BRUSSELS — The international banking consortium SWIFT for years has secretly supplied U.S. authorities with massive amounts of personal data for use in anti-terrorism investigations, violating European Union privacy rules, a Belgian commission said Thursday.
"SWIFT finds itself in a conflicting position between American and European law," Belgian Prime Minister Guy Verhofstadt said.
He spoke after Belgium's privacy protection commission presented its findings on the case, though it did not call for immediate legal action. The prime minister said his government also would not take legal action to shut down the data transfers.
The controversy involves a secret deal between the U.S. Treasury and the Belgium-based Society for Worldwide Interbank Financial Telecommunication, or SWIFT. The company routes about 11 million financial transactions daily between 7,800 banks and other financial institutions in 200 countries, recording customer names, account numbers and other data.
Verhofstadt said that he did not deny there is a need to look at personal data in the search for terrorists, but that it must be done with respect to privacy rights.
He said Belgium would be pushing its EU partners to open talks on getting more privacy guarantees from the United States as part of a new deal on the transfer of financial records used in terrorism investigations.
The commission's report says SWIFT had breached rules on storing data and had failed to honor commitments to inform clients or Belgian authorities about what data had been transferred.
SWIFT Chief Executive Leonard Schrank said the report "raised important issues about the balance" between privacy and use of financial data for terrorism investigations. He said the company "wholeheartedly supports calls for U.S. and EU authorities to work together to develop an improved framework to reconcile data privacy protections."
The company defended its secret deal with the U.S. Treasury, saying it transmitted only a "limited subset" of data to U.S. officials. "SWIFT did its utmost to comply with the European data privacy principles of proportionality, purpose and oversight ... and in the meantime we will continue to work with our members to resolve any data privacy concerns."
The U.S. Treasury has acknowledged that since the Sept. 11 attacks, it has tracked millions of confidential financial transactions handled by SWIFT.