Policy related content The post Policy appeared first on ISOC Switzerland Chapter.

Switzerland’s federalist tradition delegates significant autonomy to its 26 cantons, allowing them to tailor policies and services to local needs. The introduction of a nationwide electronic identity (e-ID) system, however, represents a marked shift in digital governance: by vesting authority over identity issuance and verification in the federal state, the new e-ID law centralizes power and diminishes cantonal prerogatives. While a unified e-ID promises interoperability and enhanced security, the concentration of competence at the Confederation level undermines subsidiarity, stifles local innovation, and risks a democratic deficit in a system historically grounded in cantonal and people’s self-determination. Swiss Federalism and Cantonal Autonomy Under Article 3 of the Swiss Constitution, all future powers belong to the cantons, unless the Swiss people and the cantons decide, by constitutional amendment, that they shall be attributed to the federation. This principle enshrines the subsidiarity norm: matters best handled locally remain within cantonal competence, ensuring policies reflect regional languages, legal traditions, and administrative capacities. In practice, cantons exercise broad authority over education, healthcare, policing, and civil registers and identity documents, areas where proximity to citizens fosters trust and responsiveness. The E-ID Law and the Centralization of Digital Identity On December 20, 2024, the Swiss Federal Assembly passed the Federal Act on Electronic Identity Credentials and Other Electronic Credentials, establishing a state-recognised e-ID to be rolled out by 2026. Unlike earlier, canton-driven pilots, the new scheme mandates that all public authorities—confederation, cantons, and municipalities—accept the federal e-ID alongside physical ID for electronic identification purposes. While private providers may operate wallets, the Confederation retains exclusive authority over the trust framework, credential schemas, and revocation registries. Consequently, cantonal solutions will be superseded by a one-size-fits-all model dictated by federal technical and policy choices. Erosion of Subsidiarity and Local Tailoring By reallocating identity-management powers from cantons to the federal state, the e-ID law breaches the subsidiarity ethos. Cantonal administrations lose autonomy over design and implementation—functions they have long performed in tandem with local stakeholders. This top-down approach risks producing a monolithic system that may not align with linguistic and procedural variations across cantons. For instance, user interface elements or data-disclosure workflows optimized for German-speaking urban centres may prove cumbersome in rural, French- or Italian-speaking cantons. Hindering Innovation and Experimentation Cantons have historically acted as laboratories of democracy, piloting digital services—such as e-voting, local health portals, and municipal e-administration platforms—before scaling them nationally. Centralizing identity issuance under the Confederation risks stifling this dynamic: any significant alteration or enhancement to the e-ID framework will require federal approval, elongating development cycles and dampening the incentive for localized experimentation. Moreover, private-sector innovators that previously partnered with individual cantons face higher barriers: they must navigate federal procurement processes and standardized certification regimes, reducing flexibility and increasing costs. Complexity, Incoherence, and Privacy Concerns Centralized identity provisioning introduces its own technical pitfalls. A major critique of a state- run, single identity provider is that no central actor can serve all user groups coherently—voluntary adoption means some citizens will decline the e-ID, necessitating parallel systems and eroding transparency. Services catering to non-Swiss or partially registered residents would require separate identity providers, creating confusion and administrative overhead. Furthermore, having the Confederation mediate every authentication event concentrates sensitive metadata—access logs, usage patterns, and verification requests—within a single national database, heightening the risk of mass surveillance. Furthermore, the notion of a single identity gateway also creates a tempting target for adversaries: rather than spreading their efforts across thousands of sites and services, attackers can focus on subverting one system to harvest credentials en masse. A breach of the central provider—even a transient outage or misconfiguration—could effectively lock every user out of their online accounts, from banking and healthcare to social media and e-government services. Worse yet, such concentration makes it trivial to compile