-
- Art. 3 FC
- Art. 5a FC
- Art. 6 FC
- Art. 10 FC
- Art. 13 FC
- Art. 16 FC
- Art. 17 FC
- Art. 20 FC
- Art. 22 FC
- Art. 26 FC
- Art. 29a FC
- Art. 30 FC
- Art. 31 FC
- Art. 32 FC
- Art. 42 FC
- Art. 43 FC
- Art. 43a FC
- Art. 55 FC
- Art. 56 FC
- Art. 60 FC
- Art. 68 FC
- Art. 75b FC
- Art. 77 FC
- Art. 81 FC
- Art. 96 para. 1 FC
- Art. 96 para. 2 lit. a FC
- Art. 110 FC
- Art. 117a FC
- Art. 118 FC
- Art. 123a FC
- Art. 123b FC
- Art. 130 FC
- Art. 136 FC
- Art. 164 FC
- Art. 166 FC
- Art. 170 FC
- Art. 178 FC
- Art. 189 FC
- Art. 191 FC
-
- Art. 11 CO
- Art. 12 CO
- Art. 50 CO
- Art. 51 CO
- Art. 84 CO
- Art. 97 CO
- Art. 98 CO
- Art. 99 CO
- Art. 100 CO
- Art. 143 CO
- Art. 144 CO
- Art. 145 CO
- Art. 146 CO
- Art. 147 CO
- Art. 148 CO
- Art. 149 CO
- Art. 150 CO
- Art. 633 CO
- Art. 701 CO
- Art. 715 CO
- Art. 715a CO
- Art. 734f CO
- Art. 785 CO
- Art. 786 CO
- Art. 787 CO
- Art. 788 CO
- Art. 808c CO
- Transitional provisions to the revision of the Stock Corporation Act of June 19, 2020
-
- Art. 2 PRA
- Art. 3 PRA
- Art. 4 PRA
- Art. 6 PRA
- Art. 10 PRA
- Art. 10a PRA
- Art. 11 PRA
- Art. 12 PRA
- Art. 13 PRA
- Art. 14 PRA
- Art. 15 PRA
- Art. 16 PRA
- Art. 17 PRA
- Art. 19 PRA
- Art. 20 PRA
- Art. 21 PRA
- Art. 22 PRA
- Art. 23 PRA
- Art. 24 PRA
- Art. 25 PRA
- Art. 26 PRA
- Art. 27 PRA
- Art. 29 PRA
- Art. 30 PRA
- Art. 31 PRA
- Art. 32 PRA
- Art. 32a PRA
- Art. 33 PRA
- Art. 34 PRA
- Art. 35 PRA
- Art. 36 PRA
- Art. 37 PRA
- Art. 38 PRA
- Art. 39 PRA
- Art. 40 PRA
- Art. 41 PRA
- Art. 42 PRA
- Art. 43 PRA
- Art. 44 PRA
- Art. 45 PRA
- Art. 46 PRA
- Art. 47 PRA
- Art. 48 PRA
- Art. 49 PRA
- Art. 50 PRA
- Art. 51 PRA
- Art. 52 PRA
- Art. 53 PRA
- Art. 54 PRA
- Art. 55 PRA
- Art. 56 PRA
- Art. 57 PRA
- Art. 58 PRA
- Art. 59a PRA
- Art. 59b PRA
- Art. 59c PRA
- Art. 60 PRA
- Art. 60a PRA
- Art. 62 PRA
- Art. 63 PRA
- Art. 64 PRA
- Art. 67 PRA
- Art. 67a PRA
- Art. 67b PRA
- Art. 73 PRA
- Art. 73a PRA
- Art. 75 PRA
- Art. 75a PRA
- Art. 76 PRA
- Art. 76a PRA
- Art. 90 PRA
-
- Vorb. zu Art. 1 FADP
- Art. 1 FADP
- Art. 2 FADP
- Art. 3 FADP
- Art. 4 FADP
- Art. 5 lit. c FADP
- Art. 5 lit. d FADP
- Art. 5 lit. f und g FADP
- Art. 6 para. 3-5 FADP
- Art. 6 Abs. 6 and 7 FADP
- Art. 7 FADP
- Art. 10 FADP
- Art. 11 FADP
- Art. 12 FADP
- Art. 14 FADP
- Art. 15 FADP
- Art. 18 FADP
- Art. 19 FADP
- Art. 20 FADP
- Art. 22 FADP
- Art. 23 FADP
- Art. 25 FADP
- Art. 26 FADP
- Art. 27 FADP
- Art. 31 para. 2 lit. e FADP
- Art. 33 FADP
- Art. 34 FADP
- Art. 35 FADP
- Art. 38 FADP
- Art. 39 FADP
- Art. 40 FADP
- Art. 41 FADP
- Art. 42 FADP
- Art. 43 FADP
- Art. 44 FADP
- Art. 44a FADP
- Art. 45 FADP
- Art. 46 FADP
- Art. 47 FADP
- Art. 47a FADP
- Art. 48 FADP
- Art. 49 FADP
- Art. 50 FADP
- Art. 51 FADP
- Art. 52 FADP
- Art. 54 FADP
- Art. 55 FADP
- Art. 57 FADP
- Art. 58 FADP
- Art. 60 FADP
- Art. 61 FADP
- Art. 62 FADP
- Art. 63 FADP
