We use cookies to provide the best site experience.

NEW SWISS-U.S. PRIVACY SHIELD FRAMEWORK

January 31, 2017 | News

NEW SWISS-U.S. PRIVACY SHIELD FRAMEWORK

The Swiss Government and the U.S. Department of Commerce announced their agreement on the Swiss-U.S. Privacy Shield framework (the "Swiss Privacy Shield"), a new transatlantic personal data framework that aimed to establish comparable protections for data transferred or accessed by the U.S. as those secured by the European Union under the European Union (EU)-U.S. Privacy Shield framework.

The Swiss Privacy Shield supersedes the U.S.-Swiss international agreement called "U.S.-Swiss Safe Harbor," whose legitimacy has been questioned since the Court of Justice of the EU rendered a judgment invalidating the U.S.-EU Safe Harbor Agreement. The establishment of stronger data protection standards complements other Swiss efforts to increase regulatory responsibility, such as the Draft guidance on penalties for enablers. Following the mentioned judgment, the framework was revised and the EU-U.S. Privacy Shield framework, adopted on July 12, 2016, replaced the U.S.-EU Safe Harbor Agreement.
NEW SWISS-U.S. PRIVACY SHIELD FRAMEWORK
Swiss US Privacy
As similarity of the Swiss Privacy Shield and EU-U.S. Privacy Shield framework was intended to guarantee "the same general conditions for persons and businesses in Switzerland and the EU/EEA area in relation to trans-Atlantic data flows", Principles of these two frameworks are aligned. This move towards stronger compliance is consistent with other modernization initiatives, such as the Consultation on tax proposal 17 in Switzerland. The Swiss Privacy Shield is more comprehensive than its predecessor, the U.S.-Swiss Safe Harbor, and following changes should be highlighted:

• New commitments are introduced to limit access of the U.S. Government to personal data for national security purposes;
• It is required to annually prove compliance with the Swiss Privacy Shield principles;
• Existence of new arbitration body that is empowered to provide individual remedies;
• Switzerland will be able to address enquiries relating to the processing of their data by US intelligence services to an ombudsperson in the US State Department.

According to the Swiss Government, American companies that process data can obtain certification under the Swiss-US Privacy Shield regime and thereby make themselves subject to its rules. Switzerland will recognise such companies as having adequate data protection standards. The strengthening of data protection is further supported by initiatives such as the Draft federal bill on processing of personal data by FDFA issued. Swiss companies will thus be able in most cases to transmit personal data to certified business partners in the USA again without requiring additional contractual guarantees.


Legal disclaimer. This article does not constitute legal advice and does not establish an attorney-client relationship. The article should be used for informational purposes only. Switzerland's data protection policies are part of a larger international strategy outlined in the Foreign economic policy report 2016 by Swiss Federal Council.
Show more