FDPIC – Activity report 17 (2009÷2010)

Content:

1. data protection .….….….….….….….….….….….….….….….….….….….….….….….…… 14
1.1 Basic rights .….….….….….….….….….….….….….….….….….….….….….….….…… 14
1.1.1 Certification of Data Protection Management Systems: Accreditations … 14
1.1.2 Certification of products: Quo vadis? .….….….….….….….….….….….….…… 14
1.1.3 2010 Census .….….….….….….….….….….….….….….….….….….….….….….… 15
1.1.4 SLFS – Federal statistical survey by telephone .….….….….….….….….… 16
1.1.5 The new Human Research Act .….….….….….….….….….….….….….….….… 17
1.1.6 Consultation procedure on the Federal Act on the
Company identification number* .….….….….….….….….….….….….….….. 18
1.2 Data protection issues in general .….….….….….….….….….….….….….….….…… 20
1.2.1 Video recording using drones .….….….….….….….….….….….….….….….….. 20
1.2.2 Biometric access systems at the sports center KSS: Further
Development* .….….….….….….….….….….….….….….….….….….….….….….….….…. 23
1.2.3 Eye inspection for the installation of an access control system in
a ski resort* .….….….….….….….….….….….….….….….….….….….….….….….. 24
1.2.4 Monitoring activities of the company Securitas AG* .….….….….….….… 25
1.2.5 Statement on the planned road accident register (Via Sicura) . 26
1.2.6 Pillory for speeders? .….….….….….….….….….….….….….….….….….….….….….….… 27
1.2.7 Revision of the Sports Act .….….….….….….….….….….….….….….….….….….…. 28
1.2.8 Data protection and doping .….….….….….….….….….….….….….….….….….….….….. 29
1.2.9 Exemption from the obligation to pay fees for radio and television .….….….….…… 29
1.2.10 Cross-border administrative assistance and Art. 6 DPA .….….….….….….….….….….… 30
1.2.11 Data protection and RFID .….….….….….….….….….….….….….….….….….….….….….. 32
1.2.12 Protection of sensitive data on storage systems .….….….….….….….….….. 35
1.3 Internet and telecommunications .….….….….….….….….….….….….….….…. 38
1.3.1 E‑government and the digital citizen.….….….….….….….….….….….….….….… 38
1.3.2 Street views on the Internet: Google Street View .….….….….….….….….….… 38
1.3.3 Street views on the Internet: “Touchtown” .….….….….….….….….….….….…. 40
1.3.4 Evaluations of web page accesses .….….….….….….….….….….….….….…. 40
1.3.5 Internet television .….….….….….….….….….….….….….….….….….….….….….….…. 41
1.3.6 Explanations on mobile data processing .….….….….….….….….….….…… 41
1.3.7 Explanations on dealing with search engines .….….….….….….….….….….. 42
1.3.8 Introduction of secure messaging* 42
1.4 Justice/police/security .….….….….….….….….….….….….….….….….….….….. 44
1.4.1 Implementation of Schengen: Control of the FDPIC at diplomatic missions.
Swiss representation in Cairo* .….….….….….….….….….….….….….….….….… 44
1.4.2 Implementation Schengen: Logfi les SIS* .….….….….….….….….….….….….….….….… 45
1.4.3 Implementation of Schengen: FDPIC control at the Federal Criminal Police* 45
1.4.4 Schengen coordination group of the Swiss
Data protection authorities* .….….….….….….….….….….….….….….….….….….….….… 46
1.4.5 Requests for information regarding the ISIS* information system .….….….….….… 48
1.4.6 Improvement of safety regulations for ordnance weapons* .….….…… 48
1.4.7 Preliminary draft for the revision of the Federal Law on Surveillance
of postal and telecommunications traffic .….….….….….….….….….….….….….….….….. 49
