Moti­on Béglé (16.3379): Pro­mo­ting Switz­er­land as a uni­ver­sal vir­tu­al data vault

Moti­on Béglé (16.3379): Pro­mo­ting Switz­er­land as a uni­ver­sal vir­tu­al data vault

Sub­mit­ted text

The Fede­ral Coun­cil is ins­truc­ted to main­tain the fol­lo­wing two legal pro­vi­si­ons in order to ensu­re an opti­mal level of data pro­tec­tion and thus posi­ti­on Switz­er­land as a uni­ver­sal vir­tu­al data vault. Based on this, an “eco­sy­stem” of inno­va­ti­ve com­pa­nies could then be crea­ted that would con­tri­bu­te to the eco­no­mic well-being of the country.

In the con­text of the ongo­ing revi­si­on of the Data Pro­tec­tion Act (DPA), it is cru­cial that two artic­les of the curr­ent­ly valid law be retained:

1. artic­le 3b sta­tes that data pro­tec­tion con­cerns natu­ral and legal per­sons. Switz­er­land is one of the few count­ries that offers com­pa­nies such a high level of data pro­tec­tion. This is the­r­e­fo­re a major advan­ta­ge for Switz­er­land as a digi­tal loca­ti­on that should not be abandoned.

(2) Artic­le 11 pro­vi­des that enti­ties enga­ged in data coll­ec­tion and

-sto­rage can have their data secu­ri­ty asses­sed by reco­gnized, inde­pen­dent cer­ti­fi­ca­ti­on bodies. The Vigis­wiss asso­cia­ti­on has alre­a­dy made efforts in this direc­tion to cer­ti­fy data cen­ters that are mem­bers of it. If the­se legal artic­les are retai­ned, this would allow such an asso­cia­ti­on to inten­si­fy its work on qua­li­ty assu­rance and con­tri­bu­te to Switz­er­land beco­ming a digi­tal data vault. Fur­ther­mo­re, this would be in line with Artic­les 38 and 39 of the future, Euro­pean data pro­tec­tion regu­la­ti­on, which encou­ra­ge the deve­lo­p­ment of a code of con­duct and the estab­lish­ment of a data pro­tec­tion cer­ti­fi­ca­ti­on procedure.


Cer­tain Inter­net giants curr­ent­ly intend to make it man­da­to­ry to tie the data to the ser­ver. This would make the loca­ti­ons of the ser­vers even more important. In such a situa­ti­on, Switz­er­land must sei­ze this histo­ric oppor­tu­ni­ty. It is alre­a­dy 5th in the ran­king of Euro­pean count­ries with the most data cen­ters, and 25 per­cent of Euro­pean data is stored in Swiss data centers.

A law that would enable a high level of data pro­tec­tion by gua­ran­te­e­ing good hosting qua­li­ty and per­ma­nent frame­work con­di­ti­ons would make Switz­er­land even more attractive.

Such an envi­ron­ment would attract an enti­re “eco­sy­stem” of ser­vice com­pa­nies in the are­as of data pro­ce­s­sing, ana­ly­sis, trans­mis­si­on, authen­ti­ca­ti­on, and encryption.

As a result, Switz­er­land could assu­me an important, glo­bal lea­der­ship role in the area of digi­tal data storage.

Ans­wer of the Fede­ral Coun­cil from 24.8.2016

The Fede­ral Coun­cil is awa­re that it is important to posi­ti­on Switz­er­land as a relia­ble and inno­va­ti­ve coun­try in the field of data protection.

He com­men­ted on the two points rai­sed in the moti­on as follows:

1 The Fede­ral Coun­cil con­siders it important to take into account the sta­te of data pro­tec­tion law within the frame­work of the Coun­cil of Euro­pe and the Euro­pean Uni­on. The­r­e­fo­re, it is plan­ned to wai­ve the pro­tec­tion of per­so­nal data of legal enti­ties. This can impro­ve cross-bor­der data traf­fic becau­se the dis­clo­sure of data of legal per­sons abroad is no lon­ger con­di­tio­nal on ade­qua­te data pro­tec­tion being gua­ran­teed in the coun­try of desti­na­ti­on (Art. 6 FADP). The majo­ri­ty of experts con­sul­ted for the regu­la­to­ry impact assess­ment of the revi­si­on of the Data Pro­tec­tion Act were also in favor of wai­ving the pro­tec­tion of per­so­nal data of legal per­sons. Moreo­ver, the prac­ti­cal scope of this pro­tec­tion pro­vi­ded for in Artic­le 2(1) and Artic­le 3(b) FADP is limi­t­ed. This is becau­se legal per­sons only very rare­ly assert their rights on the grounds of unlawful pro­ce­s­sing of their data. The Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner has also never had cau­se to issue a recom­men­da­ti­on in this regard. In addi­ti­on, Artic­les 28 et seq. of the Civil Code on vio­la­ti­ons of per­so­na­li­ty, the Fede­ral Act against Unfair Com­pe­ti­ti­on (UCA), the Fede­ral Copy­right Act (URG) and the rules on pro­fes­sio­nal, busi­ness and manu­fac­tu­ring sec­re­cy remain unch­an­ged and con­ti­n­ue to pro­tect legal enti­ties. Final­ly, the Fede­ral Coun­cil doubts that Swiss com­pa­nies have a com­pe­ti­ti­ve advan­ta­ge due to Artic­le 3 let­ter b FADP: Rather, a decisi­ve role for Swiss com­pa­nies is play­ed by poli­ti­cal and eco­no­mic sta­bi­li­ty, high data pro­tec­tion stan­dards, and the reco­gni­ti­on of the ade­qua­cy of Swiss data pro­tec­tion legis­la­ti­on by other countries.

2 The Fede­ral Coun­cil does not envi­sa­ge que­stio­ning the pos­si­bi­li­ty of cer­ti­fi­ca­ti­on as part of the work on the revi­si­on of the fede­ral legis­la­ti­on on data protection.




Rela­ted articles