-
- Art. 5a FC
- Art. 6 FC
- Art. 10 FC
- Art. 16 FC
- Art. 17 FC
- Art. 20 FC
- Art. 22 FC
- Art. 29a FC
- Art. 30 FC
- Art. 32 FC
- Art. 42 FC
- Art. 43 FC
- Art. 43a FC
- Art. 55 FC
- Art. 56 FC
- Art. 60 FC
- Art. 68 FC
- Art. 75b FC
- Art. 77 FC
- Art. 96 para. 2 lit. a FC
- Art. 110 FC
- Art. 117a FC
- Art. 118 FC
- Art. 123b FC
- Art. 136 FC
- Art. 166 FC
-
- Art. 11 CO
- Art. 12 CO
- Art. 50 CO
- Art. 51 CO
- Art. 84 CO
- Art. 143 CO
- Art. 144 CO
- Art. 145 CO
- Art. 146 CO
- Art. 147 CO
- Art. 148 CO
- Art. 149 CO
- Art. 150 CO
- Art. 701 CO
- Art. 715 CO
- Art. 715a CO
- Art. 734f CO
- Art. 785 CO
- Art. 786 CO
- Art. 787 CO
- Art. 788 CO
- Transitional provisions to the revision of the Stock Corporation Act of June 19, 2020
- Art. 808c CO
-
- Art. 2 PRA
- Art. 3 PRA
- Art. 4 PRA
- Art. 6 PRA
- Art. 10 PRA
- Art. 10a PRA
- Art. 11 PRA
- Art. 12 PRA
- Art. 13 PRA
- Art. 14 PRA
- Art. 15 PRA
- Art. 16 PRA
- Art. 17 PRA
- Art. 19 PRA
- Art. 20 PRA
- Art. 21 PRA
- Art. 22 PRA
- Art. 23 PRA
- Art. 24 PRA
- Art. 25 PRA
- Art. 26 PRA
- Art. 27 PRA
- Art. 29 PRA
- Art. 30 PRA
- Art. 31 PRA
- Art. 32 PRA
- Art. 32a PRA
- Art. 33 PRA
- Art. 34 PRA
- Art. 35 PRA
- Art. 36 PRA
- Art. 37 PRA
- Art. 38 PRA
- Art. 39 PRA
- Art. 40 PRA
- Art. 41 PRA
- Art. 42 PRA
- Art. 43 PRA
- Art. 44 PRA
- Art. 45 PRA
- Art. 46 PRA
- Art. 47 PRA
- Art. 48 PRA
- Art. 49 PRA
- Art. 50 PRA
- Art. 51 PRA
- Art. 52 PRA
- Art. 53 PRA
- Art. 54 PRA
- Art. 55 PRA
- Art. 56 PRA
- Art. 57 PRA
- Art. 58 PRA
- Art. 59a PRA
- Art. 59b PRA
- Art. 59c PRA
- Art. 62 PRA
- Art. 63 PRA
- Art. 67 PRA
- Art. 67a PRA
- Art. 67b PRA
- Art. 75 PRA
- Art. 75a PRA
- Art. 76 PRA
- Art. 76a PRA
- Art. 90 PRA
-
- Vorb. zu Art. 1 FADP
- Art. 1 FADP
- Art. 2 FADP
- Art. 3 FADP
- Art. 5 lit. f und g FADP
- Art. 6 Abs. 6 and 7 FADP
- Art. 7 FADP
- Art. 10 FADP
- Art. 11 FADP
- Art. 12 FADP
- Art. 14 FADP
- Art. 15 FADP
- Art. 19 FADP
- Art. 20 FADP
- Art. 22 FADP
- Art. 23 FADP
- Art. 25 FADP
- Art. 26 FADP
- Art. 27 FADP
- Art. 31 para. 2 lit. e FADP
- Art. 33 FADP
- Art. 34 FADP
- Art. 35 FADP
- Art. 38 FADP
- Art. 39 FADP
- Art. 40 FADP
- Art. 41 FADP
- Art. 42 FADP
- Art. 43 FADP
- Art. 44 FADP
- Art. 44a FADP
- Art. 45 FADP
- Art. 46 FADP
- Art. 47 FADP
- Art. 47a FADP
- Art. 48 FADP
- Art. 49 FADP
- Art. 50 FADP
- Art. 51 FADP
- Art. 54 FADP
- Art. 57 FADP
- Art. 58 FADP
- Art. 60 FADP
- Art. 61 FADP
- Art. 62 FADP
- Art. 63 FADP
- Art. 64 FADP
- Art. 65 FADP
- Art. 66 FADP
- Art. 67 FADP
- Art. 69 FADP
- Art. 72 FADP
- Art. 72a FADP
-
- Art. 2 CCC (Convention on Cybercrime)
- Art. 3 CCC (Convention on Cybercrime)
- Art. 4 CCC (Convention on Cybercrime)
- Art. 5 CCC (Convention on Cybercrime)
- Art. 6 CCC (Convention on Cybercrime)
- Art. 7 CCC (Convention on Cybercrime)
- Art. 8 CCC (Convention on Cybercrime)
- Art. 9 CCC (Convention on Cybercrime)
- Art. 11 CCC (Convention on Cybercrime)
- Art. 12 CCC (Convention on Cybercrime)
- Art. 25 CCC (Convention on Cybercrime)
- Art. 29 CCC (Convention on Cybercrime)
- Art. 32 CCC (Convention on Cybercrime)
- Art. 33 CCC (Convention on Cybercrime)
- Art. 34 CCC (Convention on Cybercrime)
FEDERAL CONSTITUTION