comprehensive activity logs, enabling sophisticated profiling, unsolicited marketing, or politically motivated surveillance at a scale previously impossible. Phishing campaigns would only need to mimic one login flow, increasing their success rate and reducing the cognitive load on the victim. And because the e-ID would be used ubiquitously, there’d be no “dark spaces” left for whistleblowers, dissidents, or vulnerable populations to maintain anonymity when they really need it. In short, replacing the polycentric patchwork of today’s digital identities with a single monolithic system risks undermining both individual security and societal freedoms, trading fragmentation for fragility and opacity. Democratic Accountability and the Referendum Safeguard Switzerland’s direct-democracy mechanisms offer a check against unilateral centralization: opponents of the e-ID law have gathered sufficient signatures to force a nationwide referendum, likely scheduled for autumn 2025. Yet, in the interim, cantonal administrations must adapt to the new federal framework, incurring integration costs and reengineering existing digital processes. If the referendum overturns the law, this transitional burden will represent wasted resources and damaged trust between the Confederation and cantons. Conclusion The e-ID law exemplifies the tension between the efficiencies of a centralized digital infrastructure and the principles of Swiss federalism. While a unified identity system may streamline cross-border and inter-cantonal digital services, the shift of power from cantons to the Confederation compromises subsidiarity, curtails local innovation, and risks democratic disconnect. As Switzerland navigates its referendum, policymakers should consider hybrid approaches: granting cantons a participatory role in governance bodies, enabling localized interface customization, and ensuring interoperability standards rather than monolithic platforms. Such measures could preserve the dynamism of cantonal digital experimentation while achieving the interoperability and security goals that underpin a national e-ID. The post Concentration of Power in Swiss E-ID appeared first on ISOC Switzerland Chapter.

Zurich, 6 mai 2025 – La consultation qui se termine aujourd’hui sur la révision partielle de l’Ordonnance sur la surveillance de la correspondance par poste et télécommunication (OSCPT) ainsi que de l’Ordonnance du DFJP (OD-SCPT) [1] soulève d’importantes questions et suscite de vives inquiétudes. Les modifications prévues menacent non seulement le droit fondamental à la vie privée, mais aussi la sécurité du chiffrement. Les VPN et autres services de communication chiffrés sont particulièrement visés – avec des conséquences potentiellement désastreuses pour les citoyens et les entreprises. UNE ATTEINTE À LA VIE PRIVÉE La révision de l’OSCPT prévoit une extension des obligations de surveillance pour les fournisseurs de services de télécommunication (FST) ainsi que pour les services de communication dérivés (FSCD), y compris des obligations élargies d’identification des utilisateurs et de conservation des données. Ces mesures portent gravement atteinte à la vie privée des citoyens sans qu’une justification claire à ce recul soit clairement exprimé. Le secret médical ou la protection des sources journalistiques s’en trouvent directement affectés. DES DONNÉES INUTILEMENT STOCKÉES OUVRENT LA PORTE AUX RISQUES D’ABUS Chaque donnée conservée augmente mécaniquement le risque que celle-ci soit utilisée ou consultée de manière abusive. Les métadonnées peuvent donner des aperçus détaillés sur les relations entre individus, leur localisation et leurs habitudes. La conservation obligatoire des métadonnées pendant six mois permet non seulement une surveillance de masse, mais aussi potentiellement d’autres accès illégitimes par des tiers, comme des pirates informatiques, des criminels ou des employés simplement mal intentionnés. Si de telles données tombent entre les mains de criminels, elles pourraient être utilisées pour le chantage, la fraude téléphonique, le phishing, le vol d’identité et d’autres formes d’abus. LA COMPROMISSION DU CHIFFREMENT EST LA MORT DU CHIFFREMENT L’obligation proposée de supprimer le chiffrement compromet la sécurité de tous. Les fournisseurs seraient contraints d’installer des backdoors ou d’utiliser d’autres méthodes qui affaiblissent délibérément le chiffrement afin de pouvoir permettre aux autorités d’accéder à ces données. Mais si ces failles existent, elles existent pour tout le monde: leur installation permettrait aux pirates informatiques, aux criminels ou entités étrangères d’avoir accès à toutes les données circulant dans le pays. On ne peut pas chiffrer pour les uns, et pas pour les autres. Le gouvernement britannique a récemment tenté d’adopter une réglementations en ce sens: la conséquence immédiate en a été qu’Apple