small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
  1. Privacy & Data Security

Blog

Switzerland-U.S. Privacy Shield Set to Replace Safe Harbor Framework

  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page
  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page

Blog

Switzerland-U.S. Privacy Shield Set to Replace Safe Harbor Framework

  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page

2 Min Read

Author

Eric Shinabarger

Related Locations

Chicago

Related Topics

Europe Privacy
Consumer Privacy

Related Capabilities

Privacy & Data Security

Related Regions

North America
Europe

February 8, 2017

Swiss and U.S. regulatory authorities recently announced that a new Swiss-U.S. Privacy Shield now replaces the U.S.-Swiss Safe Harbor Framework. The Safe Harbor Framework was called into question by Swiss authorities in 2015 after a similar decision by the European Union following a ruling by the European Court of Justice that the United States fails to maintain an adequate level of protection for personal data transferred into the country.

The Swiss-U.S. Privacy shield closely models the EU-U.S. Privacy Shield which went into effect in July 2016. As with the EU Privacy Shield, the Swiss version centers around several key principles, such as ensuring that individuals are adequately notified regarding how and where their information is collected, stored, and used; restrictions on the ability of data collectors to transfer data to non-Privacy Shield compliant third parties; and ensuring the availability of recourse and dispute resolution mechanisms. Similar to EU requirements, the Swiss Federal Data Protection Act prohibits transferring personal data out of the country unless certain conditions are met. For U.S. organizations receiving Swiss data, many relied upon the Safe Harbor Framework. Those companies must now find an alternative justification in order to continue legally transferring information, including joining the Shield, or relying on standard contract clauses, which, per the Swiss data protection authority, includes the EU model contract clauses.

Swiss authorities have indicated that they will not pursue enforcement actions relating to cross border transfers until the Privacy Shield takes full effect on April 12, giving a de facto grace period for companies to switch over to the Privacy Shield program if they previously participated in the Safe Harbor.

TIP: Companies who participated in the Swiss Safe Harbor program will now need to switch to the Shield or find an alternate justification for receiving personal information from Switzerland.

Related Professionals

Related Professionals

Eric Shinabarger

Eric Shinabarger

This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.

Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2025. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising

We, our service providers, and other third parties use cookies and other analytics, advertising, and tracking technologies on this site. Your information, including personal information and interactions with this site, may be monitored, recorded, or collected through these tools and further used or disclosed by us, our service providers, and authorized third parties. For more details, please visit our privacy policy.