- Art. 64 FADP
- Art. 65 FADP
- Art. 66 FADP
- Art. 67 FADP
- Art. 69 FADP
- Art. 72 FADP
- Art. 72a FADP
-
- Art. 2 CCC (Convention on Cybercrime)
- Art. 3 CCC (Convention on Cybercrime)
- Art. 4 CCC (Convention on Cybercrime)
- Art. 5 CCC (Convention on Cybercrime)
- Art. 6 CCC (Convention on Cybercrime)
- Art. 7 CCC (Convention on Cybercrime)
- Art. 8 CCC (Convention on Cybercrime)
- Art. 9 CCC (Convention on Cybercrime)
- Art. 11 CCC (Convention on Cybercrime)
- Art. 12 CCC (Convention on Cybercrime)
- Art. 16 CCC (Convention on Cybercrime)
- Art. 18 CCC (Convention on Cybercrime)
- Art. 25 CCC (Convention on Cybercrime)
- Art. 27 CCC (Convention on Cybercrime)
- Art. 28 CCC (Convention on Cybercrime)
- Art. 29 CCC (Convention on Cybercrime)
- Art. 32 CCC (Convention on Cybercrime)
- Art. 33 CCC (Convention on Cybercrime)
- Art. 34 CCC (Convention on Cybercrime)
-
- Art. 2 para. 1 AMLA
- Art. 2a para. 1-2 and 4-5 AMLA
- Art. 2 para. 3 AMLA
- Art. 3 AMLA
- Art. 7 AMLA
- Art. 7a AMLA
- Art. 8 AMLA
- Art. 8a AMLA
- Art. 11 AMLA
- Art. 14 AMLA
- Art. 15 AMLA
- Art. 20 AMLA
- Art. 23 AMLA
- Art. 24 AMLA
- Art. 24a AMLA
- Art. 25 AMLA
- Art. 26 AMLA
- Art. 26a AMLA
- Art. 27 AMLA
- Art. 28 AMLA
- Art. 29 AMLA
- Art. 29a AMLA
- Art. 29b AMLA
- Art. 30 AMLA
- Art. 31 AMLA
- Art. 31a AMLA
- Art. 32 AMLA
- Art. 38 AMLA
FEDERAL CONSTITUTION
MEDICAL DEVICES ORDINANCE
CODE OF OBLIGATIONS
FEDERAL LAW ON PRIVATE INTERNATIONAL LAW
LUGANO CONVENTION
CODE OF CRIMINAL PROCEDURE
CIVIL PROCEDURE CODE
FEDERAL ACT ON POLITICAL RIGHTS
CIVIL CODE
FEDERAL ACT ON CARTELS AND OTHER RESTRAINTS OF COMPETITION
FEDERAL ACT ON INTERNATIONAL MUTUAL ASSISTANCE IN CRIMINAL MATTERS
DEBT ENFORCEMENT AND BANKRUPTCY ACT
FEDERAL ACT ON DATA PROTECTION
CRIMINAL CODE
CYBERCRIME CONVENTION
COMMERCIAL REGISTER ORDINANCE
FEDERAL ACT ON COMBATING MONEY LAUNDERING AND TERRORIST FINANCING
FREEDOM OF INFORMATION ACT
FEDERAL ACT ON THE INTERNATIONAL TRANSFER OF CULTURAL PROPERTY
- in a nutshell
- I. General
- II. Sensitive personal data in general
- III. Data on religious, ideological, political, or trade union views or activities (no. 1)
- IV. Data concerning health, privacy, or racial or ethnic origin (no. 2)
- V. Genetic data (no. 3)
- VI. Biometric data that uniquely identifies a natural person (no. 4)
- VII. Data on administrative and criminal proceedings or sanctions (no. 5)
- VIII. Data on social assistance measures (no. 6)
- Bibliography
- Materials
in a nutshell
Sensitive personal data is a specific subcategory of personal data that requires special protection due to the increased risk of discrimination or stigmatization. Its processing is only permitted under strict legal conditions, such as with explicit consent, after conducting a prior data protection impact assessment, or on the basis of a formal law in the case of processing by a public authority.
