Search

Swiss Data Protection Act revised

This should not come as a surprise to anyone.


Swiss companies have looked at what happened in the EU with the GDPR with a more or less distracted eye, wrongly assuming that they would have to deal, in any case, only with the Swiss DPA. Notwithstanding the fact that GDPR territoriality is the whole world (suffice to deal with data subjects' personal data - per GDPR definition - and you are subject to the GDPR), the bet that the DPA would not change and not approach more and more the EU GDPR is at best a wishful thinking within many Swiss entities.


On Friday, September the 25th, the Swiss Federal Parliament passed the new law.

  • "New information and documentation requirements similar to the GDPR → create and update documentation

  • New risk of fines with regard to data exports and processor agreements → verify and amend contracts

  • Notification obligation in the case of data breaches similar as to the GDPR → introduce a process as under the GDPR

  • The new Data Protection Act (mostly) does not go beyond the GDPR, but is not identical → check for differences

The splitting of hairs is now over and the revision of the Swiss Data Protection Act (DPA) has finally been completed."


By David Rosenthal



3 views0 comments

Recent Posts

See All

When too much is really too much.

Since the GDPR came into force, there's been a surge in data breach reporting across the EU. The flood of reports though, over 280,000 data breaches submitted across the EU, resulted only in around 50