Swiss Security Standards IncognitoHR

This post is also available in: French Polish

Privacy bunker: data security the Swiss way!

One of the safest countries in the world, which has remained neutral for over 200 years, is located in Europe. Switzerland is a country with an area not much bigger than the Mazovian Voivodeship, but with a powerful data protection and privacy background. Multi-level security applies not only to legislation, but also to the political system and the judiciary. Let’s find out what Swiss security and data encryption standards look like!

Neutrality in a world of conflict

Like no other country, Switzerland knows how to remain neutral in a world torn by conflict. Although in the 19th century Europe was swept by national uprisings, collectively known as the “Spring of Nations”, and in the 20th century the world witnessed two of the largest armed conflicts in its history, Switzerland has remained neutral since 1815.

Not surprisingly, it regularly attracts both natural and legal persons to take advantage of its security umbrella.

Switzerland’s neutrality is not dictated by fear, however, but by a coherent and conscious vision of the country as a whole. This is evidenced, for example, by the compulsory military service for every man and the annual compulsory participation in a shooting course. Switzerland is a country with a deep tradition of security. For years, it has been protecting its citizens from death resulting from armed conflicts, while at the same time focusing on the well-being of all its inhabitants.

After all, what country but Switzerland can guarantee a safe place in a bunker for all its citizens in the event of nuclear war?

Today, Swiss Safety Standards go beyond armed conflict and move to the Internet, where many threats lurk for users in the 21st century…

A multi-level security structure

The first trace of security in data protection and encryption is already visible in the Swiss political system, which is looked upon lustfully by other countries. The second trace is the activity of the Swiss courts and their independence from the authorities of other countries in the context of declassifying any personal data. The third trace of data security is to be found in Swiss law, which, free from European directives, places the protection of each person’s privacy at the heart of its activities.

I812LS-4nZumXRAayKJjRsIY33N-1Cn7.jpg

A fragile relationship with the European Union

In 2001 the Swiss people voted in a referendum to decide whether their country would become part of the European Union. The inhabitants of the old continent held their breath, asking themselves if it was possible for such a neutral country to join the ranks of the community!

It could have been a breakthrough that never happened. As many as 77% of the Swiss people voted against joining the EU. Instead, the country’s authorities rejected any idea of starting any talks about a possible signature.

Switzerland is not a hardened or stubborn country. On the contrary. It is a well-governed/managed country. That is why, despite its rejection of the EU and the European Economic Area, Switzerland joined the Schengen Agreement in 2008, opening itself up to new opportunities and, at the same time, showing other countries what true democracy and security should look like.

Switzerland: the strongest democracy in Europe

If Switzerland were a comic book hero, its superpower would be the referendum.

Since 1884, almost 600 national referendums have been held in Switzerland. By comparison, there have been only 7 in Poland since World War II. According to estimates, more referendums are held in Switzerland than in all other countries in the world combined, and their scope is much wider.

In the case of most countries, referendums are called in the case of changes to the constitution or a desire to join an international organisation (e.g. the EU). In Switzerland, on the other hand, citizens also decide on local issues, which only seemingly look less important . “Apparently” because in Switzerland the administrative and political ladder is turned upside down.

This means that central authorities do not impose tasks on local authorities, but local authorities can delegate excess responsibilities to authorities at higher levels. Consequently, without the consent of the authorities of individual communes, districts (the equivalent of Polish poviats) and cantons (the equivalent of Polish voivodeships), the central authorities cannot order them to do anything.

The specifics of the political system are very important in terms of data security and privacy protection. Well, if citizens feel threatened, they can immediately organise a referendum to change the law and protect their data even better. All it takes is 100 000 signatures, which, given the willingness of the whole nation to vote, is not an exorbitant figure.

A country without a president, prime minister and opposition

Switzerland is an example that a country without a president, prime minister and opposition can exist! What is more, it can also be one of the most socially developed countries in the world (ranked 2nd according to the 2019 Human Development Index), have one of the largest economies in the world (ranked 20th according to 2019 World Bank data) and lead the world in data protection and privacy.

Switzerland is headed by a Federal Council, composed of 7 members, drawn from the 4 strongest parties with different political and ideological views. Each of the 7 members of the Federal Council, serves for one year as Federal President. The members divide up the management of the various ministries between themselves:

  • national defence,
  • home affairs,
  • external affairs,
  • finance,
  • economy,
  • justice,
  • energy.

Decisions of the Federal Council must be taken unanimously. This means that, despite differences in outlook and politics, Council members focus on cooperation and reaching an agreement that is good for citizens. In this way, Switzerland does not fight the opposition, but cooperates and avoids ideological conflicts.

