The European Commission has been asking for feedback from the 6th of January to the 3rd of February to shape its “European Open Digital Ecosystem Strategy”. In our submission we stress that it is important to understand that Free and Open-Source Software (FOSS) * is the backbone of our digital infrastructure; * is a global and collaborative phenomenon and that isolating it along geographic boundaries is counterproductive; * has to be understood as a symbiotic ecosystem of diverse players (businesses, public administrations, foundations, academic institutions, and individual contributors) rather than “just” an economic sector/industry; * has a variety of strategic and practical benefits over proprietary software solutions and should therefore be adopted widely by European institutions. If you’re interested in the topic, we can also recommend you to read the submissions of the Free Software Foundation Europe and the OSI Europe Foundation. -------------------------------------------------------------------------------- The Internet Society (ISOC) Switzerland Chapter is a non-profit organization that engages on a variety of Internet-related topics, ensuring that it is a place of possibility, opportunity, and progress that benefits people worldwide. We provide technically-grounded advice, policy recommendations, and educational material regarding privacy, security, Free and Open-Source Software, and digital sovereignty. We also organize informative events and debates like the annual Public Policy Sessions and participate in collaborative research projects like the NGI0 Commons Fund. As a national chapter of the international organization responsible for the .org domain, ISOC CH acts as a gateway between Switzerland and the international digital civil society. You can consider becoming a member (through the main ISOC web site) following the instructions at https://isoc.ch/membership, or just subscribe to our newsletter (2-3 announcements per year) by sending a message to contact@isoc.ch. The post Our submission to the EU Call for Evidence on the “European Open Digital Ecosystem Strategy” appeared first on ISOC Switzerland Chapter.

On the 18th of November 2025 two conferences in two European capitals simultaneously discussed issues pertaining to the buzzword of digital sovereignty: the DINAcon in Bern, Switzerland and the European Digital Sovereignty Summit in Berlin, Germany. Despite addressing similar topics, the conferences could not have been more different in content, however: While Swiss administrators used the DINAcon to present their implementation efforts with respect to the free and open-source software and interoperability requirements outlined in articles 9 and 14 of the EMBAG law, respectively, the European governments represented in the European Council pitched a very different vision of digital sovereignty in Berlin: One which emphasizes the competitiveness of and investment into proprietary European software solutions, most likely at the expense of consumer protections. We, as the Switzerland Chapter of the Internet Society (ISOC-CH), are very concerned about the commercial re-interpretation of the term digital sovereignty. While supporting local businesses to develop and administer digital solutions is an essential part of the equation to achieve digital sovereignty, it must not come at the cost of jeopardizing the ability of states to act independently now and in the future. The reaction to an outsized dependency on (state-sponsored) American and Chinese Big Tech firms cannot possibly be an outsized dependency on (state-sponsored) European or Swiss Big Tech companies. Apart from ignoring the fact that companies can change domiciles, be bought by foreign investors or go bankrupt, the “buy European” approach also showcases a lack of creativity and imaginative power on the part of European politicians who cannot fathom an alternative to emulating other global powers and reveals a fundamental misunderstanding about the nature of technological dependencies: The fact that a software vendor or cloud computing provider is domestic does nothing to reduce the vendor lock-in effects, the restrictiveness of proprietary software licenses, and the resulting stifling of competition and innovation. Simply procuring digital services domestically falls massively short of achieving digital sovereignty as defined by either the Swiss (with a narrow focus on the state) or European (with a wider perspective including non-state actors) regulators: > “Digital sovereignty requires the necessary control over and ability to act in > the digital realm to ensure the delivery of state services.” – own translation > of the Swiss government’s definition of digital sovereignty > “Digital sovereignty is the ability of Member States to be able to regulate > their digital infrastructure, data and technologies. It encompasses the > ability of individuals, businesses and institutions in Europe to act > independently in the digital world, allowing for autonomous decisions about > the use, governance, and development of digital systems without undue reliance > on external actors […].” – taken from the Declaration for European Digital > Sovereignty A more encompassing answer as to how ensure digital sovereignty is needed. Any entity which wants to have control over the digital services it uses and aims to be able to change them to serve its specific needs should strive to operationalize the following principles: * local infrastructure: Having access to geographically local computing resources, network infrastructure, and electricity is a prerequisite for being able to exert control over one’s digital services. * local expertise: Without a motivated, experienced and educated local work force who can develop, debug and deploy digital services one cannot truly operate in a self-sovereign manner. * interoperability: Open standards and open data formats allow for connectivity between services and reduced switching costs, thereby preventing vendor lock-ins and increasing one’s agency. * free and open-source software: The four freedoms of free and open-source software (use, change, share and improve) give a legal and technical guarantee to the user to be a self-determined actor rather than a disenfranchised consumer. Instead of paying lip service to free and open-source software like the European Declaration for Digital Sovereignty does by making it optional and conditional, > “Open-source solutions can play an important role enhancing digital > sovereignty, > provided they meet high cybersecurity standards and are complemented by > reliable proprietary technologies where appropriate.” policy makers should recognize that actual digital sovereignty cannot be achieved without a firm commitment to free and open-source software. Operationalizing these criteria is obviously harder than simply procuring domestic digital products. It requires new capabilities, organizational structures and cultural changes. But unlike the simplistic “buy domestic” strategy – whose political appeal in times of economic and geopolitical turmoil is obvious – they actually provide a path to achieve what the Declaration for European Digital Sovereignty sets out as a goal: ensuring “the ability of individuals, businesses and institutions in Europe to act independently in the digital world”. As an NGI-0 consortium member, ISOC-CH will continue highlighting the advantages of free and open-source software, open standards, and open data formats for attaining digital sovereignty to policy makers, administrators, educators, and the wider public. We are happy to support Swiss decision makers on municipal, cantonal and federal levels with our expertise and network to take steps towards true digital sovereignty together. The post The state of discussions on digital sovereignty in Switzerland and Europe appeared first on ISOC Switzerland Chapter.

