II. Surveillance policies
National security, government surveillance and law enforcement
The Swiss police system is traditionally strongly organised by the 26 cantons. Every canton has its own police force. However, in the last few years there have been substantial efforts to build up a central "Federal Police" corps (Fedpol), based in Berne.1 Fedpol has mainly investigative duties. For this purpose, a Federal Criminal Police has been built up since 1994.2 Other duties include the "prevention" of crimes. Fedpol publishes an annual report on "national security."3 Most of the expansion of Fedpol has been done in order to "fight against organised crime and terrorism."
Although the cooperation has been extended in various fields, there have been some tensions between Fedpol and cantonal police forces, and also inside governmental agencies. Therefore, the Controlling Commission of the Swiss Parliament (Geschäftsprüfungsdelegation, GPDel) demanded more efficient coordination of the different intelligence agencies of the Swiss Army and the Federal Police.4 With Effect from 1 January 2010, the military and domestic intelligence services are both located in the military department. Fedpol is no longer responsible for this matter.
Legally, the activities of the Fedpol are mainly based on the Bundesgesetz über Massnahmen zur Wahrung der inneren Sicherheit (BWIS).5 This law was enacted on 1 July 1998 following a scandal in the autumn of 1989, when members of a parliamentary investigative commission (the Parlamentarische Untersuchungskommission, or PUK) discovered huge databases of citizens in the premises of the Federal Police (the political police) and the Federal Prosecutor (Bundesanwaltschaft).6
Wiretapping, access to, and interception of communications
Whereas until 2003 interception was possible in all investigations relating to crimes and offences (crimes for which a prison sentence can be issued), the Federal Law on the Surveillance of Mail and Telecommunications (BÃœPF)7 prohibits any preventive interception and provides, for the first time, for a catalogue of offences. In the case of investigations of crimes and offences described in the catalogue, the department of public prosecution, with permission from the Zwangsmassnahmerichter, can order providers to hand over the archived data.8 The same catalogue is relevant for real-time interception cases. In this case, a judge can compel a provider to install a direct connection of all telecommunications to a specialised agency Le Service des TÃ¢ches Spéciales the STS.9 In March 2003, the catalogue of criminal offences allowing interception was extended, introducing provisions against the "financing of terrorism."10
On 21 October 2003, the Federal Court decided in a unanimous vote that, in the case of wiretapping, the Federal Prosecutor has the duty to inform the persons observed after surveillance has been carried out, including information about the reasons of the monitoring.11
National security legislation
After 11 September 2001, the Bundesrat (Government) ordered a report on security deficits in Switzerland.12 Following this report, the Justice Department has been assigned to prepare a revision of BWIS by the Bundesrat on 20 October 2004.
In July 2005, an internal consultation procedure was held with a first draft. One of the addressees was the Federal Data Protection and Information Commissioner.13 The first draft has been rejected after the internal consultation procedure. A second draft was published on 31 January 2006, and a public consultation procedure was held.14 The result of the public consultation procedure was very negative.
In April 2007, at the end of a year-long consultation process, the Bundesrat announced its intention to move ahead with a proposal to allow the Swiss secret services to be able to carry out communications surveillance -- correspondence, telephone, and email -- and observe private areas such as hotel rooms, if necessary by installing bugging devices. Proponents stated that the interception amendment would only concern cases that dealt with terrorism, weapons of mass destruction and spying. They would only be taken as a last resort and their legality checked beforehand. Critics from both the left and the right parties voiced concerns with the proposal, and the Data Protection Commissioner stated that the proposed changes are "dangerous because eavesdropping on citizens within their private sphere could take place without any criminal allegations."15 The revision will allow to spy inside private apartments or to tap telecommunications, even without the specific suspicion of a crime. Further, the discussed revision should include the possibility to operate secret "undercover agents" (verdeckte Ermittler), even for the means of "prevention," that is, in cases where no specific crime is under investigation.16 The majority of the Parliament accepted the governmental proposal, arguing that this would have been "a necessary tool against organised crime," like terrorism and money laundering.
On 28 April 2009, the revision of BWIS, formally presented to the Parliament on 15 June 2007, was rejected by the Parliament.17 However, the Bundesrat had already announced a further attempt at the revision. Officially, the events of 11 September 2001 was the reason for the BWIS revision, but the directors of the Federal Police and Intelligence forces demanded more power much earlier than this.
On the legal basis of the BWIS, the government decreed a regulation which compels all institutions "executing an official duty" to report any suspicion of "terrorist activity" to the federal police.18 These institutions include universities, hospitals, and train carriers. The regulation was first released on 1 November 2001, in the aftermath of the attacks of 11 September 2001, to sunset after one year. It was extended for another year, and in November 2003 was extended for two more years.19 The regulation is now valid until 31 December 2011.20
Since 1 January 2005, the police have been allowed to operate as undercover special agents. The law dealing with undercover agents passed Parliament on 20 June 2003 and has been in force since 1 January 2005.21 All investigations under this law require advance approval from a judge. Approval is only granted, if specific suspicion of a crime is proven by police. Undercover investigation is only applicable to severe crimes.22 From 1 January 2011, the judge for approval of undercover investigation (as well as post-telephone-Internet surveillance and investigative custody) will be the Zwangsmassnahmerichter in all cantons due to the new Criminal Procedure Code.23
In preparation for the European Football Championship (TM) of 2008 in Switzerland and Austria, the new anti-hooliganism law came into force on 1 January 2007. With a sunset at the end of 2009, it introduced stadium bans, a national hooligan database, travel restrictions for known troublemakers, and increased police powers.24 However, critics feared that the term "hooliganism" would not be restricted to football fans, since the law covers all kinds of "large public events", including political demonstrations. The National Swiss Security Strategy for EURO 2008 discussed a number of "risk situations" associated with the event, from terrorism to human trafficking and forced prostitution.25 On 1 January 2010, the Konkordat über Massnahmen gegen Gewalt anlässlich von Sportveranstaltungen (Agreement on Measures against Violence linked to Sport Events) came into force. The law carries over the prior regulations against hooliganism.26
Swiss telecom providers have to keep a log for six months of all communications traffic data to comply with the Federal Law on the Surveillance of Mail and Telecommunications (BÃœPF).27 This law requires that the respective telephone companies constantly track phones and store the data collected.28
In a March 2004 revision of the Penal Code (Strafgesetzbuch), commercial companies are allowed to keep logs of phone conversations with their clients, even without their consent, for the purpose of securing evidence. However, they are not allowed to analyse this data for marketing purposes, or to give this data to third parties.29
On 19 May 2010 the Bundesrat started a consultation procedure for a revision of the BÃœPF.30 Telephone and Internet data must be stored for 12 instead of six months, Internet hosting providers must keep logs for 12 months, and police will be allowed to install Trojan horses and worms on private computers to gain passwords and monitor encrypted traffic like PGP (email encryption) or Skype (Internet telephony). Furthermore, Internet service providers must be able to assign every transaction to a specific person and the provider of an Internet cafe or a hotel must be able to distinguish between different guests. The consultation ends on 18 August 2010, but there is already significant opposition. As seen in the BWIS case, the Bundesrat will forward this revision to the Parliament anyway, but on current indications most probably the bill will not pass.
