Rs 0.235.233.6 Exchange Of Letters Of 1 St And December 9, 2008 Between The Switzerland And The United States Of America Concerning The Establishment Of A Framework Of Data Protection For The Transmission Of Personal Data To The United State...

Original Language Title: RS 0.235.233.6 Echange de lettres des 1er et 9 décembre 2008 entre la Suisse et les Etats-Unis d’Amérique concernant l’établissement d’un cadre de protection des données pour la transmission de données personnelles aux Etats-Unis d’Amérique

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now for only USD$20 per month, or Get a Day Pass for only USD$4.99.
0.235.233.6 Exchange of letters of 1 and December 9, 2008 between the Switzerland and the United States of America concerning the establishment of a framework of data protection for the transmission of personal data to the United States of America entered into force by Exchange of notes February 16, 2009 (State on February 16, 2009) federal Privacy Commissioner translation data and transparency FDPIC officer Bern , on December 9, 2008 Madam Michelle O'Neill Deputy Under Secretary for International Trade United States Department of Commerce, Washington, D.C. 20230 Madam, we acknowledge receipt of your letter of December 1, 2008 with the following content: "I have the honour to convey the principles of"safe harbor"for the protection of personal data between the United States and the Switzerland and the questions often asked y related (FAQ) regarding their implementation. , as well as the study on the implementation of the principles of "safe harbour" and a memorandum regarding privacy and damages, legal authorizations and mergers and acquisitions under the provisions of the legislation of the United States. All these documents were issued by the Department of Commerce of the United States on December 1, 2008. I also bring letters of the competent government bodies in the United States to consider complaints related to breaches in the application of the principles of the 'safe harbour '.
The 'safe harbour' principles for the protection of personal data between the United States and the Switzerland reflect our common goal to increase the protection of privacy for our citizens and strengthen legal certainty for businesses of the two countries. They take into account the fact that the transfer of personal data of the Switzerland to a third country may be made only if the third country in question ensures an adequate level of protection.
The Department issues the attached documents in cooperation with the Switzerland under its authority to promote and develop international trade. On the basis of this letter with these documents, the Switzerland intends to recognize the adequacy of protection provided by the "safe harbor" principles for the protection of personal data between the United States and the Switzerland implemented according to the FAQ and satisfying the requirements of art. 6 of the Federal law on data protection. Other provisions of this law concerning the treatment of data in Switzerland will not be affected.
The 'safe harbour' principles for the protection of private data between the United States and the Switzerland and FAQs ("the principles") must serve as a strict guide to American companies and other U.S. organizations receiving personal information from Switzerland and wishing to establish a predictable basis for the continuation of such transfers. The study on the implementation of the principles and other support documents are intended to explain how mechanisms implementation American, based either on the law and regulation on individual regulation, meet the requirements of the principle of implementation and ensure that the commitment of an organization to adhere to the principles will be effectively implemented. The 'safe harbour' documents must be read in the context of the American legal system and its well-known features, such as general legal actions and fees on a random basis.
U.S. companies and other U.S. organizations can be assured of the benefits of the "safe harbour" by certifying their adherence to the principles themselves. The Commerce Department intends to establish a list of all organizations that certify their adherence to the principles themselves. The list and reports submitted by organizations containing information about the implementation of the principles are made public, as well as any final determination by an instance of American implementation and notified to the Department of Commerce (or a named instance) that an organization of the 'safe harbour' has failed persistently to comply with the principles. When, by complying with the requirements of the principles, an organization relies completely or partially on a specific regulation, its failure to follow its own regulations must also be addressed to the title of section 5 of the Federal Trade Commission Act, which prohibits the maneuvers and unfair or fraudulent practices, or any other act or regulation prohibiting such acts such as included in the principles.
The principles apply only to companies and other organizations within the jurisdiction of the Federal Commission of trade (FTC) and the Department of transport (DOT) and who act in compliance with the principles implemented according to the FAQ. As a result, principles do not apply to financial institutions, including banks, financial savings and loan companies and credit unions; telecommunications companies and public transport companies Interstate; Packers and Stockyards operators; and also any entity or activity included in the exceptions to the authority of the FTC on maneuvers and unfair or fraudulent practices and who are not subject to the authority of the DOWRY (annex III).
The framework established by the "safe harbor" principles for the protection of personal data between the United States and the Switzerland implemented according to the FAQ could be the subject of a review on the basis of experience and relevant developments. The Department of Commerce and the Federal data protection and transparency will consult about any proposed changes to the principles and other documents of the framework.
The framework established by the "safe harbor" principles for the protection of personal data between the United States and the Switzerland will become effective following the notification of the accomplishment of all internal legislative procedures and will remain in force subject to written notification of the Switzerland or the United States to the other party of its intention to denounce the framework. Such notification should be made six months before the scheduled termination date.

"Annex I the 'safe harbour' principles for the protection of the data private between the United States and Switzerland Appendix II frequently asked Questions Appendix III study on the implementation of the principles of the 'safe harbour' annex IV confidentiality and damages, legal authorizations and mergers and acquisitions under the provisions of the legislation of the United States Appendix V Instances of the Government of the United States empowered to investigate complaints."

We share the contents of your letter and we recognize that in the context of its coverage, the framework established by the principles of "safe harbour" for the protection of privacy between the United States and the Switzerland offers a legal framework that guarantees adequate protection of the data. Result is that American companies certifying their adherence to the principles of "safe harbour" to protect private data between the United States and the Switzerland are regarded as having an adequate level of protection under art. 6 (1) of the Federal law on data protection.
In addition, we inform you that the federal Privacy Commissioner data and transparency may recommend the suspension of the data flow to a business or other organization itself having certified its adherence to the principles implemented in accordance with the FAQs (principles) in order to protect individuals with regard to the processing of their personal data if : the competent body in the United States or an independent mechanism of Appeal found that the Organization violates the principles; or is it likely that the principles are being violated; There is every reason to believe that the relevant application instance does not or will not take timely measures that are needed to settle the case in question; what the continuation of transfer would run to concerned an imminent risk of serious damage; that the competent Swiss authorities have reasonably tried, given the circumstances, to warn the Organization and give him an opportunity to respond. The recommendation to suspend ceases as soon as compliance with the principles implemented in accordance with the FAQs is assured and the competent Swiss authorities are informed. If the information collected shows that any body responsible for enforcing the principles in the United States does not effectively its mission, the Government of Switzerland informed the Department of Commerce American and, if necessary, proposed a draft of the measures to be taken to repeal or suspend the principles or limit their scope.
We thank you for your cooperation in this matter and please accept, Madam, the expression of our distinguished sentiments.
Hans-Peter Thur RO 2009 1793 translation of the original English.
These documents can be obtained in the English language with the federal Commissioner for data protection and transparency.
SR 235.1


State on February 16, 2009

Related Laws