1.5 Health .….….….….….….….….….….….….….….….….….….….….….….….….…. 51
1.5.1 Revision of the Epidemics Act: Infectious diseases .….….….….….….…… 51
1.5.2 eHealth: assessment of the recommended architecture .….….….….….….….….….… 52
1.5.3 Minimum standards for hospital admission forms .….….….….….….….… 52
1.5.4 Outsourcing of medical data .….….….….….….….….….….….….….…… 54
1.5.5 Leaflet on discharge and operation reports .….….….….….….….….….…. 55
1.5.6 Sending blood samples abroad .….….….….….….….….….….….….….….….. 55
1.5.7 Income statistics of independent physicians .….….….….….….….….….….….. 56
1.5.8 Medical research project in a hospital .….….….….….….….….….….. 56
1.5.9 Collection of patient data for medical research .….…. 59
1.6 Insurance .….….….….….….….….….….….….….….….….….….….….….….…. 61
1.6.1 Case management .….….….….….….….….….….….….….….….….….….….….….…… 61
1.6.2 Registration of health insurance data collections .….….….….….….… 61
1.6.3 Scope of the right to inspect files in UVG proceedings .….….….….….….….….… 62
1.6.4 Leaflet on obtaining expert opinions by liability insurers .….….. 63
1.6.5 Electronic data disclosure in the AHV/IV sector .….….….….….….….…… 63
1.6.6 Social Abuse Hotline.….….….….….….….….….….….….….….….….….….….…. 64
1.7 Workspace .….….….….….….….….….….….….….….….….….….….….….….…… 66
1.7.1 Data protection in the context of the use of the electronic infrastructure
in the federal administration* .….….….….….….….….….….….….….….….….….….…… 66
1.7.2 Attendance check using fingerprints .….….….….….….….….….…… 67
1.7.3 Spyware in the workplace .….….….….….….….….….….….….….….….….. 68
1.7.4 Family allowances and application form .….….….….….….….….….….….….….….. 68
1.7.5 Health check for postal employees .….….….….….….….….….….….. 69
1.7.6 Lidl personnel and video regulations .….….….….….….….….….….….….….….. 70
1.7.7 Employee check on the Internet .….….….….….….….….….….….….….….….….….….. 70
1.7.8 Delivery of pension fund statements .….….….….….….….….….….….….…. 71
1.7.9 Publica personnel regulations .….….….….….….….….….….….….….….….….….….….. 72
1.8 Trade and economy .….….….….….….….….….….….….….….….….….….….…. 73
1.8.1 Obligation to register for foreign owners of a data collection .….….….…. 73
1.8.2 Explanations on data transfer in the case of corporate mergers .….….….…. 73
1.8.3 Explanations regarding the company data protection officer .….….….….. 74
1.8.4 Disclosure of personal data to third parties by associations for the purpose of
Marketing purposes* .….….….….….….….….….….….….….….….….….….….….….…. 74
1.8.5 Information service on tenant creditworthiness .….….….….….….….….….….….….….….. 76
1.8.6 Clarifications with a genetic test provider .….….….….….….….….….….….….….… 77
1.9 Finances .….….….….….….….….….….….….….….….….….….….….….….….….….….. 79
1.9.1 Data protection in international payments (SWIFT) .….….….….….….…. 79
1.9.2 Double taxation agreements .….….….….….….….….….….….….….….….….…. 80
1.9.3 Data protection in the cross-border sale of receivables.….….….….….…. 80
1.9.4 Total revision of the Ordinance on the new Value Added Tax Act .….….….… 81
1.9.5 Proportionality of creditworthiness data processing .….….….….….….….…. 83
1.10 International .….….….….….….….….….….….….….….….….….….….….….….….….. 85
1.10.1 International cooperation* .….….….….….….….….….….….….….….….….… 85