National databases for law enforcement and security purposes
The former Federal Police, now called the Service for Analysis and Prevention, is part of the Federal Office for Police Matters, which also includes the Federal Criminal Police. It hosts two databanks, ISIS, the Information System for Internal Security, which replaced the old paper files of the federal police, and JANUS.31 In April 2004, ISIS contained files on 60,477 persons who are considered terrorists, violent extremists or possible spies.32 Files are opened on "preventive" grounds, which means that no criminal investigation is required. However, data resulting from criminal investigations, and thus also from telephone surveillance, can be maintained for preventive purposes, even if the person is acquitted before a court.
After the disclosure of the registration with ISIS of some local parliament members in Basel, as well as reporters and a newspaper, the Committee for Inspection of Special Affaires (Geschäftsprüfungsdelegation or GPDel) started an investigation of ISIS in 2008. In its report released on 21 June 2010, the GPDel stated that 200,000 records are stored in ISIS. Many of the records do not comply with legal rules for storage.33
The other databank, JANUS,34 contained files of 62,500 persons in July 2001 and 83,700 in March 2004. Most of them were registered for alleged drug trafficking, since registration of consumers is not allowed. Files in JANUS can be created on the grounds of simple suspicion. In July 2001, the records on the 62,500 suspected target persons (Stammpersonen) also contained 116,500 references to third persons who are not suspected.35 More recent statistics are not publicly available.
The database GEWA of the Fedpol section on money laundering (Meldestelle Geldwäscherei) contained 10,884 persons and 4,170 companies in February 2004.36 The database for "searched people and objects" (Fahndungsdatenbank) RIPOL contained 142,625 entries for persons in January 2004, most of them being searched for minor offences.37 In February 2004, the main Fedpol register IPAS (Personen- und Aktennachweissystem or People and File Identification System) contained entries on 641,446 persons.38 IPAS is organised as an index to other databases, including the database of fingerprints AFIS and of genetic profiles EDNA (see below).39
On 31 December 2009 32,343 sets of two fingerprints and 726,347 sets of ten fingerprints as well as 52,069 unidentified samples from crime locations were stored in AFIS.40 At the same time 115,000 DNA-profiles were stored.
A draft for a new law on federal information systems for police was published in 2009.41 The different data bases for police matters should be linked to a new "police index". The Parliament will discuss this bill in late 2010 or early 2011. There is substantial opposition to the new law.
Finally, the police forces also demanded access to ONYX, the Swiss military satellite telecom interception system similar to ECHELON (see above).
National and international data disclosure agreements
There are several bilateral agreements on police cooperation between Switzerland and many other nations in Europe, which expand the types of collaboration among law enforcement authorities. The Swiss Federal Police is, in this regard, exchanging information and data with other countries.42 Concrete collaboration has been tested in the case of international political and economic meetings, like the G8 meeting in Geneva in June 2003 and the World Economic Forum meeting in Davos in January 2004. In January 2005, the Swiss government published an agreement on the collaboration with Europol, signed in September 2004. The agreement allows both parties to establish "exchange officers".43
Thousands of French and German police supported Swiss police during EURO '08 in June 2008.
Banking records are protected by the Swiss Federal Banking Act of 1934. This act was passed to guarantee strong protections for the privacy and confidentiality of bank customers. However, Switzerland has come under increasing pressure from the European Union and the Organisation for Economic Cooperation and Development (OECD) to weaken these laws and provide greater access to bank records for the purposes of tax collection. In reality, banking data have been transmitted illegally to the US in at least one case described at the end of this section.
On 17 June 2010, the Swiss Parliament approved a US-Swiss Government Agreement, which allows the Swiss Tax Administration to hand over data relating to approximately 4,450 accounts to the US Internal Revenue Service (IRS). This agreement followed a lawsuit concerning Swiss-based cross-border banking services for US private clients by UBS.44 On 15 July 2010, the Court for Federal Administration (Bundesverwaltungsgericht) rejected a complaint of a private person against a handover of data to the US IRS.45
Switzerland is not a member of the EU, but has some special agreements with the EU. Some of these bilateral agreements were signed in 2000 and 2001. In May 2004, the government decided to sign another set of agreements ("Bilaterale II").46 These contracts were approved by referenda, and Switzerland ratified the Schengen and Dublin Conventions on 5 June 2005.47 Further, some EU regulations must be implemented "automatically" in the Swiss legal order, like the regulation for passports described below.
The Schengen Convention establishes close cooperation among police forces, in order to combat international "criminal tourism" (Kriminaltourismus). The core subject of this agreement is the Schengen Information System (SIS), a pan-European database that records personal information on people who have been arrested, migrants, and missing objects48 (Fahndungsdatenbank) by the national police forces. In the summer of 2007, SIS consisted of 17 million entries. On 1 January 2010, SIS contained 31,618,951 records.49
A second generation database, SIS II has been established in 2006/2007 but it is still not operational.50 The SIS database is not only a tool against crime, but also a tool for enforcement of immigration conditions. By joining the Schengen acquis, Swiss police officers have full online access to the SIS database. The Swiss Department of Justice and Police (EJPD) calls the SIS "a revolutionary step for police work". Other parts of the Schengen Convention cover cross-border observation by national police forces and the exchange of police officers.
