debate)
- Stavros LAMBRINIDIS
Plenary Speeches (2)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (debate)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (debate)
- Rui TAVARES
Plenary Speeches (2)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (A7-0224/2010, Alexander Alvaro) (vote)
- 2016/11/22 Agreement between the EU and the USA on the processing and transfer of financial messaging data from the EU to the USA for purposes of the Terrorist Finance Tracking Program (debate)
- Sonia ALFANO
- Jan Philipp ALBRECHT
- Elena BĂSESCU
- Gerard BATTEN
- Andrew Henry William BRONS
- Simon BUSUTTIL
- Agustín DÍAZ DE MERA GARCÍA CONSUEGRA
- Hélène FLAUTRE
- Kinga GÖNCZ
- Salvatore IACOLINO
- Timothy KIRKHOPE
- Véronique MATHIEU HOUILLON
- Alajos MÉSZÁROS
- Andreas MÖLZER
- Franz OBERMAYR
- Jaroslav PAŠKA
- Zuzana ROITHOVÁ
- Carl SCHLYTER
- Daniël van der STOEP
- Ernst STRASSER
- Renate WEBER
- Angelika WERTHMANN
Votes
Recommandation ALVARO A7-0224/2010 - RÉSOLUTION LÉGISLATIVE #
History
(these mark the time of scraping, not the official date of the change)
docs/1/docs/1/url |
Old
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=0316New
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=316 |
docs/3 |
|
docs/15 |
|
docs/16 |
|
docs/17 |
|
docs/18 |
|
events/0/docs/1/url |
Old
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=0316New
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=316 |
events/1/date |
Old
2010-06-24T00:00:00New
2010-06-23T00:00:00 |
links/National parliaments/url |
Old
http://www.ipex.eu/IPEXL-WEB/dossier/dossier.do?code=NLE&year=2010&number=0178&appLng=ENNew
https://ipexl.europarl.europa.eu/IPEXL-WEB/dossier/code=NLE&year=2010&number=0178&appLng=EN |
docs/1/docs/1/url |
Old
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=316New
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=0316 |
docs/3/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE445.596New
https://www.europarl.europa.eu/doceo/document/LIBE-PR-445596_EN.html |
docs/4/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE445.662New
https://www.europarl.europa.eu/doceo/document/LIBE-AM-445662_EN.html |
docs/5/docs/0/url |
Old
http://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.htmlNew
https://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.html |
events/0/docs/1/url |
Old
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=316New
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=0316 |
events/2/type |
Old
Committee referral announced in Parliament, 1st reading/single readingNew
Committee referral announced in Parliament |
events/3/type |
Old
Vote in committee, 1st reading/single readingNew
Vote in committee |
events/4/docs/0/url |
Old
http://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.htmlNew
https://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.html |
events/5/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20100706&type=CRENew
https://www.europarl.europa.eu/doceo/document/CRE-7-2010-07-06-TOC_EN.html |
events/7 |
|
events/7 |
|
committees/0 |
|
committees/0 |
|
docs/0 |
|
docs/0 |
|
docs/1 |
|
docs/1 |
|
docs/1/type |
Old
Initial legislative proposalNew
Preparatory document |
docs/5/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A7-2010-224&language=ENNew
http://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.html |
docs/13 |
|
docs/14 |
|
events/0 |
|
events/0 |
|
events/4/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A7-2010-224&language=ENNew
http://www.europarl.europa.eu/doceo/document/A-7-2010-0224_EN.html |
events/7/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P7-TA-2010-279New
http://www.europarl.europa.eu/doceo/document/TA-7-2010-0279_EN.html |
activities |
|
commission |
|
committees/0 |
|
committees/0 |
|
committees/1 |
|
committees/1 |
|
council |
|
docs |
|
events |
|
other |
|
procedure/dossier_of_the_committee |
Old
LIBE/7/03266New
|
procedure/final/url |
Old
http://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=EN&numdoc=32010D0412New
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=EN&numdoc=32010D0412 |
procedure/selected_topics |
|
procedure/subject |
Old
New
|
activities/0/docs/0/url |
Old
http://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=0316New
http://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2010&nu_doc=316 |
activities/2/docs/0/url |
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A7-2010-0224&language=ENNew
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A7-2010-224&language=EN |
links/European Commission/title |
Old
PreLexNew
EUR-Lex |
activities |
|
committees |
|
links |
|
other |
|
procedure |
|