Data protection rules must apply to all
April 19, 2018

Data protection rules must apply to all

If companies are obliged to adhere to stricter data protection rules, this trend should also apply for governments.

Scandals such as the recent Facebook and Cambridge Analytica affair give rise to feelings of powerlessness and anger at the fact that people appear to be considered fair game when it comes to the information they leave behind in the internet. The efforts of the EU and Switzerland to improve the protection of individuals’ data are therefore very timely. Those with a lot of information have a lot of power, and on a small scale, can influence purchasing decisions, while and on a larger scale, they can change the political landscape. It is surprising that there is hardly a mention of financial privacy in this matter. Recent years have shown that when it comes to money, it is not companies, but rather tax authorities that have the biggest interest in getting as much information as possible. Accordingly, the OECD has developed a comprehensive standard for the automatic exchange of tax-related information that almost 150 countries have committed to implementing (with the exception of one of the world’s most important financial centres, the US). The Base Erosion and Profit Shifting (BEPS) project aims to prevent multinationals from engaging in tax arbitrage; the exchange of financial information is also key here. But where is the line between a legitimate interest in tax revenues and total transparency in matters relating to financial circumstances?

Financial data are particularly sensitive

The Swiss banks have advocated for the greatest possible protection of customer data that is exchanged between countries. They have also pushed for the information that is exchanged to be used exclusively for taxation purposes, and not in other matters. They know that detailed information about a person’s financial situation is among the most sensitive that can be disclosed. In some countries, the protection of financial privacy is not just a matter of personal freedom, but also a security consideration. Wealth in certain countries can mean being exposed to risks ranging from susceptibility to blackmail through to a threat to life and limb. The protection of customer data continues to be a top priority for the Swiss banks, particularly in an age where technological possibilities make it easy to analyse and interpret behavioural patterns. Security concerns are one of the key factors that lead to the conclusion that Switzerland should dispense with a regulation similar to the Payment Services Directive 2, which has now come into force in Europe. There is a certain level of ambivalence that can be ascertained here: consumers should be protected from the mania for data collection of private sector companies, but when it comes to finances, the trend appears to be moving towards more and more transparency. In the area of information exchange, the OECD has now even gone a step further: in future, not only tax information is to be exchanged, but also indicators of conduct that suggest tax evasion.

Data protection – regardless of whether by companies or governments

This trend should be very closely monitored and addressed critically: data protection and control over one’s own data is more important now than ever, irrespective of whether private sector companies or the public sector has access to this information. If governmental activities stipulate access to information, it should at least be ensured that the misuse of data is prevented to the greatest extent possible. Among other things, the OECD’s standard contains provisions regarding data protection. We expect all countries to adhere to these provisions and that the OECD penalise any violations thereof. The Swiss banks adhere to international standards – but they also advocate that customer data be subject to the greatest protection possible. Because the collection of information by governments should also have clear limits.