Data of wanted persons are transferred to SIS by the Swiss "Sirene" bureau. In 2009, Swiss police performed 183,000 queries daily in SIS, resulting in 24 hits a day. The reason for the enormous number of queries in SIS is a link from RIPOL to SIS. Every query to RIPOL is automatically passed to SIS.51
The Dublin Convention, created in 1990, establishes a European cooperation agreement to process applications from asylum seekers. Switzerland is now allowed to access "Eurodac," the pan-European database of fingerprints of asylum seekers and migrants.52 According to the Dublin Convention, asylum requests are checked only by one EU member state whose decision becomes binding for all other member states.
In order to "fight cybercrime" a specific task force was established in 2003, the Coordination Unit for Cybercrime Control (CYCOS).53 CYCOS was a cooperating project between the Confederation and most of the Swiss Cantons. In 2005, the Canton of Zurich decided to participate as well. According to a newspaper report, CYCOS received about 6,500 hints from the public, most of them regarding child pornography and child abuse. During 2005, CYCOS forwarded 272 cases to the competent cantonal attorneys.54 CYCOS has been terminated, and Fedpol is now responsible for cybercrime.55
In December 2004, the Swiss government opened the consultation process on a revision of the Penal Code (Strafgesetzbuch, StGB),56 which consists mainly of regulating the criminal liability of Internet providers, stating: content providers should be fully liable for documents which are prohibited by law; hosting providers should not be liable at all; while access providers should be liable only if they participate actively in offering such documents. A second consultation process has been opened on a bill aiming at centralising the investigation of cybercrime cases at the Federal Police.57
On 1 July 2008, some minor changes in the Federal law on Copyright and Related Rights came in force.58 Private download of music and movie files is still allowed. A revision of the Penal Code concerning hacking of computers is currently under way. The handover of data gained from telephone and Internet surveillance to foreign authorities should become possible in a very early stage of investigation with the same revision.59
No specific information has been provided under this section.
More and more public transport companies are introducing CCTV in their vehicles. After a pilot test in 2002 and 2003, the Swiss Federal Railway company (SBB, now a private company, but still owned by the state) announced a large project to install surveillance cameras in trains.60 Until 2003, such surveillance was not allowed by law, neither was the operation of CCTV systems in train stations. In December 2003, a regulation was subsequently introduced, allowing the SBB to operate CCTV systems in train stations and inside trains.61
The city police of Zurich bought a new mobile camera system with capabilities for automatic car plate recognition(AFNES) to be operated in Zurich. It will be able to identify car plates and compare the results with the national database RIPOL. Since 12 December 2008, all queries to RIPOL trigger a query in the European database SIS automatically. With effect from 1 October 2008, the guidelines for speed measurement by police have been extended to allow average speed measuring (Abschnittsgeschwindigkeitskontrolle).62 A system with a set of two cameras installed along a fixed route records all front number plates using automatic number plate recognition and calculates the average speed of each vehicle. A first test system will start operation in September 2010; a second will follow later in the year.63 This pilot project is supervised by the Data Protection Authority, and no data may be used for any other purpose than speed measurement and fining of speeding drivers.
The growth of video surveillance in Switzerland is helped by the cameras getting smaller, cheaper and more sophisticated. This is especially true for the systems operated by private entities, such as shopkeepers or house owners. Also, more sport stadiums are installing CCTV cameras. However, opposition to camera surveillance is growing as well. The committee of the Swiss "Big Brother Awards" has organised several "excursions" on the subject of surveillance cameras in Zurich and released a map with camera locations in a city district of Zurich, as well as in the Zurich Main Train Station.64 The Federal Data Protection Commissioner published a leaflet explaining the legal conditions for private individuals to operate video surveillance cameras.65
The Swiss Air Force started operating Unmanned Aerial Vehicles (Drohnen, UAV) of the type "ADS 95 Ranger." They are produced in Switzerland by the company RUAG in Emmen (Lucerne), in collaboration with Israeli companies. On 6 January 2004, on a test flight, a military UAV observed a civilian car driving into a forest near Lucerne. The operators informed the local police patrol, who apprehended the car's passengers for smoking marijuana.66 According to a media report, the Swiss Air Force is operating one to four UAV test flights every day. The images of the cameras are recorded and stored for up to six months. During the 2008 European Football Championship, drones were used for traffic and crowd control. No attempts at face or car plate recognition were made.67 In total, 37 operations over 100 hours were performed in Basel, Bern, and Zürich. There were some complaints due to noise.68
In honour of this privacy invasion, the Air Force received one of four Swiss "Big Brother Awards 2004".69 On Easter Holiday 2005, the Army offered their UAVs to cantonal police forces in order to observe north-south traffic on the Gotthard route. For the celebration of International Worker's Day on 1 May 2004, the Zurich police asked the Air Force about using UAVs to observe the rally in Zurich from the air. These examples show strengthened collaboration between military and police forces.
For many years there has been no formal legal basis governing the use of army reconnaissance drones by the border police. At the request of the Commissioner, the Federal Council finally agreed to remedy this legal shortcoming and to also regulate the use of surveillance equipment for civilian purposes. The Commissioner has pointed out that the legal rules covering military information instruments need to be highly specific, and should cover not just the actual surveillance devices, but also the type and purpose of the surveillance.70 Since 1 January 2010 the Federal Law on Military Information Systems (Bundesgesetz über die militärischen Informationssysteme ar MIG) is in force. Its article 180 is the legal basis for drones.71
Location privacy (GPS, mobile phones, location based services, etc.)
No specific information has been provided under this section.
