Bern. The Federal Council wants to revise the Data Protection Act (DPA). It decided this in a debate on Wednesday. It has instructed the Federal Department of Justice and Police (FDJP) to submit a preliminary draft for a revision of the DPA to it by the end of August 2016 at the latest, taking into account the data protection reforms currently underway in the EU and the Council of Europe.
Source: Data protection to be strengthened – FOJ
Following the evaluation of the FADP in 2010 and 2011, the Federal Council had instructed the FDJP to consider legislative measures to strengthen data protection. To this end, the FDJP appointed a broad-based working group consisting of representatives of the federal administration, the cantons, academia and business and consumer organizations. In its report, which the Federal Council took note of on Wednesday, it outlines various variants on how data protection provisions can be adapted to technological and social developments and how problems in the application of the FADP can be remedied.
Consider reforms at the European levelData protection regulations are currently being revised in both the EU and the Council of Europe. The Council of Europe is fundamentally revising the “Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data”, which Switzerland has ratified. The draft for modernizing the convention, which entered into force in 1985, is expected to be adopted in the course of 2015 or 2016 and submitted to the contracting parties for signature. In the opinion of the Federal Council, failure to ratify the modernized Council of Europe Convention would have a significant negative impact on cross-border data traffic for Switzerland.
The EU is also currently working on a revision of its data protection decrees. The EU data protection reform will probably not be completed before the end of 2015. Switzerland is only bound by the EU data protection decrees to the extent that they represent a further development of the Schengen/Dublin acquis. However, data traffic with the EU is fundamentally subject to the condition that the EU recognizes Switzerland’s level of data protection as adequate. Switzerland therefore has an interest in strengthening its data protection regulations.
With the revision of the FADP, the Federal Council wants to create the conditions for Switzerland to ratify the modernized Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and, to the extent necessary in the context of the further development of the Schengen/Dublin acquis, to adopt the EU data protection decrees.
However, the Federal Council intends to press ahead with further work quickly. By setting a deadline for the preparation of a preliminary draft by the end of August 2016 at the latest, the outcome of these reforms at European level can be adequately taken into account in the preparation of the consultation draft.
Strengthening the rights of data subjectsThe evaluation of the FADP showed that data subjects rarely claim their rights against data processors. In order to ensure that the law can be better enforced in the future, it will be examined during the preparation of the consultation draft whether, in addition to the competences and powers of the FDPIC, the various legal claims of data subjects as well as the procedures for enforcing the law should be strengthened in certain areas. This applies in particular to those areas in which there are still gaps compared to the Council of Europe reforms.
With the revision of the FADP, the Federal Council also wants to improve data control and governance as well as the protection of minors. Finally, the promotion of rules of good practice is intended to ensure that data protection takes effect at an earlier stage.