I. General
1 Sensitive personal data is a privileged subcategory of personal data (Art. 5 lit. a FADP). It is classified as particularly sensitive in view of the protection of the fundamental rights and personality of data subjects (risk of discrimination or stigmatization based on these characteristics) (see N. 6 ff.). Art. 5 lit. c FADP lists the categories of particularly sensitive personal data in an exhaustive manner. Subject to special legal provisions, particularly sensitive personal data is included wherever the law refers to personal data.
2 The permissibility of processing this privileged type of personal data is subject to special conditions imposed by the legislator. For example, the legislator imposes higher requirements on consent to the processing of particularly sensitive personal data. In particular, consent must be given expressly (e.g. Art. 6 para. 7 lit. a FADP). In addition, there is an obligation to carry out a data protection impact assessment (e.g., Art. 22 para. 2 lit. a FADP). Federal authorities require a legal basis in the formal sense for the processing of particularly sensitive personal data (Art. 34 para. 2 lit. a FADP).
A. Purpose of the standard and background
3 In creating the abstract, formal categories of particularly sensitive personal data, the legislator assumes that there are certain types or categories of data that are particularly sensitive due to their close connection to a person's private life or confidential matters. The sensitivity of this data poses a particular risk to the personal rights of the persons concerned (e.g., risk of stigmatization based on characteristics), which makes this data particularly worthy of protection. This view is shared by the FADP with ER-Konv-108+ (Art. 6) and with Directive 2016/680 (Art. 10) and the DSGVO (Art. 9).
B. History
4 The category of particularly sensitive personal data was already included in the aDSG (Art. 3 lit. c aDSG) and, according to the Federal Council, should be retained even after the total revision of the FADP. In the context of the revision, the Federal Council considered the protection of “sensitive personal data” to be central to “maintaining the EU's adequacy decision” and emphasized that “the Federal Council's catalog [...] therefore meets the minimum requirements of the Data Protection Convention 108 plus and the Schengen-relevant EU Directive on data protection in criminal matters.”
5 Attempts to shorten the catalog already existing under the aDSG failed in parliamentary deliberations (see N. 12, N. 32). Instead, as part of the total revision of the FADP, the concept of particularly sensitive personal data was extended to include genetic data and biometric data that uniquely identify an individual, as well as data on ethnic origin, thereby aligning the FADP with Art. 6 para. 1 ER-Conv-108+ and Art. 10 Directive EU 2016/680.
II. Sensitive personal data in general
6 Sensitive personal data is formally and abstractly categorized in the FADP. The legislator assumes that the personal data designated as particularly sensitive in Art. 5 lit. c FADP particularly affect the personal rights of the data subject due to their sensitivity, as they originate from the secret sphere or private life of the person and/or can significantly influence their reputation. The classification as particularly sensitive personal data is not based on the existence of a specific risk to the personality or fundamental rights, but rather on the fact that the information in question relates to an aspect of life that belongs to one of the areas protected by law.
7 This approach, which is based on a definitive, formal-abstract categorization, is controversial. The risk to personal rights does not arise from specific formal legal types of data, but from their use for a specific purpose or in a specific context, the scope of processing, etc. (context of use). The focus should be on the actual sensitivity of data with regard to the protection of the privacy of a specific data subject.
8 In addition, the terms used to definitively describe the categories of particularly sensitive personal data are vague, and the selection appears static, antiquated, and incomplete. Although this criticism already existed under aDSG, the formal, abstract categorization was retained in the total revision. Rudin rightly emphasizes: “It is not the data itself, but its use in a specific context (the context of use) that poses the risk.”
