Accessibility Tools

- T -


TFTP

The Terrorist Finance Tracking Program (TFTP) is a United States government program to access the SWIFT transaction database, revealed by The New York Times in June 2006. Based in Belgium, SWIFT (Society for Worldwide Interbank Financial Telecommunication) establishes common standards for financial transactions worldwide. The Terrorist Finance Tracking Program is viewed as a tool in the "Global War on Terrorism". It is said to allow additional scrutiny that could prove instrumental in tracking transactions between terrorist cells. Concerns have been raised that this classified program might be a violation of U.S. and European financial privacy laws, because individual search warrants to access financial data were not obtained in advance.

In February 2010, on the basis of these privacy concerns, the European Parliament rejected the conclusion of an agreement allowing US authorities access to European financial transactions data. In May 2010, the Commission started negotiating a new agreement, with the aim of ensuring better data protection safeguards.

The EDPS adopted an opinion on the European Commission's draft agreement in June 2010 in which he called for further data protection improvements. In July 2010, the European Parliament gave its approval to the conclusion of a revised agreement.

Third country 

A third country is a country which has not adopted a national law for the implementation of Directive 95/46/EC - as opposed to the 27 Member States of the EU and the three European Economic Area (EEA) countries Norway, Liechtenstein and Iceland.

Third countries need to ensure an adequate level of protection for personal data in order to enable transfers of personal data from the EU and EEA Member States to them.

The Commission has so far recognized Switzerland, Canada, Argentina, Guernsey, Isle of Man, Jersey and the US Department of Commerce's Safe Harbor Privacy Principles, as providing adequate protection.

The effect of such a decision is that personal data can flow from the EU and EEA Member States to that third country (within the limit of the material scope as described by each Decision) without any further safeguards.

See also: Q&A on Transfer of personal data

Third party 

According to Article 2 (f) of Regulation (EC) No 45/2001, third party shall mean "a natural or legal person, public authority, agency or body, other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor are authorised to process the data."

In the context of the EU institutions and bodies, a third party may be a public authority or private party which temporarily needs to process the personal data of an official. This may be the case, for instance, if an official, who moves to his workplace to start work and who is temporarily entitled to VAT-exemption, buys a car. In that case, the car company, the insurance company, the Ministry of Finance and the authority responsible for the car register would be third parties.

Traffic data 

Traffic data are data processed for the purpose of the conveyance of a communication on an electronic communications network.

According to the means of communication used, the data needed to convey the communication will vary, but may typically include contact details, time and location data.

Although such traffic data are to be distinguished from content data, both are quite sensitive as they give insight in confidential communications. These data therefore enjoy special protection in Articles 5 and 6 of the E-privacy Directive 2009/136/EC and Articles 36 and 37 of Regulation (EC) No 45/2001.

Transfer 

See: Data transfer

  • 23 September 2016

    The coherent enforcement of fundamental rights in the age of Big Data. Read the Opinion and press statement

  • 22 September 2016

    Migration, security and fundamental rights: A critical challenge for the EU. Read the Opinions and the press release.

  • 08 September 2016

    Accountability needs technology! - read the latest blogpost by Wojciech Wiewiórowski.

  • 17 August 2016

    The EDPS, in collaboration with European consumer organisation BEUC, is hosting a joint conference on Big Data: individual rights and smart enforcement. The conference will take place in Brussels on 29 September 2016. For more information on the conference and how to register, visit the EDPS Events page.

  • 05 August 2016

    Our IT services are undergoing scheduled maintenance from 12 to 15 August. Please note that, for technical reasons, we cannot guarantee that the complaints and annexed files submitted during this period will reach us - despite a possible acknowledgement of receipt. Should you not receive any acknowledgement of receipt within 10 working days from submitting your complaint, please do let us know.

  • 30 September 2016

    Giovanni Buttarelli pays an accountability visit to the European Court of Justice, Luxembourg

  • 30 September 2016

    Speech by Giovanni Buttarelli at the Seminar organised by the International Association of Lawyers on Data Protection in Financial Technology, Insurance and Medical Services: A new regulation and perspectives, Luxembourg

  • 29 September 2016

    EDPS-BEUC Conference on Big Data: individual rights and smart enforcement, Speech by Giovanni Buttarelli, Brussels, Belgium

  • 28 September 2016

    Giovanni Buttarelli and Wojciech Wiewiórowski meeting Michael O'Flaherty, the Director of the  EU Agency for Fundamental Rights Agency, Brussels, Belgium

  • 27 September 2016

    Giovanni Buttarelli meeting Thomas Lösse-Mueller, Head Chancellery Schleswig Holstein, Brussels, Belgium

  • 27 September 2016

    107th Plenary meeting of the Article 29 Working Party, Participation of Giovanni Buttarelli and Wojciech Wiewiórowski, Brussels, Belgium

  • 27 September 2016

    Giovanni Buttarelli meeting Shadow Rapporteurs on smart borders proposals, European Parliament, Brussels, Belgium

  • 26 September 2016

    Seminar on data protection at University of Bologna, Speech by Giovanni Buttarelli, Bologna, Italy