The Register® — Biting the hand that feeds IT

Europe votes to restrict police data sharing

Anonymous Coward

Jelly vs Water 

Posted Wednesday 23rd May 2007 14:57 GMT

Fill a colander full of jelly, it runs out slowly through the holes.

Make the jelly more watery, it runs out much quicker.

Either way there's still holes in the **** colander through which this information ^d ^d ^d ^d ^d jelly is flowing.

This just slows the leak of information out of Europe, it doesn't secure Europe's information border.

SWIFT opened their database to direct access by US Treasury staff on behalf of the FBI, NSA, . They admitted as much:

http://www.swift.com/index.cfm?item_id=61228

"How does SWIFT audit the US Treasury’s access to data?...It has obtained substantial audit mechanisms which provide extremely high assurance that access to the data is limited exclusively to ongoing terrorism investigations. SWIFT has internal auditors on site who review every query. "

On site? Pray tell, which site is that? Langley?

You don't *audit* querys , they serve you with a subpoena, the subpoena says exactly what they want, it's checked and approved by a judge or by the FISA court, you give them the data that complies with that subpoena in accordance to the law, or challenge it if you disagree, and nothing else. The judge checks it complies with the laws, not an auditor.

This is the Judicial branch of government and it's the basis by which we protect ourselves from Putinism. It's written right there in the constitution, and SWIFT had a duty to comply with the laws of the land, and not put loyalty to the executive branch above their duties.

There is no such thing as a blanket subpoena giving 'we have access to data subject to audit' there is no such law. There *are* laws that specifically stop SWIFT handing data on US and EU citizens over WITHOUT that specific legal subpoena.

The EU's first test of whether it can plug one hole in the colander and it failed.

Putting in basic protection is not enough, you have to enforce the existing breaches. You have to make an example so that the corporations concerned will not go along with bypassing the judicial protections.

http://www.washingtonpost.com/wp-dyn/content/article/2006/09/28/AR2006092800585.html

"The U.S. Treasury has acknowledged that since the Sept. 11 attacks, it has tracked millions of confidential financial transactions handled by SWIFT."

Millions, that's blanket fishing, in direct violation of EU and US law.