Switzerland’s federalist tradition delegates significant autonomy to its 26 cantons, allowing them to tailor policies and services to local needs. The introduction of a nationwide electronic identity (e-ID) system, however, represents a marked shift in digital governance: by vesting authority over identity issuance and verification in the federal state, the new e-ID law centralizes power and diminishes cantonal prerogatives. While a unified e-ID promises interoperability and enhanced security, the concentration of competence at the Confederation level undermines subsidiarity, stifles local innovation, and risks a democratic deficit in a system historically grounded in cantonal and people’s self-determination. Swiss Federalism and Cantonal Autonomy Under Article 3 of the Swiss Constitution, all future powers belong to the cantons, unless the Swiss people and the cantons decide, by constitutional amendment, that they shall be attributed to the federation. This principle enshrines the subsidiarity norm: matters best handled locally remain within cantonal competence, ensuring policies reflect regional languages, legal traditions, and administrative capacities. In practice, cantons exercise broad authority over education, healthcare, policing, and civil registers and identity documents, areas where proximity to citizens fosters trust and responsiveness. The E-ID Law and the Centralization of Digital Identity On December 20, 2024, the Swiss Federal Assembly passed the Federal Act on Electronic Identity Credentials and Other Electronic Credentials, establishing a state-recognised e-ID to be rolled out by 2026. Unlike earlier, canton-driven pilots, the new scheme mandates that all public authorities—confederation, cantons, and municipalities—accept the federal e-ID alongside physical ID for electronic identification purposes. While private providers may operate wallets, the Confederation retains exclusive authority over the trust framework, credential schemas, and revocation registries. Consequently, cantonal solutions will be superseded by a one-size-fits-all model dictated by federal technical and policy choices. Erosion of Subsidiarity and Local Tailoring By reallocating identity-management powers from cantons to the federal state, the e-ID law breaches the subsidiarity ethos. Cantonal administrations lose autonomy over design and implementation—functions they have long performed in tandem with local stakeholders. This top-down approach risks producing a monolithic system that may not align with linguistic and procedural variations across cantons. For instance, user interface elements or data-disclosure workflows optimized for German-speaking urban centres may prove cumbersome in rural, French- or Italian-speaking cantons. Hindering Innovation and Experimentation Cantons have historically acted as laboratories of democracy, piloting digital services—such as e-voting, local health portals, and municipal e-administration platforms—before scaling them nationally. Centralizing identity issuance under the Confederation risks stifling this dynamic: any significant alteration or enhancement to the e-ID framework will require federal approval, elongating development cycles and dampening the incentive for localized experimentation. Moreover, private-sector innovators that previously partnered with individual cantons face higher barriers: they must navigate federal procurement processes and standardized certification regimes, reducing flexibility and increasing costs. Complexity, Incoherence, and Privacy Concerns Centralized identity provisioning introduces its own technical pitfalls. A major critique of a state- run, single identity provider is that no central actor can serve all user groups coherently—voluntary adoption means some citizens will decline the e-ID, necessitating parallel systems and eroding transparency. Services catering to non-Swiss or partially registered residents would require separate identity providers, creating confusion and administrative overhead. Furthermore, having the Confederation mediate every authentication event concentrates sensitive metadata—access logs, usage patterns, and verification requests—within a single national database, heightening the risk of mass surveillance. Furthermore, the notion of a single identity gateway also creates a tempting target for adversaries: rather than spreading their efforts across thousands of sites and services, attackers can focus on subverting one system to harvest credentials en masse. A breach of the central provider—even a transient outage or misconfiguration—could effectively lock every user out of their online accounts, from banking and healthcare to social media and e-government services. Worse yet, such concentration makes it trivial to compile comprehensive activity logs, enabling sophisticated profiling, unsolicited marketing, or politically motivated surveillance at a scale previously impossible. Phishing campaigns would only need to mimic one login flow, increasing their success rate and reducing the cognitive load on the victim. And because the e-ID would be used ubiquitously, there’d be no “dark spaces” left for whistleblowers, dissidents, or vulnerable populations to maintain anonymity when they really need it. In short, replacing the polycentric patchwork of today’s digital identities with a single monolithic system risks undermining both individual security and societal freedoms, trading fragmentation for fragility and opacity. Democratic Accountability and the Referendum Safeguard Switzerland’s direct-democracy mechanisms offer a check against unilateral centralization: opponents of the e-ID law have gathered sufficient signatures to force a nationwide referendum, likely scheduled for autumn 2025. Yet, in the interim, cantonal administrations must adapt to the new federal framework, incurring integration costs and reengineering existing digital processes. If the referendum overturns the law, this transitional burden will represent wasted resources and damaged trust between the Confederation and cantons. Conclusion The e-ID law exemplifies the tension between the efficiencies of a centralized digital infrastructure and the principles of Swiss federalism. While a unified identity system may streamline cross-border and inter-cantonal digital services, the shift of power from cantons to the Confederation compromises subsidiarity, curtails local innovation, and risks democratic disconnect. As Switzerland navigates its referendum, policymakers should consider hybrid approaches: granting cantons a participatory role in governance bodies, enabling localized interface customization, and ensuring interoperability standards rather than monolithic platforms. Such measures could preserve the dynamism of cantonal digital experimentation while achieving the interoperability and security goals that underpin a national e-ID. The post Concentration of Power in Swiss E-ID appeared first on ISOC Switzerland Chapter.

