Tuesday, August 15, 2006

Privacy Commissioner launches investigation of SWIFT disclosures

The Canadian Privacy Commissioner, Jennifer Stoddart, has announced that she will begin a formal investigation of the possible disclosure of personal information of Canadians by the Society for Worldwide Interbank Financial Telecommunication (SWIFT). It has been reported that US law enforcement have been perusing the data of this interbank clearing centre to track terrorism finances.

This is most interesting because in the past she has refused to investigate outside of Canada for lack of jurisdiction to effectively gather info outside our borders.

Here is the Commissioner's release:

Privacy Commissioner launches investigation of SWIFT

Ottawa, August 14, 2006 – The Privacy Commissioner of Canada, Jennifer Stoddart, has officially launched an investigation of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a European-based financial cooperative that supplies messaging services and interface software to a large number of financial institutions in more than 200 countries, including Canada, to determine whether personal information relating to Canadians’ financial transactions is being improperly disclosed by SWIFT to foreign authorities. The Commissioner has notified SWIFT of her intention to launch an investigation into the matter.

“The risks resulting from personal information flowing across borders is something that we have been expressing concerns about for some time. The SWIFT situation concerns privacy commissioners world wide and is something we need to examine in more detail,” said Ms. Stoddart. “Although there are times when we are unable to lawfully investigate a complaint about something taking place outside Canada with Canadians' personal information, we have determined that we are, in fact, in a position to investigate this important matter.”

Before launching an official investigation, the Office of the Privacy Commissioner of Canada (OPC) first looked into the situation to examine what was taking place and to determine the extent to which it could get involved, given questions surrounding jurisdiction and the application of Canada’s federal privacy laws. Based on the information gathered during this preliminary phase, the Commissioner has determined that she has reasonable grounds for a commissioner-initiated complaint against SWIFT to ascertain whether there has been any contravention of the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy law. The Commissioner derives this authority from section 11(2) of PIPEDA, which states that “if the Commissioner is satisfied that there are reasonable grounds to investigate a matter… the Commissioner may initiate a complaint in respect of the matter.”

In addition to its investigation of SWIFT, the OPC has also received complaints against several Canadian financial institutions and is investigating their involvement.

The OPC is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy rights in Canada.

View the Commissioner's June 2006 news release on the SWIFT issue.

— 30 —

It is being widely reported elsewhere:

No comments: