Money Laundering Bulletin
The 'Freiheit statt Angst' (Freedom instead of fear) demonstration in Berlin in August 2014 , protesting against the mass surveillance of the NSA, GCHQ and BND, and in support of whistleblower Edward Snowden.
US
intelligence has access to European Union citizens’ banking
transfer records by virtue of a controversial 2010 agreement. Paul
Cochrane examines the Terrorist Financing Tracking
Programme, currently set for renegotiation.
The
Terrorist Financing Tracking Programme (TFTP), used by the United
States, and revealed by the media in 2006, remains cloaked in
secrecy. Implemented by the US Department of Treasury following the
September 11th attacks in 2001, it utilises
data provided by the Brussels-based Society for Worldwide Interbank
Financial Telecommunication (SWIFT) through a private agreement.
Europol
inspection
The
transfer of financial data from the European Union (EU) to the US was
legitimised through a EU-US TFTP agreement in 2010. Supervision of US
data searches was henceforth assigned to EU police agency Europol.
The
agreement was to be renegotiated this year, but talks have stalled
over data privacy concerns, especially in the European Parliament.
That said, an 'Umbrella Agreement' on all kinds of exchanges between
the EU and the US was reached in September 2015 (1) - it mandates
both sides to protect personal data exchanged during criminal and
terrorism investigations. The deal followed four years of
negotiations between the two jurisdictions and should cover the TFTP.
Moreover, the 2010 TFTP agreement does not have a sunset clause and
remains in force.
The
programme, exposed by the New York Times in
June 2006, caught the EU and nearly all 7,800 banks sending client
data to SWIFT unaware that confidential information was being
provided to the US Treasury. Although strongly condemned in the EU as
breaching citizens' privacy rights, it was not annulled.
Snowden
reopens debate
The
TFTP came under renewed scrutiny following the 2013 revelations by
American whistleblower Edward Snowden of widespread surveillance by
the US' National Security Agency (NSA) of European governments.
Leaked classified documents showed the NSA had access to SWIFT's
internal data traffic, with one document from 2011 designating the
SWIFT computer network an agency “target”.
“The
Snowden revelations had a gigantic impact on the programme
and US-EU relations,” said Camino Mortera-Martinez, a Research
Fellow on Justice and Home Affairs at the Centre
for European Reform, a UK think-tank, in Brussels. “Because of that
we've seen stronger and more open discussions about privacy.”
In
2014, the European Court of Justice (ECJ) requested that EU
governments and the US make the TFTP’s practices more transparent.
Concerned that the EU might amend the agreement this year (2015),
Adam Szubin, director of the US Treasury's Office of Foreign Assets
Control (OFAC), has been actively lobbying the EU to keep the TFTP
in place, arguing that it is essential to countering the Islamic
State (IS).
What's
yours is ours
An
ongoing issue for the EU is the essentially one-way aspect of the
TFTP. While Europol ensures data provided to the US complies with the
Swift agreement, EU officials are not able to scrutinise
documents of Europol's internal data protection committee, the Joint
Supervisory Body. In January 2015, Washington prevented Europol from
accessing classified data they had contributed, on the ground that
parts of the report were compiled in the US.
“What
is the US doing with the data? We don't know,” noted Dr Mara
Wesseling at the Centre de Sociologie des Organisations at
Sciences-Po, Paris. “It is probably link analysis and social
network analysis, but we're not sure, as there is no public
information, we have no oversight, and we have to believe it is
efficient.”
Take
it on trust
She
added: “The number of data sets sent to Treasury is also secret.
The Belgian Privacy Commission tried to find out, as European members
of parliament [MEPs] want transparency on the volume of data, which
is something the US doesn't want to disclose.”
According
to the latest joint report (2013) on TFTP provided data by the EU
Commission and the US Treasury (2), since 2001 the programme
“has produced tens of thousands of leads and over 3,000 reports
(which contain multiple TFTP leads) to counter terrorism authorities
worldwide, including over 2,100 reports to European authorities.”
