SBA calls for clarifications on cross-border access to electronic evidence pursuant to the US CLOUD Act
Securing electronic data is already the subject of intensive international debate. The US CLOUD Act, intended to make criminal investigations more efficient, was enacted in March 2018. Under the Act, US authorities can issue overseas production orders, provided the affected countries have concluded a bilateral agreement with the US, as has been the case with the UK since the beginning of October. At the same time, the Council of Europe is also negotiating a Second Additional Protocol to the Budapest Convention on Cybercrime in order to improve access to electronic evidence.
It is the Swiss Bankers Association’s view that the Swiss authorities must evaluate measures to address the new legal necessities. The SBA therefore welcomes the fact that the Federal Council is addressing the question of a bilateral agreement (executive agreement) with the US under the US CLOUD Act. This is to be coordinated with the activities surrounding the Second Additional Protocol to the Budapest Convention.
The SBA supports preliminary clarifications on the negotiations for an executive agreement with the US, provided Switzerland’s requirements for such agreement to ensure adequate protection of its citizens and institutions are met.
At present, the SBA has identified the following minimum requirements for overseas production orders:
- tight restrictions concerning potential addressees, natural persons and legal entities affected as well as data and crimes concerned
- preservation of the rights of those concerned as well as data and legal protection
- protection of bank-client confidentiality