IT law in the winter session 2024

ROB 6331

Image source: Parliament website, link: https://media-parl.ch/picture.php?/8742/category/277.

In the 2024 winter session, various IT law topics are on the agenda. For us lawyers, the revision of the BEKJ is of particular interest. The subsidisation and sponsorship of digital media also remain key topics. Additionally, a motion will be debated that calls for subsidised media to only permit comments with clear names to limit hate speech.

IT law topics in the National Council:

  • Federal Act on Platforms for Electronic Communication in the Judiciary (BEKJ): The law provides for the introduction of a centralised communication platform for the exchange of data in judicial proceedings, which will be set up and financed jointly by the Confederation and the cantons. In short, it aims to replace the postman with an upload system for submissions to the platform. The law takes into account the Justitia 4.0 project and drives it forward. The National Council passed the law in September 2023. In the autumn session, the Council of States passed the law with a few amendments, which is why a reconciliation of differences is now taking place in the winter session. In October 2024, the National Council’s Committee for Legal Affairs agreed in principle with the Council of States’ amendment as part of the reconciliation of differences, whereby lawyers can print out their legal documents on the last day of a deadline in an emergency and physically submit them by post without having to prove that the platform is unavailable.
    LLAG comment: The bill is attracting public attention. This is a good thing, as access to justice (a right with constitutional status) is essential for society. The main point of discussion is how deadlines are met if the platform is not available (Art. 26 E-BEKJ). Contrary to the general impression, the rule as proposed by the Federal Council works well overall. And yet there is still some unease. It is being discussed that the alternative submission in paper form provided for in the law is outdated in the event of non-availability; the alternative submission should also be possible electronically. Be that as it may, the rule of law is not jeopardised by the BEKJ. The National Council will only be able to decide on this issue in the procedure for the revision of differences if the Council of States produces a difference. It is eagerly awaited which path the Council of States will choose, or whether it will stick with the National Council’s version.
  • Federal law on electronic proof of identity and other electronic evidence: The Federal Act on Electronic Proof of Identity (E-ID) and Other Electronic Certificates has already been clearly approved by the National Council and is now being discussed by the Council of States. The Federal Council adopted the bill in November 2023 after an initial version failed in a referendum in 2021. The new e-ID, which will be issued by the federal government, is intended to be secure, voluntary and free of charge, with a focus on data protection and data security. It can be applied for both online and at passport offices and is intended to serve as digital proof of identity in various areas. The National Council approved the law by a large majority, but also added several data protection measures. The Council of States’ Legal Affairs Committee also supported the bill, proposing additional amendments to strengthen cybersecurity and ensure data security when storing the e-ID. The National Council’s Legal Affairs Committee recommends that the National Council follow the Council of States in the 2024 winter session, with the implementation of the e-ID planned for 2026. The matter will be addressed jointly by the National Council and the Council of States in the 2024 winter session as part of the reconciliation of differences.
  • Federal law on the national system for querying the addresses of natural persons (Address Services Act, ADG). The Federal Council wants to simplify address management and create a National Address Service (NAS) for this purpose. The NAS is intended to enable certain administrative offices and third parties with a legal mandate to query the address data of the resident population throughout Switzerland. The Federal Statistical Office (FSO) would provide the NAS with the address-relevant parts of the personal data that would be supplied to the FSO on a quarterly basis from the communal and cantonal population registers as part of the Register Harmonisation Act (RHG). Access to the NAS should be restricted to appropriate purposes in order to comply with data protection. Users should only be allowed to access the data within the scope of fulfilling their defined legal mandate. The FSO should grant access authorisations and monitor compliance with the terms of use. In the Council of States, the 2023 bill was adopted with an amendment that also exempts cantons from fees. The National Council, on the other hand, rejected the 2024 draft for revision, as concerns were expressed regarding its constitutionality and benefits for citizens. Supporters argue that the NAS reduces administrative work and plays an important role in the digitalisation of the administration in particular. The State Policy Committee of the Council of States (SPK) rejected a rejection in August 2024 and continues to advocate the adoption of the law, while the National Council insists on amendments. In August 2024, the State Policy Committee of the Council of States (SPK) rejected a rejection and continues to advocate the adoption of the law. The National Council’s State Policy Committee also insists on the amendments in October 2024; if the National Council follows its committee in the 2024 winter session, the rejection will take effect.
