Skip to content

Most providers of video conferencing solutions such as Microsoft with Teams, Zoom Technologies with Zoom and LogmeIn with GotoWebinar are American providers. They are often Swiss-US-Privacy Shield certified, which you can easily check for yourself at https://www.privacyshield.gov/welcome. This means for the time being only once that they have an equivalent level of data protection, not yet that they also offer their services compliant to Swiss data protection law. The question must be asked: Does the provider have access to the content data as well as my communication and marginal data? If so, there is a potential problem with official, professional and banking secrecy for the persons concerned and their assistants. Subject to professional secrecy are clergymen, lawyers, defence counsel, notaries, patent attorneys, auditors who are sworn to secrecy under the Swiss Code of Obligations, doctors, dentists, chiropractors, pharmacists, midwives, psychologists, nursing staff, physiotherapists, occupational therapists, nutritionists, optometrists, osteopaths. Other manufacturing and trade secrets may also be affected.

A violation of such secrets is always present if access from the Provider is effectively present. If, on the other hand, there is only a high probability that such access cannot be ruled out, there is not yet a criminal violation, but there is a risk. If one wants to mitigate this risk, then one can store encrypted data and transmit encrypted data in addition to applications, then this probability is very low that the risk in question will materialize. Nevertheless, it may still exist and it depends on the risk appetite of the respective company (see my presentation with Rolf Becker on the Data Protection Day on 20.03.2020).

The extent of the risk depends, among other things, on the data concerned. Is it only sample collections from a notary or is it electronic customer data? We can offer you support in carrying out a concrete data protection impact assessment so that you can continue to work efficiently in these difficult times without a data protection nightmare becoming reality afterwards.