CODE OF OBLIGATIONS
FEDERAL LAW ON PRIVATE INTERNATIONAL LAW
LUGANO CONVENTION
CODE OF CRIMINAL PROCEDURE
CIVIL PROCEDURE CODE
FEDERAL ACT ON POLITICAL RIGHTS
CIVIL CODE
FEDERAL ACT ON CARTELS AND OTHER RESTRAINTS OF COMPETITION
FEDERAL ACT ON INTERNATIONAL MUTUAL ASSISTANCE IN CRIMINAL MATTERS
DEBT ENFORCEMENT AND BANKRUPTCY ACT
FEDERAL ACT ON DATA PROTECTION
SWISS CRIMINAL CODE
CYBERCRIME CONVENTION
- In a nutshell
- I. General
- II. Para. 1, requirements in detail
- III. Para. 2, exceptions
- IV. Special legislation
- Bibliography
- Materials
In a nutshell
Art. 39 FADP allows federal bodies to process data for non-personal purposes under certain conditions. The rule grants facilitations within the meaning of the “research privilege” for research, statistics, planning and other areas. The rationale behind this is the great public interest in the activities concerned. The privilege only applies if the general conditions are met. Firstly, Art. 39 para. 1 FADP requires the earliest possible anonymization when processing personal data. Secondly, the consent of the federal body is required for the disclosure of data from the recipient to third parties. Thirdly, as in the case of private data processing in accordance with Art. 31 para. 2 lit. e FADP, federal bodies may only publish research or other results in such a way that data subjects cannot be identified.
As non-personal data processing does not involve the identity of the data subjects, Art. 39 para. 2 FADP declares that important principles are not applicable. For example, the requirement of purpose limitation and the requirement of a legal basis do not apply in certain constellations, e.g. for the disclosure of personal data. On the other hand, numerous special statutory provisions, namely in the area of statistics and research, which relativize the practical significance of Art. 39 FADP, must be taken into account.
I. General
1 Art. 39 FADP on the processing of data for non-personal purposes by federal bodies largely takes up the predecessor provision of Art. 22 aDSG with the so-called “research privilege”. What is new is a specification regarding particularly sensitive personal data. According to Art. 39 FADP, federal bodies should (continue to) benefit from facilitations for processing for non-personal purposes if they comply with the framework conditions. This privilege is justified by the public interest in the relevant activities of the state. Research and statistics provide the basis for all aspects of public life.
2 The conditions for facilitation include, on the one hand, the obligation to anonymize at the earliest possible point in time (para. 1 lit. a). Secondly, conditions regarding the disclosure of particularly sensitive personal data to third parties must be observed (para. 1 lit. b). Secondly, a consent requirement applies to disclosure by the recipient (para. 1 lit. c) and finally the requirement of non-identifiability when publishing the results (para. 1 lit. d). Art. 39 para. 2 declares that certain principles of the FADP are not applicable due to the reduced risks in the case of non-personal processing (para. 2).
