Key Benefits:
On 20 September 2013 (State 1 Er November 2013)
The Swiss Federal Council,
Having regard to art. 110, para. 3, 112, para. 5, and 130, of the Customs Act of 18 March 2005 1 , given art. 107 of the Federal Act of 22 March 1974 on Administrative Criminal Law (DPA) 2 , given art. 111 of the Act of 20 March 1981 on international mutual assistance 3 ,
Stops:
This order regulates the criminal information system of the Federal Customs Administration (information system):
1 The Federal Customs Administration (AFD) is responsible for the information system.
2 On the AFD's mandate, the Federal Office for Informatics and Telecommunications (OFIT) is responsible for technical implementation and operation.
The information system should facilitate the implementation of the following tasks within the competence of the AFD:
The information system contains data concerning:
1 Data recorded in the information system can only be consulted and processed within the defined framework (Art. 4).
2 The information system is used exclusively by AFD.
3 No networking with information systems outside AFD is permitted.
1 Information system data can, for analysis, be transferred and processed in an external system. Such a warrant can only be carried out by duly authorized specialists in the Customs Anti-Fraud Sections, the Command of the Border Guard Corps, the Risk Analysis Section or the Criminal Cases Division of the Branch Customs (DGD).
2 Data transfers that go beyond simple visualization require the agreement of the data protection advisor of AFD.
3 Data transferred to an external system must be retained and deleted in accordance with Art. 16 and 17.
4 The AFD rules the details in the processing regulations.
The automatic exchange of data with the information systems Finance and accounting referred to in Annex A 2 of the Order of 4 April 2007 on the processing of personal data in the Federal Customs Administration 1 Is allowed.
Information system data can be used to compile statistics such as internal control and business planning, as well as contraband analysis. If statistics are published, the data must be anonymized.
1 Customs offices (civilian Customs offices, Service Offices of the Border Guard Corps) can process the data in a case that they have opened themselves for as long as they are competent to do so.
2 If the competence to deal with the case is transmitted to a higher office, the customs offices may, in order to observe and prosecute offences falling within the competence of the AFD (Art. 4, let. (a), consult the data referred to in s. 5, let. A, b, d to f, j and m, on the basis of the identity (name, with or without the given name or date of birth), the control plate or the file number.
3 In the files which they have not opened themselves, customs offices may, in order to observe and prosecute offences falling within the competence of the AFD (Art. 4, let. (a), consult the data referred to in s. 5, let. A, b, d to f and m, on the basis of identity (name, with or without the given name or date of birth) or of the control plate.
4 Customs offices may consult the data at most:
The Customs Anti-Fraud Sections of the boroughs and the Criminal Cases Division of DGD can consult and process all data.
1 AFD is setting up a helpdesk and monitoring service for the information system.
2 The support and control service and the administrative services or persons responsible for verifying compliance with data protection requirements can process all data in the system Information, provided that this is necessary for their assistance and control tasks.
3 OFIT employees responsible for maintenance work can process data in the information system, provided that:
Other AFD services may, on the basis of identity (surname, with or without the given name or date of birth) or the control plate, consult the data referred to in Art. 5, let. A, b, d to g and m, provided that this is necessary for the performance of their tasks within the framework defined in Art. 4, let. A and b.
1 The rights of the persons concerned, in particular their right to consultation, rectification and deletion of data, are governed, for criminal proceedings not pending, by the provisions of the Federal Act of 19 June 1992 on Data protection 1 And by CCA.
2 For the criminal proceedings pending, these rights are governed by Art. 36 CCA on parts consultation.
3 For requests for administrative assistance, these rights are governed by the provisions of the Federal Act of 20 December 1968 on administrative procedure 2 , for requests for mutual legal assistance by those of the Act of 20 March 1981 on international mutual assistance.
1 Inaccurate data and data that do not meet the requirements of this order must be corrected or destroyed.
2 The assistance and control service referred to in s. 12 regularly checks the accuracy of the data.
1 Data can be retained:
2 Where the fees due have not yet been paid in full at the time of the closure of the criminal proceedings, the time limits laid down in para. 1 only begin to run after the end of the subsequent collection procedure.
3 When there are special reasons for this, particularly in the event of a risk of re-offending, the retention period may be doubled by the DGD Criminal Affairs Division.
1 The release of information from the information system to the Federal Archives is governed by the provisions of the Federal Act of 26 June 1998 on Archiving 1 .
2 After the release of the Federal Archives, the data are destroyed. Data that are not remitted to the Federal Archives is destroyed upon expiry of the retention period.
3 The provision of data to the Federal Archives may be in electronic form.
1 The following shall apply to the security of data security of art. 20 and 21 of the Order of 14 June 1993 on the Federal Data Protection Act 1 And the provisions of the December 9, 2011 Order on Informatics and Telecommunications in the Government of Canada 2 .
2 The relevant data, programmes and documentation must be protected against unauthorised treatment and against destruction and subtraction. They must be able to be reconstituted.
3 Data transmission must take place in encrypted form throughout the process.
4 Access to the information system must be resolved for each user by an individual user profile, so that a person can only use the information system within the limits of his or her competence.
5 Data processing must be the subject of an automated protocol.
1 RS 235.11
2 RS 172.010.58
The order of 6 March 2000 on the information system of the Federal Customs Administration in the field of criminal matters 1 Is repealed.
1 [ RO 2000 1127 , 2004 4559, 2007 1469 Annex 4, c. 5]
1 The existing data collections used to prosecute and adjudicate AFD offences are transferred to the AFD's new information system.
2 To ensure data security, existing data collections may be retained for five years from the date of transfer. The data must then be destroyed.
3 After the transfer to the information system, this order also applies to data entered under the former provisions.
This order shall enter into force on 1 Er November 2013.