October 21, 2019

October 21, 2019

Subscribe to Latest Legal News and Analysis

Swiss-US Privacy Shield Will Replace Swiss-US Data Protection Safe Harbor

On January 11, 2017, the Swiss Federal Council announced that a new framework will govern the transfer of personal data from Switzerland to the US.  According to the Federal Council, the Swiss-US Privacy Shield Framework “will apply the same conditions as the European Union.”  The International Trade Administration stated that the US Department of Commerce will begin accepting certifications on April 12.  Certification will allow companies to comply with Swiss data protection requirements, facilitating transatlantic commerce.

  • The Federal Council made note of several changes from the Swiss-US Safe Harbor to the Swiss-US Privacy Shield, including:

  • “Stricter application of data protection principles by participant companies”

  • Heightened administration and supervision requirements by US authorities

  • Enhanced cooperation between the Swiss Federal Data Protection and Information Commissioner and the US Department of Commerce

  • A new arbitration body to handle claims

  • Introduction of an ombudsperson in the US Department of State, who will address Swiss persons’ concerns about the processing of their personal data by US intelligence services

Because the Swiss-US Privacy Shield aligns with the EU-US Privacy Shield, the self-certification process should not be overly burdensome.

However, in light of this change, it is important to reassess current business practices to determine whether a company is participating in the transfer of personal data from Switzerland to the US.  If so, companies should remove any references to the Safe Harbor, and should be ready to apply for self-certification.  Further, companies should prepare for changes to internal policies to comply with the new requirements under the Swiss-US Privacy Shield.

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.


About this Author

Theodore Claypoole, Intellectual Property Attorney, Womble Carlyle, private sector lawyer, data breach legal counsel, software development law
Senior Partner

As a Partner of the Firm’s Intellectual Property Practice Group, Ted leads the firm’s IP Transaction Team, as well as data breach incident response teams in the public and private sectors. Ted addressed information security risk management, and cross-border data transfer issue, including those involving the European Union and the Data Protection Safe Harbor. He also negotiates and prepares business process outsourcing, distribution, branding, software development, hosted application and electronic commerce agreements for all types of companies.


Taylor Ey, Intellectual property attorney, Womble Carlyle, Law Firm

Taylor is an associate in the Intellectual Property Practice Group in Womble Carlyle’s Research Triangle Park Office.


J.D. | 2016 | Wake Forest University School of Law | cum laude | Notes and Comments Editor, Wake Forest Law Review, 2015-2016 | Teaching Assistant, Legal Analysis, Writing and Research I & II, Writing for Judicial Chambers

M.S. |2012 | The Ohio State University | Biomedical Engineering

B.S. | 2011 | The Ohio State University | Biomedical Engineering | Minor, Life Sciences | cum laude