3 The provision refers only to data processing by federal bodies. The provision mentions research, statistics and planning as privileged areas, although the list is not exhaustive. In addition to federal statistics, this includes research by federal institutions or on their behalf, national spatial and transport planning, the National Bank, migration management and public health. In contrast to the private sector, medical research, which is governed by human research law, tends to be in the background of the provision, as this area is mainly supported by the cantonal university hospitals and private pharmaceutical research. In contrast, research conducted by the ETH Domain as a decentralized federal unit is covered.
4 Due to the requirement of a legal basis for state data processing, the various activities are now extensively regulated by special legislation (below, IV). Art. 39 FADP therefore loses its independent meaning in numerous constellations or must be read in conjunction with the subject-specific provisions.
II. Para. 1, requirements in detail
A. Basic facts: non-personal purpose
5 The central element of the provision is processing for non-personal purposes. Non-personal purposes are defined as purposes for which the identity of the data subject is irrelevant. In other words, the purpose of the activity is also fulfilled if anonymized or encrypted data is processed. The processing of data of large parts of the population as well as individual groups is covered, as long as it only concerns the characteristics and not the identity of the persons recorded. If only factual data or previously anonymized data is processed, the provision is not applicable.
6 The explicit mention of the areas does not mean that data processing in the areas of research, statistics and planning serves non-personal purposes. In particular, there are processing activities that also serve personal purposes. For such activities, Art. 35 FADP states that the exceptions under Art. 39 para. 2 FADP only apply to processing for non-personal purposes.
7 The introductory sentence to para. 1 contains the legal consequence, namely the simplified authorization of data processing if the requirements of the provision, which are explained below, are met.
B. Lit. a, Earliest possible anonymization
8 Federal bodies must (in principle) anonymize the data as soon as the purpose of the processing permits. The provision thus takes up the principle of Art. 6 para. 4 FADP. A deadline for anonymization is not specified. A general, abstract regulation would not meet the respective needs of statistics, research and planning.
9 In contrast to Art. 31 para. 2 lit. e FADP, no exception has been included that allows other measures to prevent the identifiability of the person if anonymization is impossible or disproportionate. Opinions differ on the question of whether pseudonymization or encryption of personal data is sufficient. If a code or key is available with which (partially) anonymized personal data can be re-identified, this is referred to as pseudonymization. Some scholars only want to allow encryption if the processing ultimately leads to anonymization. The opposing view is based on the widespread need in practice for the possibility of tracing the identity of the person concerned, which is opposed to anonymization, especially the required early anonymization. Furthermore, general anonymization is not in line with lit. b, according to which it is sufficient for particularly sensitive personal data if it cannot be identified when it is disclosed to private individuals, which also permits encryption. If encryption or “de facto anonymization” is sufficient for the disclosure of particularly sensitive data, this should also apply a maiore minus to less sensitive data. The dispatch on the aDSG mentions a need for pseudonymization. A decision by the Federal Supreme Court does not answer the question conclusively, but sees the solution in the purpose of the respective procedure: “There are, of course, limits to concealment. It must not lead to the judgment no longer being comprehensible. It can therefore not be completely ruled out that people who are familiar with the details of the case may be able to recognize who is involved despite the concealment.” If anonymization therefore removes the purpose of the processing (which, however, does not always have to be personal), appropriate other measures to prevent the person from being identifiable must also be permissible.
C. Lit. b, Particularly sensitive data
10 The second requirement concerns the disclosure of particularly sensitive data to private individuals. The provision is a specific regulation in addition to the general provisions on the disclosure of data in Art. 36 FADP. In the case of particularly sensitive data, the principle applies that such data may only be disclosed to third parties in such a way that the data subject cannot be identified. In contrast to the wording of lit. a, anonymization is not required here; instead, prior encryption is also sufficient for the increased protection of the data.
11 In connection with measures to prevent identifiability, reference should be made to the extensive catalog of technical and organizational measures in Art. 3 GDPR, in particular the rules on confidentiality and integrity. There are also various guidelines on encryption, such as the binding scientific linking guidelines of the Federal Statistical Office or the guidelines of the European Cybersecurity Agency (Enisa). Among other things, the guidelines contain requirements for handling the codes and for de-pseudonymization.
12 Statutory confidentiality regulations also play a role. Where special legislation does not permit the disclosure of particularly sensitive data (to private parties) as an integral part, it takes precedence as a special regulation. Lit. b can therefore not be used as a justification for the disclosure of data that is protected by secrecy.