a annoncé le retrait des services chiffrés pour ses clients au Royaume-Uni. Citation traduite de l’allemand: «Apple et de nombreux experts en sécurité informatique soutiennent qu’une porte dérobée rend absurde tout chiffrement. Dès qu’il existe un moyen de déchiffrer des données chiffrées, ce n’est qu’une question de temps avant que des criminels ou des régimes autoritaires ne l’exploitent. Le chiffrement de bout en bout signifie exactement cela : personne d’autre que l’utilisateur lui-même – pas même Apple – ne peut accéder aux données. Une porte dérobée constitue donc toujours une faille de sécurité massive.» [2] En Suisse, les services offrant des solutions respectueuses de la vie privée ont traditionnellement une position forte. Les fournisseurs suisses comme Proton, NymVPN, PVY.swiss ou Threema sont particulièrement touchés par la nouvelle réglementation. Proton a déjà annoncé qu’il quitterait la Suisse s’il ne pouvait plus y exercer ses activités correctement. [3] RÉFÉRENCES [1] https://www.fedlex.admin.ch/fr/consultation-procedures/ended#https://fedlex.data.admin.ch/eli/dl/proj/2022/21/cons_1 [2] https://www.gizmodo.de/apple-sagt-nein-zu-uk-backdoor-end-to-end-verschluesselung-faellt-weg-2000014910 [3] https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung The post La révision prévue de l’OSCPT menace les droits fondamentaux et compromet le chiffrement appeared first on ISOC Switzerland Chapter.

Zurich, May 6, 2025 – The public consultation on the partial revision of the Ordinance on the Surveillance of Postal and Telecommunications Traffic (VÜPF/OSCPT) and the ordinance of Swiss Federal Department of Justice and Police FDJP (VD-ÜPF/OME-SCPT) [1], which ends today, raises major questions and massive concerns. The planned changes not only jeopardize the fundamental right to privacy, but also the security of encryption. VPN and other encrypted communication services in particular are in the spotlight – with potentially devastating consequences for citizens and companies. ATTACK ON PRIVACY The revision of the VÜPF/OSCPT provides for an expansion of the monitoring obligations for providers of telecommunications services (FDA/FST) and derived communication services (AAKD/FSCD), including extended obligations to identify users and data retention. These measures encroach deeply on the privacy of citizens. This also affects medical confidentiality and the protection of journalistic sources. RISK OF MISUSE OF UNNECESSARILY STORED DATA Any additional storage of data increases the risk of misuse. Metadata can provide detailed insights into communication partners, locations and habits. The mandatory retention of metadata for six months not only enables mass surveillance, but in principle also other unlawful access by third parties, such as hackers, criminals or employees of the FDA/FST or AAKD/FSCD. For example, if such data falls into the hands of criminals, it could be used for blackmail, telephone fraud, phishing, identity theft or other forms of abuse. COMPROMISING ENCRYPTION The proposed obligation to remove encryption compromises the security of encryption. Providers would be forced to install backdoors or use other methods that deliberately weaken encryption in order to deliver unencrypted content to the authorities. Creating such security loopholes not only allows the authorities, but potentially also hackers, criminals or other unauthorized persons to access confidential data. The UK government recently passed similar regulations, which Apple decided not to implement. Instead, Apple announced the withdrawal of encrypted services for their customers in the UK. Quote (translated from German): “Apple and many IT security experts argue that a backdoor drives any encryption ad absurdum. Once a way exists to decrypt encrypted data, it is only a matter of time before criminals or authoritarian regimes exploit it. End-to-end encryption means exactly that: no one other than the users themselves – not even Apple – can access the data. A backdoor is therefore always a massive security gap.” [2] In Switzerland, services with privacy-friendly solutions traditionally have a strong position. Swiss providers such as Proton, NymVPN, PVY.swiss or Threema are particularly affected by the new regulation. Proton has already announced that it will leave Switzerland if it can no longer conduct proper business here. [3] REFERENCES [1] https://www.fedlex.admin.ch/de/consultation-procedures/ongoing#https://fedlex.data.admin.ch/eli/dl/proj/2022/21/cons_1 [2] https://www.gizmodo.de/apple-sagt-nein-zu-uk-backdoor-end-to-end-verschluesselung-faellt-weg-2000014910 [3] https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung [Translated partially by Deepl.] The post Planned Revision of Surveillance Ordinances Threatens Fundamental Rights and Compromises Encryption appeared first on ISOC Switzerland Chapter.

