The Swiss-U.S. Privacy Shield provides a framework for the transfer of personal data from Switzerland to the United States. As such data is crucial for many business operations, this framework can be of particular interest to Swiss-based SMEs. In order to promote the Privacy Shield and facilitate its use for companies, the Americas Unit at SECO has set up a contact group as a platform for information exchange, networking, and outreach.
Why is there a need for a Privacy Shield?
What do your birth date, shopping list and marital status have in common? They allow for conclusions regarding your person, being thus personal data. Personal data benefit from a high level of legal protection to prevent abuse and preserve privacy.
In the digital economy, data is constantly transferred across national borders. Data transfers are inextricably linked to international trade flows, including and notably between Switzerland and the United States, whose annual trade in goods and services exceeds 120 billion CHF.
Swiss law requires an adequate level of protection when personal data is transferred abroad. This is where the Swiss-U.S. Privacy Shield comes in: It provides the basis for personal data transfers from Switzerland to the United States without additional contractual guarantees between the involved companies. The goal of the framework is preventing undue administrative burden. A similar framework exists between the European Union and the United States.
How does the Privacy Shield work?
The Swiss-U.S. Privacy Shield has been operational since April 2017. It is based on voluntary self-certification by the recipient US companies with the US Department of Commerce. With this certification, US firms enter into legally binding obligations pertaining amongst others to the use, storage and forwarding of personal data. The Department of Commerce’s online list presently features over 3’500 certified companies.
Swiss authorities have been in regular contact with the US administration regarding the implementation of and awareness around the Privacy Shield. The core part of this exchange is an annual review held between SECO, the Swiss Federal Data Protection and Information Commissioner and the US Department of Commerce.
What is the Privacy Shield Contact Group?
The Contact Group was launched in late 2018 as a platform for public-private sector dialogue on data transfers between Switzerland and the United States. The Group presently comprises 13 Swiss-based companies and serves three main purposes:
1. Information exchange: The Group meets on an annual basis to discuss relevant issues encountered by the private sector and collect input in view of the annual Privacy Shield review. SECO also provides updates on the Privacy Shield via a designated SharePoint Team Site.
2. Networking: The Group brings together experts from the private and public sector with a stake in cross-border data transfers in general and the Privacy Shield in particular.
3. Optimization: The input is collected at the government level in order to improve the operation of the Privacy Shield.
Eager to participate?
SECO’s Americas Unit is at your disposal: firstname.lastname@example.org.