Skip to main content
NOPE
In Effect Law Data Protection Context Relevance

Switzerland FADP

Federal Act on Data Protection (FADP/nDSG)

Switzerland's revised data protection law with Article 21 automated decision transparency requirements, human review rights, and fines up to CHF 250,000.

Jurisdiction

Switzerland

CH

Enacted

Sep 25, 2020

Effective

Sep 1, 2023

Enforcement

Federal Data Protection and Information Commissioner (FDPIC)

Non-EU compliance pathway with automated decision transparency

Who Must Comply

This law applies to:

  • Data controllers and processors in Switzerland
  • Entities processing data of Swiss residents
  • Automated decision-making systems

Capability triggers:

automatedDecisionMaking (required)
Required Increases applicability

Who bears obligations:

Data ControllerData Processor

Safety Provisions

  • Article 21: Automated decision transparency and explanation
  • Human review rights for automated decisions
  • Data Protection Impact Assessment for high-risk processing
  • Breach notification required
  • Cross-border transfer protections

Enforcement

Enforced by

Federal Data Protection and Information Commissioner (FDPIC)

Penalties

CHF 250K

Max fine: $250,000

Fines up to CHF 250,000 for individuals

Quick Facts

Binding
Yes
Mental Health Focus
Yes
Child Safety Focus
No
Algorithmic Scope
Yes

Why It Matters

Switzerland's FADP Article 21 automated decision transparency requirements directly impact AI chatbot risk assessments. Provides non-EU compliance pathway for AI companies not subject to GDPR.

Recent Developments

Effective September 2023; provides non-EU compliance pathway

Cite This

APA

Switzerland. (2020). Federal Act on Data Protection (FADP/nDSG). Retrieved from https://nope.net/regs/ch-fadp

BibTeX

@misc{ch_fadp,
  title = {Federal Act on Data Protection (FADP/nDSG)},
  author = {Switzerland},
  year = {2020},
  url = {https://nope.net/regs/ch-fadp}
}

Related Regulations

In Effect PT Data Protection

Portugal Digital Rights Charter

Portugal's Charter of Digital Rights with Article 9 requiring AI to respect fundamental rights and establishing algorithmic auditability principles.

In Effect RS Data Protection

Serbia PDP Law

Serbia's GDPR-aligned data protection law with profiling safeguards and DPIA requirements.

In Effect EU Data Protection

GDPR

Foundational EU data protection law with direct AI enforcement precedent. Article 22 restricts automated decision-making; Article 9 classifies mental health data as special category requiring explicit consent; Article 8 sets children's consent thresholds (13-16 by member state).

In Effect AT AI Safety

Digital Austria 2.0

Austria's digital sovereignty framework establishing Sovereignty Compass for AI audits and mandatory Digi-Check for all legislation.

In Effect NL AI Safety

Netherlands Algorithmic Framework

Netherlands' algorithmic risk assessment framework specifically addressing mental health chatbots in risk reports and requiring Fundamental Rights Impact Assessment (FRIA).

In Effect EE AI Safety

Estonia Kratt Plan

Estonia's €85M AI and Data Action Plan establishing safety testing framework and human-centered AI deployment principles.

Back to all regulations Check if this applies to you