Swiss surveillance catches up with email

Are your emails being logged and recorded? Keystone Archive

A record of almost every email sent to and from Switzerland is to be logged and stored for at least six months, under a new Swiss surveillance law.

This content was published on July 21, 2002 - 15:56

Since the beginning of 2002, all Swiss Internet service providers (ISPs) have been legally obliged to record the time, date, sender ID and receiver ID of all emails.

While the information to be recorded does not include the content of emails, legal experts have expressed concern that the law poses an unnecessary threat to people's privacy.

"[Under] the new law, Internet providers in Switzerland are required to keep certain information about the mail that is exchanged," says Zurich-based information technology legal expert, David Rosenthal.

"However, there are so many loopholes that the successful interception [of criminal emails] would be so low. I personally don't believe it justifies the immense effort and intrusion into privacy," he told swissinfo.

Loopholes

In other words, real criminals need only use an email address stored in a foreign server - such as "Hotmail" - to avoid being recorded.

But in the case of Swiss Internet users, and the people they communicate with, every email will be kept.

To access the data, authorities must obtain a surveillance warrant from an investigating judge, and in certain cases inform suspects of the action.

The surveillance is also restricted to certain categories of suspected criminals.

For instance, Rosenthal says investigators cannot check emails when pursuing software pirates, publishers of hate speech or even computer hackers.

Passed by parliament in 2000, the new law extends Switzerland's existing regulations on the surveillance of postal and telecommunications to include information technology.

Web users to pay cost of new law

The law becomes fully binding in 2003, allowing Swiss Internet providers time to install new data recording and storage technology - in many cases at considerable cost.

According to Switzerland's second-biggest ISP, Sunrise, over SFr1 million has been spent on installing new technology - some of which the company hopes to recover from the federal government.

But for some of Switzerland's smaller email providers, the new law represents a substantial challenge. A number have expressed concerns that the costs could be passed on to customers.

The government, however, says the issue has been blown out of all proportion.

Surveillance a myth

Andrea De Werra, head of the special projects division of the Federal Communications Office, says a myth has developed that every email in Switzerland is to be placed under surveillance.

"That is not true. Really this is no different to existing forms of surveillance. In a sense nothing has changed.

"It's just that the technology has evolved. Previously traditional surveillance covered portable and fixed-net phones. That has now been extended to include emails.

"But the legal constraints haven't changed - it must be done through a judicial process."

Storage of old data?

Alongside concerns about cost, worries remain about what happens to the data after the six-month period expires.

According to Rosenthal, responsibility for deleting records lies with Internet providers, and not Swiss authorities.

"Of course if I, as a user, suspect that the provider does not adhere to those rules, then of course I can sue him, but nobody will do that, so it's trust in the providers.

De Werra counters that emails are no different to phone numbers - something Swiss authorities have recorded and monitored for years.

"An email address is really comparable to a telephone number," he says.

by Jacob Greber

This article was automatically imported from our old content management system. If you see any display errors, please let us know: community-feedback@swissinfo.ch

Share this story