  • Implementation of urgently needed cyber security checks. The motion calls for urgently needed cybersecurity audits to be carried out more frequently in Switzerland, as these audits are essential for the protection of society, the economy and the authorities. The Federal Council should create the legal basis and provide financial resources to close this gap. The increase in cyberattacks on authorities and institutions shows the growing threat. However, there is a lack of binding laws and minimum standards for digital products and infrastructures, which means that many insecure applications are entering the market untested. The reasons for the lack of testing are unclear responsibilities, a lack of incentives for the cybersecurity industry and the lack of a mandate from the Federal Office for Cybersecurity (BACS). In order to guarantee Switzerland’s digital security and sovereignty, critical digital products must be continuously audited by independent organisations. This requires the targeted development of capabilities to identify and eliminate digital vulnerabilities that are relevant to public security and supply. The Council of States adopted the motion in the 2024 autumn session. The National Council will discuss the motion in the 2024 winter session.
  • Project report for “ERP Systeme V/ar. The postulate calls on the Federal Council to review the ‘ERP Systems V/ar’ (ERPSYSVAR) program, for which a commitment budget of CHF 240 million was approved in 2020. The status of the project, the outsourcing of realisation unit 8 (RE8) to a new project and its compatibility with the original decision shall be assessed. In addition, it shall be examined how the ICT architecture and the management of large projects in the DDPS can be made more efficient and risks minimised. One point of criticism is the move away from proven SAP standard solutions such as SAP Defence & Security in favour of the New Digital Platform (NDP), which entails higher costs and risks. The aim is to remain cost-efficient by utilising existing standard solutions and avoid overambitious in-house developments. The report should be available by June 2025.
  • Air Passenger Data Act. The Federal Council has adopted the dispatch on the Air Passenger Data Act (PADA), which aims to introduce a national Passenger Name Record (PNR) system to combat terrorism and serious crime, and to protect Switzerland as a business location. Airlines will be required to transmit relevant passenger data to a new Passenger Information Unit (PIU) at the Federal Office of Police (fedpol). This unit will compare the data with police information systems to identify suspicious persons. Data without indications of wrongdoing will be deleted after six months and pseudonymised after one month, while suspicious data can be stored for up to five years. Switzerland aims to fulfil international obligations arising from UN resolutions and ICAO standards to close security gaps in the Schengen area and ensure the competitiveness of its airlines. In its detailed deliberations, the Security Policy Committee (SiK-N) decided on clarifications regarding efficiency and harmonisation with international standards, but rejected more far-reaching data protection proposals. The SiK-N voted unanimously in favour of the bill. The Federal Council will discuss the law in the 2024 winter session.
  • In support of fair notice periods in works contract. The parliamentary initiative calls for an extension of the notice period for defects in works contracts from the current very short immediate notice period (approximately seven days) to 60 days. The current regulation means that customers, especially private and public building owners, often lose their rights in relation to defects as they miss the strict deadline before they can check the situation or seek legal advice. This short deadline is criticised as unreasonable, particularly in the construction industry, where professional parties often agree on longer deadlines through SIA standard 118. The proposed amendment would make it possible to complain about defects without undue haste and, thus, minimise the risk of legal losses. Similar regulations exist in other countries, such as Italy, which provides for a 60-day period for giving notice of defects. An extension of this complaint period would also have an impact on software projects. If nothing to the contrary is stated, the law on contracts for work usually applies. The National Council requested an extension of the deadline in the 2022 winter session and will not be dealing with the topic again until this winter session.

