When the new Data Protection Act (FADP) comes into force on 1 September 2023, the procedure for registering data files with the FDPIC will undergo a change. From this date onwards, only federal bodies will have to report their data processing activities to the FDPIC.
In a lawsuit filed in the US on 19 August 2022 against Oracle America Inc., plaintiffs raise serious allegations of unlawful tracking of internet users.
In its latest report, the Global Privacy Assembly identifies credential stuffing as a growing threat to personal data. The related guidelines provide users with information on security measures that can be taken to protect against this threat.
In view of certain differences of legal opinion, the FDPIC is advising Suva to reconsider the decision to outsource its personal data processing to a cloud service operated by the US company Microsoft.
In its statement of 27 August 2021, the FDPIC recognises the standard contractual clauses for the transfer of personal data to third countries in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (pursuant to Implementing Decision 2021/914/EU) as the basis for personal data transfers to a country without an adequate level of data protection, provided that the necessary adaptations and amendments are made for use under Swiss data protection law.
The FDPIC has issued the following memorandum to the US Securities and Exchange Commission (SEC) on the question of the lawfulness of the transfer of data from Swiss asset managers to the US supervisory authority
By offering the option of providing certificates in paper form, and creating an additional minimal data QR code for use in Switzerland, the Federal Council has dispelled key concerns raised by the Federal Data Protection and Information Commissioner (FDPIC).
Bis zum Inkrafttreten des neuen DSG werden Privatwirtschaft und Bundesbehörden ihre Bearbeitung von Personendaten an die neuen Bestimmungen anpassen müssen. Der Beauftragte hat hierzu die aus seiner Sicht wesentlichsten Neuerungen festgehalten und publiziert.
Für die Erfassung von Kontaktdaten für das Contact Tracing besteht eine gesetzliche Grundlage. Die Covid-19-Verordnung besondere Lage sieht vor, welche Daten zu welchem Zweck gesammelt werden dürfen.
Der Beauftragte ist mit dem Vorhaben des Bundesrates, Dokumente betreffend Preismodelle bei Arzneimitteln vom Öffentlichkeitsgesetz auszunehmen, nicht einverstanden.
Unter der Kurzbezeichnung «BAZG-Vollzugsaufgabengesetz» hat der Bundesrat die Vernehmlassung über ein Gesetzespaket eröffnet, mit dem er die rechtliche Grundlage für das Digitalisierungs- und Transformationsprogramm (DaziT) der Eidgenössischen Zollverwaltung schaffen will.
16.07.2020 - In its judgment of 16 July 2020 in Case C-311/18 Data Protection Commissioner v. Facebook Ireland Ltd and Maximilian Schrems, the Court of Justice annulled Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield.
After reviewing the NCSC report on Risk Estimation Proximity Tracing, the FDPIC has confirmed his assessment that the Swiss proximity tracing system operated by the Federal Office of Public Health and the SwissCovid app are data protection compliant.
The FDPIC supervises the implementation of the protection plans by private companies. He attaches importance to the fact that the procurement and transfer of personal data within the framework of these plans is voluntary.
Der EDÖB stellt in datenschutzrechtlicher Hinsicht Verbesserungen fest, namentlich aufgrund des dezentralen Ansatzes. Er wird bei der bevorstehenden Einführung weiter auf einen optimalen Datenschutz hinwirken.
Despite the rush with which business meetings, children’s ‘visits’ with their grandparents, or even parties have been moved online, we must not forget how important information security and data protection continue to be.
Am 21. März 2020 wurde der EDÖB von der École polytechnique fédérale de Lausanne (EPFL) gebeten, das Projekt für eine «Covid proximity tracing App», an welchem die EPFL mitwirkt, einer Grobbeurteilung zu unterziehen.
Der EDÖB hat unterdessen vom BAG wie auch von der Swisscom sachdienliche Dokumente dazu erhalten. Beide haben zudem zugesichert, den EDÖB künftig laufend über die datenschutzrelevanten Projekte zur Pandemiebekämpfung ins Bild zu setzen,
17.03.2020 - Insofar as private individuals (in particular employers) process personal data to combat the pandemic, the principles set out in Article 4 of the Federal Act on Data Protection must be respected.
In Ergänzung seiner Mitteilung zur Applikation Clearview präzisiert der EDÖB seine Haltung zur massenhaften Beschaffung und Weiterbearbeitung von Gesichtsdaten über das Internet.
Following the referendum held in the United Kingdom in June 2016, the British government announced its decision to withdraw from the European Union (Brexit). The United Kingdom will leave the EU on 31 January 2020.
The FDPIC welcomes the fact that the Council of States has debatted the totally revised DPA and has adopted most of the improvements proposed by its Commission in comparison to the National Council version.
The FDPIC welcomes the fact that, within the short time available up to the end of the session, the Political Institutions Committees of the Council of States (PIC-S) has succeeded in adopting a legislative text for the attention of the Plenum of the Council of States that is ready for consultation and significantly improved on the version of the National Council.
On the eve of the federal parliamentary elections on 20 October, Facebook is set to introduce features aimed to appeal to Swiss users of its social media platform.
Now that the National Council has treated the complete revision of the Federal Act on Data Protection (FADP) as first chamber of parliament, the FDPIC hopes that the second chamber will be able to schedule the debate in its winter session and improve the protection of the Swiss population by aligning it with European standards.
Mit Entscheid vom 3. September 2019 hat das Bundesverwaltungsgericht (BVGer) die Beschwerde des EDÖB gegen die Eidg. Steuerverwaltung (ESTV) und das Eidg. Finanzdepartement (EFD) gutgeheissen.
Following its discussion of the Federal Council dispatch of 15 September 2017, the National Council’s political institutions committee decided on 16 August 2019 based on the casting vote of its president to remit the draft of the totally revised Data Protection Act to the plenary session of the National Council for debate.
In a letter dated 13 June 2019 in response to an enquiry from the FDPIC, Postfinance AG confirmed that their Swiss customers will still require to register an express objection if they do not wish their identity to be authenticated by voiceprint.
Aufgrund einer Bürgermeldung hat der Eidgenössische Datenschutz- und Öffentlichkeitsbeauftragte (EDÖB) erfahren, dass ein Kunde von Swisscom verschiedenste E-Mails erhalten hat, die nicht für ihn bestimmt waren.
The Libra Association has replied to the FDPIC's letter of 17 July and promised a prompt response to issues raised. It plans to meet the FDPIC in the coming weeks for talks.
Bundesverwaltungsgerichtsentscheid vom 19. März 2019: Die Helsana Zusatzversicherungen AG hat sich Personendaten für das Bonusprogramm Helsana+ rechtswidrig bei den Grundversicherern beschafft.
Aufgrund der vom Parlament beschlossenen Aufspaltung der Revision des Datenschutzgesetzes in zwei Teile ist das Schengen-Datenschutzgesetz (SDSG) am 1. März 2019 in Kraft getreten.
