New burdens in international data transfer
Our Advisor Yves Gogniat has summarized the changes regarding international data transfer in the current issue of the it-business magazine (4/2021). In the wake of the Schrems II ruling, the EU has introduced new standard contractual clauses. Subsequently, the FDPIC has also adapted its guidelines, which is why most Swiss companies should review their transfers too.
IT law in the Winter Session 2021
In the 2021 winter session, the two chambers of the Swiss parliament will once again be dealing with various IT law topics. We provide an overview. The IT infrastructure of MeteoSwiss is to be expanded so that the entire application landscape is transferred to cloud providers. It will be discussed whether more competences are needed at federal level to defend against the dangers of cyber-attacks (ransomware attacks, etc.).
Cloud Computing in the Whirlwinds of Cantonal Data Protection Laws
End of June 2021, the public learnt that the Swiss government was about to outsource data processing to clouds operated by American and Chinese cloud providers. This news caused some outcry among the population. "Data should better be stored in Switzerland, and by Swiss cloud providers" many thought. But is data in the hands of (foreign) cloud providers really insufficiently protected? Actually, a technical analysis would be at the core of the analysis when responding to the question. This article for the “WEKA-Datenschutz-Newsletter” cannot perform this technical analysis. But the article looks at the rules of the cantonal data protection laws as these are usually regarded to be blockers. It examines the most important similarities and differences between cantonal data protection laws, with regard to cross-border disclosure, information security and data protection audits.
Risks and side effects of electronic signatures
Recently, NZZ has reported that a billion-dollar deal incurs the risk of not being closed because Stadler Rail is said to have used an incorrect electronic signature. In the wake of the pandemic, many companies and government authorities have been looking for electronic signature and seal solutions. The attorneys at Laux Lawyers AG have gained experience in this area that clients in both the private and public sectors can benefit from. Our experience goes beyond the purely legal side. Thanks to our established collaboration with the document automation platform dociq.io (docIQ has implemented electronic signatures) we also know the technical side. It is also possible for Swiss companies to introduce the electronic signature according to CH- and EU-standards and to use them in parallel if need be (as per the requirements in a given scenario).
Microsoft publishes new Data Protection Addendum
On 15 September 2021, Microsoft published a revised version of its Products and Services Data Protection Addendum. We explain the most important changes in our Policy Alert. As expected, Microsoft implements the new EU standard contractual clauses. It uses the new Module 3 (Processor-to-Processor), and significantly expands the scope of the additional safeguards introduced in the wake of the Schrems II judgment. Read more in our Policy Alert.
IT law in the autumn session 2021
In the autumn session of 2021, the two chambers of the Swiss parliament will again deal with various IT law topics. We provide an overview. The efforts to simplify international e-commerce and the proposal to examine the electronic collection of signatures for initiatives and referendums should be highlighted.
White Paper Public Cloud for Public Services
Our new white paper "Public Cloud für Public Services – Lösungen für gängige Vorbehalte – nicht nur bei Behörden". We address reservations often heard in the public debate and transparently show that in many cases they do not stand up to legal scrutiny. This should give cloud customers (not only in the public sector) an undistorted view of the task at hand and allow genuine as well as factually justified risk decisions.
New EU Standard Contractual Clauses – Introduction and Initial Evaluation
On 4 June 2021, the European Commission adopted new Standard Contractual Clauses (SCCs) for the transfer of personal data to third countries. Read our analysis, and learn about our digital SCC product. It lets you select individual modules of the SCCs and dynamically fill in the text fields.