Canadian Privacy Commissioner Jennifer Stoddart concluded an investigation Monday into the Society for Worldwide Interbank Financial Telecommunication (SWIFT), finding that the European financial cooperative did not violate Canadian privacy laws by post-September 11 information-sharing with the US Department of the Treasury. SWIFT was alleged to have illegally disclosed personal information of some customers of Canadian financial institutions in violation of Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). Stoddart found that while SWIFT was subject to the terms of PIPEDA, it did not contravene the Act when it complied with lawful subpoenas served outside the country and disclosed personal information about Canadians to foreign authorities.
Stoddart said she would petition Canadian authorities to encourage the US to rely on existing, more transparent measures such as anti-money laundering and anti-terrorism financing mechanisms rather than subpoenas.
In November the European Commission's Article 29 Data Protection Working Party found that SWIFT violated European privacy laws when it released similar information about cross-border wire transfers by European citizens to the US government. The New York Times and other papers revealed the once-secret program in June 2006, prompting sharp criticism from the Bush administration, which defended the initiative. According to US government officials, the program targeted those with suspected ties to Al Qaeda.