David Vasella is a partner on the Information Technology, Intellectual Property and Competition team. He is the co-head of the Regulated Markets, Competition, Technology & IP team, together with Hans Rudolf Trüeb. He advises and represents Swiss and international companies in all industries and at all stages of growth on questions concerning data and technology law. He specialises in data use, negotiating data-related contracts, data security issues, cloud projects and IT contracts and provides support in setting up platform models and data protection compliance in accordance with GDPR and Swiss law (including leading or supporting implementation projects and data protection audits). He regularly gives talks and writes publications on his areas of expertise, for example on datenrecht.ch, a Swiss platform on data law.

After graduating from the University of Fribourg in 2002 with a degree in law, David Vasella was admitted to the Zurich bar in 2004 and went on to receive his doctorate from the University of Zurich in 2011, for which he was awarded the highest distinction as well as the Prof. Walther Hug prize and the Issekutz prize. David Vasella is co-editor of digma (a journal on data law and information security), swissblawg (the biggest legal blog in Switzerland) and datenrecht.ch. He is a certified information privacy professional and manager (CIPP/E, CIPM) and Fellow of International Privacy (FIP).

David Vasella is listed in international rankings as a leading expert in data and technology (Chambers: “He is absolutely stellar when it comes to data protection”; Who’s Who Legal: “revered as the ‘go-to person for data protection’, with a wealth of experience in compliance matters”; Legal500: “committed and pragmatic” and an “outstanding lawyer with excellent analytical skills, a wealth of legal expertise, high client-focus. David is responsive, pragmatic and fully committed to serve his clients. Besides, he is a very likeable chap”).

Cybersecurity 2024 - Chapter Switzerland

Data Protection & Privacy 2024 - Chapter Switzerland

Digital Healthcare 2023 - Switzerland

Doing Business in Switzerland – A Practical Guide

Cybersecurity 2023: Chapter Switzerland

Digital Healthcare 2022 - Switzerland

Data Protection & Privacy 2022

AI, Machine Learning & Big Data 2022

Cybersecurity 2022 - Chapter Switzerland

SWITZERLAND: An Introduction to TMT 2022

Privacy & Cybersecurity 2021 - Chapter Switzerland

Digital Healthcare 2021 - Switzerland

Data portability and its implementation

Cybersecurity Switzerland

Revised DPA and GDPR: implementation of data protection compliance

Is the revised Swiss Data Protection Act just a copy of the GDPR? copy

Commentary on Art. 6 IPLA (Entering appearance)

Objections within data protection law

La révision de la Loi fédérale sur la protection des données – Recommandations de mise en œuvre

Das revidierte Datenschutzgesetz – Empfehlungen zur Umsetzung

The revised Data Protection Act – recommendations for implementation

IDPAs - Intra-Group Data Processing Agreements

Le PFPDT juge que le bouclier de protection Suisse/États-Unis n’offre pas un niveau adéquat de protection des données.

FDPIC finds that Swiss-US Privacy Shield does not offer adequate level of data protection

Swiss-US Privacy Shield bietet nach Auffassung des EDÖB kein angemessenes Datenschutzniveau

Schrems II: Was gilt neu für den Transfer von Mitarbeiterdaten von der Schweiz ins Ausland?

What does Schrems II mean for the transfer of employee data by Swiss businesses abroad?

The Limited Stay Down Duty Against Piracy Hosters (Article 39d Copyright Act)

Doing Business in Switzerland – A Practical Guide

Compliance beim Datenschutz

Health insurance and the revision of the Swiss Data Protection Act

Revision of the FADP – current status and outlook

Cybersecurity: Chapter Switzerland

GDPR and Switzerland: experiences from a consultancy context

Considerations on personal data as a means of payment

Order Processing in the Private Sector

Self-determination in informational matters – what is the role of data protection law in the self-determination of data subjects?

Profiling by banks under the GDPR and the draft Swiss Data Protection Act

Update GDPR: Judgements, fines and first clarifications

Data Protection & Cybersecurity - Switzerland

Commercializing personality rights and data protection

Profiling under the revised FADP and the GDPR and relevance for banks

Dealing with data breaches

The significance of the GDPR for the fiduciary services sector

Signification du RGPD pour la branche fiduciaire

Initial experiences with the GDPR

Data protection: What should a law firm do; what can it omit?

Effects of the revised data protection laws on fiduciaries

HR Analytics: information and consent

Copyright – 2017/2018 Jurisprudence

Data science & marketing: A legal view

GDPR: priority implementation measures

Commentary on article 3 para. 1 let. s/para 2 (information obligationsin e-commerce) and article 3 para 1 let of the Unfair Competition Act (unsolicited marketing)

Sport & Immaterialgüterrecht

On the scope of application of the GDPR

The Barbulescu Case

Data protection - revision and challenges

Federal Dispatch on the Data Protection Act: Profiling, automated individual decision-making and transfers abroad

Icons (1): Max Bill's bar stool

English translation of the draft of the revised Swiss Federal Data Protection Act

Cross-border data transfers

Federal Council publishes draft of revised Federal Data Protection Act

Collection of data from third parties in the banking sector

Developments in data protection law - issues for media

Book review: Philip Glass, Die rechtsstaatliche Bearbeitung von Personendaten [Processing Personal Data under the Rule of Law], Zurich 2017

Requirements and implementation of the General Data Protection Regulation and the revised Federal Act on Data Protection

The Preliminary Draft of the Revised Swiss Data Protection Act – Selected Points

The "Swiss Finish" in the preliminary draft of the Swiss Data Protection Act

Cross Border Data Transfer – Contractual Scenarios

Privacy Shield: Transatlantic Data Protection after Schrems vs. Facebook

Commentary on Article 1–29 Unfair Competition Act

Whistleblowing schemes in groups of companies

GDPR: current status and references

From Safe Harbor to Privacy Shield: Consequences of the ECJ decisions in re Schrems

Data Protection Act, public interest and media

On free and explicit consent in data protection law

Outsourcing 2015

Social media and data protection

Data protection in the credit information sector

Commentary on Article 784 ff. CO

Cloud Security – Data confidentiality and integrity

Banking Fees

Knowhow-Management

Commentary on Article 6 PILA

Commentary on Article 109–111, 122 and 157 PILA

Commentary on 195 und 200 PILA

Outsourcing 2014

Data protection – overview and case studies

Cloud Computing

Commentary on Article 1–29 Unfair Competition Act

Rating agencies – liability for implied warranties

Tort and private insurance law – developments in 2010

Rating agency liability

Social media – added value for lawyers

Tort and private insurance law – developments in 2009

RSS – useful technology for lawyers

Be careful when using online services

Tort and private insurance law – developments in 2008

Einheit des Privatrechts, komplexe Welt: Herausforderungen durch fortschreitende Spezialisierung und Interdisziplinarität

Tort and private insurance law – developments in 2007

Tort and private insurance law – developments in 2006

An introduction to the law against unfair competition

The iced forecourt: a cas study in tort law

Unfair competition law

On "obstruction" and descriptive domain names: The "Tax Info" decision

Revised Swiss Federal Data Protection Act: need for action

Gutachten - Zulässigkeit der Bekanntgabe von Bankkundendaten durch schweizerische Banken an Beauftragte im Ausland unter Art. 47 BankG

Legal Opinion - Permissibility of disclosure by Swiss banks of bank client information to agents in foreign countries un-der article 47 of the Banking Act (BA)

Recognitions