IT law topics in the Council of States:

  • Einführung Kanal- und geschäftsmodellunabhängiger Förderung elektronischer Medien. The motion to introduce independent promotion of electronic media, regardless of the channel or business model, aims to support journalistic content through financial aid. The funding should be based on the number of journalistic jobs and be degressive, with smaller media companies receiving more support per job. This funding should come from the federal budget and be offset by a reduction or abolition of indirect press subsidies under the Postal Services Act. A minority of the Commission rejects the motion. The motion is a response to the structural changes in the media industry and should take effect at the latest after the expiry of the temporary indirect press subsidy. The motion was adopted by the National Council in the autumn session. In the upcoming 2024 winter session, the matter will be discussed by the Council of States.
  • Motion to Combat Hate Speech on the Internet. Public funds should not be used to support anonymous comments. The motion calls for measures to prevent hate speech in online comments on portals of subsidised media companies. Media companies that receive public funding should be obliged to only allow comments with clear names. The aim is to limit anonymity and restrict comments that lead to criminal offences, also known as ‘hate speech’. This would allow those affected to identify the authors and hold them accountable. Media companies without subsidies would be exempt from this obligation. The Federal Council rejects the motion. It argues that subsidies mostly affect print or linear radio and TV programmes and not the online sector. A clear name requirement is considered disproportionate, as it could restrict freedom of expression. Instead, the Federal Council refers to existing self-regulatory measures in the media industry, such as the guidelines of the Swiss Press Council, which recommend controlled moderation or mentioning of names. Yet, the Federal Council is planning a consultation draft on the regulation of large communication platforms in order to combat hate speech on the internet more effectively and strengthen the rights of users.
  • Motion for the Rapid Introduction of Digital Signature Collection. The motion calls for the swift introduction of a digital platform for collecting signatures for initiatives and referendums (e-collecting). The aim is to replace the currently inefficient, error-prone, and manipulation-prone paper process with a modern, secure, and accessible digital solution. This should reduce the workload and costs for municipalities and authorities, simplify registration and verification, and facilitate access for people with disabilities. The Federal Council recognises the potential of digitalisation in this area but points out conceptual challenges. The security and trust of the electorate depend significantly on the technical and organisational design of e-collecting. In a preliminary project entitled ‘Motion Pilot Operation for E-Collecting with the E-ID Trust Infrastructure’, the foundations for limited pilot trials are to be developed with the involvement of cantons, municipalities, and specialist groups. The digital collection of signatures is not intended to replace the paper version, but to supplement it. The Federal Council rejects the motion as it leaves little room for gradual implementation and pilot trials. If the motion, is adopted in the First Council, the Federal Council reserves the right to propose an amendment in the Second Council, instructing the Federal Council to carry out the aforementioned preliminary project.
  • Drive Forward the Digitalisation of the Swiss Healthcare System. Develop a Data-Based Ecosystem for Research and Society. The initiative calls for comprehensive measures to rapidly digitalise the Swiss healthcare system and develop it into a networked healthcare data ecosystem. It is necessary to establish a common infrastructure, uniform technical, data protection-compliant, and ethical standards, as well as regulatory frameworks and incentives. The aim is to collect, process, store, share, and securely delete health data efficiently. Additionally, education and measures to create trust and acceptance should strengthen the basis for this ecosystem. International indices such as the Bertelsmann Digital Health Index and WHO reports show that Switzerland has a lot of catching up to do. The coronavirus pandemic has highlighted the fact that the country lacks a modern infrastructure for collecting and using health data. This jeopardises not only the quality of healthcare but also the competitiveness of the life sciences industry, which accounts for over 51% of Swiss exports. A lack of interoperability and incentives to work together are further obstacles to progress. Digitalisation enables better therapies, targeted care, and more efficient research. To keep pace, it is essential to provide training and continuing education for specialists with digital skills and to create sustainable financing models. The initiative will be discussed in the 2024 winter session.
  • Development of a Swiss Government Cloud (SGC). Credit commitment. The Swiss Government Cloud (SGC) is a key project for modernising the IT infrastructure of the Swiss federal administration. It replaces the existing, outdated private cloud of the federal government and is designed as a hybrid multi-cloud that integrates both public and private cloud offerings. The aim is to provide a secure, reliable, and high-performance infrastructure that supports key digitisation projects. The credit commitment amounts to CHF 246.9 million, with total costs of CHF 319.4 million. The first functionalities should be available from 2026. The SGC is primarily intended for the federal authorities but will also be accessible to cantons and municipalities. Security requirements and data protection are key focuses, as are ecological aspects and the preferred use of open-source software. In September 2024, the National Council approved the bill without any opposing votes. It also adopted the proposed amendments, including clarifications on promoting open standards and ecological sustainability. The Finance Committee of the Council of States unanimously recommends the adoption of the bill and proposes minor adjustments, for instance, in the terms of use for cantons and municipalities. The final deliberation will take place during the winter session of 2024. The SGC is considered an essential basis for the digital transformation of the federal administration and for strengthening IT security.
  • Digitalisation Must Lead to Simplifications, Including in Customs. The motion requests that the Federal Council implement the administrative simplifications promised to customs stakeholders as part of the DaziT project, particularly regarding the reduction of industrial tariffs. Key points include simplified customs declarations, periodic assessments, the shifting of VAT to the domestic market, and direct invoicing of duties. The DaziT project, with a budget of CHF 400 million, aims to advance the digitalisation and simplification of customs processes. Unfortunately, the current draft of the customs law revision hinders central simplifications, which is why the motion aims to correct this conflict. Significant improvements include the simplified goods declaration and the central risk analysis, which make unnecessary criteria such as minimum quantities redundant. As the companies involved are registered in the system, the administrative burden for periodic assessment are reduced without increasing risk. The domestication of value-added tax and simplified invoicing, instead of the current account management at the Central Compensation Office, offer clear advantages. Additionally, the status of ‘Authorised Economic Operator (AEO)’ should not be made mandatory. The Federal Council supports the motion, which will be discussed in the Council of States during the winter session.