Zurich, 6 mai 2025 – La consultation qui se termine aujourd’hui sur la révision partielle de l’Ordonnance sur la surveillance de la correspondance par poste et télécommunication (OSCPT) ainsi que de l’Ordonnance du DFJP (OD-SCPT) [1] soulève d’importantes questions et suscite de vives inquiétudes. Les modifications prévues menacent non seulement le droit fondamental à la vie privée, mais aussi la sécurité du chiffrement. Les VPN et autres services de communication chiffrés sont particulièrement visés – avec des conséquences potentiellement désastreuses pour les citoyens et les entreprises. UNE ATTEINTE À LA VIE PRIVÉE La révision de l’OSCPT prévoit une extension des obligations de surveillance pour les fournisseurs de services de télécommunication (FST) ainsi que pour les services de communication dérivés (FSCD), y compris des obligations élargies d’identification des utilisateurs et de conservation des données. Ces mesures portent gravement atteinte à la vie privée des citoyens sans qu’une justification claire à ce recul soit clairement exprimé. Le secret médical ou la protection des sources journalistiques s’en trouvent directement affectés. DES DONNÉES INUTILEMENT STOCKÉES OUVRENT LA PORTE AUX RISQUES D’ABUS Chaque donnée conservée augmente mécaniquement le risque que celle-ci soit utilisée ou consultée de manière abusive. Les métadonnées peuvent donner des aperçus détaillés sur les relations entre individus, leur localisation et leurs habitudes. La conservation obligatoire des métadonnées pendant six mois permet non seulement une surveillance de masse, mais aussi potentiellement d’autres accès illégitimes par des tiers, comme des pirates informatiques, des criminels ou des employés simplement mal intentionnés. Si de telles données tombent entre les mains de criminels, elles pourraient être utilisées pour le chantage, la fraude téléphonique, le phishing, le vol d’identité et d’autres formes d’abus. LA COMPROMISSION DU CHIFFREMENT EST LA MORT DU CHIFFREMENT L’obligation proposée de supprimer le chiffrement compromet la sécurité de tous. Les fournisseurs seraient contraints d’installer des backdoors ou d’utiliser d’autres méthodes qui affaiblissent délibérément le chiffrement afin de pouvoir permettre aux autorités d’accéder à ces données. Mais si ces failles existent, elles existent pour tout le monde: leur installation permettrait aux pirates informatiques, aux criminels ou entités étrangères d’avoir accès à toutes les données circulant dans le pays. On ne peut pas chiffrer pour les uns, et pas pour les autres. Le gouvernement britannique a récemment tenté d’adopter une réglementations en ce sens: la conséquence immédiate en a été qu’Apple a annoncé le retrait des services chiffrés pour ses clients au Royaume-Uni. Citation traduite de l’allemand: «Apple et de nombreux experts en sécurité informatique soutiennent qu’une porte dérobée rend absurde tout chiffrement. Dès qu’il existe un moyen de déchiffrer des données chiffrées, ce n’est qu’une question de temps avant que des criminels ou des régimes autoritaires ne l’exploitent. Le chiffrement de bout en bout signifie exactement cela : personne d’autre que l’utilisateur lui-même – pas même Apple – ne peut accéder aux données. Une porte dérobée constitue donc toujours une faille de sécurité massive.» [2] En Suisse, les services offrant des solutions respectueuses de la vie privée ont traditionnellement une position forte. Les fournisseurs suisses comme Proton, NymVPN, PVY.swiss ou Threema sont particulièrement touchés par la nouvelle réglementation. Proton a déjà annoncé qu’il quitterait la Suisse s’il ne pouvait plus y exercer ses activités correctement. [3] RÉFÉRENCES [1] https://www.fedlex.admin.ch/fr/consultation-procedures/ended#https://fedlex.data.admin.ch/eli/dl/proj/2022/21/cons_1 [2] https://www.gizmodo.de/apple-sagt-nein-zu-uk-backdoor-end-to-end-verschluesselung-faellt-weg-2000014910 [3] https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung The post La révision prévue de l’OSCPT menace les droits fondamentaux et compromet le chiffrement appeared first on ISOC Switzerland Chapter.