Zürch, 6. Mai 2025 – Die heute endende Vernehmlassung zur Teilrevision der Verordnung über die Überwachung des Post- und Fernmeldeverkehrs (VÜPF) sowie der Verordnung des EJPD (VD-ÜPF) [1] wirft grosse Fragen auf und sorgt für massive Bedenken. Die geplanten Änderungen gefährden nicht nur das Grundrecht auf Privatsphäre, sondern auch die Sicherheit von Verschlüsselung. Insbesondere VPN und andere verschlüsselte Kommunikationsdienste stehen im Fokus – mit potenziell verheerenden Folgen für Bürger und Unternehmen. ANGRIFF AUF DIE PRIVATSPHÄRE Die VÜPF-Revision sieht eine Ausweitung der Überwachungspflichten für Anbieterinnen von Fernmeldediensten (FDA) sowie abgeleiteter Kommunikationsdienste (AAKD) vor, einschliesslich erweiterter Pflichten zur Identifikation von Nutzern und Vorratsdatenspeicherung. Diese Massnahmen greifen tief in die Privatsphäre der Bürger ein. Dadurch wird auch das Arzt-Geheimnis oder der journalistische Quellenschutz beeinträchtigt. MISSBRAUCHSRISIKO VON UNNÖTIGERWEISE GESPEICHERTEN DATEN Jedes zusätzliche Speichern von Daten erhöht das Risiko für deren Missbrauch. Metadaten können detaillierte Einblicke in Kommunikationspartner, Standorte und Gewohnheiten geben. Die verpflichtende Vorratsdatenspeicherung von Metadaten über sechs Monate ermöglicht nicht nur eine Massenüberwachung, sondern grundsätzlich auch andere unrechtmässige Zugriffe von Dritten, wie Hackern, Kriminellen oder Mitarbeitern der FDA bzw. AAKD. Wenn solche Daten beispielsweise in die Hände von Kriminellen geraten, könnten diese für Erpressung, Telefonbetrug, Phishing, Identitätsdiebstahl oder andere Formen von Missbrauch verwendet werden. KOMPROMITTIERUNG DER VERSCHLÜSSELUNG Die vorgeschlagene Pflicht, angebrachte Verschlüsselungen zu entfernen, kompromittiert die Sicherheit der Verschlüsselung. Anbieterinnen würden gezwungen, Hintertüren anzubringen oder andere Methoden einzusetzen, welche die Verschlüsselung bewusst schwächen, um unverschlüsselte Inhalte den Behörden ausliefern zu können. Das Anbringen solcher Sicherheitslücken ermöglicht nicht nur den Behörden, sondern potenziell auch Hackern, Kriminellen oder anderen Unbefugten den Zugriff auf vertrauliche Daten. Die britische Regierung hat kürzlich ähnliche Vorschriften beschlossen, worauf Apple entschied, diese nicht umzusetzen. Stattdessen kündigte Apple den Rückzug der verschlüsselten Dienste für ihre Kunden in Grossbritannien an. Zitat: «Apple und viele IT-Sicherheitsexperten argumentieren, dass eine Hintertür jede Verschlüsselung ad absurdum führt. Sobald ein Weg existiert, um verschlüsselte Daten zu entschlüsseln, ist es nur eine Frage der Zeit, bis Kriminelle oder autoritäre Regime ihn ausnutzen. End-to-End-Verschlüsselung bedeutet genau das: Niemand außer dem Nutzer selbst – nicht einmal Apple – kann auf die Daten zugreifen. Eine Hintertür ist daher immer eine massive Sicherheitslücke.» [2] In der Schweiz haben Dienste mit Privatsphäre-freundlichen Lösungen traditionell eine starke Stellung. Schweizer Anbieterinnen wie Proton, NymVPN, PVY.swiss oder Threema sind durch die neue Regulierung besonders betroffen. Proton hat bereits angekündigt, die Schweiz zu verlassen, wenn sie hier keine ordnungsgemässen Geschäfte mehr tätigen kann. [3] REFERENZEN [1] https://www.fedlex.admin.ch/de/consultation-procedures/ongoing#https://fedlex.data.admin.ch/eli/dl/proj/2022/21/cons_1 [2] https://www.gizmodo.de/apple-sagt-nein-zu-uk-backdoor-end-to-end-verschluesselung-faellt-weg-2000014910 [3] https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung The post Geplante VÜPF-Revision bedroht Grundrechte und kompromittiert Verschlüsselung appeared first on ISOC Switzerland Chapter.

