Digital Policy Alert logo

Switzerland: Postponed entry into force of revised Federal Data Protection Act

Policy overview

Description

Postponed entry into force of revised Federal Data Protection Act

The Federal Department of Justice has issued a note regarding the entry into force of the revised Federal Data Protection Act, stating that it will enter into force on 1 September 2023. The Federal Council must still confirm the implementation, whic…

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2017-09-15
under deliberation

The Act to revise the Federal Data Protection Act (DPA) is introduced in the Swiss Parliament. Firs…

2020-09-25
adopted

The Act to revise the Federal Data Protection Act (DPA) is adopted by the Swiss Parliament. The ent…

2022-03-03
adopted

The Federal Department of Justice has issued a note regarding the entry into force of the revised F…

2022-08-31
in grace period

On 31 August 2022, the Federal Council of Switzerland issued a notice announcing the revised Federa…

2023-09-01
in force

On 1 September 2023, the revised Federal Data Protection Act is envisioned to enter into force. The…

Key regulatory dimensions

Regulated subjects

The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type Any
Economic activity cross-cutting
Category All

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): data collection
Regulatory tool
Risk or other impact assessment requirement
User right to portability of personal data
User right to rectification of personal data
User right to access personal data
User right to deletion of personal data
Regulator disclosure requirement
Responsive security requirement
Sanctions
Fine
Regulated subjects
1
personal data (all forms): data processing
Regulatory tool
Risk or other impact assessment requirement
User right to portability of personal data
User right to rectification of personal data
User right to access personal data
User right to deletion of personal data
Regulator disclosure requirement
Responsive security requirement
Sanctions
Fine
Regulated subjects
1
personal data (all forms): storage (any form)
Regulatory tool
Risk or other impact assessment requirement
User right to portability of personal data
User right to rectification of personal data
User right to access personal data
User right to deletion of personal data
Regulator disclosure requirement
Responsive security requirement
Sanctions
Fine
Regulated subjects
1
algorithm (any type): operate
Regulatory tool
Purpose/processing limitation
User notification requirement
Sanctions
Fine
Regulated subjects
1
personal data (all forms): transfer: cross-border
Regulatory tool
Adequacy decision requirement
Sanctions
Fine
Regulated subjects
1

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.

personal data (all forms): data collection

personal data (all forms): data processing

personal data (all forms): storage (any form)

algorithm (any type): operate

personal data (all forms): transfer: cross-border