9 Since the total revision of the FADP, data relating to legal entities no longer falls within the scope of the law. Accordingly, the term “personal data” (Art. 5 lit. a FADP) and thus also that of “sensitive personal data” (Art. 5 lit. c FADP) applies only to natural persons.
III. Data on religious, ideological, political, or trade union views or activities (no. 1)
10 According to Art. 5 lit. c no. 1 FADP, data on religious, ideological, political or trade union views or activities are considered particularly sensitive personal data. The provision also refers to membership in relevant associations. No. 1 thus covers data on a person's religious beliefs or denomination, their party affiliation, or their membership in an employee organization, a free church, or an association that represents a particular political or ideological stance (including Masonic associations and religious youth organizations). For Glass, it is unclear how broadly the term “religious or ideological data” should be interpreted. However, with regard to the protection of freedom of belief and conscience, it seems plausible to include all data that allows conclusions to be drawn about a person's beliefs, conscience, or ideological stance. The provision was taken over unchanged from the old law and corresponds to Art. 3 lit. c no. 1 aDSG.
11 In view of the sometimes far-reaching consequences that the processing of particularly sensitive personal data can have (N. 3), it is necessary to examine in each case whether the processing of such data is actually necessary and whether it can be dispensed with (e.g., by not including religious affiliation in the personnel file).
12 During the political deliberations on the FADP, an unsuccessful attempt was made to remove trade union views or activities from the list in Art. 5 lit. c no. 1 FADP.
IV. Data concerning health, privacy, or racial or ethnic origin (no. 2)
13 According to Art. 5 lit. c no. 2 FADP, data concerning health, privacy, or racial or ethnic origin are also considered particularly sensitive personal data.
14 According to the message on aDSG (message 1988), under the old law, data on health included all information that in a broad sense constituted a medical finding and “could have a negative effect on the persons concerned.” In view of today's understanding of health and medical and technological advances, this (historical) understanding of health data, in particular the requirement of a negative impact on health, is too narrow. Furthermore, the characteristic of negative effects is hardly taken into account in practice. Consequently, a broader definition of health data must be assumed today. Vokinger points out that health data used to arise mainly from the doctor-patient relationship. Today, patients themselves are increasingly collecting data via apps, wearables, or social media. Companies outside the traditional healthcare sector (Google, Amazon, Apple, etc.) are also increasingly processing health data. Consequently, this data is not limited to clinical information, but increasingly also includes (genetic) information that may be available even before a clinical manifestation. Whether certain data can be classified as health data does not depend directly on the data itself, but rather on the context in which it is used. Identical information—such as the number of steps taken each day—may be considered lifestyle data for a healthy person, but may be considered health data for a patient with diabetes mellitus or heart failure, for example.
15 The DSGVO also takes a broad view of the term “health data”: “Personal health data should include all data relating to the health status of a data subject and from which information about the past, present, and future physical or mental health status of the data subject can be derived.”
16 A broad understanding of health data makes sense because in healthcare—especially under the influence of rapidly developing information technologies—the boundaries between therapy and lifestyle are becoming increasingly blurred (keywords: real-world data and real-world evidence). Accordingly, information about a person's state of health does not only qualify as health data within the meaning of Art. 5 lit. c no. 2 FADP if it relates to a negative state of health. Similarly, depending on the context, information that a person is not affected by a disease or leads a certain lifestyle may now constitute health data within the meaning of Art. 5 lit. c no. 1 FADP. Even the accuracy of such data is not relevant for its classification as particularly sensitive health data, as it is precisely inaccurate information (e.g., an incorrect diagnosis automatically generated by an incorrect interpretation of data or an inaccurate correlation) that can jeopardize a person's personal rights.
17 The term “health data” is also found in the HRA. In Art. 3 lit. f Human Research Act, health-related personal data is defined as “information about an identified or identifiable person relating to their health or illness, including their genetic data.” According to the HRA message, personal data is health-related if it “relates to a physical or mental illness or provides information about the structure and function of the body of the person concerned.” According to the HRA message, the concept of health data coincides with that of the FADP.