Travel privacy (travel identification documents, biometrics, etc.) and border surveillance
The identity card is machine-readable, as is the new passport, which became effective on 1 January 2003. On 15 September 2004, the Swiss government decided that the next edition of Swiss passports should include a chip with biometric data. The decision was based on a feasibility study by the Federal Police "Fedpol," commissioned in September 2003. This should allow Swiss citizens to fulfil the requests introduced by the US government after 11 September 2001 requiring that every visitor without a visa be able to present a passport with a biometric identity tag.72 In April 2005, the Swiss government declared that such a passport would not be available until September 2006 or later, due to the coordination of similar efforts of the European Union (EU).73 In September 2006 Switzerland issued its first biometric passports as part of a five-year pilot project. However, during the pilot phase, facial images were the only biometric data stored on the passports.74 The FDPIC reviewed and commented on draft revisions to the identity documents law and decree and was very critical of the plan to store biometric data in a central database.
This project has been terminated due to the new passport 2010. However, passports issued during the duration of this project remain valid.75
Since 1 March 2010, all new Swiss passports contain two fingerprints of the holder on their chips. This change was made in accordance with the Council Regulation (EC) No. 2252/2004 of 13 December 2004 on Standards for Security Features and Biometrics in Passports and Travel Documents issued by Member States. Additionally, fingerprints are stored in a central database located at the federal police (Fedpol) office in Bern. The whole electronic data transfer must be encrypted. Data of fingerprints are available for federal and cantonal police for identification of persons only. However, no biometric data are transferred from the database. A Boolean number (true or false) is sent after a query with passport number and fingerprints has been performed.76
Documents for foreigners with residency in Switzerland (Ausländerausweis) will contain data chips with fingerprints from 1 January 2011.77
The Schengen Agreement78 aims at creating a pan-European Security Zone, thus shifting the borders between European nations to the external borders of Europe. Inside Europe, people would be able to travel without the traditional border police control, while travellers from and to Europe would face strengthened border controls. However, the national police forces will be allowed to execute "mobile controls" in the 30km range along the borders, as well as in train stations, inside of trains, and at airports. The Schengen Agreement came in force on 12 December 2008. Even if the federal border police (Grenzwachtkorps) are allowed to perform "mobile controls", Swiss citizens are not obliged to carry a ID card.79
National ID and smart cards
In May 2004, the National Council began to debate the revision of the Law on Foreigners.80 The larger chamber of the Federal Parliament decided to include biometric data in foreigners' identity documents. The law would also provide a definite legal basis for the Central Register of Foreigners, which now holds data on about 4.5 million persons. In order to avoid so-called "faked marriages" (Scheinehen), the law provides that marriage officers (Zivilstandsbeamte) would be allowed to investigate the "honesty" of bi-national marriages. In June 2004, the National Council passed the law, despite strong opposition in the parliamentary commission concerned. The second chamber (Ständerat) discussed the bill in March 2005 and introduced even more severe restrictions for foreigners.81 The bill now goes back to the National Council. On 24 September 2006, the new law passed a referendum; it has been in force since 1 January 2008.82
According to a vote of the National Council in 2008, Switzerland's national identity card will be similar to biometric passports and introduced by 2010; the ID cards will include an electronically encoded photo and fingerprints on a chip. They will be in the "credit card" format already used for Swiss ID documents. They are to be provided at "family-friendly" prices.83
Sports facilities in Switzerland have begun using biometric access control systems. The FDPIC has conducted inspections of the systems and asked that biometric data, in this case digital fingerprints, be stored on the individual membership cards and not in a central database. At the Commissioner's request, the sports facilities inspected agreed to provide customers who refuse the registration of their biometric data with alternative solutions at the same price.84
No specific information has been provided under this section.
At the Zurich "Unique" airport, the cantonal Police of Zurich tested a pilot system for automatic face recognition between February and June 2003. Officially, the Face Recognition system (Farec) mainly aims at recognising people trying to immigrate without identity documents. This is the first test worldwide of face recognition in the context of boarder controls. During the test phase, 1,003 passengers from 277 flights were registered by Farec. In 81 cases, a search in the database followed, with ten hits and 17 misses. In December 2004, the Zurich Cantonal Government (Regierungsrat) provided a legal regulation (decree, Verordnung), extending the test phase until the end of 2006.85 Although quite sceptical about the usefulness of the system, the data protection officer of the canton Zurich accepted the decree.86
In November 2005, a pilot project using facial recognition for security during sport events started in Berne. One hundred season ticket holders at the local ice-hockey club were registered with a photograph on a voluntary basis. Cameras at the entrance and in the stadium were tested. The company responsible dubbed this pilot project a success, but there were no further projects.87
On 27 August 2008, the "round table against violence in sport" (Runder Tisch zur Gewaltbekämpfung im Sport) proposed to use facial recognition in train stations and stadiums. A project with one dedicated system was planned for 2009. Tests with biometric cameras were expected in all football stadiums of the highest league. However, there have been no tests so far. The new regulation for measures and data systems of Fedpol, in force since 1 January 2010, allows the handover of photographs from the hooligan database HOOGAN to the private security forces of sport events for their use in automatic face recognition.88
- 1. See http://www.fedpol.ch, with an impressive organization chart (displayed in German), at http://www.fedpol.admin.ch/content/dam/data/fedpol/visio-fedpol-ab_01012....
- 2. Bundesgesetz über kriminalpolizeiliche Zentralstellen des Bundes vom 7. Oktober 1994 (ZentG, SR 360) available at http://www.admin.ch/ch/d/sr/c360.html.
- 3. "Bericht Innere Sicherheit der Schweiz" ("Swiss Domestic Security Report"), Annual Reports from 1999 untill 2008 available at http://www.fedpol.admin.ch/content/fedpol/de/home/dokumentation/berichte.... The reports are edited by the Fedpol section "Service for Analysis and Prevention," ("Dienst für Analyse und Prävention", DAP), which is the political Swiss "preventive State Security Police," part of the Swiss Federal Police, ex-BUPO, "Bundespolizei".
- 4. See, e.g.,"Für Parlamentarier gar nicht 'hervorragend'" ("For Parliamentarians Not 'Excellent'") NZZ, 22 November 2004, at 13.
