On Friday 18 September a small group of people gathered at L200 (and online) to analyze certain important risks associated with the new law on the Swiss E-ID. The discussion was very lively and productive and the main outcomes relevant for keeping a critical attitude with the fast digital transformation that is happening everywhere. We identified 3 major “risk areas” that need to be better understood especially now that the outcome of the referendum was positive, and the Swiss E-ID will be eventually implemented: 1) Unnecessary dependence on technology in everyday life. 2) Extended exposure of one’s private data. 3) Increased potential damage by identity theft, device hacking or failure. Some of these risks could be better addressed by the current law, most notably the lack of clear measures that ensure its optional character. And others, like the increased exposure to surveillance and various forms of attacks or accidents, are questioning the necessity of a Swiss E-ID in the first place.  The main goal of our discussion was not to repeat the main arguments that prioritize those risks in comparison to the respective benefits mostly related to convenience and law enforcement. The goal was to discuss the most effective ways of communicating those risks to raise the awareness and engagement levels toward a wise digital transformation. 1) The optional character of the Swiss E-ID is an empty promise This is a key point to communicate properly: A digital E-ID stops to be “optional” when it is obligatory for an activity that is really important for someone. If the E-ID is required for me to have an operation for a serious disease it stops being optional for me. It is obligatory. And if for people that have an ID, the compromise to have also an E-ID to access vital services might not seem such a disaster, it becomes one for those without an ID in the first place. If you are not one of those that believe that such people should be exterminated, you should make sure that the E-ID stays truly optional. The law does not guarantee this, but the people can still fight for it. Related to this topic, you can read a recent publication by the Computer magazine titled “How much technology is needed to build a smart community space?“, by Panayotis Antoniadis, which explains why it is important to maintain a wide set of more or less technological options for addressing social problems and why FLOSS software is a key ingredient for enabling local communities to make the right choices. 2) Stronger identity means more powerful surveillance Simple narratives around surveillance capitalism like the “age verification with restricted data” case study, as promoted of the “pro” campaign for the Swiss E-ID, can be dangerous. The threats to privacy caused by the avalanche of digitization cannot be addressed only through protection measures. It is a complex issue that requires complex thinking, not an easy task for communication specialists.  The intention of the Swiss E-ID law has a positive dimension. It aims to minimize the amount of personal data shared with private companies when they need to verify certain aspects of our identity, most notably our age. This is a good design, but it underestimates the power of big corporations to extract more than necessary information in the same way that nudge people into accepting their cookies.  Moreover, it adds one more actor that has full access of one’s digital life, the government. Big companies still collect the same amount of personal data they did before and in addition have access also to our official identification information. And the government that was not aware of our online activities, it will now has also access to a significant part of it. Of course, we trust more our government than Facebook. This is clear. But even a benign state can fail sometimes, can become the victim of attacks, or change in light of a big crisis. Finally, even if we do our best to protect our privacy online, this success can cause important side-effects. A more trustworthy digital world can increase our addiction and dependence on digital services and the power of those having access to this information for producing knowledge on human behavior. 3) Increased digitization increases vulnerability to attacks or failures Accidents or failures happen always, with the examples of blackout in Spain and the airport ransomware still present in our memory, we can only hope that we will not be among the victims of the next natural disaster, malicious attack, or internal failure.  Moreover, the danger of identity theft is another reason why the optional character is highly compromised. Here, the Swiss E-ID law cannot do much. It is a matter of implementation and the advantage is always to those that wait in the back instead of leading the process. The fact that the proposed solution is not fully open source can only make us worry. The more we depend on digital devices for our everyday life the more vulnerable we depend on potential failures and accidents. If we get used to our Swiss E-ID and we leave its physical counterpart always at home, the more harmful it will become if we fall from the bicycle and break our phone or if we lose it before going to an important event or trip that requires it. Final note: the critical role of Free/Libre and Open Source Software The result of the referendum was remarkably close despite the fact that the majority of political parties were in favor. This means that the Swiss people are really concerned by the risks of digitization and thus it is really important to discuss and debate about specific details of its implementation. For this, the role of Free/Libre and Open Source Software is critical, and ISOC-CH is a communication partner of the more ambitious funding programmes for supporting FLOSS software worldwide, the NGI0 Commons Fund. Our forthcoming “what does digital sovereignty mean for … ” series, will include this key dimension in the overall debate taking the perspective of different actors and focusing on what can be actually done, now. Just waiting the European industry to fight the American Big Tech on its own field is not very productive. There is a lot we can all do to protect ourselves from actors that abuse their power and from technologies that do not serve our real needs.  Become an ISOC-CH member and/or join our announcements list by sending a message to contact@isoc.ch to stay tuned! The post What could possibly go wrong with the Swiss E-ID? (a short summary) appeared first on ISOC Switzerland Chapter.