The security guaranteed by the political system is also reinforced by the concept of the function of a politician. In Switzerland, being a politician is not tantamount to a profession, but is associated exclusively with a social mandate, often carried out without material gain. As a result, a politician is independent and free from any influence.

aHrewKX_1TkSQM8GWyCBIGghzytz-h8T.jpg

Swiss data security standards

Switzerland not only has the best technology for privacy protection, but also ways to store and encrypt data and prevent it from being accessed by outsiders.

The right to privacy in Switzerland is regulated by Article 13 of the Federal Constitution. According to the Data Protection Act of 19 June 1992. (Swiss Federal Data Protection Act, or DPA for short), Switzerland guarantees strict privacy protection and prohibits almost any action to process the data of persons who have not given their consent.

The Federal Data Protection Commissioner is the guardian of the DPA. He oversees compliance between the conduct of individual authorities and privacy law, provides advice on data protection, investigates possible violations and makes recommendations on appropriate data protection practices.

Data processing in Switzerland is only possible if it complies with:

  • the principle of legality (there is compliance with the law),
  • the principle of proportionality (it is necessary for the intended purpose and reasonable in terms of the degree of invasion of privacy)
  • the purpose principle (it occurs for a specific purpose indicated at the time of collection)
  • the principle of transparency (it is clear to those whose data is being collected)
  • the principle of accuracy (there is timeliness of the processed data).

Whoever processes personal data is obliged to ensure the highest level of protection by technical means and tools and full confidentiality. The disclosure of data to third parties is punishable by fines of up to CHF 250,000 (more than PLN 1,000,000). The Federal Data Protection Commissioner may also oblige the punished entity to correct, cease or completely delete the compromised personal data, in order to protect and secure it.

Any aggrieved party is also entitled to claim compensation for moral damages.

RODO or DPA? Europe or Switzerland?

As Switzerland is not part of either the EU or the EEA, they were able to develop their own system for data security and encryption. As a result, most European countries use GDPR standards, while Switzerland has the DPA. It differs from the GDPR primarily in the scope of data subjects to be protected. While the privacy law according to GDPR protects only natural persons, the DPA in Switzerland also guarantees the security of legal persons!

This means that not only “John Smith”, but also his company is subject to privacy protection under Swiss law.

It is also worth noting that in 2010, the Swiss Supreme Court ruled that IP addresses are also personal data and cannot be used to track individuals online without their knowledge.

Thanks to the adaptation of the DPA to the European directives, Poles can also benefit from the Swiss security standards with regard to the processing, transfer and storage of personal data.

hb-jan8Z0mD63_aKpCT1XaYGT02poHjs.jpg

Processing of personal data to other countries

According to EU regulations, all countries not belonging to the Union or the EEA are classified as “third countries” and are subject to strict rules regarding potential transfers of personal data.

Switzerland, with its effective and own privacy law, according to the European Commission provides an adequate level of protection for personal data. As a result, EEA countries (and the rest of the world) can benefit from the highest Swiss data security and encryption standards. Such a step entails full protection of confidential information, also thanks to the resistance of Swiss courts to declassify it.

It is not without reason that it is arbitrators from Switzerland who are highly sought after to resolve international disputes. Their neutrality and skill are rooted in the country’s judicial structure, which is governed by only one institution that can have an influence on the original decision of the arbitrators. As a result, cases are short-lived and penalties and sanctions hit the perpetrators immediately and directly, also in terms of personal data violations.

The attempt to transfer data outside Switzerland is strictly regulated by law and fully independent of European treaties. Thanks to its autonomous privacy policy, Swiss courts do not have to yield to the authorities of other countries when it comes to the transfer and decoding of encrypted data. Practice shows that if the case does not involve atrocious crimes, the judge immediately overrules any request for declassification of data.

Thus, locating the servers of an online platform in Switzerland can be compared to building a huge and sturdy wall between users and potential danger.

One for all, all for one!

Switzerland’s motto is: ‘One for all, all for one’. There seems to be no better summary of the actions of this country and nation as a whole. Although, like every country, it has its problems, it is the only one that does not have to prove that it cares about the welfare of its citizens and people.

Switzerland is a country that breaks away from the rule of EU and US privacy jurisdiction. The multi-level security structures extend to: the political system, the constitution, laws, treaties with other states and the judiciary. Combined with the most effective encryption and data storage practices, Swiss Security Standards are created and used by companies around the world. This includes our recruitment platform Incognito Human Resources.

For your safety, comfort and guarantee of anonymity, we use the best haven in the world . It is in Switzerland that we have built for you a private bunker to protect your data.

This post is also available in: French Polish

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.