First step of the overall revision of the Swiss federal data protection legislation enters into force on 1 March 2019

5. Februar 2019 – The Federal Act on the Implementation of Directive (EU) 2016/680 on the Protection of Individuals with regard to the Processing of Personal Data for the Purpose of Preventing, Investigating, Exposing or Prosecuting Crimes or of Enforcing Penalties (further development of the Schengen acquis) will come into force on 1 March 2019 and is the first step of the overall revision of the federal data protection legislation (press release of the Swiss Federal Council available in German, French and Italian).

The Act (available in German, French and Italian) applies to data processing activities by law enforcement authorities and sets forth the necessary amendments for Switzerland to comply with the developments of the EU/Schengen acquis in this context.

Based on the new Act, law enforcement authorities shall on the one hand implement particular mechanisms and instruments for an adequate data protection level in accordance with EU/Schengen regulation (e.g. data protection impact assessments and defined processes with respect to notifications of data breaches). On the other hand, the new Act grants additional power to law enforcement authorities, for instance by authorising them to issue decrees in their fields of competence.

Certain provisions of the new Act will also be integrated in the future revised Swiss Federal Data Protection Act (second step of the overall revision of the federal data protection legislation), currently at debating stage in the Swiss Parliament.