ISOC-CH is a key partner in the Horizon Europe NGI0 Commons Fund, and through this engagement a great opportunity arises to develop as an organization both locally in Switzerland and abroad, creating links between local issues and struggles for digital rights and important developments at the European and global level. The role of ISOC-CH in the NGI0 project is to develop the so-called “Tech dossiers” of free/libre and open software. That is, a comprehensive introduction to a certain are of digital services (e.g., cloud storage, video conferencing, AI), addressing specific audiences (e.g., policy makers, youth, educators, elderly) with a suitable medium (e.g., guidelines, podcast, curriculum). For this project, we are searching for a candidate that will cover the topic of cloud solutions, addressing policy makers and the government in the context of digital sovereignty with an expected engagement of 20% for a period of 1 year, with a possible extension up to 2 years.. In addition, this year, the Board of ISOC Switzerland will be reshuffled. We are looking for additional board members, including for treasurer and/or policy.  For more information and application process, you can reach us at contact@isoc.ch or in one of the upcoming events announced on our web site, https://isoc.ch, and linkedin page. More details about the application process will be announced after the General Assembly 2025. Before, you are very welcome to join the ISOC-CH’s Policy Sessions 2025 on the topic of E-ID, an excellent introduction for this job position! The ISOC-CH board. The post ISOC-CH is hiring! appeared first on ISOC Switzerland Chapter.

On May 15th, ISOC Switzerland Chapter hosted the Public Policy Sessions 2024 including a diverse set of introductory talks and a very interesting panel on the topic of disinformation online, organized by Bernie Hoeneisen, co-founder of ISOC-CH. You can watch the recorded live stream here: https://livestream.com/internetsociety/isoc-ch-public-policy2024 First, Markus Kummer (ISOC-CH Chapter Advisory Council Representative) introduced... The post Public Policy Sessions 2024 (summary) appeared first on ISOC Switzerland Chapter.

On Friday, March 24th, 2023, the ISOC-CH General Assembly decided to join the explicit disassociation from the position paper "Joint Statement zur Plattformregulierung" issued and co-signed by Digitale Gesellschaft (Digiges) a few months ago. The post ISOC-CH to support disassociation from DigiGes Platform statement appeared first on ISOC Switzerland Chapter.

On Friday, March 24th, 2023, the ISOC-CH General Assembly decided to join the explicit disassociation from the position paper "Joint Statement zur Plattformregulierung" issued and co-signed by Digitale Gesellschaft (Digiges) a few months ago. The post ISOC-CH to support disassociation from DigiGes Platform statement appeared first on ISOC Switzerland Chapter.

The parliamentary initiative Pult violates the Swiss Federal Constitution, including freedom of expression and information as well as freedom of the media. Therefore ISOC-CH, pEp Foundation and Pirate Party recommend rejection of the parliamentary initiative Pult. The post ISOC-CH, pEp Foundation and Pirate Party recommend rejection of the parliamentary initiative Pult appeared first on ISOC Switzerland Chapter.

On June 5th and 6th, Mission Publiques invited stakeholders worldwide to discuss the future of Internet governance and to seek answers to How to shape the future of digital cooperation? Who should decide how to leverage the opportunities brought by the use of digital technologies and mitigate the risks they involve? A couple of board... The post ISOC Switzerland Chapter takes part in “We the Internet” Global Citizens’ and Stakeholders’ Dialogue appeared first on ISOC Switzerland Chapter.