The US Treasury has backed down in a long-running stand-off with the European Union over the handling of personal data from the Swift financial services messaging network. 

Since the terrorist attacks on the US on 11 September 2001, the US Treasury has pressured Swift to hand over personal data that it wants to analyse for possible terrorist finance links, issuing administrative subpoenas to enforce the request.

But if the data originates in the EU, handing it to a third country contravenes European Data Protection Laws.

The US Treasury has now made a written unilateral commitment (known as a Representation) to the EU, promising to abide by EU data protection laws when it handles personal information from Swift that originated in Europe.

The scope of the Representations include the appointment of an "eminent European" from the European Commission to oversee the US Treasury's handling of personal data.

Individuals will be informed if their data is passed on to the US Treasury for investigation.

European personal data handed from Swift to the US Treasury can be used only for the purposes of an investigation and can be retained for a maximum of five years.

Furthermore, Swift will become part of the Safe Harbour deal, struck between the EU and US over data protection laws in 2000. 

The Safe Harbour provisions were agreed between the EC and US government to ensure that US companies operating in the EU could not transfer data to the US (or any country for that matter) and use it in any way which contravened European data protection legislation.

Safe Harbour effectively extends the jurisdiction of European data protection law to US soil, or as far as the personal data travels.

"The EU will have now the necessary guarantees that US Treasury processes data it receives from Swift's mirror server in US in a way which takes account of EU data protection principles," said Franco Frattini, European Commissioner for Justice, Freedom and Security.