Zurich, 6 mai 2025 – La consultation qui se termine aujourd’hui sur la révision partielle de l’Ordonnance sur la surveillance de la correspondance par poste et télécommunication (OSCPT) ainsi que de l’Ordonnance du DFJP (OD-SCPT) [1] soulève d’importantes questions et suscite de vives inquiétudes. Les modifications prévues menacent non seulement le droit fondamental à la vie privée, mais aussi la sécurité du chiffrement. Les VPN et autres services de communication chiffrés sont particulièrement visés – avec des conséquences potentiellement désastreuses pour les citoyens et les entreprises. UNE ATTEINTE À LA VIE PRIVÉE La révision de l’OSCPT prévoit une extension des obligations de surveillance pour les fournisseurs de services de télécommunication (FST) ainsi que pour les services de communication dérivés (FSCD), y compris des obligations élargies d’identification des utilisateurs et de conservation des données. Ces mesures portent gravement atteinte à la vie privée des citoyens sans qu’une justification claire à ce recul soit clairement exprimé. Le secret médical ou la protection des sources journalistiques s’en trouvent directement affectés. DES DONNÉES INUTILEMENT STOCKÉES OUVRENT LA PORTE AUX RISQUES D’ABUS Chaque donnée conservée augmente mécaniquement le risque que celle-ci soit utilisée ou consultée de manière abusive. Les métadonnées peuvent donner des aperçus détaillés sur les relations entre individus, leur localisation et leurs habitudes. La conservation obligatoire des métadonnées pendant six mois permet non seulement une surveillance de masse, mais aussi potentiellement d’autres accès illégitimes par des tiers, comme des pirates informatiques, des criminels ou des employés simplement mal intentionnés. Si de telles données tombent entre les mains de criminels, elles pourraient être utilisées pour le chantage, la fraude téléphonique, le phishing, le vol d’identité et d’autres formes d’abus. LA COMPROMISSION DU CHIFFREMENT EST LA MORT DU CHIFFREMENT L’obligation proposée de supprimer le chiffrement compromet la sécurité de tous. Les fournisseurs seraient contraints d’installer des backdoors ou d’utiliser d’autres méthodes qui affaiblissent délibérément le chiffrement afin de pouvoir permettre aux autorités d’accéder à ces données. Mais si ces failles existent, elles existent pour tout le monde: leur installation permettrait aux pirates informatiques, aux criminels ou entités étrangères d’avoir accès à toutes les données circulant dans le pays. On ne peut pas chiffrer pour les uns, et pas pour les autres. Le gouvernement britannique a récemment tenté d’adopter une réglementations en ce sens: la conséquence immédiate en a été qu’Apple a annoncé le retrait des services chiffrés pour ses clients au Royaume-Uni. Citation traduite de l’allemand: «Apple et de nombreux experts en sécurité informatique soutiennent qu’une porte dérobée rend absurde tout chiffrement. Dès qu’il existe un moyen de déchiffrer des données chiffrées, ce n’est qu’une question de temps avant que des criminels ou des régimes autoritaires ne l’exploitent. Le chiffrement de bout en bout signifie exactement cela : personne d’autre que l’utilisateur lui-même – pas même Apple – ne peut accéder aux données. Une porte dérobée constitue donc toujours une faille de sécurité massive.» [2] En Suisse, les services offrant des solutions respectueuses de la vie privée ont traditionnellement une position forte. Les fournisseurs suisses comme Proton, NymVPN, PVY.swiss ou Threema sont particulièrement touchés par la nouvelle réglementation. Proton a déjà annoncé qu’il quitterait la Suisse s’il ne pouvait plus y exercer ses activités correctement. [3] RÉFÉRENCES [1] https://www.fedlex.admin.ch/fr/consultation-procedures/ended#https://fedlex.data.admin.ch/eli/dl/proj/2022/21/cons_1 [2] https://www.gizmodo.de/apple-sagt-nein-zu-uk-backdoor-end-to-end-verschluesselung-faellt-weg-2000014910 [3] https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung The post La révision prévue de l’OSCPT menace les droits fondamentaux et compromet le chiffrement appeared first on ISOC Switzerland Chapter.

