New burdens in international data transfer
Our Advisor Yves Gogniat has summarized the changes regarding international data transfer in the current issue of the it-business magazine (4/2021). In the wake of the Schrems II ruling, the EU has introduced new standard contractual clauses. Subsequently, the FDPIC has also adapted its guidelines, which is why most Swiss companies should review their transfers too.
IT law in the Winter Session 2021
In the 2021 winter session, the two chambers of the Swiss parliament will once again be dealing with various IT law topics. We provide an overview. The IT infrastructure of MeteoSwiss is to be expanded so that the entire application landscape is transferred to cloud providers. It will be discussed whether more competences are needed at federal level to defend against the dangers of cyber-attacks (ransomware attacks, etc.).
Risks and side effects of electronic signatures
Recently, NZZ has reported that a billion-dollar deal incurs the risk of not being closed because Stadler Rail is said to have used an incorrect electronic signature. In the wake of the pandemic, many companies and government authorities have been looking for electronic signature and seal solutions. The attorneys at Laux Lawyers AG have gained experience in this area that clients in both the private and public sectors can benefit from. Our experience goes beyond the purely legal side. Thanks to our established collaboration with the document automation platform dociq.io (docIQ has implemented electronic signatures) we also know the technical side. It is also possible for Swiss companies to introduce the electronic signature according to CH- and EU-standards and to use them in parallel if need be (as per the requirements in a given scenario).
Microsoft publishes new Data Protection Addendum
On 15 September 2021, Microsoft published a revised version of its Products and Services Data Protection Addendum. We explain the most important changes in our Policy Alert. As expected, Microsoft implements the new EU standard contractual clauses. It uses the new Module 3 (Processor-to-Processor), and significantly expands the scope of the additional safeguards introduced in the wake of the Schrems II judgment. Read more in our Policy Alert.
IT law in the autumn session 2021
In the autumn session of 2021, the two chambers of the Swiss parliament will again deal with various IT law topics. We provide an overview. The efforts to simplify international e-commerce and the proposal to examine the electronic collection of signatures for initiatives and referendums should be highlighted.
White Paper Public Cloud for Public Services
Our new white paper "Public Cloud für Public Services – Lösungen für gängige Vorbehalte – nicht nur bei Behörden". We address reservations often heard in the public debate and transparently show that in many cases they do not stand up to legal scrutiny. This should give cloud customers (not only in the public sector) an undistorted view of the task at hand and allow genuine as well as factually justified risk decisions.
New Swiss FDPA: Content and Implementation of Privacy Notices
Privacy notices will become mandatory under the new Swiss FDPA. In terms of content, privacy notices must ensure transparent processing and be drafted in a comprehensible manner. Data subjects must be able to see where and how the privacy notice can be found. It must be reasonable to expect them to be able to read it. This can be implemented even in the case of offline initial contacts with an online data protection declaration. Thomas Steiner discusses the issue in this article for the WEKA Data Protection Newsletter.
DATA PROTECTION OVERVIEW – SWITZERLAND (UPDATE)
In this Note (updated in July 2021) written for the OneTrust DataGuidance platform, Thomas Steiner gives an overview of the fundamentals of Swiss data protection law. The Note already considers changes introduced by the revised Federal Data Protection Act, which will enter into force in the course of 2022 or at the beginning of 2023.