Swiss providers to keep email records for 6 months

By EDRi · April 9, 2003

Since 1 April, new legislation went into force that obliges Swiss Internet
Service Providers (ISPs) to keep a 6 month email log file. That means they
will have to store time, size and addresses of all emails sent by their
customers (the SMTP envelope data). The authorities will be able to access
these stored data with a search warrant only. Access is limited to a number
of serious offences such as paedophilia and drug trafficking.

There is no general obligation to store the content of all emails, but
providers can be ordered to keep the specific correspondence of a suspect
(preservation) and forward it to a special new crime-investigating unit.

Internet service providers have resisted the new legislation, pointing at
the high costs of storage and selection software. However, the new
legislation hasn’t fully satisfied law enforcement officers either. Before
this law was introduced, there were no restrictions on the type of data a
judge could order an ISP to hand-over. “The politicians weren’t very
pragmatic,” said Nicolas Cruchet, an investigating judge in canton Vaud.
“These restrictions undermine the value of the law.”

Sunrise, Switzerland’s second-biggest ISP, estimated that complying with
the legislation would cost the company around 1 million Swiss Francs
(673,000 Euro). Some smaller ISPs have threatened to pass the extra costs
on to their customers. Company and university servers are not covered by
the new rules; nor are cybercafes.

A confidential document about the technical requirements of wiretapping in
Switzerland (02.04.2002) can be found at:
http://cryptome.org/ch-ilets-regs.htm

Contribution by Felix Rauch, Swiss Internet User Group (SIUG).