Snippets on the big news story of the SWIFT breach. Domestically, this sort of monitoring is perhaps mundane...
The Treasury routinely monitors financial transactions in U.S. banks under the Bank Secrecy Act. Under that law, banks are required to report any cash transaction above $10,000 and to file a suspicious activity report on any transaction that the bank believes may be tied to criminal activity.
U.S. banks have filed more than 2 million suspicious activity reports since 1996, according to John Hall, a spokesman for the American Bankers Association. Banks are also required to retain information on all transfers of more than $3,000.
Should we admire the UST for their careful governance?. FinTimes says:
He said: "We get a data set from Swift but our analysts cannot just look through that data - they have to type into a computer the targeted search they want to do."
This search request must include the name of the targeted person or entity and the reason for believing that person could be associated with terrorism. "There is a record kept of every single search," he said. "Swift itself has people inside our facility who can monitor these searches in real time, and if they have any questions they can stop a search instantly and ask these questions."
As a further safeguard, he said the Treasury had appointed an independent auditor to examine the log of search requests. Mr Levey said the Treasury could not see the data unless it came up in response to a specific search. "Our most recent number is 0.13 per cent of the information that we have we can access."
According to the New York Times, some of these safeguards were introduced in 2003 after Swift threatened to pull out of the programme.
Apparently not. News also in that the 10 major CBs all had the information, as (I am told) they are all represented on the advisory board of SWIFT.
"We had the information in the context of our monitoring activities" of Swift (Society for Worldwide Interbank Financial Transactions), a BNB [Belgium's national bank] spokesman said, refusing to say when it had that information.
"We were alerted informally in the framework of our contacts with this enterprise," he said. ... The BNB said it saw no ethical problem in an exchange of information between Swift and the US authorities, adding that ethical monitoring was not part of its responsibilities.
The bank was charged with the "external surveillance" of Swift, meaning that it had to "check on a certain number of standards of proper functioning" to ensure that the overall financial sector was performing correctly.
The news about US spying "did not call into question the correct functioning of the institutions". The giving of information was "the responsibility of the business (Swift) vis-a vis its clients. The BNB, for its part, was 'subject to professional secrecy'," the bank said.
It added that Swift's databases were in the US and the Netherlands and their management was subject to legislation in those states.
The major central banks are OK with it. Elsewhere it seems that major Swiss banks confirmed they knew. Also jurisidiction is established by the location of databases.
SWIFT is headquartered in Brussels, but much of its operations are based in the United States, where knowledge of the government's secret access to its data was not widespread. Of officials at three large U.S. banks who agreed to speak about the program, only one said his institution had knowledge of it before yesterday.
"People around here are fine with this," said the official at a major New York bank, who spoke on the condition of anonymity. "It was done right." Treasury Undersecretary for Terrorism and Financial Intelligence Stuart Levey said yesterday that the central bank governors of major industrialized nations had also been briefed, although he did not say when that occurred.
Which all confirms my original impression -- I had simply assumed that this would have been done anyway. Why would SWIFT be immune to the data mining that is going on?
Realpolitik aside, the real story here is this: what and where is the debate about whether this is an acceptable thing or not? What happens when the American agencies successfully breach the safeguards that were forced on them by SWIFT? As they will, in time.
"There was one instance noted at one point in an audit that there had been one search that was done that was, in our view, inappropriate. . . . The person who conducted that search is no longer allowed to work on this program. And no information from any search that's even been questioned has ever been disseminated," Levey said. When information appeared that indicated a non-terrorist crime, such as money laundering or drug trafficking, he said the source of the information was "sanitized" before it was passed to other law enforcement agencies.
Boom! Already, the information is being passed for ML and drugs. See how easy that was? The press will concentrate on meaningless blather like who is that poor unfortunate lamb who was sacrificed to prove the information is governed, and miss the wider significance that the system is already being breached, even as they are saying that it is only for terrorism.
One reason the administration is engaging in so much secret surveillance is that current technology makes it so easy, suggested Paul Light, a public policy professor at New York University. "It's almost a case where the technology is leading the policy. If you can do it, why not do it?"
"Bush and his advisers just don't see privacy rights as a particularly balancing test in making the decision to go ahead with these techniques," Light said.
And, how is the rest of the world going to treat this? My guess is that it will be yet another nudge to all the non-friends of the USA to review their dependency on the dollar. Look to see what Russia, Iran, China and the Muslim world make of this.
If a nudge is one more percentage points off the USD as reserve currency, then the cost is twice that in economic payback to the people of the US, who have to pay back the debt. There are some real victims, then.Posted by iang at June 25, 2006 05:06 PM | TrackBack