Answer to Written Question: US Terrorist Finance Tracking Programme cyberattack
(Source: European Parliament)
Answer given by Ms Johansson
on behalf of the European Commission
As the Commission set out in its reply to written question E-006980/2020, the relevant data is, in accordance with the safeguards required by the Agreement between the EU and the United States on the Terrorist Financing Tracking Programme, held in a secure physical environment, stored separately from any other data, subject to physical intrusion controls and is not interconnected with any other database. According to information from the United States authorities, this data was not impacted by the reported cyberattack.
While the independent overseers, including the EU one, are tasked with the monitoring and oversight of all searches performed on the provided data to ensure compliance with the strict counter terrorism purpose limitation and the other safeguards set out in Articles 5 and 6 of the Agreement, they are not involved in the technical support, management and broader oversight of the Agreement. The Agreement does not regulate access to the secure physical environment where the data is stored, but access to data. The Commission will closely examine data security in the next joint review of the Agreement.
The Commission does not question the value of the Agreement nor has any reason to doubt the efficiency of the current measures that protect the security and integrity of the relevant data. Ensuring that the data are protected from any security threat or failure remains a key priority for the Commission and the United States authorities.