Data confidentiality, integrity and availability: These three cornerstones of data protection are technically and organisationally difficult to implement, especially with large data streams and multiple processing points.
Control of data flows: Traceability and protection against manipulation in data processing across different organisations is currently only insufficiently guaranteed.
Anonymisation and pseudonymisation: These techniques are often insufficient to ensure the confidentiality and integrity of data.
Implementation of regulations: Despite a legal basis, there is a lack of uniform standards, good practice and effective monitoring.
Inter-cantonal harmonisation: Promote uniform implementation of data protection across all cantons.
Research and development: The Confederation should promote research programmes to monitor and trace data processing and flows.
Minimum standards for data protection: The Federal Data Protection and Information Commissioner (FDPIC) should define and continuously maintain minimum standards and good practices for the anonymisation and pseudonymisation of data.
Information and data protection management systems: Require data processing organisations to introduce a risk-based information and data protection management system.
Through these measures, politics, business and society can jointly create the conditions for a sustainable and secure handling of data.
Umberto Annino, Microsoft | Matthias Bossardt, KPMG | Martin Leuthold, Switch | Andreas Wespi, IBM Research
Endre Bangerter, BFH | Alain Beuchat, Banque Lombard Odier & Cie SA | | Daniel Caduff, AWS | Adolf Doerig, Doerig & Partner | Stefan Frei, ETH Zürich | Roger Halbheer, Microsoft | Katja Dörlemann, Switch | Pascal Lamia, BACS | Hannes Lubich, Verwaltungsrat und Berater | Luka Malisa, SIX Digital Exchange | Adrian Perrig, ETH Zürich | Raphael Reischuk, Zühlke Engineering AG | Ruedi Rytz, BACS | Riccardo Sibilia, VBS | Bernhard Tellenbach, armasuisse | Daniel Walther, Swatch Group Services