Academic journal article Rutgers Computer & Technology Law Journal

Separated by a Common Language? an Examination of the Transatlantic Dialogue on Data Privacy Law and Policy in the Fight against Terrorism

Academic journal article Rutgers Computer & Technology Law Journal

Separated by a Common Language? an Examination of the Transatlantic Dialogue on Data Privacy Law and Policy in the Fight against Terrorism

Article excerpt


I don't believe Europeans value privacy more than Americans. And I don't think that Europeans take the threat of terrorism lightly. I do think, though, that there are some historical differences that cause us to look at some of these issues in different ways. (1)

On June 23, 2006, The New York Times reported that the Central Intelligence Agency ("C.I.A.") of the United States, together with the U.S. Treasury, secretly accessed a vast database of financial records as part of U.S. intelligence efforts to combat terrorism. (2) The surveillance, which commenced shortly after September 11, 2001, provided U.S. intelligence services with access to a massive reserve of financial records held by the Society for Worldwide Interbank Financial Communication ("SWIFT"), a Belgium-based provider of messaging services for financial institutions around the world. (3) In addition to the general outcry provoked by this action within the European Union ("EU"), EU officials determined that SWIFT's cooperation with U.S. intelligence agencies was in violation of EU and Belgian data privacy laws. (4)

The SWIFT case illustrates the legal and political conflict between the U.S. and the EU with respect to the sharing of sensitive information. This conflict has intensified during the years following September 11, 2001, as the escalating U.S.-led "War on Terror" has focused considerable international regulatory attention on data-sharing between the U.S. and its allies in their effort to combat terrorism. In light of past conflicts between the U.S. and the EU with respect to airline passenger information, it is unlikely that the SWIFT case will be the last incident in this area.

This paper examines recent controversies in the legal and policy debate between the U.S. and the EU on the sharing of data in the implementation of transatlantic counter-terrorism measures. The nexus between law and policy in this area is particularly close, reflecting the preferences each jurisdiction has in protecting civil liberty and security interests. While the U.S. and the EU offer differing legal frameworks on data privacy, the strategic importance of data in counter-terrorism law and policy necessitates a joint approach. A failure to arrive at such an approach can result in a series of bilateral agreements between the U.S. and individual EU countries, creating unnecessary costs, inconvenience, and uncertainty for both users and processors of data. The haphazard approach in the past, and the continuing failure to come to a proper accord, reflects the tension between civil liberties and the right of the state to erode such entitlements in the face of a terrorist threat. In addition, the failure to come to an accord reflects the uneasiness U.S. and EU lawmakers feel about the compromises they have already made. Fortunately, skirmishes over the cross-border transfer of data can encourage both sides to incorporate elements from the differing approaches into their respective policy regimes.

Part II of this paper sets out a factual summary of the recent cases involving the transfer of airline passenger data between the EU and the U.S. This section will also analyze U.S. intelligence authorities' access to the SWIFT database. Part III sets out a discussion of the policies underlying data privacy laws in the U.S. and the EU. Part IV critically examines a proposed solution to the issue, and the policy implications of the steps taken to further legal decision-making in this area. Finally, Part V provides some concluding remarks.


1. Transfer of Passenger Name Record Data ("PNR data") (5)

Pursuant to the Aviation and Transportation Security Act enacted in 2001, all airlines flying into the U.S. are required to provide the Commissioner of Customs with certain data relating to passengers and cabin crew. (6) Furthermore, following the passage of the Enhanced Border Security and Visa Entry Reform Act in 2002, each incoming and outgoing commercial airliner must provide detailed information on each passenger and crewmember to the Immigration and Naturalization Service. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.