Transcript Transborder data flows and fight against terrorism Belgian view on

Transborder data flows
and fight against
terrorism
Belgian view on the latest
developments
Anne-Christine Lacoste
Belgian data protection Commission
Larnaca – Spring conference European DPAs 10-11 May 2007
General context

Transfer of data from the private sector to
public authorities – hybrid situation

Third countries – no adequate protection

examples:
Swift
PNR
Pre-trial procedures
Main issues

Systematic requests (no case by case)

Question of purpose limitation (terrorism –
terrorism related – public health …)

Sharing of information between recipients in
third country

Manipulation of data, data mining – ATS (PNR)
Main issues

« SWIFT paradox »
Discrimination between access to data in the EU and in the US
Application of different rules – different levels of data protection

See evolution in PNR case a European PNR

Temptation of European access to SWIFT data

Need of in depth discussion – recall of fundamental
principles (proportionnality, necessity: not only
transparency)
Legal framework

Complexity of the framework:
At European level (Ist and IIId pillar)
 At international level (European principles and third
country legislation)
 Compliance with the international agreements?
(conditions of access to Europol, Interpol, FATF
agreement, Egmont network, draft treaty on mutual
legal assistance)

Role of DPAs

Determine applicable law (criteria of competence)

Take action at national level





Contact with controllers
Contact with public authorities
Administrative/criminal sanctions
Judicial decisions
Take action at international level



Harmonised positions (art29WP)
Hearing and discussion with European parliament
Dialogue with european and US authorities
The SWIFT case

Shows extent and limits of DPAs’ powers (press,
sanctions, political aspects)

Game of influences

Important not to underestimate:




The economic aspects (US interests - $ as currency)
The control on information (initiatives of EU Parliament,
position of banks, etc)
The coordination (simultaneous and persistant pressure of
DPAs on actors concerned)
Common agenda (subgroup 29WP)
Conclusions

First results: transparency – regionalisation of
network?

What we expect at european level: information
AND proportionnality

Dialogue with the US is essential

Acknoledgement of the role of DPAs
Thank you