- 5. Bundesgesetz über Massnahmen zur Wahrung der inneren Sicherheit (Law Concerning Measures to Support Domestic Security), vom 21 März 1997 (BWIS, SR 120), available at http://www.admin.ch/ch/d/sr/c120.html.
- 6. The commission found about 900,000 folders, called "Fichen" (hence "Fichenskandal"), on persons, most of whom were not suspected of having committed any offence. Most of the folders had to be destroyed. At this time, there was no legal basis for the collection of these folders. In 1991, a citizens' committee launched a popular initiative to abolish the political police. Surveillance should only be possible on the grounds of a criminal investigation. The vote on the initiative was postponed by the government for years. In June 1998, nine years after the scandal 75 percent of the voters said no to the initiative. The federal government had saved its political police, which since the beginning of the nineties had been completely modernised and, by 1 July 1998, received for the first time a legal basis with the Law on Measures for Maintaining Internal Security (BWIS).
- 7. Bundesgesetz zur Ãœberwachung des Post- und Fernmeldeverkehrs (BÃœPF, SR 780,1) (Law on Surveillance of Post and Telephone Services (including Internet), available at http://www.admin.ch/ch/d/sr/c780_1.html (in French, Loi fédérale sur la surveillance de la correspondance postale et des télécommunications, available at www.admin.ch/ch/f/rs/c780_1.html) and its implementing decree, Verordnung vom 31. Oktober 2001 über die Ãœberwachung des Post- und Fernmeldeverkehrs (VÃœPF, SR 780,11), available at http://www.admin.ch/ch/d/sr/c780_11.html (in French, Ordonnance du 31 octobre 2001 sur la surveillance de la correspondance par poste et télécommunication (OSCPT), RS 780,11 from 31 October 2001, available at www.admin.ch/ch/f/rs/c780_11.html).
- 8. Cfr. Section "Data retention," infra.
- 9. However, this does not include communication by way of ADSL, WLAN, voice-over-IP, MMS and SMS-over-GPRS, see the article "Taube Lauscher", facts 7 October 2007, at 26. While at the beginning of the 1990s about 500 interception orders were issued annually, the number has continuously increased to about 2,000 orders since 1996 (2,138 cases). (Conseil National, Heures de Questions: Session d'hiver 1999, Réponse du Conseil fédéral concernant les écoutes téléphoniques (Answer by the Federal Council, 20 December 1999), available at http://web.archive.org/web/20041107021645/http://www.parlament.ch/afs/da...)To these orders, another 2,000 cases of disclosure of traffic data have to be added. Furthermore, Swiss authorities ordered 2.430 telephone taps in 2000 compared with 2,046 the previous year. More than a third of them were ordered in connection with a suspected breach in drugs law, an 18 percent increase ("Phone Tapping on the Increase," 23 July 2003, available at http://web.archive.org/web/20050112094046/http://www.swissinfo.org/sen/S...). In 2002, lawful interception concerned 6.646 telephones, two thirds of the mobile phones, that is 1.551 more than in 2001. Almost 3,000 real-time observations were established in 2002. The tariff for lawful interceptions according to BÃœPF has been changed for 1 April 2004. For Internet Service Providers, there are only two tariffs since then. One is for requests of past data from log files and it is CHF538 flat (IP address, login number, email log). The other one is CHF1,326 flat for real-time transmission of email messages. Since it is always a flat rate no matter how long the interception (or logs, up to six months) is, some suspect that law enforcement will always opt for the maximum period just in case. Statistics for the years 1998-2003 are available at http://www.uvek.admin.ch/kommunikation/dba/unterseite2/index.html?lang=de. In regards to the Internet traffic, the newspaper Sonntagszeitung calculated a projection of about 3,000 ex-post requests per year (Michael Soukup: "Sorgen mit dem Datenhunger", Sonntagszeitung 30,01,2005, at 102.)
- 10. See http://www.admin.ch/ch/d/as/2003/3043.pdf.
- 11. Federal Court, BGE 8G,109/2003 of 21 October 2003.. There have been numerous public revelations of illegal wiretapping. A 1993 inquiry found that phones used by journalists and ministers in the Swiss Parliament were tapped (Statewatch bulletin, Volume 3, Number 1, January-February 1993). The Data Protection Commissioner also accused Swisscom (Telecom PTT at that time), the state telephone company, of illegally wiretapping telephones. In February 1998, an agent for Israel's Mossad Secret Service was arrested by the Swiss authorities for attempting to tap the phone of a Lebanese immigrant whom he believed had links to the Hezbollah. On 7 July 2000 the Swiss court handed down a one-year sentence to be suspended for two years ("Swiss Court Hands Mossad Spy a Suspended One-year Sentence," Associated Press, 10 July 2000). See also the section "National security legislation", infra.
- 12. Lage - und Gefährdungsanalyse Schweiz nach den Terroranschlägen vom 11.September 2001, Bericht des Bundesrates an das Parlament vom 26. Juni 2002, available at http://www.admin.ch/ch/d/ff/2003/1832.pdf.
- 13. At http://www.edoeb.admin.ch/dokumentation/00445/00509/00965/00978/index.ht....
- 14. At http://www.ejpd.admin.ch/content/dam/data/sicherheit/bwis/vorentwurf_bwi....
- 15. "Anti-terror Phone Tap Plan to Continue," SwissInfo, 4 April 2007, at http://www.swissinfo.org/eng/swissinfo.html?siteSect=881&sid=7688550.
- 16. See, e.g., Markus Steudler: "Der Staat will wieder lauschen" ("The State Plans to Be Big Eared Again"), NZZ am Sonntag, 1. Mai 2005, at 11, http://web.archive.org/web/20060511162756/http://www.nzz.ch/2005/05/01/i....
- 17. See http://www.ejpd.admin.ch/ejpd/de/home/dokumentation/mi/2007/2007-06-15.html.
- 18. Verordnung betreffend die Ausdehnung der Auskunftspflichten und des Melderechts von BehÃ¶rden, Amtsstellen und Organisationen zur Gewährleistung der inneren und äusseren Sicherheit (SR 120,1) (Regulation on the Extent of Disclosure Requirements and Reporting Laws by Public Officers, Agencies, and Organisations to ensure the Internal and External Security.
