2019 Data Protection Day: Three priorities for the Confederation and cantons

Bern, 28.01.2019 - At a media event, the federal and cantonal data protection authorities will discuss the common challenges they face with regard to elections, policing and OASI numbers. They have published a set of guidelines for this autumn’s National Council elections; the new but little-known Schengen Data Protection Act will come into force on 1 March; and a change in the law will mean that all state authorities will be able to use the OASI number systematically in future.

2019 is election year. The general elections to be held in the federal and cantonal parliaments will take place in a new digital reality, in which data processing methods are constantly changing, which also have an impact on voter behaviour. On 1 December 2018, the federal and cantonal data protection authorities published guidelines which support the freedom of citizens to form an opinion and to give genuine expression to their will, as guaranteed by the Federal Constitution.

Higher levels of data protection in a political context

The document calls on the political parties and the service providers and social networks working for them to make clear how the digital world can influence voters’ choices and decisions. Data processing in the political context is subject to a higher level of protection than that for commercial purposes. Swiss voters should not be deceived by misleading or false information about where or whom political messages come from. They have a right to know whether they are interacting with people or with machines (‘social bots’). Nor should they be left in the dark about what forms of artificial intelligence are being used and whether information from social media has been enhanced and evaluated for political purposes (‘social matching’).

More oversight over police

The new Schengen Data Protection Act enters into force on 1 March 2019. This new federal law and the associated alignment of cantonal data protection laws reflect the changes to the EU acquis which must also be adopted by Switzerland as an associated Schengen member. Under these amendments, the federal and cantonal law enforcement authorities must adopt new instruments such as data protection impact assessments and must report data protection violations.

The amendments also provide the federal and cantonal data protection authorities with additional supervisory powers such as the authority to issue injunctions. They will have oversight over the federal and cantonal police forces on a pilot basis in the coming months, particularly at federal level; at a later date, the new instruments are to be incorporated into the Data Protection Act, which is still being debated in the Federal Assembly. They will also be extended to data processing by private individuals and for other purposes. As there is no police act at federal level but instead an assortment of special decrees, the aforementioned amendments will create special challenges for the federal border guard and police authorities.

Systematic use of OASI numbers involves data protection risks

An amendment to the OASI Act (Old-Age and Survivors Insurance Act), which is currently under consultation, will permit the federal, cantonal and communal administrations to use OASI numbers for identification purposes in areas other than social insurance. The federal and cantonal data protection authorities believe that this decision by the Federal Council will create considerable data protection risks. The Federal Council intends to counter these risks by including in the new bill concrete data protection requirements such as the need to carry out periodic risk impact assessments. The federal and cantonal data protection authorities welcome this move. However, they would have preferred it if the Federal Council had based the bill on the security concept for personal identifiers commissioned by the National Council (Postulate 17.3968). This concept is not yet available.

Contact for media:

Adrian Lobsiger
Federal Data Protection and information Commissioner (FDPIC)
Tel.: 058 464 94 10, info@edoeb.admin.ch.

Gunhilt Kersten
Vice President of Privatim, the Conference of Swiss Data Protection Commissioners, and Canton of Aargau Data Protection Commissioner
Tel.: 062 835 45 60, gunhilt.kersten@ag.ch

Since 2007, International Data Protection Day has been organised throughout Europe and overseas at the initiative of the Council of Europe each year on 28 January. Its aim is to raise citizens’ awareness of privacy protection and the right to informational self-determination, and to bring about a sustainable change in our behaviour when using new technologies.

Address for enquiries

Information service of the Federal Data Protection and Information Commissioner, tel. 058 464 94 10, info@edoeb.admin.ch


Federal Data Protection and Information Commissioner