Work on Tech-Dossier on Privacy Since January 2025 ISOC-CH is working on privacy-focused Tech Dossiers (TD), which relate to various projects which are technically supported by Next Generation Internet (NGI) funding, provided by the EU Commission and the State Secretariat for Education, Research and Innovation (SERI) of the Swiss Confederation (cf. https://www.sbfi.admin.ch/sbfi/en/home/seri/seri.html). In scope of this work, also the Artificial Intelligence (AI) topic was given special attention as to show how to make a more sovereign use of its potentials without neglecting the risks associated to the intensified practice in datafication of everything (including the collection and use of Personal Identifiable Information, PII) to make those systems generate (sometimes useful) answers. Teaching the Teachers on Privacy As an audience, we choose to raise awareness among early stage secondary school teachers in their last step of formation about the dangers of datafication, which (soon) will have the job to teach their topic (e.g., German or Mathematics) on secondary schools among Switzerland. As teaching is done more and more interdisciplinary and with an increasing relation to digitization, teachers are formed at University of Zurich (UZH) also in aspects of digital educational tools used in teaching. From our perspective, it’s absolutely vital that at least young teachers get themselves and critically tought in aspects of digitization such that they can raise awareness among kids about it and we can have a scalable effect on spreading critical knowledge on privacy implications of digital systems, increasing thus media literacy in the general public and give insights to alternatives which can be used. Concrete Teacher Audience at University of Zurich To start this task, we teamed up with Tessa Consoli, Academic Associate to the Chair of Prof. Dr. Dominik Petko on Teaching and Educational Technology at UZH in the Institute of Education (IfE; cf. https://www.ife.uzh.ch/en/research/petko/staff/consolitessa.html), researching on aspects of the influence and use of digitzation in the secondary school system. Since Spring Semester 2025 she runs a course on Transerversal Learning including a strong focus on digitization topics in schools (cf. course description: https://studentservices.uzh.ch/uzh/anonym/vvz/?sap-language=DE&sap-ui-language=DE#/details/2024/004/SM/51260439). With her work, the IfE is assessing which digital educational tools are being used in the secondary school system across Switzerland, running surveys (cf. corresponding research work: https://www.ife.uzh.ch/en/research/petko.html). First Efforts with a Presentation and Reactions As the course lecturer Tessa sees and shares the interest to shed light not only on chances, but also on the risks of the ongoing pervasive (mass) datafication — including the loss of digital sovereignty in the public school system —, we were invited to give a public intervention in her course on 18.3.2025 (cf. in PDF: slides), not only showing the problematic global situation of mass datafication through, e.g., means of Mass Surveillance as shown since — at the very latest — the Snowden revelations since June 2013, but also how to engage in self-defense by using technological tools for a more decentralized and private Internet, using means of media literacy and tools which are also supported by the NGI funding framework (like, e.g., Mastodon, Tor or Jitsi). The intervention at UZH proved to be very useful as the teachers present weren’t generally aware of the scope of the (non-consensual) datafication going on, which happens to be used, e.g., in AI systems as training material, imposing privacy risks of data leakage and loss of control through automatic decision-making with people don’t understand why certain (e.g., insurance) prices for them rise or they don’t get a credit. Awareness at which points data gets collected by own actions was also not very sharp: most people weren’t aware that “simple” news sites massively collect behavioral data and share it with hundreds of “partners” — a problem which can be reduced by using certain Add-Ons or Browser Bundles (especially for smart phones) to share less data by technical means. The post NGI0: Teach the Teachers on Dangers of (Mass) Datafication appeared first on ISOC Switzerland Chapter.