18 The sphere of intimacy includes data “that a person only shares with a select few and that is of great emotional significance to them.” The sphere of intimacy goes beyond sexual life, but does not extend to financial circumstances, for example. The private sphere includes, among other things, information about therapies, fears or other feelings, addictive behavior, etc. The concept of the private sphere is based on the Federal Supreme Court's “three-sphere theory,” which distinguishes between the intimate or secret sphere, the private sphere, and the public sphere. The private sphere covers the personal affairs of the person concerned, which should in principle remain unknown to third parties unless the persons concerned themselves disclose the information. According to the message, a person's gender identity can – depending on the situation – be classified as either part of the private sphere or as health data.
19 Even in the revised version, the FADP retains the term “data on membership of a race” in Art. 5 lit. c no. 2 FADP. The dispatch emphasizes – with reference to the EU – that retaining the term “racial affiliation” does not mean that the legislature approves of racial theory, which assigns people to a “race” in a judgmental, racially ideological manner based on their external characteristics. The term was retained primarily in accordance with Art. 6 para. 1 ER-Conv-108+, Art. 10 Directive EU 2016/680, and Art. 9 para. 1 DSGVO, and was accepted by Parliament without discussion.
20 The concept of race in Art. 5 lit. c no. 2 FADP was supplemented by data on ethnicity during the total revision. This was done in accordance with Art. 10 of Directive (EU) 2016/680 and Art. 9 para. 1 DSGVO. Ethnic origin refers to membership of a group of people who feel connected to each other on the basis of their history, language, customs, culture, traditions, etc., and who perceive themselves as a community that is different from the rest of the population and/or is perceived as different by the rest of the population. Rudin cites the terms “Tamil” and “Kurd” as examples. Ethnicity is not the same as nationality. In some cases (e.g., “Serbs”), the latter may coincide with ethnicity.
V. Genetic data (no. 3)
21 Since the total revision of the FADP, genetic data has been explicitly included in the category of particularly sensitive personal data under Art. 5 lit. c FADP. Genetic data is information about the genetic makeup of a person that is obtained through genetic testing. According to the dispatch, the term “genetic data” in the FADP corresponds to the definition in Art. 3 lit. l aGUMG, which has now been adopted in Art. 3 lit. k GUMG. According to Art. 3 lit. g HRA, “genetic data” is “information obtained through genetic testing about characteristics inherited or acquired during the embryonic phase.”
22 Genetic data can be obtained from almost all types of biological material (blood, hair, saliva, etc.) using genetic testing. According to Art. 3 lit. a GUMG, genetic testing refers to “cytogenetic and molecular genetic testing to determine characteristics of human genetic material, as well as all other laboratory tests directly aimed at obtaining such information about human genetic material.”
23 Genetic data also includes DNA profiles in accordance with Art. 3 lit. j GUMG: A DNA profile refers to “specific characteristics of a person's genetic material that are determined by genetic testing and used to clarify their ancestry or to identify that person.”
24 According to Rudin, Art. 5 lit. c no. 3 FADP is based on a broad understanding of genetic data. This means that it covers not only data obtained by sequencing individual genomes, but also, among other things, information obtained through the use of genetic markers (e.g., in oncology). However, only genetic data that qualifies as personal data in accordance with Art. 5 lit. a FADP falls within the scope of the FADP and, in particular, under the definition of particularly sensitive personal data. Cell material and biological samples do not constitute genetic data as long as no information about the genetic makeup of the persons concerned has been obtained from them. In this context, Rudin rightly raises the question of the extent to which, according to the current and future state of science, “genetic data in a specific context does not actually allow conclusions to be drawn about a specific person.”
VI. Biometric data that uniquely identifies a natural person (no. 4)
25 During the total revision of the FADP, biometric data was newly included in the catalog of particularly sensitive personal data in Art. 5 lit. c.
26 Biometric data are physical characteristics that are recorded, measured, and documented. This is personal data “obtained by a specific technical process relating to the physical, physiological, or behavioral characteristics of an individual and which enables or confirms the unique identification of that person.” It can only be changed with great effort (e.g., surgical intervention). Typically, digital fingerprints, hand vein patterns, voice recordings, facial images, or images of the iris fall under biometric characteristics.
27 The use of biometric data carries the risk that a person's behavior can be tracked and a comprehensive profile created, or that it may allow conclusions to be drawn about particularly sensitive personal data in accordance with Art. 3 lit. c aDSG. In addition, biometric data is permanently compromised if misused, for example through identity fraud. Accordingly, even before the revision and explicit inclusion in the catalog of particularly sensitive personal data, biometric data could already be considered particularly sensitive data within the meaning of the aDSG.
