Starting September 15, 2024, transferring personal data from Switzerland to the United States will become significantly easier, thanks to a new framework approved by the Swiss Federal Council. This marks a significant shift, allowing these data transfers to rely on an adequacy decision rather than the more complex Standard Contractual Clauses (SCCs).
Until this decision, Swiss companies had to navigate a cumbersome process when transferring personal data to the U.S. Not only did they have to rely on the Swiss-adapted EU SCCs, they also had to conduct a Transfer Impact Assessment (TIA) due to the European Court of Justice’s Schrems II ruling. This ruling heightened the scrutiny on data transfers, requiring companies to assess the potential risks involved thoroughly.
Data transfers to the USA will now become less complicated
The approval of the Swiss-U.S. Data Privacy Framework addresses these challenges. It eliminates the need for companies to draft SCCs and perform TIAs for transfers to participating U.S. companies. This new framework simplifies the process, closing the compliance gaps that had previously existed.
In the past, some confusion arose because the U.S. website listing self-certified companies misleadingly suggested that these companies were already certified under the Swiss-U.S. DPF, even though the Swiss Federal Council had not yet approved the framework. Now that the framework has been officially endorsed, these issues should be resolved, ensuring smoother and more secure data transfers between Switzerland and the U.S. going forward.