- 19. In Switzerland, citizens can demand a referendum on every law regarding domestic politics by collecting 50,000 signatures within 100 days. However, they cannot ask for a referendum in the case of a regulation (Verordnung, decree).
- 20. See http://www.admin.ch/ch/d/sr/c120_1.html.
- 21. Bundesgesetz über die verdeckte Ermittlung (Federal Law on Undercover Investigation), vom 20.Juni 2003, available at http://www.admin.ch/ch/d/as/2004/1409.pdf.
- 22. Id. and the regulation (decree) Verordnung vom 10. November 2004 über die verdeckte Ermittlung (VVE, SR 312.81), available at http://www.admin.ch/ch/d/sr/c312_81.html.
- 23. S Schweizerische trafprozessordnung, vom 5 Oktober 2007, available at http://www.irm.unibe.ch/unibe/medizin/irm/content/e7670/e7868/Eidg.StPO_....
- 24. "EURO 2008 Tickets Up For Grabs," 28 February 2007, SwissInfo, http://www.swissinfo.org/eng/front/detail/Euro_2008_tickets_up_for_grabs....
- 25. The National Swiss Strategy for EURO 2008, Public Authorities Project Organisation, March 2007, available at http://64,233,169,104/search?q=cache:OlUqnkXffB0J:www.switzerland.com/fi....
- 26. The National Swiss Security Strategy for UEFA EURO 2008, at http://www.baspo.admin.ch/internet/baspo/de/home/themen/sportanlaesse/eu....
- 27. Bundesgesetz zur Ãœberwachung des Post- und Fernmeldeverkehrs (BÃœPF, SR 780,1), supra.
- 28. Cfr. Section "Wiretapping, access to, and interception of communications", supra.
- 29. Presumably with the exception of giving away such data to investigating police forces, in case a judge ordered it. See: Ã„nderung des Art. 179 quinqies StGB, Abs. 1, Bst. b) vom 1. März 2004(AS 2004 823). Schweizerisches Strafgesetzbuch(Code pénal) vom 21.Dezember 1937 (SR 311,0), available at http://www.admin.ch/ch/d/sr/c311_0.html, with the new article 179 quinquies, http://www.admin.ch/ch/d/as/2004/823.pdf.
- 30. See http://www.ejpd.admin.ch/ejpd/de/home/dokumentation/mi/2010/2010-05-19.html.
- 31. ISIS: Verordnung über das Staatsschutz-Informations-System (ISIS-Verordnung) (Regulation for State Security Information System), vom 30.November 2001 (SR 120.3), available at http://www.admin.ch/ch/d/as/2001/3173.pdf.
- 32. Heiner Busch, "Das neue Schweizer Wettfichen" ("The New Swiss File Competition"), WOZ Die Wochenzeitung nr. 9, 3 March 2005, at 6.
- 33. "Datenbearbeitung im Staatsschutzinformationssystem ISIS Bericht der Geschäftsprüfungsdelegation der EidgenÃ¶ssischen Räte" ("Report of the Management Delegation of the Federal Assembly on Data Processing in the National Security Information System ISIS"), vom 21. Juni 2010, available at http://www.parlament.ch/d/organe-mitglieder/delegationen/geschaeftspruef....
- 34. Verordnung über das Informationssystem der Bundeskriminalpolizei (JANUS-Verordnung) vom 30. November 2001 (Stand am 22. Januar 2002)(SR 360,2), available at http://www.admin.ch/ch/d/sr/c360_2.html. JANUS is the fusion of three information systems that have been built up during the 1990s, and had been maintained separately until 1998: DOSIS, which held data on investigations in drug trafficking; ISOK, the information system on "organised crime"; and FAMP, which includes information about forged money, trafficking in human beings (prostitution), and illicit pornography.
- 35. Among them, 13,500 are so-called "contact persons"; 13,000 are telephone subscribers (with their names and addresses); and about 90,000 are telephone numbers with only fragmentary information@@ to the respective persons. See Conseil national 01-1068 -- Question ordinaire de Dardel -- Personnes enregistrées dans les systÃ¨mes de données JANUS et ISIS -- Réponse du Conseil fédéral du 5 septembre 2001.
- 36. Heiner Busch, "Das neue Schweizer Wettfichen," supra, at 6.
- 37. The acronym RIPOL stands for "le systÃ¨me de recherches informatisées de police." see Verordnung über das automatisierte Fahndungssystem(RIPOL-Verordnung, SR 172,213.61) vom 19.Juni 1995, see http://www.admin.ch/ch/d/gg/cr/1995/19950164.html.
- 38. IPAS is an acronym for "informatisiertes Personennachweis-, Aktennachweis- und Verwaltungssystem im Bundesamt für Polizei" based on the IPAS-Verordnung vom 21.November 2001 (SR 361,2), see http://www.admin.ch/ch/d/sr/c361_2.html.
- 39. Heiner Busch, "Das neue Schweizer Wettfichen", supra, at 6.
- 40. See http://www.ejpd.admin.ch/ejpd/de/home/themen/sicherheit/ref_personeniden....
- 41. Bundesgesetz über die polizeilichen Informationssysteme des Bundes, available at http://www.admin.ch/ch/d/ff/2006/5093.pdf.
- 42. E.g., in April 2002, the Swiss government signed an agreement with Europol on exchanging information as well as police agents. The government promised to submit the agreement to Parliament in a later stage.
- 43. See Botschaft, Bundesbeschluss and Abkommen (Agreement, SR 0.360.268.2) in Bundesblatt Nr. 6/2005 of 15 February 2005, at 983ff., available at http://www.admin.ch/ch/d/ff/2005/index0_6.html.
