International activities

The Council of Europe is an international organisation based in Strasbourg which was founded in 1949 to promote democracy, human rights and the rule of law. The Council of Europe is home to the European Convention on Human Rights and the European Court of Human Rights. To protect the right to privacy in relation to the automatic processing of personal data, the Council of Europe drew up the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108). More than fourty years after it was opened for signature, this Convention remains the only legally binding international instrument in this field; it lays down basic principles for data protection that are universally recognised.

The Protocol amending the Convention (Convention 108+) was opened for signature on 10 October 2018. Convention 108+ aims to respond to the challenges of the digital age, strengthen enforcement mechanisms and improve the effectiveness of the right to data protection. Convention 108+ offers a high level of data protection. Switzerland signed the Amending Protocol (Convention 108+) on 21 November 2019 and ratified it on 7 September 2023. However, Convention 108+ cannot come into force until 38 States Parties have ratified the Amending Protocol.

The Consultative Committee for Convention 108 (T-PD), made up of representatives of the Parties to the Convention and observers from other States, international organisations and non-governmental organisations, is responsible for interpreting the provisions of the Convention and facilitating and improving its implementation. Switzerland is involved in the work of the T-PD.

The Organisation for Economic Co-operation and Development (OECD) is also working to promote respect for privacy. The OECD Privacy Guidelines are the cornerstone of the OECD's work in this area; however, the guidelines are not a legally binding instrument. An OECD working group is examining data governance and privacy protection in the digital economy; it has set up groups of experts to carry out specific tasks. One group with representatives of OECD member states including Switzerland, the Drafting Group, has been tasked with carrying out work relating to government access to personal data held by the private sector. This work has led to the adoption of the Declaration on Government Access to Personal Data Held by Private Sector Entities at the OECD Ministerial Meeting in December 2022, which contains high-level principles; However, it is not legally binding.

The aim of the Schengen and Dublin Agreements is to coordinate efforts to strengthen the individual freedoms of citizens and, at the same time, improve security in Europe. As it has signed a Schengen Association Agreement, Switzerland is part of the Schengen area. As part of the development of the Schengen acquis, Switzerland has incorporated into its national law the content of Directive (EU) 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties. Initially, Switzerland adopted the Federal Schengen Data Protection Act, in force until 31 August 2023. The obligations arising from Directive (EU) 2016/680 have now been incorporated into the new Federal Act on Data Protection, in force from September 2023. As a member of the Schengen area, Switzerland is regularly assessed by the European Commission within the framework of country evaluations, including with regard to data protection. At the same time, Swiss experts are also involved in assessing other Schengen member states.