Subj : Swiss government urges pe
To   : All
From : Mike Powell
Date : Tue Dec 02 2025 10:00 am

Swiss government urges people to ditch Microsoft 365 and others due to lack
of proper encryption

Date:
Tue, 02 Dec 2025 10:20:00 +0000

Description:
A lack of E2EE and sufficient transparency has Switzerland worried about
American hyperscalers.

FULL STORY
======================================================================
- American hyperscalers adhere to the US Cloud Act, which goes against Swiss
beliefs
- Privatim is advocating for true E2EE and more transparency across the chain
- American hyperscalers are acceptable if customers can encrypt their own data

Swiss data protection officers have warned public bodies not to use cloud
services from industry hyperscalers Microsoft, Amazon, and Google, due to a
lack of true end-to-end encryption.

This comes as many SaaS vendors, especially those falling under the US Cloud
Act, could be required to hand over data to US authorities, even if its
stored in Switzerland.

Cloud providers were also criticized for not offering sufficient transparency
to verify security, with long chains of external service providers further
complicating data security.

Switzerland warns against using Microsoft 365, AWS, and Google Cloud

Privatim, the Conference of Swiss Data Protection Officers, also warned that
using SaaS means a significant loss of control for public bodies, meaning
they cannot influence risks to citizens fundamental rights.

Ultimately, Privatim says that international SaaS providers should not be
used for highly sensitive or confidential data unless the government can
encrypt the data itself, and the provider cannot access the keys.

Switzerland is already known for its strict data privacy laws, and a Swiss
Data Protection Act revision in September 2023 adds further requirements for
cross-border data disclosures and more.

The US Cloud Act goes against Swiss standards for privacy and sovereignty,
particularly because even data thats hosted in a Swiss region is not immune
from the US Cloud Act.

Unrelated to this latest warning, Switzerland already has its own, home-grown
alternative to Big Tech. Proton has quickly gained itself a name for strong
security  the company cannot access user data, even if it were required to by
law.

Besides using Swiss and EU infrastructure and adhering to Swiss law, Proton
also offers client-side encryption (CSE) and open sources the parts that dont
need to be protected.

Being that three American hyperscalers account for around two-thirds of the
cloud market, not only does this make finding a suitable and compliant
alternative slightly more challenging, but it represents significant growth
opportunities for those companies if European data privacy trends continue.

======================================================================
Link to news story:
https://www.techradar.com/pro/security/swiss-government-urges-people-to-ditch-
microsoft-365-and-others-due-to-lack-of-proper-encryption

$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.