28 Not all biometric data is considered particularly sensitive personal data. In order for biometric data to fall under Art. 5 lit. c no. 4 FADP, it must be collected using a special technical procedure that allows the unique identification or authentication of a person. For this reason, according to the message, ordinary photographs of a person, faces, or simple body parts are not covered. Unless they have been processed using a special technical procedure that allows for unambiguous personal identification (e.g., facial recognition software). Jacot-Guillarmod points out that modern facial recognition programs can generate a “biometric template” from ordinary photos that can be used to recognize the person depicted. She raises the question of whether it makes sense to protect such a biometric template as sensitive data without at the same time extending the protection to the photos from which the template was obtained.
VII. Data on administrative and criminal proceedings or sanctions (no. 5)
29 Data on administrative and criminal proceedings or sanctions also remain classified as particularly sensitive personal data under Art. 5 lit. c no. 5 FADP. In addition to the proceedings and sanctions expressly mentioned in the text of the law, disciplinary proceedings, driving license revocations, and penal measures also fall under this provision. However, information about the initiation, implementation, and conclusion of prosecutions and revocations of permits, etc., as well as the corresponding enforcement measures, also fall under Art. 5 lit. c. No. 5 FADP.
30 In order for data to be considered particularly sensitive personal data, it must relate to sovereign prosecutions or sanctions. It is irrelevant whether the sanctions or prosecutions are carried out by Swiss or foreign authorities.
VIII. Data on social assistance measures (no. 6)
31 Particularly sensitive personal data pursuant to Art. 5 lit. c no. 6 FADP includes data on social assistance measures. According to the message on Art. 3 lit. c aDSG, this includes “social insurance benefits in connection with illness and accident, as well as guardianship and welfare measures.” Primarily, social insurance benefits are covered insofar as they allow conclusions to be drawn about the state of health (cf. Art. 5 lit. c no. 2 FADP). Social assistance measures pursuant to Art. 5 lit. c no. 6 FADP also include, among other things, information on the use of social services, unemployment insurance, and information on individual social assistance benefits, welfare measures or child and adult protection measures, protective custody, and other means-tested social benefits (health insurance premium reductions, rent subsidies, supplementary benefits to AHV/IV, etc.).
32 A majority of the National Council's Political Institutions Committee wanted to remove social assistance measures from the list of particularly sensitive personal data, which would have weakened data protection in this area, but without creating a difference to ER-Konv-108+ or Directive (EU) 2016/680. The motion was rejected by a two-thirds majority in the National Council.
Bibliography
Baeriswyl Bruno, Vorbemerkungen zu Art. 5-13, in: Baeriswyl Bruno/Pärli Kurt/ Blonski Dominika (Hrsg.), Handkommentar zum Datenschutzgesetz (DSG), 2. Aufl., Bern 2023.
Blechta Gabor, Kommentierung zu Art. 3, in: Maurer-Lambrou Urs/Blechta Gabor P. (Hrsg.), Basler Kommentar Datenschutzgesetz. Öffentlichkeitsgesetz. 3. Aufl., Basel 2014 (zit. BSK-Blechta, Art. 3 aDSG).
Blechta Gabor P./Dal Molin Luca/Wesiak-Schmidt Kirsten, Kommentierung zu Art. 5, in: Blechta Gabor P./Vasella David (Hrsg.), Basler Kommentar Datenschutzgesetz. Öffentlichkeitsgesetz. 4. Aufl., Basel, 2024 (zit. BSK-Blechta/Dal Molin/Wesiak-Schmidt, Art. 5 DSG).
Epiney Astrid/Nüesch Daniela/Rovelli Sophia, Datenschutzrecht in der Schweiz, Eine Einführung in das Datenschutzgesetz des Bundes, mit besonderem Akzent auf den für Bundesorgane relevanten Vorgaben, Bern 2023.
Glass Philip, Kommentierung zu Art. 5 lit. c, in: Bieri Adrian/Powell Julian (Hrsg.), DSG Kommentar, Kommentar zum Schweizerischen Datenschutzrecht mit weiteren Erlassen, Zürich 2023 (zit. OFK-Glass, Art. 5 DSG).
