Translated Article: CIA Data Mining in SWIFT Financial Data from Europe
[Editor’s note: This article was translated before the invasion of Russian troops into Ukraine. It features SWIFT, and the discussed data mining methods still apply regardless of the sanctions.]
Massive financial datasets are constantly being delivered from the EU to the US as part of the TFTP treaty against terrorist financing. The CIA receives this data.
The fog is slowly clearing around the huge datasets in which the CIA claims to be data mining. The “foreign financial data platforms” from which the CIA “collects large amounts of structured financial data” to stop ISIS terrorist funding are the databases of payment processor SWIFT.
Around 11,000 banks from 200 countries process their payment transactions via the SWIFT system, which currently processes around 40 million data records every day. Some of this data is delivered to the CIA from the European SWIFT system. This data sharing is based on the 2010 TFTP Treaty on Countering Terrorist Financing.
“Terrorist Activity Prediction Pattern”
It was already known in 2010 that these data transfers from the SWIFT data centers in Holland and Belgium, which are officially going to the US Treasury Department, contained massive data sets. On the one hand, this is due to the technical set-up of the SWIFT systems, because individual transfers are not transmitted there, rather the data exchange between the banking groups is processed in bulk. Such a file in SWIFT FIN format for interbank transactions can contain large amounts of individual money transfers from companies, institutions and private individuals that have nothing in common with each other other than the same financial institution and the time of the transfer.
In addition, the inquiries are extremely wide-ranging, which has also been known since 2010. For example, payment transactions from a specific bank are requested over a specific period of time, or all foreign transfers from a specific economic area over several days. Such amounts of data are needed “to detect anomalies indicative of terrorist or criminal activity,” according to the section of the CIA document cited above. Patterns for predicting terrorist or criminal activities are also to be discovered using data mining. So the CІA is doing “predictive policing” here, and if this CIA program only serves to investigate the financial flows of IS terrorists, why are “criminal activities” also included in this preamble of the CIA?
Why most of the data comes from Europe
There are historical reasons why SWIFT data, which is processed in Europe, is so popular in the USA. In 2006 it became known that since 2001 the CIA had systematically extracted and analyzed huge amounts of data from the SWIFT data center in Culpeper, Virginia. Until then, all transactions had been fully mirrored at the two main locations in Culpeper and Zoeterwoude (Holland). As a result of this scandal, the SWIFT system was separated, and since then the data generated in the EU area has only been processed and stored in the Zoeterwoude data center in the Netherlands and, since 2013, also at the new location in Diessenhofen (Switzerland). Since then, the SWIFT system has consisted of a transatlantic and a European-Asian zone, intra-European transactions are only mirrored between Zoeterwoude and Diessenhofen.
According to its own statements, the CIA program is aimed at the financial flows of the IS terrorists. However, bank transfer data from the Middle East or the Persian Gulf is processed in Europe, because the Swiss data center was also built for this. A certain portion of these records are formally provided to the US Treasury under the TFTP contract, but the CIA’s mandate to do so is obvious. So if the payment transactions from Abu Dhabi with European banks are requested over a certain period of time, then all transactions from Austrian banks with Abu Dhabi are included.
A blatant breach of contract?
The above passage explains why the CIA kept the existence of this data mining program a secret, even from the relevant Senate committee. “The data supplied may only be used for the detection, investigation, prevention and prosecution of terrorists and their financing,” says the TFTP contract (Article 5, paragraph 2). As quoted above, the CIA says it also uses this data to prosecute other crimes. The TFTP agreement “should not and will not include data mining, or any other type of algorithmic or automated profiling” states in Article 5 paragraph 3, according to paragraph 4b “the data supplied shall not be linked to any other database”.
However, the CIA compares this data with “unstructured data sets” which must have come from the NSA, because unstructured data sets are the result of tapping data streams from fiber optic lines. So this all looks very much like a blatant breach of contract by the US side. In order to clarify this, a request was sent to the EU Commission, which negotiated the TFTP contract with the USA.