Swift respects data protection legislation

Decision by the Belgian Data Protection Commission regarding Swift

BRUSSELS, 10 December 2008 – Following an extensive review of Swift’s messaging services which began in May 2007, the Belgian data protection commission (Commission belge de la Protection de la Vie Privée) has concluded that Swift complies with all applicable Belgian data protection legislation. The report emphasizes the constructive approach adopted by Swift regarding its handling of mandatory subpoenas received from the United States Treasury within its ‘Terrorist Finance Tracking Programme’.

The Commission has concluded that Swift was obliged to comply with lawful subpoenas in the United States. The Commission indicates that while fulfilling its legal obligations in the United States, Swift acted with prudence, diligence and due care to protect personal data. The Commission has thus reconsidered the severity of previous opinions and assessments and has concluded that there is no evidence to challenge Swift’s good faith.

The Commission recalls that Swift has taken adequate measures to ensure the protection of personal data contained in messages processed by its messaging services.
These measures include:

• The revision of its contractual data protection policies (published on www.swift.com).
• Joining the ‘Safe Harbor’ framework. This is a transatlantic framework that ensures that European data transferred to the United States are protected under similar data protection principles as in Europe.
• Changing its messaging architecture to allow for intra-European messages to be processed and stored only in European facilities.
• Publishing and disseminating public information about its processing.

In addition, the Commission has expressed satisfaction with several additional initiatives taken by Swift, including the appointment of a full-time ‘Privacy Officer’, the filing of a declaration about its processing of personal data, and the ongoing review of its data protection policies for the processing of financial messaging data.
“Swift appreciates the pragmatic attitude adopted by the Commission which recognises the inextricable situation in which Swift found itself, when confronted with conflicting legal obligations,” said Francis Vanbever, CFO, Swift.
The report of the Belgian data protection Commission can be downloaded from its web site www.privacycommission.be.

Get personalised insights straight to your inbox

Stay connected

Discover Swift

Shaping the future of finance

Innovate with us

Swift Partner Programme

Swift Institute

Careers

Press

Legal

Banking & payments

Financial Crime & cyber security

Data & technology

Capital Markets

Corporate treasury

Market Infrastructures

Swift platform evolution

Global Financial Messaging

Interfaces and Integration

Compliance and Shared Services

Services

Corporates

Market Infrastructures

All our products & services

ISO 20022

Standards releases

Data Standards

Market practice

Community APIs

MyStandards and Swift Translator

Document centre

News

Events

Webinars

Subscribe to Swift insights

Sibos

Join the Swift network

Access your application

Contact us

Get personalised insights straight to your inbox