On January 12, 2017, the U.S. Federal Trade Commission announced the adoption of a Swiss-U.S. Privacy Shield, to replace the existing Swiss-U.S. Safe Harbor Agreement. Companies have a three month grace period to switch from the old to the new regime.
The Swiss version of the Privacy Shield had to be negotiated following the invalidation of the EU-U.S. Safe Harbor Agreement by the EU Court of Justice. While this invalidation did not directly affect the Swiss version of the Safe Harbor Agreement, it was clear that Switzerland could not continue to rely on it. The Swiss Data Protection Authority (“DPA”) considered that the Agreement no longer provided adequate protection, severely limiting its use going forward. The new Privacy Shield, however, has been welcomed by the Swiss DPA as an appropriate mechanism to transfer personal data to the U.S.