Mr Hugh Reeves

Hugh Reeves


Tech, Data, Telecoms & Media

Parliament adopts Information Security Act
Switzerland | 09 April 2021

Parliament recently approved a new Information Security Act (ISA), almost 10 years after proceedings were initiated. The ISA defines the minimum requirements that all federal authorities must fulfil to protect their information and IT infrastructure. Its approval is a welcome milestone which represents the conclusion of a long parliamentary process and will re-establish information security principles in the federal public sectors.

Digital transformation: new cloud strategy and Swiss Cloud initiative
Switzerland | 29 January 2021

The Federal Council recently approved the cloud strategy for the federal administration which, among other things, provides for the further use of public cloud services as a strategic extension of existing IT-sourcing options for the federal administration. On the same day, it published the latest report on the Swiss Cloud – a related initiative to examine whether Switzerland should strive for its own cloud and data infrastructure with regard to data sovereignty and reduced dependency on international cloud providers.

Federal Council in favour of requiring critical infrastructures to report cyberattacks
Switzerland | 15 January 2021

The Federal Council recently tasked the Department of Finance with drafting a bill which will introduce a cyberattack notification obligation for operators of critical infrastructure. The draft will appoint a central reporting office and provide uniform criteria for all sectors in order to clarify how the reporting procedure would work. This step forward represents a key point of implementation of the national strategy for the protection of Switzerland against cyber risks.

Revised telecoms legislation enters into force
Switzerland | 08 January 2021

Parliament recently revised the federal telecoms legislation – in particular, the Federal Telecommunications Act and its various implementing ordinances. These revised regulations entered into force on 1 January 2021. The revision of the telecoms legislation brings about several fundamental changes that affect consumers as well as telecoms service providers and telecoms operators.

Implementation of 2018-2022 national strategy for the protection of Switzerland against cyber risks – quarterly report
Switzerland | 13 November 2020

The Federal Council's Cyber Committee recently adopted a report on the advancement of the 2018-2022 national strategy for the protection of Switzerland against cyber risks and its gradual implementation. The report focuses mainly on the progress made in supporting small and medium-sized enterprises and promoting research and training.

New Swiss DLT regulation as of 2021
Switzerland | 30 October 2020

Parliament recently approved new regulations for blockchain and distributed ledger technology (DLT). The goal of this new legal framework is to further establish and increase Switzerland's reputation as a leading, innovative and sustainable location for fintech and DLT companies. Because Switzerland already has a world-class and pioneering infrastructure for financial markets, these qualities should allow it to remain at the forefront of the DLT and fintech scene.

Telecoms surveillance legislation: Federal Administrative Court rules instant messaging app not a telecoms service
Switzerland | 25 September 2020

The Federal Administrative Court (FAC) recently issued a ruling concerning the status of instant messaging app Threema from a telecoms surveillance legislation perspective. The consequences of the FAC's ruling, if upheld by the Federal Supreme Court, would exonerate many over-the-top service providers (typically instant messaging and voice call providers) from certain obligations under telecoms legislation. However, businesses active in the telecoms area should nonetheless remain cautious.

FDPIC finds that Swiss-US Privacy Shield does not offer adequate level of data protection
Switzerland | 11 September 2020

The Federal Data Protection and Information Commissioner (FDPIC) recently removed the United States from its list of countries deemed to provide an "adequate level of data protection". Essentially, the FDPIC is of the opinion that legal remedies for data subjects in Switzerland under the Swiss-US Privacy Shield are insufficient. Going forward, businesses must reassess their cross-border data transfers in light of the FDPIC's statement.

Importance of IT security measures in banking relationships: clients may bear risk of being hacked
Switzerland | 14 August 2020

The Federal Supreme Court recently issued a ruling addressing the liability of a securities trading company when hackers break into and use a client's email account to send transfer orders. This case is a stark reminder of the importance for anyone using online accounts and online (email) communications to properly secure their IT systems against hackers and other malevolent third parties. In case of any suspicious activity, it is necessary to immediately assess the situation and react accordingly.

