If any swiss citizen read here, make your voice heard by responding to the public inquiry ;
Adresse pour l’envoi de questions
Jean-Louis Biberstein (responsable suppléant >Service SCPT, responsable Droit et contrôle de gestion)
Service Surveillance de la correspondance par poste et télécommunication
T +41 58 462 26 27
jean-louis.biberstein@isc-ejpd.admin.ch
Do we have to be swiss? If someone makes a template, I’d be very willing to send it ;p
Not sure, but forgeiners contacting them en masse might not be welcomed. Just to be clear I ain’t Swiss either I just speak French so I could read it. I believe you can also contact them in German.
I’m curious about what happens if illegal activity is detected from a VPN. If this results in a ban from a VPN provider, then for cases like Mullvad it’s simple: make a new account? If VPNs are required to trace it back to the original user and report them to authorities.. well I have no idea what it’s protecting against at that point. Seems dicey. I’d at least imagine if the threat model isn’t high tier, say your casual torrent user, it might be sufficient that it’s not worth the effort if the VPN is not in the same jurisdiction at the authorities in question? Lots of questions on my end about practical use of the VPN if said laws are passed in Switzerland.
This scary how much countrys in Europe is cracking down on basic freedom and privacy rights.
Not exclusively. Some ISPs enforce anti-piracy themself. They’ll respond to reports from anti-piracy orgs by warning their accused customers or even cutting off their internet access.
Zlich.
When you’ve got every mom & pop privacy blog inventing usecases for VPNs … it tends to lead to confusion … unless you know exactly what questions to ask and where to find answers from. PG could be that place.
And why would that be? Any publicly available study/case on why ISPs don’t get dragged through the courts by customers fighting for their right to seed aXXo’s RIPs?
Proton threatens to leave Switzerland upon passage of new surveillance law
Leave Switzerland and go where exactly?
I would assume Iceland, Japan, and Norway could all be a viable option. Norway and Iceland still being within Europe but not part of the EU while still maintaining strong GDPR laws (or something similar).
Antarctica anyone?
Good Article by kuketz-blog.de about this.
It’s in german, but you can use any translation tool recommended by privacyguides or just use an AI.
If you use a fully encrypted service like Signal the location of the server is still relevant, but not as relevant as if you use a trust me bro service.
VPN’s are just based on Trust. For these services laws and countries are extremely important.
My thoughts: If you use a VPN, you just acces the Internet from a different server which uses a different ISP then if you would acces the Internet directly via your home ISP. You just change the ISP with the advantage that you can defeat tracking methods which are just solely based on IP Adresses. Nowadays IP based tracking is just one of hundred methods, so a VPN doesn*t help at all if you don’t do something against all the other tracking methods.
For someone living in the US it makes sense to VPN into a server in switzerland to use a swiss ISP instead of a american one. You don’t need to be an expert so know that US ISPs are tracking and surveilling way more then swiss ISPs.
But from the perspective of a citizen in switzerland it doesn*t make sense to use a VPN if you don’t select a swiss server or a server of a country where the ISP’s are as regulated as in switzerland or even more regulated. But if you choose a VPN server in romania or whatever, then you are decreasing your privacy. Yea, you are still getting a different IP adress, but overall it doesn’t make sense.
Am I right here?
I think many people dont really understand VPNs and that you just switch the ISP which sees your traffic. Yea, your home ISP cant see the traffic, but now ProtonVPN can see the traffic and the ISP from the datacenter server in say Romania can see the traffic too. Double hop makes sense if you for example choose a server in switzerland and one in iceland if you know that these countries are one of the best ones for privacy regulation.
Most, but not all VPN servers are rented. For example, Mullvad owns servers in Denmark, Finland, France, Germany, Netherlands, Norway, Sweden, Switzerland, and the UK. Unfortunately, Iceland isn’t a country where Mullvad owns servers (they rent there). Source
yea, that’s another big issue that if you just rent a cloud server you don’t have the same level of control as if you would own it yourself.
Has there been any news on the proposal? I cannot find anything recent.
As s/he said, still nothing changed.
The government (=executivr power) only launched a phase of multi-stakeholders consultation about a proposal of revision of the law. These stakeholders include Proton AG and NGOs for instance.
This period of consultation is over since the 6th of May so now we are only waiting for the final report about the consultation I guess.
You can find all the details here Fedlex
Interesting article Switzerland plans to ban anonymity and data retention by decree | heise online
In the future, online services with at least 5,000 users will have to store metadata such as IP addresses and port numbers for six months and help the police and intelligence services to decrypt content. According to the plan, there will also be a new requirement for such operators to identify users. They would have to present a copy of their ID or driving license or at least provide a telephone number
Article 50a of the VÜPF reform stipulates that providers with reduced and full obligations must remove “the encryption provided by them or on their behalf”. To achieve this, they are to “capture and decrypt the telecommunications traffic of the monitored person at suitable points” so that the desired data can be delivered in plain text. End-to-end encryption would not be affected by this. However, only if this takes place “between end customers”. The exception for end-to-end encryption would probably not apply at the provider level.
I’m pretty much speechless.
I think this was rejected by all major parties, though I’m not sure what it means - is the law completely off the table or will they try it with an amended version? https://www.inside-it.ch/vupf-revision-faellt-in-der-vernehmlassung-komplett-durch-20250507
AFAIK this isn’t a law per se, it is just a planned change to a government-level regulation, so it doesn’t need to pass trough the parliament. (That being said, normally Swiss politics are consensus-based, so they might give up due to the pushback, but I am not sure)
Edit: read the article from Regime