Switzerland has long been known for its strong privacy laws and commitment to data protection. However, recent developments in the Swiss government have raised significant concerns amongst the privacy and security community. In this article, we intend to explore these concerns, raised by Proton and Threema, as well as provide our own insight on these matters. We intend to focus on the facts of the case, and we will provide sources for the claims we make at the end of the article.
The ordinance on the surveillance of correspondence by post and telecommunication (OSCPT) details the regulations and modifications concerning the surveillance of postal and telecommunication correspondence. In short, these regulations may force companies to start logging consumer behavior to aid in legal investigations. This can be a very significant concern for companies that provide VPN services, since the whole point of a VPN is to obscure your online activity. If these new Swiss laws go into effect, there is a very real concern that Proton VPN will be required to store user data as well as what they have been doing online in a type of profile. This profile may be intended for the Swiss Government to track down criminals, but if it exists, it can be hacked, which means hackers could abuse these profiles as well.
The Swiss Government makes a strong claim that these laws are intended to protect the public from online crimes, including scamming and hacking. It is possible that these laws will combat online crime, but it is more likely that these laws might be abused by the governments that enact them, and it’s very likely that once companies start logging online behavior, it will become easier for the VPN companies themselves to become corrupt and abuse their logs.
The Swiss Government also has made an all-too-popular request for service providers to disable encryption. Thankfully, Switzerland will still allow client-side end-to-end encryption, but this sets a very dangerous precedent that could potentially ban end-to-end encryption in the future. If this happens, it will be next to impossible for any single person to hide anything online—which also means hackers will be more able to hack their way into these less encrypted databases and use the information to blackmail or extort users. A future without any end-to-end encryption leads to a future without privacy—and a future without privacy is 1984 levels of dystopian.
In conclusion, the Swiss Government might potentially endanger online privacy, as well as security. If you live in Switzerland, we strongly encourage you to speak out against this new law—there is a chance that we can stop it from being fully passed and enacted. Share the news on social media - every little bit helps. Together, we can fight for our right to privacy.
Note that Eridius uses servers in Finland, not Switzerland. We are not directly affected by this law, however it is important to us that this law is not passed - for the sake of online privacy everywhere.