2025

In its ruling of 29 January 2025, the FDPIC concluded its investigation against Cembra Money Bank AG (Cembra). In the proceedings, the FDPIC assessed the statutory time limits for processing requests for information and the information to be provided on the personal data processed.

In its decision of 28 April 2025, the FDPIC concluded its investigation into a debt collection agency that published personal data of alleged debtors on a website.

Artificial intelligence (AI) is penetrating economic and social life in Switzerland as elsewhere. The FDPIC therefore wishes to point out that the Federal Data Protection Act, which has been in force since 1 September 2023, is directly applicable to AI-supported data processing.

The FDPIC concludes his preliminary investigation into the use of personal data for training the artificial intelligence (AI) Grok. Users of Platform X can object to their public posts being used to train AI.

The FDPIC accompanies the ‹Cloud Enabling Büroautomation› (CEBA) project from a supervisory perspective. The focus is currently on the data protection impact assessment carried out by the administration and the implementation of the measure to introduce confidentiality labels for federal administration documents (so-called labelling).

The FDPIC has published guidelines on reporting data security breaches.

The FDPIC has published guidelines on data processing using cookies and similar technologies. The guidelines, which are aimed at a specialist audience, describe the data protection requirements for the use of cookies and similar technologies by private controllers, with specific references to the special provisions applicable to federal bodies. The Commissioner derives these requirements from the Federal Data Protection Act (FADP SR 235.1), the Data Protection Ordinance (DPO SR 235.11), the data protection provisions of special federal legislation, as well as from the case law of the Federal Supreme Court, the relevant schools of thought and his previous supervisory practice.

To mark International Data Protection Day, the University of Lausanne's Faculty of Law, Criminal Sciences and Public Administration organised a public conference on the theme of ‹Freedom of choice in the digital age›, in collaboration with the Federal Data Protection and Information Commissioner (FDPIC), the University of Geneva's Centre universitaire d'informatique and ThinkServices.

A group of experts visited the FDPIC on January 20 2025 as part of the Schengen evaluation of Switzerland in the area of data protection. The evaluation is being carried out on the basis of the Schengen Association Agreement (SAA) between the EU and Switzerland, which has been in force since 2008. This agreement facilitates travel between Switzerland and the EU and EEA member states and improves international legal and police cooperation.