Privacy International has lodged an official complaint with the Irish data protection commissioner over the covert monitoring of EU citizens' money transfers by the CIA.
The London-based human-rights group confirmed yesterday it had lodged a formal complaint with data protection commissioner Billy Hawkes against Swift, a Belgian-based firm that provides a system linking 7,800 financial institutions worldwide.
It is one of 32 separate complaints made to commissioners in 25 EU member states and Australia, New Zealand, Canada, Switzerland, Liechtenstein, Norway and Iceland. The group also said it had filed a complaint in the Chinese territory of Hong Kong.
Simon Davies, director of Privacy International, said the secret monitoring of European citizens' private banking transactions was clearly illegal under existing data protection law. There also should be a full inquiry to determine exactly what is happening with the data. "We don't know all the details relevant to this system and one of the most revealing things about the case is that such a secret could be kept."
Swift, which stands for the Society for Worldwide Interbank Financial Telecommunications, is at the centre of a Belgian government inquiry into the handover of personal information to US anti-terrorist agencies such as the CIA and FBI.
Over the past four years, the firm has passed on to the US authorities details on millions of money transfers made by citizens and businesses between the EU and US.
Swift has said it was complying with US law as it was provided with court orders following the terrorist attacks on September 11th, 2001. But experts in data protection law and politicians in many EU states have doubts about the legality of the transfer.
Seán Sweeney, compliance officer at the Irish data protection commissioner's office, said he could not comment on whether an investigation was ongoing in the Swift case.
But he said in such a case the commissioner would have to establish a few key pieces of information early on. "Has the personal data of people resident in Ireland been accessed? If so, by whom, how and from where? The access point will be very important in determining jurisdiction. If Irish data are accessed in Belgium, it will be necessary to establish the conditions under which the data were supplied to Swift, in order to determine what power the commissioner may have to investigate."
Labour MEP Proinsias De Rossa said the Swift case was yet another example of the erosion of EU citizens' civil rights in the name of the US "war on terror".
"It is not acceptable that the CIA or FBI can access records like this," said Mr De Rossa, who urged the Government to hold an inquiry into the monitoring of banking records and called on the Irish Central Bank to explain what it knew about the CIA programme.
Several central banks in Europe knew that Swift was passing on details to the CIA from its US offices, but it is understood that many did not tell their governments.
The Irish Central Bank refuses to confirm or deny whether it knew.
The European Parliament is proposing to debate the issue at its plenary session in Strasbourg next week.
It is already investigating the CIA role in rendition flights through European airports and some MEPs are now calling for it to extend its investigation to the Swift system.