- 44. See the Government's proposal, Botschaft zur Genehmigung des Abkommens zwischen der Schweiz und den Vereinigten Staaten von Amerika über ein Amtshilfegesuch betreffend UBS AG sowie des Ã„nderungsprotokolls, vom 14. April 2010, available at http://www.admin.ch/ch/d/ff/2010/2965.pdf; the edict, Bundesbeschluss über die Genehmigung des Abkommens zwischen der Schweiz und den Vereinigten Staaten von Amerika über ein Amtshilfegesuch betreffend UBS AG sowie des Ã„nderungsprotokolls (Federal Decision on the Approval of the Agreement between Switzerland and the United States of America on the request concerning UBS AG and the Protocol of Amendment), vom 17.Juni 2010, available at http://www.admin.ch/ch/d/as/2010/2907.pdf.
- 45. See http://www.bundesverwaltungsgericht.ch/20100719_a40132010.pdf.
- 46. Botschaft zur Genehmigung der bilateralen Abkommen zwischen der Schweiz und der Europäischen Union, einschliesslich der Erlasse zur Umsetzung der Abkommen (Bilaterale II) vom 1.Oktober 2004, published in the Bundesblatt nr. 44/09 on 9 November 2004, at 5965-6564, available at http://www.admin.ch/ch/d/ff/2004/index0_44.html.
- 47. A Swiss majority of 55 percent voted to ratify the Schengen and Dublin agreements. See "Vote Takes Switzerland Closer to EU," BBC News, 5 June 2005, available at http://news.bbc.co.uk/2/hi/europe/4612281.stm.
- 48. See http://www.fact-index.com/s/sc/schengen_information_system.html. For a critical review of the SIS see e.g. the documentation of the group "Solidarité sans frontiÃ¨res" (SOSF) at http://www.sosf.ch/publikationen/intro/intro.html, as well as Heiner Busch "Lieber Pest oder Cholera?" in WOZ Die Wochenzeitung Nr. 14/2004, 1 April 2004. For information on SIS in English see .e.g. statewatch.org, "From the Schengen Information System to SIS II and the Visa Information (VIS): the Proposals Explained" (48 pages / February 2005), available at http://www.statewatch.org/news/2005/may/analysis-sisII.pdf, as well as the 12-page update of May 2005 by Statewatch.org, "SIS II fait accompli? Construction of the EU's Big Brother Database Underway - New Analysis", available at http://www.statewatch.org/news/2005/may/sisII-analysis-may05.pdf. By checking the Governmental Report (Botschaft) on the Schengen Agreement, the data protection officer of the Canton Zug found 233 hits in his quick survey. However, this does not mean that personal data is protected. The Botschaft has been published in the Bundesblatt Nr. 44/2004 (9 November 2004), pp. 5965-6564, available at http://www.admin.ch/ch/d/ff/2004/5965.pdf. For other agreements in the same context, see http://www.admin.ch/ch/d/ff/2004/index0_44.html.
- 49. See http://www.statewatch.org/news/2010/feb/eu-council-sis-stats-6162-10.pdf.
- 50. See "European Union Report" in this survey.
- 51. See http://www.fedpol.admin.ch/fedpol/de/home/dokumentation/medieninformatio... and http://www.fedpol.admin.ch/fedpol/de/home/dokumentation/medieninformatio....
- 52. See httphttp://europa.eu/legislation_summaries/justice_freedom_security/free_mov.... After a revision of the regulation Verordnung über die Bearbeitung erkennungsdienstlicher Daten by the Swiss Government on 12 May 2004, from 1 June 2004 the Swiss border police are allowed to collect fingerprints of all persons they expect to be illegally trying to immigrate to Switzerland, and to store these data in the national database called AFIS. The revision has to be regarded as preparation for joining the Eurodac database. See Verordnung über die Bearbeitung erkennungsdienstlicher Daten vom 21. November 2001 (SR 361.3), available at http://www.admin.ch/ch/d/sr/c361_3.html.
- 53. Koordinationsstelle zur Bekämpfung der Internetkriminalität, KOBIK (Coordination Unit against Cybercrime), at http://www.kobik.ch/index.php?language=en.
- 54. Niels Anner, "Erfolge der Internet-Polizei," NZZ am Sonntag, 6 February 2005.
- 55. Cfr. Fedpol Annual Report 2009, available in German at http://www.fedpol.admin.ch/content/dam/data/migr_new/sicherheit___jahres....
- 56. Swiss Penal Code, Strafgesetzbuch, SR 311.0, available in German, French, and Italian at http://www.admin.ch/ch/d/sr/311_0/index.html.
- 57. See media release by the Federal Justice Departement (EJPD): "Die Netzwerkkriminalität verstärkt bekämpfen. EJPD schickt zwei Gesetzesentwürfe in die Vernehmlassung" ("Stronger Fight against Cybercrime -- Justice Department Starts Consultation Procedure for Two Drafts of New Law"), 10 December 2004, http://www.ejpd.admin.ch/ejpd/de/home/dokumentation/mi/2004/2004-12-10.html.
- 58. Bundesgesetz über das Urheberrecht und verwandte Schutzrechte, vom 9.Oktober 1992, available at http://www.admin.ch/ch/d/sr/2/231.1.de.pdf.
- 59. See http://www.news.admin.ch/message/index.html?lang=de&msg-id=33758.
- 60. See media release http://web.archive.org/web/20040815083056/http://www.sbb.ch/gs/press/pre...überwachung.
- 61. Verordnung über die Videoüberwachung durch die Schweizerischen Bundesbahnen SBB (Videoüberwachungsverordnung SBB, VüV-SBB)SR 742.147.2, http://www.uvek.admin.ch/imperia/md/content/gs_uvek2/d/verkehr/schienenv....
- 62. Weisungen über polizeiliche Geschwindigkeitskontrollen und Rotlichtüberwachung im Strassenverkehr, available at http://www.astra.admin.ch/dokumentation/00117/00208/01640/index.html?lan....
- 63. See http://www.astra.admin.ch/00638/index.html?lang=de&msg-id=34214.
- 64. See http://www.bigbrotherawards.ch/kameras/.
- 65. See http://web.archive.org/web/20050208162644/http://www.edsb.ch/e/doku/merk....