On Friday, 7 February 2025, the Washington Post reported that the UK government had issued a Technical Capability Notice (TCN) to Apple under the Investigatory Powers Act 2016. This secret order would force Apple to build a backdoor into its end-to-end encrypted cloud services, jeopardizing the security and privacy of all users worldwide, not just in the UK. The ISOC Switzerland Chapter, alongside over 100 civil society organizations, companies, and cybersecurity experts, co-signed a joint letter led by the Global Encryption Coalition (GEC). Addressed to the UK Home Secretary, the letter urges the Home Office to rescind its demand that Apple compromise its encrypted services. It highlights the severe risks this order poses to security, privacy, the economy, and freedom of expression. As encryption advocates have long warned, any backdoor for law enforcement creates vulnerabilities that can be exploited by cybercriminals, foreign espionage, and other malicious actors. The UK’s move represents a dangerous attempt to undermine encryption, endangering the privacy and security of millions of Apple users worldwide. Further Reading: * Draft Technical Capability Regulations notified to European Commission following targeted consultation * Apple’s submission of evidence on the Investigatory Powers Act Amendments Bill * BBC’s coverage of Apple’s July 2023 submission The post UK Government’s Demand for an Apple Backdoor Puts Global Security at Risk appeared first on ISOC Switzerland Chapter.

ISOC-CH is a key partner in the Horizon Europe NGI0 Commons Fund, and through this engagement a great opportunity arises to develop as an organization both locally in Switzerland and abroad, creating links between local issues and struggles for digital rights and important developments at the European and global level. The role of ISOC-CH in the NGI0 project is to develop the so-called “Tech dossiers” of free/libre and open software. That is, a comprehensive introduction to a certain are of digital services (e.g., cloud storage, video conferencing, AI), addressing specific audiences (e.g., policy makers, youth, educators, elderly) with a suitable medium (e.g., guidelines, podcast, curriculum). For this project, we are searching for a candidate that will cover the topic of cloud solutions, addressing policy makers and the government in the context of digital sovereignty with an expected engagement of 20% for a period of 1 year, with a possible extension up to 2 years.. In addition, this year, the Board of ISOC Switzerland will be reshuffled. We are looking for additional board members, including for treasurer and/or policy.  For more information and application process, you can reach us at contact@isoc.ch or in one of the upcoming events announced on our web site, https://isoc.ch, and linkedin page. More details about the application process will be announced after the General Assembly 2025. Before, you are very welcome to join the ISOC-CH’s Policy Sessions 2025 on the topic of E-ID, an excellent introduction for this job position! The ISOC-CH board. The post ISOC-CH is hiring! appeared first on ISOC Switzerland Chapter.