  • Use of electronic means of communication in cross-border civil proceedings. The Federal Council plans to facilitate the use of electronic means of communication in cross-border civil proceedings by allowing persons in Switzerland to be questioned or heard in foreign civil proceedings by telephone or video conference without prior official approval. This should reduce bureaucracy, avoid trips abroad and strengthen the enforcement of the law. The bill was approved by the responsible committee with a clear majority and will be discussed in the National Council in the fall session. The planned amendment is based on a motion by the Council of States. The Federal Act on Private International Law and Switzerland’s declaration on The Hague Convention on the Taking of Evidence are to be amended. Despite broad approval in the consultation process, there were concerns regarding the inclusion of hearings outside the evidence procedure and the loss of sovereignty for Switzerland. The National Council made its decision with 123 votes in favour and 65 against, with no abstentions. The SVP faction voted against. The matter must now be addressed by the Council of States.
  • HOOGAN data matching when selling tickets for sporting events. The motion calls for a revision of Article 24a of the Federal Act on Measures to Safeguard Internal Security (BWIS) in order to give the federal government the authority to make HOOGAN data available to ticket vendors. The aim is to enable ticket vendors to check the HOOGAN database and to refuse ticket sales to individuals associated with registered incidents. At the same time, the Conference of Cantonal Justice and Police Directors (KKJPD) has decided to revise the Hooligan Concordat in order to introduce personalised tickets, even against the wishes of the clubs. This should ensure that persons registered in the HOOGAN database cannot enter stadiums. The KKJPD is working with the KKPKS on the amendments to the Hooligan Concordat, but requires an amendment to the federal law, as the HOOGAN data can currently only be passed on to event organisers, but not to ticket outlets. The revision should create the legal basis to enable the data to be checked when tickets are purchased. The Council of States will discuss the motion in the winter session.
  • Systematize the exchange of data on illegal migrants. According to the motion, the Federal Council should take measures to systematically exchange relevant data on illegal migrants between cantons, municipalities, social authorities, health insurance funds and social security funds in order to verify their residence status and prevent their presence in Switzerland. The motion aims to reduce the attractiveness of Switzerland for illegal migrants and to expel them in a targeted manner. The Federal Council recommends that it be rejected. As undocumented migrants generally do not register with the authorities if they fear detection, the Federal Council does not consider an automatic exchange of data between the authorities responsible for enforcing social security legislation and those responsible for enforcing the FNIA to be effective in practice. The Federal Council has also already rejected similar measures, as it considers automatic data exchange to be ineffective in practice and has concerns about data protection. The National Council will discuss the motion in the fall session. The National Council adopted the motion in the 2024 autumn session. The matter will be discussed in the Council of States in the upcoming 2024 winter session.
  • AI Regulation: Swiss Creative Industries Depend on the Enforcement of Copyright Law. The interpellation addresses the impact of generative artificial intelligence (AI) on the Swiss creative industries, particularly regarding the protection of intellectual property. Associations from various creative industries have joined forces in the AI Creative Industries Alliance to represent their interests. The Federal Council has been instructed to draw up an overview of possible regulatory approaches by the end of 2024, with copyright law being part of the analysis, though it will not be dealt with in depth. The question is whether the Federal Council recognises the risk to the creative industries and is willing to close gaps in copyright law to ensure the protection of creative content. It also calls on the government to take appropriate account of the interests of the creative industries in interdepartmental cooperation and by incorporating legal expertise. Particular attention should be paid to the protection of individual rights, transparency in AI data sources, and the distinction between human and AI-generated creativity. The government emphasises the international dimension of the discussion and takes a critical view of isolated solutions. There is consensus that copyright protection will continue to be limited to human creations. The responsible Federal Councillor, Rösti, has announced that the report on regulatory approaches will not be available until the beginning of 2025. The interpellation will be discussed in the winter session (see Netzwoche article).
  • Federal Act on the Transparency of Legal Entities and the Identification of Beneficial Owners. To combat money laundering and terrorist financing, a register of the beneficial owners of legal entities and trusts must be introduced (on the same topic. To combat money laundering and terrorist financing, a register of the beneficial owners of legal entities and trusts must be introduced). The Federal Council has submitted a legislative proposal to parliament to strengthen the fight against money laundering. The key point is the introduction of a federal transparency register, in which legal entities have to report their beneficial owners. The aim is to prevent financial crime and meet international standards. A simplified reporting procedure is designed to minimise the administrative burden for SMEs, with the initial outlay in the first year estimated at around 20 minutes. Other measures relate to due diligence requirements for high-risk advisory activities, such as corporate structuring or real estate transactions. The Council of States Legal Affairs Committee is largely in favour of the transparency register but recommends exceptions for foundations and associations and calls for access restrictions for the Federal Statistical Office. The commission is critical of the due diligence requirements for advisors, as they could represent a disproportionate additional burden and are difficult to reconcile with professional secrecy. It has transferred this part of the bill to a separate draft. While the majority welcomes the strengthening of the anti-money laundering regime, a minority rejects the proposal because of the increased workload. The Council of States will hold the detailed discussion and vote during the winter session. The measures are not expected to come into force until 2026 at the earliest.