- 66. See "Von der Luftwaffe beim Kiffen erwischt" ("Caught Smoking Shit by the Air Force"), NZZ am Sonntag on 23 May 2004, at http://www.nzz.ch/2004/05/23/il/page-article9M50A.html (in German). During the Olympic Games in Athens, Greece in the summer 2004, Swiss surveillance "Zeppelins" were used to observe the city.
- 67. See the Final Report of the Organisation Committee, at 48, at http://www.baspo.admin.ch/internet/baspo/de/home/das_baspo.html.
- 68. "Drohnen waren über 100 Stunden in der Luft" ("Drones were flying for 100 hours"), NZZ Online, 1 June 2008, at http://www.nzz.ch/nachrichten/schweiz/armee_zieht_bilanz_ueber_drohnenfl....
- 69. See http://www.bigbrotherawards.ch/2004/.
- 70. 14th Annual Report 2006-2007, supra.
- 71. Bundesgesetz über die militärischen Informationssysteme (MIG), vom 3.Oktober 2008, available at http://www.admin.ch/ch/d/sr/5/510.91.de.pdf. See also http://www.admin.ch/ch/d/sr/510_91/a180.html.
- 72. "Pilotprojekt für Biometrie-Pässe," ("Pilot Project for Biometric Passports"), Media release of the Justice and Police Department EJPD of 15 September 2004, available at http://web.archive.org/web/20050306192615/http://www.ejpd.admin.ch/doks/....
- 73. "Biometrischer Schweizer Pass: Einführung frühestens im September 2006" ("Swiss Biometric Passports: Launch in September 2006 or Later"),Media release of the Swiss Justice and Police Department EJPD of 13 April 2005, available at http://www.schweizerpass.admin.ch/pass/de/home/dokumentation/medienmitte....
- 74. "Introduction of Biometric Data in the New Swiss Passport," Federal Data Protection Commissioner, July 2006, http://www.edoeb.admin.ch/dokumentation/00445/00509/00965/00980/index.ht....
- 75. See http://www.schweizerpass.admin.ch/pass/de/home/ausweise/aeltere_paesse/p... official 10-point FAQ on biometrical data in the Swiss passport is available at http://www.schweizerpass.admin.ch/pass/de/home/dokumentation/faq.html.
- 76. Bundesgesetz über die Ausweise für Schweizer StaatsangehÃ¶rige (Federal law on identity cards for Swiss citizens), vom 22. Juni 2001, available at http://www.admin.ch/ch/d/sr/1/143.1.de.pdf; Verordnungüber die Ausweise für Schweizer StaatsangehÃ¶rige (Regulation on the cards for Swiss citizens), vom 20.September 2002, available at http://www.admin.ch/ch/d/sr/1/143.11.de.pdf.
- 77. Press release of the federal police department , 26 May 2010, at http://www.bfm.admin.ch/bfm/de/home/dokumentation/medienmitteilungen/201.... Draft of the new regulation, Verordnung vom 24. Oktober 2007 über Zulassung, Aufenthalt und Erwerbstätigkeit (Regulation of 24 October 2007 on admission, residence and work), available at http://www.bfm.admin.ch/content/dam/data/migration/rechtsgrundlagen/gese.... A sample of the new ID Card for foreigners is available at http://www.bfm.admin.ch/content/dam/data/migration/aufenthalt/prospekt_a....
- 78. See"Solidarité sans frontiÃ¨res" (SOSF), available at http://www.sosf.ch/publikationen/intro/intro.html.
- 79. See"Festnahmen im Basler Bahnhof' ("Arrests in Basel train station"), Basler Zeitung, 24 July 20010, at http://bazonline.ch/basel/stadt/Festnahmen-im-Basler-Bahnhof/story/23470640 This rule is most likely against a 1983 decision by the Swiss federal court, which held that identity controls are only allowed in case of a disruptive situation ("situation troublée"). Bundesgerichtesentscheid BGE 109 Ia 146, available at http://grundrechte.ch/2010/BGE_109_IA_146.pdf.
- 80. Ausländergesetzrevision, Dossier http://web.archive.org/web/20071024141931/http://www.parlament.ch/do-aus... and the Bundesgesetz über die Ausländerinnen und Ausländer (AuG, Entwurf) (Federal Law on Foreigners), at http://www.admin.ch/ch/d/ff/2002/3851.pdf (Parliamentary nr. 02.024).
- 81. Discussion in the Parliament (Ständerat) available at http://www.parlament.ch/ab/data/d/s/4707/122615/d_s_4707_122615_122623.htm.
- 82. Bundesgesetz über die Ausländerinnen und Ausländer (AuG) (Federal Law on Foreigners), vom 16.Dezember 2005, available at http://www.admin.ch/ch/d/ff/2005/7365.pdf.
- 83. ePractice, eGovernment Factsheet -- Switzerland -- Infrastructure (May 2010), available at http://www.epractice.eu/en/document/288426.
- 84. 14th Annual Report 2006-2007, supra.
- 85. Verordnung über den Einsatz eines biometrischen Gesichtserkennungssystems am Flughafen Zürich vom 8.Dezember 2004, (Nr. 551.113, available at http://www.sk.zh.ch/internet/sk/de/mm/mm_2004_quartal_4/285_gesichtserke...). See also the media release issued by the Regierungsrates on 16 December .2004 (http://www.sk.zh.ch/internet/sk/de/mm/mm_2004_quartal_4/285_gesichtserke...). See also Marcel Gyr, "Weiterer Test des Gesichtserkennungssystems" (Further Test of the Facial Recognition System), Neue Zürcher Zeitung NZZ, 17 December 2004, at 53.
- 86. See e.g., Neue Zürcher Zeitung, 23. August 2002, No. 194, at 37, and id., and Stefan Hohler, "Phase 2 für 'Frühwarnsystem'" (Phase 2 for 'early warning'"), Tages-Anzeiger 17 December 2004.
- 87. See http://www.unisys.ch/clients/featured__case__studies/casestudy_biometrie....
- 88. Verordnung über verwaltungspolizeiliche Massnahmen und über Informationssysteme des Bundesamtes für Polizei, vom 4.Dezember 2009 available at http://www.admin.ch/ch/d/sr/120_52/index.html.