When conducting business in Switzerland, one should be conscious of the laws in place to protect individuals’ and companies’ data. The main regulation of data protection in Switzerland is found in the Federal Act on Data Protection of 19 June 1992 (“DPA”) and the corresponding Ordinance to the Federal Act on Data Protection of 14 June 1993 (“DPO”). The law in respect of data protection is wide-reaching and has formed a pivotal part of the Swiss legal system since 1992. In light of vast changes being made in respect of banking secrecy and advancements in internet technology, it is essential for Swiss businesses and individuals alike to be aware of their rights and obligations with respect to data protection laws in Switzerland as well as the limits thereupon.
This newsletter forms part of a set of four publications discussing and analyzing data protection in Switzerland. The current publication sets out the well-established data protection laws as well as the limits and applicable remedies and penalties. The second publication, for release in November 2015, will present one of the most important and relevant areas in respect of Swiss data protection, being banking secrecy and the current and planned restrictions thereof. The third publication, for release in early 2016, will look at significant challenges faced by data protection. This includes matters arising as a result of the internet, such as cloud computing and cookies, as well as cross-border protection and assignment of data to third parties. The fourth and final publication, also for release in early 2016, will present a comparison of the Swiss data protection laws with European Union and United States’ data protection laws.
Personal data can be considered an essential and often invaluable asset to most businesses in today’s society. Data allows a business to predict the purchases a consumer might make or what services may best suit a client of a bank. Conversely, to remain competitive, the respective legal system must uphold the protection of data so that the information is not exploited and the subjects disadvantaged.
The Swiss legal system provides clear rules governing the collection and use of personal data, which are set out below.