Switzerland: Data Protection Officers Impose Broad Cloud Ban for Authorities
13 days ago
- #Cloud Computing
- #Data Protection
- #Switzerland
- Swiss data protection officers impose broad restrictions on the use of international cloud services like AWS, Google, and Microsoft for federal authorities.
- The resolution effectively bans the use of these services as SaaS solutions when handling sensitive or legally confidential personal data.
- Authorities may only use applications like Microsoft 365 for online storage under limited conditions.
- The main concerns include insufficient encryption, loss of control over data, and the inability to verify compliance with data protection obligations.
- The US Cloud Act is a significant concern, as it can compel providers to hand over data stored in Swiss data centers to US authorities.
- Most authority data is subject to confidentiality, and meaningful use of cloud services with continuous encryption is challenging.
- Previous declarations against Microsoft 365 had little impact, raising questions about enforcement of the new resolution.