D. Lit. c, Consent requirement for disclosure
13 Thirdly, data may be disclosed for processing for non-personal purposes. However, according to lit. c, the consent of the federal body is required for the disclosure of the data. The consent of the federal body must be accompanied by the condition that the obligations regarding anonymization and publication are passed on to the third party.
14 For the National Bank, the special provision of Art. 16 para. 4bis NBA applies, according to which the National Bank is authorized to disclose data to the FSO in non-aggregated form for statistical purposes. Notwithstanding Article 39 FADP, the FSO may not pass on data from the National Bank without its consent.
15 Art. 39 para. 1 lit. c leaves the form of consent open. According to the dispatch on the aDSG, consent may or must be given by contract or by order.
E. Lit. d, Publication of results
16 lit. d incorporates the previous provision according to which data subjects must not be identifiable when the results are published (Art. 22 para. 1 lit. c aDSG). Despite the same wording as Art. 31 para. 2 lit. e no. 3 FADP, (complete) anonymization is required for publication. Partial anonymization or pseudonymization, as is common in medical human research, is therefore not sufficient. Exceptions are conceivable, however, if the data relates to persons of contemporary history or if overriding interests in transparency require access to the file.
17 It is noted in the doctrine that the publication of studies with a small number of data subjects may give rise to a risk of conclusions being drawn about the individual, for example in the case of statistics for small geographical areas. However, this appears to be less of a problem when publishing results based on data from a large number of data subjects, as it is more difficult to identify the person by a human being. Technological systems, on the other hand, function independently of geographical or numerical restrictions, so that ultimately technical progress constantly increases the requirements for the publication of results.
III. Para. 2, exceptions
18 Art. 39 para. 2 FADP declares three provisions of the FADP inapplicable.
19 Firstly, the requirement of purpose limitation or prohibition of change of purpose pursuant to Art. 6 para. 3 FADP is not applicable. Because research, planning and statistical work has no direct impact on the data subjects in accordance with Art. 39 FADP, data may also be used in a different context than that for which it was collected. However, the limit of use is set by Art. 39 para. 1, according to which it may only ever be for non-personal purposes. Within this framework, data may be processed for any lawful purpose. In other words, the exception does not permit processing for other personal purposes.
20 The second exception is Art. 34 para. 2 FADP. Accordingly, the requirement of a formal legal basis does not apply to the processing of particularly sensitive personal data and profiles or to activities with a risk of serious interference with fundamental rights. The principle of legality is therefore not completely eliminated. Art. 34 para. 1 FADP remains applicable. A legal basis at ordinance level is therefore still expected for such processing.
21 The third exception concerns Art. 36 para. 1 FADP on the disclosure of personal data. Consequently, no specific legal basis is required for the disclosure of personal data. Apart from the fact that Art. 39 para. 1 FADP contains requirements for the disclosure of personal data, special legislation will also regularly have to be complied with. If there are no regulations, a federal body can rely on this exception. However, this provision does not abolish the principle of legality for disclosure.
IV. Special legislation
22 Due to the above-mentioned requirement of a legal basis for state data processing, there is now extensive special legislation governing the activities of federal bodies. Depending on the level of detail, these can largely replace Art. 39 FADP, refer to it or supplement the provision.
A. Federal Statistics Act
23 Art. 19 para. 2 FStatA contains an almost identical provision on the disclosure of data for non-personal purposes to federal statistical producers. The provision is limited to disclosure because the FStatA contains relevant provisions on collection and processing (Art. 4 ff. FStatA). In addition to the requirements in Art. 39 para. 1 FADP, Art. 19 para. 2 lit. d FStatA requires compliance with statistical confidentiality and the other data protection provisions. Art. 16 para. 1 FStatA clarifies that the provisions on research, statistics and planning of the FADP apply “in addition”, i.e. subsidiarily, to personal data.
B. Register Harmonization Act
24 The Register Harmonization Act (RHA) is then relevant in the area of population statistics. The purpose of register harmonization is to standardize and simplify the communal and cantonal registers in order to increase their statistical value and reduce the administrative burden. In addition, register harmonization makes things easier for the registers concerned. It enables the legally regulated electronic exchange of data between various official registers (cf. Art. 1 RHA).
C. Police information systems
25 The police and judicial authorities operate numerous registers and information systems. The systems are regulated by the Federal Act on Federal Police Information Systems (FPSI). Art. 6 para. 4 BPI allows those responsible to retain anonymized data that is intended for deletion, insofar as this is necessary for statistical or criminal analysis purposes. However, research with the corresponding anonymized data no longer falls under Art. 39 FADP, as it is no longer personal data.
