Revi­si­on of the DPA

DSV: no mini­mum data secu­ri­ty requi­re­ments, no cor­re­spon­ding cri­mi­nal lia­bi­li­ty, other comments. 

Han­nes Meyle, Anne-Sophie Morand and David Vasel­la At its mee­ting on August 31, 2022, the Federal Coun­cil adop­ted the new Data Pro­tec­tion Ordi­nan­ce (DPA) and the new Ordi­nan­ce on Data Pro­tec­tion Cer­ti­fi­ca­ti­ons (DPC). In doing so, the Federal Coun­cil has made use of its aut­ho­ri­ty to issue imple­men­ting regu­la­ti­ons on the

revDSG in for­ce on Sep­tem­ber 1, 2023, DSV published. 

At its mee­ting on August 31, 2022, the Federal Coun­cil adop­ted the new Data Pro­tec­tion Ordi­nan­ce (DPA) and the new Ordi­nan­ce on Data Pro­tec­tion Cer­ti­fi­ca­ti­ons (DPC). The imple­men­ting regu­la­ti­ons will enter into for­ce tog­e­ther with the total­ly revi­sed Data Pro­tec­tion Act ([n]DSG) as expec­ted on Sep­tem­ber 1, 2023 (media release).

revDSG: in for­ce on Sep­tem­ber 1, 2023 

What was rumo­red is now con­fir­med: The revDSG will come into for­ce on Sep­tem­ber 1, 2023 (2023, not 2022). For­mal­ly, this will be deci­ded by the Federal Coun­cil later this year, but the Federal Office of Jus­ti­ce (FOJ) today on

On Dealing with the Penal­ty Pro­vi­si­ons of the New Data Pro­tec­tion Act 

It is the most dis­cus­sed inno­va­ti­on of the revi­sed Data Pro­tec­tion Act in data pro­tec­tion cir­cles: the new penal­ty pro­vi­si­ons. The­re is a gre­at deal of uncer­tain­ty, and many com­pa­nies – and their employees invol­ved in data pro­tec­tion – are won­de­ring how the risk of cri­mi­nal lia­bi­li­ty can be “mana­ged” in cor­po­ra­te prac­ti­ce. Go to

Ground­hog Day: Thoughts on the Preli­mi­na­ry Draft of the Data Pro­tec­tion Regulation 

Anyo­ne who thought that par­lia­men­ta­ry appro­val had final­ly paved the way for the ent­ry into for­ce of the revi­sed Data Pro­tec­tion Act was mista­ken. The preli­mi­na­ry draft for the Data Pro­tec­tion Ordi­nan­ce (DPA), which was sub­mit­ted for con­sul­ta­ti­on at the end of June after a long run-up, over­s­hoots the mark by so much.

On the draft of the revi­sed VDSG: a mis­sed opportunity 

Gene­ral On June 23, 2021, the draft of the total­ly revi­sed ordi­nan­ce to the FADP (E‑VDSG) was published. After rea­ding it, one has to be disap­poin­ted: The E‑VDSG (online ver­si­on) is a mis­sed oppor­tu­ni­ty. Like the preli­mi­na­ry draft of the DSG (VE-DSG), it is

VDSG: Con­sul­ta­ti­on opened 

The Federal Coun­cil today ope­ned the con­sul­ta­ti­on peri­od for the revi­sed ordi­nan­ce to the Data Pro­tec­tion Act on June 23, 2021: Media release Preli­mi­na­ry draft Explana­to­ry report Com­pa­ri­son table E‑VDSG – VDSG – nDSG The con­sul­ta­ti­on peri­od lasts until 14 Octo­ber 2021. An online ver­si­on of the E‑VDSG can be found at