Busting BÜPF: Proposed Swiss surveillance law threatens privacy, sparks protest

The government of Switzerland has recently put forward a legislative proposal that would give the government new powers to surveil telecommunications and the internet. These amendments would unnecessarily expand the Swiss surveillance state by beefing up mandatory data retention laws and permitting the government to use spy technology for routine police purposes.

In response to this threat to privacy rights, advocates have planned an opposition protest in the Swiss capital of Bern tomorrow, Saturday, May 31. Sponsors of the protest include Digitale Gesellschaft Switzerland, Chaos Computer Club (CCC) Switzerland, Anonymous, Internet Society Switzerland (ISOC-CH), and the Swiss Privacy Foundation.

Access supports the opposition coalition’s protest and encourages Swiss readers to attend Saturday’s event. We further call on the Swiss government to abandon this misguided and highly invasive legislation.

The proposed law, known by its German acronym “BÜPF,” contains troubling provisions which greenlight government use of Trojan horse software and IMSI catchers (remote eavesdropping devices). BÜPF, which was approved nearly unanimously by the Council of States (the small chamber of the Swiss Federal Assembly), would expressly allow such invasive government snooping for the purposes of criminal investigations and missing persons searches.

BÜPF would also require the private sector to support government surveillance activities by mandating data retention by telcos, telecom-enabled communications providers (like email clients and chat services), and even small, non-commercial providers. The law would increase the mandatory data retention period, requiring these “providers” to record and retain metadata from emails, chats, and text messages for a full year.

Despite the draconian nature of the law, which would allow invasive government surveillance for relatively minor crimes, it has received little to no attention from English-language media. Switzerland, which is not a European Union member, is not bound by the EU Data Protection Directive, and already imposes fewer restrictions on data processing than the EU Directive.

As recently observed by the Court of Justice of the European Union, mandatory data retention violates fundamental privacy rights and does not achieve its stated purpose of combating serious crime or terrorism. Mandatory data retention turns all citizens into suspects and is inherently disproportionate. Furthermore, a 2011 German study found that data retention did not make prosecution of serious crime any more effective.

As BÜPF proceeds to the National Council, the large chamber of the Federal Assembly, Access urges that body to forgo this over-reaching legislation. Any surveillance laws should be enacted in accordance with the International Principles on the Application of Human Rights to Communications Surveillance. These Principles, which have been endorsed by more than four hundred civil society groups and fifty legal experts from around the world, take as their baseline that surveillance is a highly intrusive act which among other conditions is not to be undertaken unless it is demonstrably necessary to achieve a legitimate aim. BÜPF is neither demonstrably necessary, nor does it reflect careful consideration of the impact of surveillance on fundamental freedoms.

Click here for more information on tomorrow’s opposition protest in Bern.

As BÜPF moves to the National Council of the Swiss Federal Assembly, users can also express their opposition to the bill by signing a petition cosponsored by the groups organizing tomorrow’s protest.