Council of Europe’s Data Protection Convention: Swiss Federal Council adopts dispatch
At its meeting on 6th December 2019, the Swiss Federal Council adopted the dispatch on the approval of the Protocol amending the Council of Europe’s Data Protection Convention. Switzerland ratified the Data Protection Convention, which entered into force in 1985, on 2nd October 1997. In order to adapt it to technological developments and the challenges of digitisation, it has been revised in recent years by the Council of Europe. Ratification still requires parliamentary approval.
By acceding to the modernised Convention, Switzerland can guarantee a high level of data protection for the private sphere and facilitate cross-border data traffic in the public and private sectors.
In accordance with the Protocol of Amendment to the Data Protection Convention, the obligations of the data controller will be extended. In particular, the data controller is obliged to report certain violations of data protection to the competent supervisory authority. His obligation to inform the data subject of the collection of personal data is also extended. Furthermore, the person responsible must carry out a data protection impact assessment prior to certain data processing operations and apply the data protection principles through technology and data protection-friendly presettings.
The Protocol of Amendment also provides for an extension of the rights of data subjects, in particular with regard to their right of access and automated individual decisions. The member states will be required to establish a system of sanctions and a system of remedies and to give supervisory authorities the power to issue binding decisions.
From Switzerland’s point of view, accession to the modernised Data Protection Convention is of great importance both for the protection of privacy and for international data traffic. However, it also has great significance in the context of the EU’s forthcoming adequacy review of the Swiss level of data protection: the EU takes into account in its decision whether the relevant third countries have acceded to the Convention. The interest of non-European states in acceding to the Convention is therefore growing.
In order for Switzerland to be able to accede to the amended Data Protection Convention, the Swiss Data Protection Act (DSG) must be amended in various ways. The necessary legislative amendments are currently being discussed by the Swiss parliament. As soon as both the DSG and the Federal Decree approving the new Data Protection Convention have been passed, Switzerland can ratify the new Data Protection Convention.
More information and documentation: https://www.ejpd.admin.ch/ejpd/de/home/aktuell/news/2019/2019-12-061.html