Data Protection Commissioner welcomes public debate on the inter-cantonal agreement on the exchange of data between police corps and the planned involvement of the federal government.
To mark International Data Protection Day, experts will be discussing the topic of ‘Data protection and vulnerability’ at the University of Lausanne on 26 January.
The FDPIC recommends the deferral of access until the PInC has completed its work if the disclosure could significantly harm the free opinion-forming and decision-making process of the PInC.
The FDPIC hosted the European Case Handling Workshop in Bern from 8 to 9 November 2023, under the aegis of the Conference of European Data Protection Authorities.
As the only legally binding international instrument for the protection of personal data, Convention 108 plays a crucial role in promoting the right to privacy worldwide.
Under the new Data Protection Act, there is an obligation for federal bodies and private individuals to prepare a DPIA if the planned data processing entails a high risk for the personality or fundamental rights of the data subjects.
The FDPIC, acting with nine other national data protection authorities, has published a joint statement to social media platform operators on the protection of personal data against data scraping.
The factsheet is designed to provide a brief overview of the investigation. It summarises the in-depth interpretations of the FDPIC on Articles 49-53 FADP.
In view of the entry into force of the revised Data Protection Act, the FDPIC is completing its reporting portals with the online registration of Data Protection Officers.
Switzerland is also engaged in discussions on a Swiss-U.S. Data Privacy Framework). Under the new FADP it will be the responsibility of the Federal Council to decide on the adequacy of states.
The FDPIC has updated the content of its website ahead of the new Data Protection Act coming into force on 1 September 2023. At the same time, the ‘DataBreach Portal’ for reporting security vulnerabilities is available.
The exclusion of citizens' rights of access guaranteed by the Freedom of Information Act by way of an emergency ordinance raises fundamental legal issues.
Nach dem Verbot von ChatGPT in Italien rät der EDÖB Nutzerinnen und Nutzern zu einem bewussten Umgang mit KI-gestützten Anwendungen und erinnert Unternehmen an ihre Pflichten.
The Microsoft Office 2021 applications that are currently still run locally throughout the Federal Administration are to be replaced by the public cloud-based Microsoft 365 application.
Elections and votes at all federal levels in Switzerland now take place in a digitalised world. Those involved in forming political opinion use the potential of digitalisation to specifically target their campaigns at voters. In this, voters’ rights to privacy and self-determination may come under considerable threat.
When the new Data Protection Act (FADP) comes into force on 1 September 2023, the procedure for registering data files with the FDPIC will undergo a change. From this date onwards, only federal bodies will have to report their data processing activities to the FDPIC.
In a lawsuit filed in the US on 19 August 2022 against Oracle America Inc., plaintiffs raise serious allegations of unlawful tracking of internet users.
In its latest report, the Global Privacy Assembly identifies credential stuffing as a growing threat to personal data. The related guidelines provide users with information on security measures that can be taken to protect against this threat.
In view of certain differences of legal opinion, the FDPIC is advising Suva to reconsider the decision to outsource its personal data processing to a cloud service operated by the US company Microsoft.
Die Stiftung meineimpfungen hat am Freitag, 04.11.2021 damit begonnen, den Nutzerinnen und Nutzern der Plattform deren Impfdaten als Anhang einer unverschlüsselten E-Mail zukommen zu lassen.
In der Sachverhaltsabklärung betreffend die Plattform meineimpfungen.ch hat der EDÖB der Stiftung meineimpfungen Ende Juli 2021 seinen Schlussbericht zugestellt. Darin hat er drei Empfehlungen formuliert.
In its statement of 27 August 2021, the FDPIC recognises the standard contractual clauses for the transfer of personal data to third countries in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (pursuant to Implementing Decision 2021/914/EU) as the basis for personal data transfers to a country without an adequate level of data protection, provided that the necessary adaptations and amendments are made for use under Swiss data protection law.
The FDPIC has issued the following memorandum to the US Securities and Exchange Commission (SEC) on the question of the lawfulness of the transfer of data from Swiss asset managers to the US supervisory authority
By offering the option of providing certificates in paper form, and creating an additional minimal data QR code for use in Switzerland, the Federal Council has dispelled key concerns raised by the Federal Data Protection and Information Commissioner (FDPIC).
Bis zum Inkrafttreten des neuen DSG werden Privatwirtschaft und Bundesbehörden ihre Bearbeitung von Personendaten an die neuen Bestimmungen anpassen müssen. Der Beauftragte hat hierzu die aus seiner Sicht wesentlichsten Neuerungen festgehalten und publiziert.
16.07.2020 - In its judgment of 16 July 2020 in Case C-311/18 Data Protection Commissioner v. Facebook Ireland Ltd and Maximilian Schrems, the Court of Justice annulled Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield.
After reviewing the NCSC report on Risk Estimation Proximity Tracing, the FDPIC has confirmed his assessment that the Swiss proximity tracing system operated by the Federal Office of Public Health and the SwissCovid app are data protection compliant.
The FDPIC supervises the implementation of the protection plans by private companies. He attaches importance to the fact that the procurement and transfer of personal data within the framework of these plans is voluntary.
Despite the rush with which business meetings, children’s ‘visits’ with their grandparents, or even parties have been moved online, we must not forget how important information security and data protection continue to be.
17.03.2020 - Insofar as private individuals (in particular employers) process personal data to combat the pandemic, the principles set out in Article 4 of the Federal Act on Data Protection must be respected.
Following the referendum held in the United Kingdom in June 2016, the British government announced its decision to withdraw from the European Union (Brexit). The United Kingdom will leave the EU on 31 January 2020.
The FDPIC welcomes the fact that the Council of States has debatted the totally revised DPA and has adopted most of the improvements proposed by its Commission in comparison to the National Council version.
The FDPIC welcomes the fact that, within the short time available up to the end of the session, the Political Institutions Committees of the Council of States (PIC-S) has succeeded in adopting a legislative text for the attention of the Plenum of the Council of States that is ready for consultation and significantly improved on the version of the National Council.
On the eve of the federal parliamentary elections on 20 October, Facebook is set to introduce features aimed to appeal to Swiss users of its social media platform.
Now that the National Council has treated the complete revision of the Federal Act on Data Protection (FADP) as first chamber of parliament, the FDPIC hopes that the second chamber will be able to schedule the debate in its winter session and improve the protection of the Swiss population by aligning it with European standards.
Following its discussion of the Federal Council dispatch of 15 September 2017, the National Council’s political institutions committee decided on 16 August 2019 based on the casting vote of its president to remit the draft of the totally revised Data Protection Act to the plenary session of the National Council for debate.
In a letter dated 13 June 2019 in response to an enquiry from the FDPIC, Postfinance AG confirmed that their Swiss customers will still require to register an express objection if they do not wish their identity to be authenticated by voiceprint.
The Libra Association has replied to the FDPIC's letter of 17 July and promised a prompt response to issues raised. It plans to meet the FDPIC in the coming weeks for talks.