Office of Foreign Assets Control, Treasury.
Notice.Start Printed Page 60055
The Treasury Department administers the Terrorist Finance Tracking Program (TFTP) as a targeted tool to help track terrorists and their networks. The TFTP utilizes certain financial transaction information provided by the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a Belgium-based cooperative, under compulsion of administrative subpoenas. Discussions among U.S. and European authorities on the operation of the TFTP in the context of their respective counterterrorism efforts and data privacy laws culminated on June 28, 2007, in the “Terrorist Finance Tracking Program Representations of the United States Department of the Treasury” and a related exchange of letters between the Treasury Department and the EU. Each of these documents is included as an appendix to this notice.End Preamble Start Supplemental Information
The Treasury Department initiated the TFTP shortly after the September 11, 2001 attacks as part of an effort to employ all available means to track terrorists and their networks. Under the TFTP, the Treasury Department's Office of Foreign Assets Control (OFAC) periodically issues administrative subpoenas for terrorist-related data to the U.S. operations center of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a Belgium-based cooperative that operates a worldwide messaging system used to transmit financial transaction information. These subpoenas require SWIFT to provide the Treasury Department with specified financial transaction records maintained by SWIFT's U.S. operations center in the ordinary course of its business.
After public media disclosure of the TFTP in June 2006, concerns were raised in the European Union (EU) about the TFTP and, in particular, the possibility that the Treasury Department might have access to EU-originating personal data through the SWIFT transaction records. Specifically, questions were raised on the TFTP's consistency with obligations under the Data Protection Directive (Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data), as well as Member State laws implementing that Directive.
Treasury Department officials subsequently engaged in a series of discussions with, among others, European Commission and Member State representatives on the operation of the TFTP and its conformity with EU data privacy laws. That dialogue culminated on June 28, 2007, in the “Terrorist Finance Tracking Program Representations of the United States Department of the Treasury” and a related exchange of letters between the Treasury Department and the EU. For the convenience of the user, each of the documents is being included as an appendix to this notice.
The Representations describe, among other things: (1) OFAC's legal authority to obtain and use the SWIFT data; (2) the controls and safeguards that govern the handling, use, and dissemination of the data; (3) the multiple complementary layers of independent oversight of the TFTP; and (4) the U.S. Government's commitment to ongoing counterterrorism cooperation with the EU.
The appended letter from the Treasury Department presents the Representations to the German Finance Minister, whose country then held the rotating EU Presidency, and to the Vice President of the European Commission responsible for Justice, Freedom and Security, whose duties encompass counterterrorism and privacy matters. The European Union's reply letter acknowledges that the Treasury Department has the authority to subpoena SWIFT data, and also states that once SWIFT and the financial institutions making use of its services have completed the necessary arrangements to respect EC law, in particular through the provision of information that personal data will be transferred to the United States and SWIFT's respecting the U.S. Department of Commerce's “Safe Harbor” principles, they will be in compliance with their respective legal responsibilities under European data protection law. In July 2007, SWIFT announced that it had improved the transparency of its contractual documentation relating to the processing of financial messaging data in the context of data protection requirements and that it had joined the Safe Harbor program, which establishes a framework developed with the European Commission on how U.S. organizations can provide “adequate protection” for personal data from Europe.Start Signature
Dated: September 26, 2007.
Adam J. Szubin,
Director, Office of Foreign Assets Control.
Appendix 1—Terrorist Finance Tracking Program Representations of the U.S. Department of the Treasury
Appendix 2—Letter from U.S. Department of the Treasury Regarding the Terrorist Finance Tracking Program
Appendix 3—Reply from European Union to U.S. Department of the Treasury Regarding the Terrorist Finance Tracking ProgramStart Printed Page 60056
Appendix 1Start Printed Page 60057 Start Printed Page 60058 Start Printed Page 60059 Start Printed Page 60060 Start Printed Page 60061 Start Printed Page 60062 Start Printed Page 60063 Start Printed Page 60064 Start Printed Page 60065
Appendix 2Start Printed Page 60066
Appendix 3End Supplemental Information
BILLING CODE 4811-42-P
[FR Doc. 07-5212 Filed 10-22-07; 8:45 am]
BILLING CODE 4811-42-C