D. Human research law and research at ETH
26 Human research law (currently under revision) with the HRA and related enactments such as the Cancer Registration Act, which contain their own provisions on pseudonymization and triage provisions regarding the application of the HRA and FADP (e.g. Art. 28 KRG), is also of importance. Of particular importance in the field of research is the development of electronic consent (so-called e-consent, Art. 8b E-HRA), which allows written consent to be dispensed with under certain conditions. Electronic consent plays a special role for future reuse in research, where projects often do not (or no longer) have a personal purpose (Art. 17 HRA).
27 Finally, the revised Art. 36c para. 1 ETHG states that personal data, including particularly sensitive personal data, may be processed in the context of research projects insofar as this is necessary for the corresponding project. According to para. 2, the FADP must be observed.
E. Archives of the Confederation
28 Finally, mention should be made of the Federal Archiving Act (ArchA), which contains the regulatory framework for the federal archives, in particular for the Federal Administration, Parliament and the federal courts. With regard to particularly sensitive personal data in non-anonymized archives, Art. 11 para. 1 ArchA provides for an extended protection period of 50 years.
Bibliography
Baeriswyl Bruno, Die Einwilligung hilft (nicht) weiter, digma 2020 S. 62 ff. (zit. Baeriswyl).
Baeriswyl Bruno/Pärli Kurt (Hrsg.), Datenschutzgesetz (DSG), Stämpflis Handkommentar, Bern 2015 (zit. SHK aDSG-Bearbeiter/-in).
Kley Andreas/Zihler Florian, Geschichtswissenschaftliches Arbeiten im Rahmen der Kommunikationsgrundrechte, Medialex 2003 S. 85 ff.
Maurer-Lambrou, Urs/Blechta, Gabor-Paul (Hrsg.), Datenschutzgesetz/Öffentlichkeitsgesetz, Basler Kommentar, 3. Aufl., Basel 2014 (zit. BSK-Bearbeiterin).
Perucchi Stefano/Bernasconi Jonathan/Ceroni Davide, in: Kellerhals Carrard/Bürgschaftsgenossenschaften Schweiz (Hrsg.), Corona-Kredite für KMU, Umsetzung des Massnahmenpakets und Kommentierung des Covid-19-Solidarbürgschaftsgesetzes (Covid-19-SBüG), Zürich 2021 (zit. Perucchi/Bernasconi/Ceroni).
Reudt-Demont Janine, Digitalisierung des Gesundheitswesens 2023, LSR 2023 S. 39 ff. (zit. Reudt-Demont).
Rosenthal David/Jöhri Yvonne, Handkommentar zum Datenschutzgesetz sowie weiteren, ausgewählten Bestimmungen, Zürich 2008 (zit. Rosenthal/Jöhri (2008)).
Belser Eva Maria/Noureddine Houssein, Die Datenschutzgesetzgebung des Bundes, Das Zusammenwirken datenschutzrechtlicher Normen, in: Belser Eva Maria/Epiney Astrid/Waldmann Bernhard (Hrsg.), Datenschutzrecht, Grundlagen und öffentliches Recht, Bern 2011, S. 412-460 und S. 461-509 (zit. Belser/Houssein).
Materials
Botschaft zum Bundesgesetz über die Totalrevision des Bundesgesetzes über den Datenschutz und die Änderung weiterer Erlasse zum Datenschutz vom 15.9.2017, BBl 2017 6941 ff., abrufbar https://www.fedlex.admin.ch/eli/fga/2017/2057/de (zit. Botschaft 2017).
Botschaft zum Bundesgesetz über den Datenschutz (DSG) vom 23.3.1988, BBl 1988 II 413 ff., abrufbar unter https://www.fedlex.admin.ch/eli/fga/1988/2_413_421_353/ de (zit. Botschaft 1988).
Erläuterungsbericht Totalrevision der Verordnung zum Bundesgesetz über den Datenschutz, BJ, 23.6.2021; Entwürfe zur Revision der Verordnungen in der Humanforschung, abrufbar unter https://www.bag.admin.ch/bag/de/home/medizin-und-forschung/forschung-am-menschen/revision-verordnungen-hfg.html (zit. Erläuterungsbericht).