Jacot-Guillarmod Emilie, Kommentierung zu Art. 5 DSG, in: Benhamou Yaniv/Cottier Bertil (Hrsg.), LPD, Loi fédérale sur la protection des données, Petit Commentaire, Basel 2023 (zit. PC-Jacot-Guillarmod, Art. 5 DSG).
Jöhri Yvonne, Kommentierung zu Art. 3 lit. c, in: Rosenthal David/Jöhri Yvonne (Hrsg.), Handkommentar zum Datenschutzgesetz sowie weiteren, ausgewählten Bestimmungen, Zürich/Basel/Genf 2008.
Mathys Roland, Was bedeutet Big Data für die Qualifikation als besonders schützenswerte Personendaten? Das Beispiel der Gesundheitsdaten, Jusletter IT, 21.5.2015, https://jusletter-it.weblaw.ch/issues/2015/21-Mai-2015/was-bedeutet-big-dat_b0807c5f47.html__ONCE, besucht am 18.8.2025.
Meier Philippe, Protection des données. Fondements, principes généraux et droit privé, Bern 2010.
Meier Philippe/Tschumy Nicolas, Kommentierung zu Art. 5 DSG, in: Meier Philippe/Métille Sylvain (Hrsg.), Commentaire Romand, Loi fédérale sur la protection des données, Basel 2023 (zit. CR-Meier/Tschumy, Art. 5 DSG).
Rudin Beat, Kommentierung zu Art. 4, in: Rudin Beat/Baeriswyl Bruno (Hrsg.), Praxiskommentar zum Informations- und Datenschutzgesetz des Kantons Basel-Stadt, Zürich/Basel/Genf 2014.
Rudin Beat, Kommentierung zu Art. 5, in: Baeriswyl Bruno/Pärli Kurt/ Blonski Dominika (Hrsg.), Handkommentar zum Datenschutzgesetz (DSG), 2. Aufl., Bern 2023 (zit. SHK-Rudin, Art. 5 DSG).
Rudin Beat, Kommentierung zu Art. 35 in: Rütsche Bernhard (Hrsg.), Handkommentar zum Humanforschungsgesetz (HFG), Bern 2015.
Rudin Beat, Kommentierung zu Art. 4, in: Baeriswyl Bruno/Rudin Beat (Hrsg.), Praxiskommentar zum Informations- und Datenschutzgesetz des Kantons Zürich (IDG), Zürich/Basel/Genf 2012.
Simitis Spiros, «Sensitive Daten»: zur Geschichte und Wirkung einer Fiktion, in: Brem/Druey/Kramer/Schwander (Hrsg.), FS Mario M. Pedrazzini, Bern 1990, S. 469-494.
Sprecher Franziska, Regulierung von Gesundheitsdaten und Gesundheitsdatenräumen, Medizinrecht 40 (2022), S. 829-838, DOI: https://doi.org/10.1007/s00350-022-6315-6 (zit. Medizinrecht).
Sprecher Franziska, Datenschutz und Big Data im Allgemeinen und im Gesundheitsrecht im Besonderen, Zeitschrift des Bernischen Juristenvereins 8 (2018), S. 482-552 (zit. ZBJV).
Vasella Daniel, Widersprüche im Datenschutzrecht, digma 2020, S. 174-179.
Vokinger Kerstin Noëlle, Gesundheitsdaten im digitalen Zeitalter, in: Jusletter 27. Januar 2020, https://jusletter.weblaw.ch/juslissues/2020/1008/gesundheitsdaten-im-_bf12b7abee.html__ONCE&login=false; DOI: 10.38023/c41ccdd8-8614-4ede-9926-a4331d4d6622.
Materials
Botschaft zum Bundesgesetz über den Datenschutz vom 23.3.1988, BBl 1988 II 413 ff., abrufbar unter https://www.fedlex.admin.ch/eli/fga/1988/2_413_421_353/de, besucht am 18.8.2025.
Botschaft zum Bundesgesetz über die Totalrevision des Bundesgesetzes über den Datenschutz und die Änderung weiterer Erlasse zum Datenschutz vom 15.9.2017, BBl 2017 6941 ff., abrufbar unter https://www.fedlex.admin.ch/eli/fga/2017/2057/de, besucht am 18.8.2025.
Botschaft zum Bundesgesetz über die Forschung am Menschen vom 21.10.2009, BBl 2009 8045 ff., https://www.fedlex.admin.ch/eli/fga/2009/1423/de, besucht am 18.8.2025.