Legislation

PL&B International E-news, Issue 49

17 November, 2006
© Privacy Laws & Business 2006

1. Belgian Data Protection Authority finds SWIFT in Breach of DP Law
2. World Data Protection Commissioners urge action
3. Inter-American Court Rules on Right to Know in Convention

 1. Belgian Data Protection Authority Finds SWIFT in Breach of DP Law

The Belgian Privacy Commission has issued its report on the transfer of personal data to the US Department of Treasury by SWIFT, the cooperative company with head offices in Belgium. SWIFT (see PL&B's International Newsletter October 2006 pp.9-10) provides 7,800 financial institutions with the transmission of financial messages, with two centres, one in Europe and the other in the US.

The Commission considered that Belgian privacy law was applicable because transaction could involve private Belgian individuals and because the SWIFT headquarters is in Belgium.

The Commission concluded that SWIFT should have complied with its obligations under Belgian privacy law, particularly with regard to the rules concerning personal data transfer to countries outside the EU. SWIFT had made substantial errors of judgment in complying with the US subpoenas (court orders). The authorities, including the Belgian Privacy Commission and the European Commission, should have been informed from the
beginning.

The European Union's Article 29 Data Protection Working Party (a group of EU member state 25 national Data Protection Authorities) will meet in late November and announce its opinion on the subject.

 2. World Data Protection Commissioners Urge Action

The International Conference of Data Protection and Privacy Commissioners, meeting in London on November 2nd and 3rd, have announced a joint initiative to protect privacy. Key areas for co-operation are:

1. assessing the effectiveness of traditional data protection and adapting it to technological advances;
2. adopting more effective communication with the public and policy makers about privacy issues;
3. increasing public awareness of data protection and privacy rights.

The conference considered several subjects, including recognising that surveillance can be well-intentioned and bring benefits. However, unseen, uncontrolled or excessive surveillance can pose risks that go beyond the effect on personal privacy. Privacy and data protection are important, and public trust and confidence are paramount.

3. Inter-American Court Rules Right to Know in Convention

In the first decision of its kind from an international tribunal, the Inter-American Court of Human Rights has ruled that there is a fundamental human right to access government information.

In the case of Claude Reyes and others vs. Chile, the Court found in favour of three environmental activists who in 1998 sought information from the Chilean government about a controversial logging project. By failing to provide access to the requested information, the Court held that Chile had violated Article 13 of the American Convention on Human Rights, which guarantees the right to receive and impart information.

The ruling will be of particular importance to future interpretation of the European Convention on Human Rights. The European Court of Human Rights has ruled three times that Article 10 of the Convention, which guarantees the right to receive and impart information in words almost identical to those in the Inter-American Convention, is not violated by the refusal of government to provide requested information. The Inter-American Court's ruling may persuade the European Court to change it restrictive interpretation.

Click here for further information about subscribing to the international newsletter.