Federal Council moves forward in protection against cyber risks
Switzerland | 12 June 2020

The Federal Council recently adopted the Ordinance on Protecting against Cyber Risks (OPCy), which is set to enter into force on 1 July 2020. This move is the next step in a series of measures taken by the Federal Council to adopt a new organisational structure and implement a national strategy to protect Switzerland against cyber risks. Along with the adoption of the OPCy, the Federal Council has also planned for 20 additional positions in the respective offices for cyber risk protection.

Latest MELANI report – most important cyber incidents in second half of 2019
Switzerland | 05 June 2020

The Reporting and Analysis Centre for Information Assurance recently published its latest semi-annual report regarding the most important cyber incidents and cyber risks of the second half of 2019 in Switzerland and abroad. The report contains several practical recommendations for individuals and companies to improve their protection against cyberattacks.

IT outsourcing by banks and insurers facilitated by revised regulations
Switzerland | 10 January 2020

On 1 January 2020 the Swiss Financial Market Supervisory Authority implemented various revised rules primarily targeting small banks (the so-called 'small banks regime'). Among other aspects, this will result in a relaxation of IT outsourcing requirements for financial institutions. The amendments are positive and a step in the right direction, as they will allow financial institutions to enjoy more leeway to benefit from IT outsourcing services.

Federal Council publishes new Digital Switzerland strategy
Switzerland | 02 October 2018

The Federal Council recently adopted a new Digital Switzerland strategy for the next two years. The new strategy replaces the 2016 strategy and, like its predecessor, aims to prioritise the government's efforts in the digital realm. The new strategy places a stronger focus on initiatives relating to artificial intelligence and smart cities, smart villages and smart regions. It also addresses topics ranging from digitalisation in the transport and energy sectors to e-government and cyber risks.

Government recommendations for IT resilience and cybersecurity
Switzerland | 11 September 2018

The Federal Office for National Economic Supply recently published the Minimum Standard for Improving ICT Resilience, together with a self-assessment tool. Compliance with this standard should allow organisations to successfully fend off cyberattacks and mitigate cyber-risks. The standard follows a similar structure to the US Department of Commerce's National Institute of Standards and Technology Cybersecurity Framework.

Swiss telecoms regulator launches 5G radio frequency awards process
Switzerland | 01 August 2018

In a recent press release, the Federal Communications Commission (ComCom), jointly with the Federal Office of Communications (OfCom), launched the 5G radio frequency awards process. On behalf of ComCom, OfCom will auction several frequency spectrum blocs, which will be licenced for 15 years. These frequencies are important for the introduction of 5G technology in Switzerland and similar auction processes have already taken place or are under way in other jurisdictions.

Revised domain name rules grant further powers to registries and anti-cybercrime services
Switzerland | 24 April 2018

A revised version of the federal Ordinance on Internet Domains recently entered into force. It gives the responsible registries the possibility of temporarily blocking the top-level domain names '.ch' and '.swiss' where they are being used for phishing or malware activities. In addition, anti-cybercrime services can request that registries block the domain names. However, these services require prior recognition from the Swiss Federal Office of Communications.

Revised postal and telecoms surveillance legislation
Switzerland | 29 November 2017

The Federal Council recently announced that the revised Postal and Telecommunications Surveillance Act and its implementing ordinances will enter into force in March 2018. The revised act clarifies, strengthens and broadens the powers of the criminal prosecution authorities when it comes to communications surveillance. More specifically, it seeks to prevent situations where criminal suspects could avoid surveillance by using new technologies.

Draft e-ID Act to be prepared by Summer 2018
Switzerland | 28 November 2017

Switzerland is in the process of adopting legislation on electronic identification. The Federal Council published a preliminary draft e-ID Act and opened it for consultation by any interested actors. The Federal Council recently shared the consultation findings and commissioned the Federal Department of Justice and Police to prepare a revised draft act by Summer 2018.