Academic journal article The George Washington International Law Review

The Terrorist Finance Tracking Program: Illuminating the Shortcomings of the European Union's Antiquated Data Privacy Directive

Academic journal article The George Washington International Law Review

The Terrorist Finance Tracking Program: Illuminating the Shortcomings of the European Union's Antiquated Data Privacy Directive

Article excerpt


On June 23, 2006, the New York Times, the Los Angeles Times, the Wall Street Journal, and the Washington Post disclosed the existence of a confidential Treasury Department and Central Intelligence Agency (CIA) initiative, the Terrorist Finance Tracking Program (TFTP).1 The TFTP enables the United States to examine financial transactions that rely on the messaging infrastructure provided by the Society for Worldwide Interbank Financial Telecommunications (SWIFT) for their completion.2 The United States' ability to scrutinize financial transactions that utilize SWIFT's messaging service allows the Treasury Department to access the amount transferred, bank account numbers, method of transfer, names of the parties, their addresses and telephone numbers, and information about the financial institutions involved in the transaction.3 Due to the widespread use of SWIFT messaging among financial institutions, the TFTP provides the United States with the potential to collect and analyze information on tens of thousands of financial transactions.4

Six days after the press disclosed the existence of the TFTP, the U.S. House of Representatives adopted a resolution expressing its support for the program and communicating its belief that the initiative was compatible with all applicable laws.5 The Belgian Data Protection Authority and the European Union's Article 29 Working Party, however, concluded that the TFTP was incompatible with E. U. Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and the Free Movement of Such Data6 (Data Privacy Directive).7 Despite the conclusions of the Belgian Data Protection Authority and the Article 29 Working Party, President George W. Bush indicated that the United States would not voluntarily abandon the TFTP.8 In June 2007, after months of public discord, the European Union and the Bush administration reached an agreement on the additional safeguards the United States would need to add to the TFTP in order to secure the approval of its European allies.9

Resolving the conflict over the TFTP and SWIFT's participation in the program will have far-reaching consequences. The European Union's Data Privacy Directive, on the strength of its ability to create a potential information embargo,10 is becoming the world's first universal data privacy regime.11 Countries developing their own data privacy regulations are attempting to structure their regulations to satisfy the "adequacy" standards of the Data Privacy Directive.12 There has been speculation that the United States has agreements with numerous multinational corporations requiring them to turn over any information in their possession that the United States deems relevant to the war on terrorism.13 These developments create potential for frequent disputes involving many of the same issues presented by the TFTP. Thus, the resolution of the controversy surrounding the TFTP will serve as a global precedent in determining the appropriate balance between the need for data privacy and the need for information to combat terrorism.

Part I provides an overview of the United States' war on terrorist financing and examines the development of the TFTP. Part II examines the intricacies of the TFTP and the safeguards built into the program to protect individual privacy. Part III scrutinizes the European Union's Data Privacy Directive and summarizes the Article 29 Working Party's report. Part IV will demonstrate why the Data Privacy Directive is an anachronistic relic that has ceased to be beneficial. Ultimately, this Note concludes that the European Union's attempt to unilaterally impose its vision of data privacy protection on the world is misguided because the conditions which led to the adoption of the Data Privacy Directive reflect values and experiences not shared by other countries.14


On September 11, 2001, Al Qaeda attacked the financial and the military centers of the United States. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.