But
other than such published figures, MEPs and most EU officials have
largely been kept in the dark. To ease concerns, an EU TFTP overseer
was appointed, who is privy to US intelligence. However, his identity
is hidden for privacy reasons. “This
is very mysterious as his role is to give more legitimacy and
confidence in the programme,
but at the same time we do not know the person,” explained
Wesseling.
“How
successful has the TFTP been? That's the rub. We've collected all of
this data, but just a few cases can be released to the public, and
due to the very nature of it, like suspicious activity report (SAR)
disclosures, we can't discuss it,” said Dr.
Michelle Frasher, an independent research scholar previously
affiliated with the European Union Centre at the University of
Illinois at Urbana-Champagne.
Inside
view
While
SWIFT did not respond to questions from MLB about the issue, Europol
did. A spokesperson said: “The TFTP is an important instrument to
provide timely, accurate and reliable information about activities
associated with suspected acts of terrorism or terrorist financing.
It helps to identify and track terrorists and their support networks
worldwide.” She added that more than 13,000 leads to support
investigative activities have been generated by the TFTP to date:
“The significance of the phenomenon of so called travelling
fighters can also be identified from the TFTP. While in 2014 there
were over 900 leads [from the overall number mentioned before] of
relevance to 11 EU member states, the developments in 2015 show that
since the beginning of the year, over 6,300 leads – of relevance to
all 28 EU member states – were retrieved.”
A
former FBI special agent, who set up and ran the US intelligence
service's terrorist financing section, agreed that TFTP had
“definitely provided a lot of good results”: Dennis Lormel, who
now runs DML Associates, added, “I am definitely an advocate for
that programme to continue, and surprised of the longevity it's had
in terms of being kept secret. When I was involved - I can't speak of
where it evolved to - it was extremely limited to terrorist specific
threats. The perception that we are overstepping our authority or
misusing information is totally wrong. It is one of the most tightly
monitored programmes I've been involved in.”
Not
such a bad idea
In
July 2011, the European Commission outlined its plans for an EU-TFTP
that would monitor suspects' financial transaction data in real-time,
allow for searches of transactional data, and create a international
communications system and database for suspicious transactions.
The
plan has repeatedly been put on hold despite sporadic calls for its
implementation, for example by the French government following the
Charlie Hebdo attacks in January 2015. An EU-TFTP would be very
dependent on whether the Swift agreement with the US is renegotiated.
“In
my discussions with diplomats they are very tight lipped about TFTP
and renegotiations, saying it is not going to be challenged,” said
Dr Frasher. “There's plenty to believe that right now, but we're
also seeing things happen like the Umbrella Agreement and France
saying there needs to be a EU-TFTP.”
Expect
more argument
Significant
concern and opposition about sharing data with the US persists in
member states and at the EU Commission and the EU Parliament.
Furthermore, the Fourth EU Money Laundering Directive contains
multiple references to data protection that will need to be addressed
with regard to any information-sharing with Washington. “I expect
the renegotiation of TFTP to be a bloodbath again if they open it up
for discussion, particularly [with regard to] what the oversight is,
as the European Council is up in arms about the lack of
accountability,” said Mortera-Martinez. “The Council would need
clear examples of how the TFTP has disrupted terrorism, but they can
only do that after a plot is discovered.”
EU
reforms to its data protection framework, currently grinding on, mean
that many decisions face delay, not least until controls around the
Passenger Name Record (PNR) database on flying in and out of the EU
are resolved. “When the PNR is in place maybe an EU-TFTP would be
on the table again,” Dr Frasher added.
Notes
1)
Joint Report from the EU Commission and the U.S. Treasury Department
regarding the value of TFTP Provided Data, 2013 -
2)
Umbrella Agreement -http://europa.eu/rapid/press-release_MEMO-15-5612_en.htm
Photograph by Markus Winkler, via Wikicommons