EU accepts Swiss data protection as equivalent
Published: Monday, Jan 15th 2024, 15:31
Updated At: Monday, Jan 15th 2024, 15:32
العودة إلى البث المباشر
The EU Commission classifies the new Swiss Data Protection Act (DPA) as equivalent to the EU General Data Protection Regulation (GDPR). This was announced by the Brussels authority on Monday. In addition to Switzerland, ten other third countries were given the green light for their data protection laws.
The review of data protection equivalence concluded that personal data transferred from the EU to Switzerland "remains subject to adequate data protection safeguards", the EU Commission wrote in a statement.
In addition to Switzerland, Andorra, Argentina, Canada, the Faroe Islands, Guernsey, the Isle of Man, Israel, Jersey, New Zealand and Uruguay also received a positive decision. Data could "continue to flow freely" in all of these countries and territories, it was further stated in Brussels.
The review of data protection rules in the eleven countries and territories also showed that there are sufficient "effective supervisory and redress mechanisms".
The EU Commission is obliged to review the equivalence decisions "at regular intervals", according to the press release.
Important decision for Switzerland
Recognition of equivalence by the EU is "of great importance for Switzerland as a business location and for its competitiveness", as the Federal Office of Justice (FOJ) wrote in a press release.
As the EU is Switzerland's largest trading partner, Swiss companies are reliant on cooperation being able to take place smoothly and without additional effort. Personal data from an EU or EEA member state could now continue to be transferred "to Switzerland without the need for additional guarantees to ensure an adequate level of data protection", the FOJ continued.
Without EU data protection equivalence, Swiss companies would have a significantly higher administrative burden and thus a competitive disadvantage.
Brussels waited for ECJ
The Brussels authority actually wanted to decide on the equivalence of data protection in Switzerland and other countries much earlier. The reason for this is the new General Data Protection Regulation, which has been in force since May 2016 and has applied in all EU countries since May 2018 following a transitional period.
However, the fact that the EU's recognition of equivalence took so long has nothing to do with the relationship between Switzerland and the EU, but with the Austrian lawyer and data protection activist Max Schrems. He had filed a complaint with the EU Court of Justice (ECJ) against the data protection agreements between the EU and the United States.
The EU Commission wanted to wait for the ECJ rulings before deciding on the equivalence of data protection in other countries. The corresponding ECJ ruling was issued in summer 2023, so the path was now clear.
Long haggling in parliament
On the Swiss side, the new Data Protection Act has been in force since September 1, 2023. It is designed to be compatible with EU data protection law.
The Swiss parliament passed the law in the fall of 2020 after three years of heated debate. In the end, parliament argued about the automated analysis of personal data. This involves, for example, the evaluation of users' surfing behavior by online stores in order to provide them with targeted purchase recommendations.
In the end, the SVP, FDP and a large part of the centrist parliamentary group prevailed over the SP, Greens and GLP, who called for stricter rules. The conservative majority opposed such a "Swiss finish", fearing negative consequences for the Swiss economy.
©كيستون/إسدا
Arabic 
English 
German 
French 
Spanish