I familiarized myself with the “Leitfaden für Behördenanfragen zu Kundeninformationen und -inhalten” which was created by Swico to guide Swiss hosting providers on handling inquiries from Swiss authorities and courts regarding customer activities, information, and content.
Summary
I did try to keep it short and it’s written as I understood it. There is no guarantee for completeness or correctness. Hey, after all, this is just a personal blog.
Purpose and Principles
Swico made this guideline to help Swiss hosting providers handle requests from Swiss authorities correctly. This involves following the law and giving specific recommendations when the law is not clear.
Procedure for Handling Inquiries
- Inquiries must be made in writing, and only Swiss authorities are entitled to receive responses.
- Requests must be clear and specific, detailing required actions and the legal basis.
- Hosting providers are instructed to verify unclear inquiries with authorities and to establish secure, appropriate methods for data transmission.
Roles of Hosting Providers
- They are primarily technical service providers and are not legally responsible for customer content unless they actively participate in questionable actions.
Key Guidelines
- Authorities must provide written requests specifying the legal basis.
- Providers must respond only to specific and proportionate requests.
- Costs incurred by providers in responding to requests may be documented and charged, subject to legal provisions.
Special Cases and Exceptions
- Direct inquiries from foreign authorities are generally not entertained unless channeled through official Swiss assistance.
- Detailed protocols are provided for various scenarios including criminal proceedings, civil proceedings, telecommunications surveillance, and inquiries into the actions of natural persons.
Legal Framework
- The guidelines follow Swiss legal standards and recommendations to safeguard customer information while complying with official requests.
- Examples include procedures for data retention, surveillance, and access to encrypted information, reflecting adherence to both national laws and specific operational guidelines from Swiss authorities.
This guide aims to balance the operational requirements of hosting providers with the need for legal compliance and protection of customer data against unauthorized access or disclosure.
Word of caution
Please note that this is only a very short summary and, of course, cannot cover the full content of the document. Not only is this a summary, but it is also a brief translation. Therefore, do not use this as legal advice. However, if you are involved in hosting from Switzerland, I believe knowing about this document is beneficial.
Offical Link
Swico: Leitfaden für Behördenanfragen zu Kundeninformationen und -inhalten (PDF, Edition April 15th 2020)
Mirror, please refrain from using if not necessary.