A Swiss federal commissioner announced Tuesday that a U.S.-Swiss program aimed to protect personal information exchanged between the two countries doesn’t go far enough, and has downgraded the United States to rank it as a country deemed to have inadequate data protection.
Federal Data Protection and Information Commissioner Adrian Lobsiger, in a new policy paper, recommends that Swiss companies or government should disclose personal data to the U.S. only if safeguards are put in place to protect people from prying U.S. authorities.
Lobsiger’s paper follows a regular review of the three-year-old U.S.-Swiss program known as Privacy Shield, and his recommendations follow similar concerns expressed by EU authorities about an alleged lack of privacy protections in the United States. Switzerland is not an EU member, but often mirrors or lines up with the positions of the 27-member bloc that all but surrounds the wealthy Alpine country.
In July, the EU’s top court ruled that the bloc’s own Privacy Shield program with the U.S. was invalid because the American government can snoop on people’s data. The ruling complicated business decisions for some 5,000 companies including tech giants and financial firms. The EU court ruling followed a case brought by Austrian activist Max Schrems, who complained about the handling of his Facebook data.
In his paper, Lobsiger determined the United States should be categorized as providing “inadequate” data protection, a downgrade from its earlier classification of the U.S. as “adequate in certain conditions.” The U.S. is now placed alongside countries like Russia, China, Cuba, Japan and most African and Latin American states. Most European countries are deemed to have adequate protections.
The recommendations do not have the force of law, but could factor into decisions by corporate chiefs or government officials about whether to share private information about Swiss residents and citizens. Only a court would have final say.
Lobsiger said Swiss residents and citizens “do not have sufficient enforceable legal rights in the U.S.” and pointed to a lack of transparency in the U.S. ombudsman system – raising questions about the ombudsman’s power and independence. He said safeguards were “lacking” in the United States, and said hoped-for improvements in the U.S. didn’t come about.
The “Privacy Shield” program focuses on data exchange between businesses and guarantees provided by U.S. authorities on protecting personal data transferred between the countries, notably involving “the mass collection of non-US citizens’ data for the purposes of anti-terrorism measures and national security,” the paper said.
Related: State vs. Federal Privacy Laws: The Battle for Consumer Data Protection

More from Associated Press
- Russian Millionaire on Trial in Hack, Insider Trade Scheme
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
- South Dakota’s Noem Says Cell Phone Number Hacked
- Learning to Lie: AI Tools Adept at Creating Disinformation
- Microsoft Invests Billions in ChatGPT-Maker OpenAI
- Mississippi Creates New Cyber Unit, Names 1st Director
- FBI Chief Says He’s ‘Deeply concerned’ by China’s AI Program
- Ransomware Shuts Hundreds of Yum Brands Restaurants in UK
Latest News
- Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
- Gem Security Gets $11 Million Seed Investment for Cloud Incident Response Platform
- Ransomware Leads to Nantucket Public Schools Shutdown
- Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing
- Boxx Insurance Raises $14.4 Million in Series B Funding
- Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data
- 30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability
- Cyber Insights 2023: ICS and Operational Technology