2. publicity principle: 2009 annual financial statements .….….….….….….….….….….….. 92
2.1 Access requests .….….….….….….….….….….….….….….….….….….….….….…… 92
2.1.1 Departments and federal offices .….….….….….….….….….….….….….….….….… 92
2.1.2 Parliamentary Services .….….….….….….….….….….….….….….….….….….….….….….… 93
2.2 Conciliation requests .….….….….….….….….….….….….….….….….….….….….… 93
2.3 Completed conciliation proceedings .….….….….….….….….….….….… 94
2.3.1 Recommendations .….….….….….….….….….….….….….….….….….….….….….….….….. 94
2.3.2 Mediations .….….….….….….….….….….….….….….….….….….….….….….….…. 100
2.4 Evaluation .….….….….….….….….….….….….….….….….….….….….….….….….…. 102

3. the FDPIC .….….….….….….….….….….….….….….….….….….….….….….….….….. 106
3.1 Renewal of our business administration system (GEVER)* .….….….…… 106
3.2 4^th European Data Protection Day .….….….….….….….….….….….….….….….….… 107
3.3 FDPIC publications – new publications .….….….….….….….….….….…. 108
3.4 Statistics on the activities of the Federal Data Protection and
Public Information Officer (period: April 1, 2009 to March 31, 2010) .….….….….….….….….….….….….… 110
3.5 Statistics on access requests submitted to the departments
according to Art. 6 of the Publicity Act
(Period: January 1, 2009 to December 31, 2009) .….….….….….….….….…… 113
3.6 Statistics on access requests submitted to the parliamentary services
according to Art. 6 of the Publicity Act
(Period: January 1, 2009 to December 31, 2009) .….….….….….….….….…… 121
3.7 Number of conciliation requests by categories of applicants
(Period: January 1, 2009 to December 31, 2009) .….….….….….….….….…… 121
3.8 The FDPIC Secretariat .….….….….….….….….….….….….….….….….….….….. 122
4. annexes .….….….….….….….….….….….….….….….….….….….….….….….….….… 124
4.1 Data protection .….….….….….….….….….….….….….….….….….….….….….….….…. 124
4.1.1 Explanations on mobile data processing .….….….….….….….….….….…. 124
4.1.2 Information and tips on using search engines .….….….….…… 136
4.1.3 Explanations regarding the company data protection officer .….….….….….138
4.1.4 Explanations on data transfer in the case of corporate mergers .….….…… 145
4.1.5 Request for decision concerning the establishment of professional
Precaution X.….….….….….….….….….….….….….….….….….….….….….….….….…… 150
4.1.6 Recommendation regarding “Google Street View” .….….….….….….….….….….….. 167
4.1.7 Move on regarding “Google Street View” .….….….….….….….….….….….….. 179
4.1.8 Move on regarding “KSS Schaffhausen” .….….….….….….….….….….….…… 206
4.1.9 Resolution on the strengthening of international cooperation in the
Data protection and privacy area .….….….….….….….….….. 226
4.2 Publicity principle .….….….….….….….….….….….….….….….….….….….… 229
4.2.1 Recommendation to the Department of Justice and Police:
“Termination Agreements of Employment Contracts” .….….….….….….….….… 229
4.2.2 Recommendation to the Federal Office for Migration: “Raw data ZEMIS” .….….….. 229
4.2.3 Recommendation to the Federal Tax Administration:
“Cockpits/Officer Reporting” .….….….….….….….….….….….….….….….….….….… 237
4.2.4 Recommendation to the Federal Department of the Environment, Transport,
Energy and communications: “Supplementary documentation government accounts” (I) . 248
4.2.5 Recommendation to the General Secretariats of the Departments (FDHA, FDJP, DDPS,
FDF, FDEA and to DETEC): “Supplementary documentation on the state accounts” (II) … 255

PDF:
[pdf-embedder url=“http://datenrecht.ch/wp-content/uploads/2016/02/TB_d-17.pdf”]

David Vasella

February 20, 2010

Deutsch

Authority

FDPIC

Area

Privacy

Topics

Taxes

Zurich government council: green light for M365; Rosenthal risk assessment model canonicalized; risk threshold at 10% over 5 years.

Motion RK‑N (22.3004): Facilitate digital accounting

DPO Austria: use of Google Analytics prohibited; standard for third-country review; singularization instead of identification

Subscribe to news →

common search words

Topics

FDPIC – Activity report 17 (2009÷2010)

Content:

BVGer (A‑1353/2022): concluded customs criminal proceedings; no access to interrogation protocol of a third party; DSG 8 f. and 19

Motion RK‑N (22.3004): Facilitate digital accounting

DPO Austria: use of Google Analytics prohibited; standard for third-country review; singularization instead of identification

com­mon search words

Topics

FDPIC – Acti­vi­ty report 17 (2009÷2010)

Con­tent:

BVGer (A‑1353/2022): con­clu­ded cus­toms cri­mi­nal pro­ce­e­dings; no access to inter­ro­ga­ti­on pro­to­col of a third par­ty; DSG 8 f. and 19

Zurich govern­ment coun­cil: green light for M365; Rosen­thal risk assess­ment model cano­ni­cal­i­zed; risk thres­hold at 10% over 5 years.

Moti­on RK‑N (22.3004): Faci­li­ta­te digi­tal accounting

DPO Austria: use of Goog­le Ana­ly­tics pro­hi­bi­ted; stan­dard for third-coun­try review; sin­gu­la­rizati­on instead of identification

common search words

FDPIC – Activity report 17 (2009÷2010)

Content:

BVGer (A‑1353/2022): concluded customs criminal proceedings; no access to interrogation protocol of a third party; DSG 8 f. and 19

Zurich government council: green light for M365; Rosenthal risk assessment model canonicalized; risk threshold at 10% over 5 years.

Motion RK‑N (22.3004): Facilitate digital accounting

DPO Austria: use of Google Analytics prohibited; standard for third-country review; singularization instead of identification