Your Team for Swiss Law – now also in Geneva
FAC confirms Data Protection Commissioner's recommendation
A recent decision (A-5715/2018) by the Swiss Federal Administrative Court (FAC) strengthens the right of third parties in proceedings concerning administrative assistance...
The purpose of the right of access is to enable or facilitate the exercise of other individual rights under Swiss or European data protection laws. At the same time, the right of access may adversely affect the rights and freedoms of others, including the right to protection of privileged information. I held a workshop at the bi-annual Lawyers' Congress of the Swiss Bar Association in Lucerne last week. The session discussed the right of access from the viewpoint of lawyers and their clients.
Swiss media affected by GDPR
The basic EU General Data Protection Regulation (GDPR) has been in force since 25 May 2018 and may also apply to Swiss media, communication and media agencies. To ensure transparency and accountability along the international advertising supply chain, IAB Europe has developed the Transparency and Consent Framework (TCF). The TCF allows standardized, code-based communication of the required information between publishers and vendors, in particular on purposes and legal bases of processing (e.g. legitimate interest or consent). Publishers thus gain control over the processing of their users' personal data by third parties. IAB Europe is currently revising the TCF. The consultation on version 2.0 of the TCF runs until May 25, 2019. Google has announced that it will implement the TCF 2.0 once it's finalized.
Letzte Woche wurde publik, dass die UBS nach ausländischen nun auch von bestimmten Schweizer Kunden einen Nachweis verlangt, wonach ihre Gelder korrekt versteuert sind. Auch andere Banken haben solche Nachweispflichten für Schweizer Kunden bereits eingeführt oder stehen kurz davor.
Our series "Online enforcement" deals with particularities in the enforcement of rights on the Internet.
The identification of the person responsible for an online infringement is a major challenge for the rights owner. Proxy services and the EU General Data Protection Regulation restrict the information available on domain holders in the WHOIS directory and make enforcement more difficult.
The EU General Data Protection Regulation (GDPR) will apply from May 25, 2018. The more stringent requirements for the handling of personal data will also apply to data processing by the numerous Swiss companies that target the EU end customer market or whose data processing in some other way falls within the (intended) broad scope of the GDPR. The somewhat ambiguous wording and the complexity of the GDPR favor myths and misconceptions. Some of them also find their way into publications and recommendations of advisors. In this blog post , we highlight ten myths we encounter in our practice (namely in the context of ongoing GDPR compliance projects for Swiss companies) and clarify the corresponding misconceptions.
Personal data is increasingly an indispensable basis for the value adding activities of companies. Within a group, personal data is exchanged for various purposes, with data protection requirements applying. Legal data management ideally sets standards for how the entire group of companies processes personal data but this is often difficult to implement in practice. An affected group company should not wait for a possible group decision, but should actively promote legal data management at company level.
On 1 March 2018, the totally revised Federal Mail and Telecommunications Surveillance Act (MTSA/"BÜPF") and its five implementing Ordinances entered into force. The revision is intended to adapt the surveillance law to the technological developments in communications. Suspected criminals should not be able to evade surveillance by law enforcement authorities through the use of new communication technologies. Accordingly, the revised MTSA considerably extends the circle of communication service providers required to surveil and provide information.
Due to the increasing competition by online shops, the digital revolution has often been associated with an increase in bankruptcies. However, digitisation can also help reduce the risk of insolvency and thus the number of bankruptcies.
For many companies, the outsourcing of data hosting to an external hosting provider is attractive for security and cost reasons. Before sensitive or valuable data is managed externally, however, the management should consider a possible bankruptcy of the hosting provider. Such an event raises various legal questions, of which only a few have been clarified.