Last month the Swiss data protection regulator, the Federal Data Protection and Information Commissioner (FDPIC), announced a new Privacy Shield scheme to replace the Swiss-US Safe Harbor scheme. The new scheme starts on April 12th.
What is the background?
Switzerland currently has in place a Safe Harbor scheme for the transfer of data from Switzerland to the US. The Safe Harbor scheme was based on the EU-US scheme and FDPIC cast doubt on the validity of the scheme after the Schrems case invalidated the EU-US scheme. You can find background to that challenge and the Swiss position here http://www.corderycompliance.com/european-court-rules-safe-harbor-invalid-in-schrems-case/.
What is the new Privacy Shield scheme?
The new Swiss Privacy Shield scheme is pretty similar to the EU-US Privacy Shield scheme as you would expect. There is background on the EU-US Privacy Shield here http://www.corderycompliance.com/privacy-shield-faqs/. Again self certification takes place online and there is an annual fee. Organisations that have already signed up to the EU-US Privacy Shield can, from April 12th, log in to their existing Privacy Shield account and add themselves into the Swiss scheme. As yet the additional fee structure has not been published.
Should Privacy Policies be changed?
Yes. It is important to remember that, as with EU-US Privacy Shield, the privacy policy will need to be updated before filing.
How long will Swiss Privacy Shield last?
As with the EU-US Privacy Shield the Swiss scheme it is subject to annual review. It should be remembered however that the future of the EU-US Privacy Shield is by no means certain. It faces a number of challenges including in the Schrems case which returns to court in Ireland this morning (although this case primarily targets Standard Contractual Clauses). Privacy Shield also faces additional challenges with some changes made recently by the new US administration. You can find out more about that here http://www.corderycompliance.com/privacy-shield-podcast-interview-2/ and in our FAQs here http://www.corderycompliance.com/privacy-shield-faqs/.
For more information please contact Jonathan Armstrong or André Bywater who are lawyers with Cordery in London where their focus is on compliance issues.
Jonathan Armstrong, Cordery, Lexis House, 30 Farringdon Street, London, EC4A 4HH | André Bywater, Cordery, Lexis House, 30 Farringdon Street, London, EC4A 4HH | |
Office: +44 (0)207 075 1784 | Office: +44 (0)207 075 1785 | |
Jonathan.armstrong@corderycompliance.com | Andre.bywater@corderycompliance.com | |
![]() |
![]() |