Effective data protection must transcend borders.
Effective data protection must transcend borders.
Effective data protection also requires cooperation between data protection authorities at international level and the development of cross-border standards. It must be possible to provide coordinated responses in the case of transnational data processing, which has become a ubiquitous reality, and to guarantee the same rights to all persons whose data is processed (the data subjects), regardless of their place of residence. To this end, the Swiss Federal Data Protection Commissioner (FDPIC) participates in the work of the following bodies:
The Consultative Committee for the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.
The FDPIC regularly participates in the meetings of the Consultative Committee for the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108). In November 2020, a representative of the FDPIC was elected to the office of the Consultative Committee on Convention 108 and in November 2022 as its first Vice-President, leading the work of the Committee between plenary sessions. This means that, after a short break, the FDPIC is again actively represented in the Convention 108 office.
In order to modernise Convention 108 and its Additional Protocol 181, the Committee of Ministers of the Council of Europe adopted Amendment Protocol 223. Amendment Protocol 223, known as Convention 108+, will come into force as from 11 October 2023, once 38 States Parties are party to the Protocol. This will probably be the case in the course of 2024.
Switzerland has deposited the instrument of ratification of the Amending Protocol on 7 September 2023, shortly after the entry into force of the revised Data Protection Act (FADP), in Berne in the presence of the Secretary General of the Council of Europe.
The Global Privacy Assembly - GPA (also known under its French name, Assemblée mondiale pour la protection de la vie privée - AMVP) formerly known as the International Conference of Privacy and Data Protection Commissioners (ICDPPC), has been meeting since 1979 and is a forum for global exchange in which its 130 members share views, best practices and adopt common positions. The FDPIC is actively involved in the GPA. Through its work with the GPA, the FDPIC supports the development of harmonised approaches to data protection and privacy issues at a global level. The coordination of efforts in the global data protection and privacy arena informs and supports the work of the FDPIC.
The FDPIC chairs one of the nine working groups of the GPA.
The Working Group on the Role of Privacy in International Development Assistance, International Humanitarian Assistance and Crisis Management (WG AID) was established at the 42nd World Privacy Assembly (GPA) in 2020. At that time, the FDPIC presented a resolution on the role of personal data protection in international development assistance, international humanitarian assistance and crisis management. Since then, he has been chairing the working group on this issue.
The composition of the WG AID, which has some 20 members, reflects the geographical diversity of the GPA and brings together data protection authorities from around the world as well as international organizations, including the ICRC and UNHCR.
A Resolution on Privacy and International Humanitarian Action was adopted by personal data protection authorities from around the world at the 37th International Conference of Data Protection and Privacy Commissioners held in 2015 in Amsterdam. A working group was set up, including the French-Speaking Association of Personal Data Protection Authorities (AFAPDP) and a representative of the Federal Data Protection and Information Commissioner (FDPIC), who was also responsible for coordinating the group.The handbook covers the fundamental principles and legislation relating to personal data protection and devotes a chapter to each of the technologies that use personal data in the context of humanitarian action. It is available on the website of the International Committee of the Red Cross (ICRC).
The International Working Group on Privacy in Technology (also known as the Berlin Group) was established in 1983 as part of the International Conference on Data Protection and Privacy. Until 2021, the Group's secretariat was run by the Berlin Data Protection Authority (Berlin Data Protection Commissioner); since March 2021, the German Federal Data Protection Authority (BfDI) has taken over the running of the secretariat. The group focuses on data protection and issues related to information technology in a broader sense that impact privacy, such as AI or the Internet of Things.
The data protection authorities of the EU Member States and the Council of Europe meet every year for a spring conference to discuss issues of common interest and to exchange information and experiences on different topics. The FDPIC contributes actively to the discussions. The conference generally ends with the adoption of resolutions.
The European Case Handling Workshop is organised as part of the Spring Conference. A discussion of practical cases leads to an important exchange of knowledge between data protection authorities.
The French-Speaking Association of Personal Data Protection Authorities (AFAPDP) is an association created in 2007 in Montreal on the initiative of some thirty representatives from Francophone data protection authorities and states. Its objective is to promote the right to personal data protection in states that do not yet have legislation, to launch a debate about the challenges facing data protection in French-speaking regions and to promote the creation of a network for exchange and cooperation between independent data protection authorities.
It contributes to the development and promotion of French-speaking expertise in the field of personal data protection.
A representative of the FDPIC is a member of the association’s bureau.
AFAPD member authorities, including the FDPIC, met in Tangiers on 2 and 3 October 2023 for the Rencontres francophones de la protection des données personnelles. The work carried out at this meeting focused mainly on data scraping, which consists of the automated extraction of personal information from the Internet. This practice poses a number of risks to personal data, including targeted cyber attacks, identity theft, profiling, spamming and unauthorised direct marketing. Canada's Office of the Privacy Commissioner, Morocco's Commission nationale pour le contrôle des données à caractère personnel (CNPD) and Switzerland's Préposé fédéral à la protection des données et à la transparence presented the joint position they published last August with 9 other data protection authorities, recommending that digital companies take a number of measures.
The AFAPPD also welcomed the authorities of Georgia, Kosovo and Mauritania, bringing its membership to 26.
The Organization for Economic Cooperation and Development (OECD) brings together 37 members worldwide. Its goal is to develop better policies, including in the area of personal data protection. The FDPIC participates as Switzerland's representative in the "Data Governance and Privacy" working group.
Last modification 21.11.2023