The second plenary meeting of the NGI0 Commons Fund consortium took place in Brussels on January 30th 2025, in the context of the FOSDEM conference, where the presence of NGI0 at the FOSDEM was impressive, During the plenary meeting, ISOC-CH developed the plan for the development of the so-called “tech dossiers”, which will focus on three distinct thematic areas: video conferencing, AI and privacy, and Cloud solutions, targeting three distinct target audiences respectively: like-minded non-experts, school teachers, and policy makers. The description of the whole implementation plan for the tech dossiers and an interesting job opening will be announced soon. For now, the most important news is that the project selection is running smoothly and the sixth call of NGI Zero Commons Fund opened up on February 1st 2025, with a deadline of April 1st 2025 12:00 CEST (noon). To get some inspiration, here is the list of the first 50 projects funded under the NGI0 Commons fund: https://nlnet.nl/news/2025/20250101-announcing-grantees-June-call.html The post NGI0 Commons Fund update and 6th call for funding appeared first on ISOC Switzerland Chapter.

The voting in the UN General Assembly that was expected to pass the Draft Convention on Cybercrime, was postponed. This Draft was the outcome of many years of negotiations which started with a UN resolution initiated in 2019 by Russia, China and other states (such as Iran, Egypt, Sudan, and Uzbekistan) , with 88 votes to 58, and 34 abstentions. There is a wide consensus that this convention puts in danger human rights, privacy, and safety online, and a large number of human rights and journalists’ associations  have officially expressed their criticism of the surveillance pact, including Privacy International, Access Now, the IPI, and European Digital Rights, the umbrella organisation of many European NGOs. ISOC global in their position article on the UN convention state clearly two major concerns regarding its potential negative impact: > 1) Impact on the work of security researchers: As highlighted in this > statement from security experts, good faith security research is crucial to > ensuring the security of the Internet and preventing cybercrime. > 2) Impact on encryption: Article 28.4 on search and seizure of electronic data > might be interpreted to allow countries to authorize competent authorities to > order the handover of encryption keys or other sensitive information about the > security of hardware or software. Adrienne Fichter, in her article titled “The UN community has negotiated a global surveillance regime — but it could have been worse”, explains in detail all the shortcomings of this convention and the potential impact in the Swiss context. A recent article (9.Dec 2024) by Lawfare media analyzes the legal language of the Draft Convention and another one by Anja P. Jakobi und Lena Herbst, at the same day, concludes that despite the problems with this convention, > It is, however, unlikely that the draft Convention will fail to pass the GA. > Therefore, it seems advisable to accept the treaty with reservations and > become a state party to the Convention. Without internal critics, the > ‘Conference of Parties’ (CoP), tasked with reviewing and implementing the > convention, could develop additional measures and worsen a Convention that at > least includes some human rights safeguards. In particular, due to Russia’s > and China’s growing influence, rejecting the Convention could pave the way for > ‘digital authoritarianism’ in a central UN norm on cyberspace. Still, > accepting the Convention requires careful monitoring, not only of the CoP, but > also of its results in practice. If reviews of the treaty show that its > implementation means compromising human rights and data protection, states > should continuously reevaluate whether to stay or leave the treaty, with the > Budapest Convention as a remaining fallback option. The argument of making compromises to “stay at the table of negotiations” have been used also for other critical issues in recent debates among digital rights associations in Switzerland. And although “staying at the table” is a valid argument, for such important threats on fundamental human rights, someone needs to stay out of the table and fight for privacy, self-determination, and safety! So, we are in a critical moment of this process, and signing the ongoing petition, initiated by the Pirate Party CH, and supported by the ISOC Switzerland Chapter, we can pass the message to policy makers that people care for human rights and privacy: https://act.campax.org/petitions/un-cybercrime-convention-stoppen-arreter-la-convention-des-nations-unies-sur-la-cybercriminalite The post UN Convention on Cybercrime: staying out of the table and fighting for human rights, privacy, and safety appeared first on ISOC Switzerland Chapter.