Work on Tech-Dossier on Privacy Since January 2025 ISOC-CH is working on privacy-focused Tech Dossiers (TD), which relate to various projects which are technically supported by Next Generation Internet (NGI) funding, provided by the EU Commission and the State Secretariat for Education, Research and Innovation (SERI) of the Swiss Confederation (cf. https://www.sbfi.admin.ch/sbfi/en/home/seri/seri.html). In scope of this work, also the Artificial Intelligence (AI) topic was given special attention as to show how to make a more sovereign use of its potentials without neglecting the risks associated to the intensified practice in datafication of everything (including the collection and use of Personal Identifiable Information, PII) to make those systems generate (sometimes useful) answers. Teaching the Teachers on Privacy As an audience, we choose to raise awareness among early stage secondary school teachers in their last step of formation about the dangers of datafication, which (soon) will have the job to teach their topic (e.g., German or Mathematics) on secondary schools among Switzerland. As teaching is done more and more interdisciplinary and with an increasing relation to digitization, teachers are formed at University of Zurich (UZH) also in aspects of digital educational tools used in teaching. From our perspective, it’s absolutely vital that at least young teachers get themselves and critically tought in aspects of digitization such that they can raise awareness among kids about it and we can have a scalable effect on spreading critical knowledge on privacy implications of digital systems, increasing thus media literacy in the general public and give insights to alternatives which can be used. Concrete Teacher Audience at University of Zurich To start this task, we teamed up with Tessa Consoli, Academic Associate to the Chair of Prof. Dr. Dominik Petko on Teaching and Educational Technology at UZH in the Institute of Education (IfE; cf. https://www.ife.uzh.ch/en/research/petko/staff/consolitessa.html), researching on aspects of the influence and use of digitzation in the secondary school system. Since Spring Semester 2025 she runs a course on Transerversal Learning including a strong focus on digitization topics in schools (cf. course description: https://studentservices.uzh.ch/uzh/anonym/vvz/?sap-language=DE&sap-ui-language=DE#/details/2024/004/SM/51260439). With her work, the IfE is assessing which digital educational tools are being used in the secondary school system across Switzerland, running surveys (cf. corresponding research work: https://www.ife.uzh.ch/en/research/petko.html). First Efforts with a Presentation and Reactions As the course lecturer Tessa sees and shares the interest to shed light not only on chances, but also on the risks of the ongoing pervasive (mass) datafication — including the loss of digital sovereignty in the public school system —, we were invited to give a public intervention in her course on 18.3.2025 (cf. in PDF: slides), not only showing the problematic global situation of mass datafication through, e.g., means of Mass Surveillance as shown since — at the very latest — the Snowden revelations since June 2013, but also how to engage in self-defense by using technological tools for a more decentralized and private Internet, using means of media literacy and tools which are also supported by the NGI funding framework (like, e.g., Mastodon, Tor or Jitsi). The intervention at UZH proved to be very useful as the teachers present weren’t generally aware of the scope of the (non-consensual) datafication going on, which happens to be used, e.g., in AI systems as training material, imposing privacy risks of data leakage and loss of control through automatic decision-making with people don’t understand why certain (e.g., insurance) prices for them rise or they don’t get a credit. Awareness at which points data gets collected by own actions was also not very sharp: most people weren’t aware that “simple” news sites massively collect behavioral data and share it with hundreds of “partners” — a problem which can be reduced by using certain Add-Ons or Browser Bundles (especially for smart phones) to share less data by technical means. The post NGI0: Teach the Teachers on Dangers of (Mass) Datafication appeared first on ISOC Switzerland Chapter.

The ISOC Switzerland Chapter is proud to be one of the partners of the Horizon Europe project NGI0 Commons Fund, which started on January 1st 2024. The project is part of the NGI0 NGI Zero coalition, led by NLnet Foundation, which uses a very flexible cascading funding scheme that enables a large number of carefully... The post ISOC-CH is a partner of the NGI0 Commons Fund appeared first on ISOC Switzerland Chapter.

John Spencer, a former US Army Major, is the Chair of Urban Warfare Studies at the Madison Policy Forum. When Russian troops invaded Ukraine and started to get bogged into a gruelling siege at Mariupol, he decided to help the best way he could: by getting his urban warfare manual translated to Ukrainian and hope... The post Can Russian Wikipedia go offline? appeared first on ISOC Switzerland Chapter.

Even though tens of millions of Gmail and Yahoo accounts are hacked and being sold on the dark web, why is encrypted e-mail still not the default?  Is it high technical barriers, or the users’ “I have nothing to hide” arguments or lack of easy to use encryption solutions in the consumer space?  Especially in... The post Are we finally ready for End-To-End-Email-Encryption (E2EE) yet? appeared first on ISOC Switzerland Chapter.

The Beyond the Net Grant supporting this event series has now successfully ended. You can read here a short review of the events in 2021 (available as a printed booklet at L200). But the 7at7 series continues, since everything is in place already and additional funding from ISOC will be pursued soon! You can see... The post The Beyond the Net Grant ended, but the 7at7 series continues! appeared first on ISOC Switzerland Chapter.

Digital sustainability was one of the first topics addressed in the 7at7 series, on September 7, 2020. Six months later, Panayotis Antoniadis and Nana Karlstetter (one of September 7at7 keynote speakers) joined Rahel Estermann and Laura Hagen to create the Digital sustainability working group at Digitale Gesselschaft, which presented itself for the first time in... The post Digital sustainability and sustainable digitalization appeared first on ISOC Switzerland Chapter.