The Data protection for companies should also be based on the DSGVO in relation to the USA and not only on the DSG.
- Enforceable Swiss legal claims are missing in the USA.
- If a Swiss company is in data traffic with a country from the EU or the EEA, the DSGVO and thus the European jurisdiction also applies in this case.
- Thus, the EUHG ruling against the "Privacy Shield" also has an influence on data processing in Switzerland. Legally, the "person responsible for processing" has a duty.
Think about where and how your data is processed, whether in the company or privately, protect your data!
Federal Data Protection and Information Commissioner (FDPIC):
- The affected persons in Switzerland lack enforceable legal claims in the USA.
- Unfortunately, the USA has not made any changes in this regard to date, despite the criticism voiced by the EU and Switzerland in the context of the PS evaluations and the discussions held in the US Congress.
Thus the following is added to the country list:
- "Data processors, who are responsible for the processing of personal data resulting from Switzerland, join the Privacy Shield regime between the U.S. and Switzerland and are on the list of the U.S. Department of Commerce, grant special protection rights to persons in Switzerland. However, the latter do not meet the requirements of adequate data protection within the meaning of the DPA".
Read more about that here (in german)HERE.