piefed.zeromedia.vipSwiss government urges people to ditch Microsoft 365 and others due to lack of proper encryption
Sahwawww.techradar.com/pro/security/swiss-government…
Swiss data protection officers have warned public bodies not to use cloud services from industry hyperscalers Microsoft, Amazon, and Google, due to a lack of true end-to-end encryption.
This comes as many SaaS vendors, especially those falling under the US Cloud Act, could be required to hand over data to US authorities, even if it’s stored in Switzerland.
17 Comments
Comments from other communities
There are customer-managed keys services for all the above.
At the same time true zero trust you don’t put them in a repository or service that owns the whole stack
It’s weird how those keys need to be stored SOMEWHERE, especially for public-facing services that need to restart without intervention, and that the only place those keys then live is on some CLOUDACT-impaired service.
Zero trust is a fun goal we will never really achieve. Get off American pub-cloud providers.
Not just the privacy aspect should be looked at, many companies are basivally vendor locked and Microsoft has just recently announced price hikes that you can’t get around and avoid.
My experience is that usually overall it’s more complex to self host but also cheaper. Yes you hire additional staff for managing said services and ypu have to get the knowledge to your corp. But in the long term it just pays. Plus since administrating these cloud solution seems to get more complicated rather than easy you’d have to hire regardless.
But now costs are controllable and the biggest plus is that you don’t have to use a common solution for your individual demand that never meets exactly what you need.
dumnezeroUltimately, Privatim says that international SaaS providers should not be used for highly sensitive or confidential data unless the government can encrypt the data itself, and the provider cannot access the keys.
Big Fat Banker: Trumponia backdoors bad, Helvetica backdoors good; I swear on Reich’s gold!
WTF is wrong with you?
It seems pretty straightforward to me: they don’t support swiss folks and would prefer if they had fought Nazis.
Well, it’s true, it’s better to control yourself your assets than let someone else do it. But you should learn to write better.
XCrack, meth, or both: which is it?
Both. Got it.
Don’t you know? Switzerland is bad, bad. They totally knew they took the Nazi gold. Just trust daddy Trump and Microsoft because…
Uh…
Free Monotype(?) fonts can… backdoor you… if you are using free software!
I don’t really know. I tried to break down what they seemed to say and it was still weird.
This guy wants to be the Lemmy equivalent of yeet on Twitter
You’re up past your bed time, child
What’s happening in Switzerland?
Flipping and flopping for the past year. I welcome this latest news, and the similar news yesterday, hopefully it is infectious to the rest of Europe but it completely contradicts things that have been proposed for the last few months, then the sudden change. I wonder did Trump push too hard:
May 14 2025 - Proposed Swiss surveillance law ‘identical to Russia’
June 13 2025 - "A war against online anonymity" – why Switzerland wants to change its surveillance law and what’s at stake
September 11 2025 - Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
November 15 2025 - Switzerland plans surveillance worse than US
November 27 2025 - Switzerland: Data Protection Officers Recommend Broad Cloud Ban for Authorities
..
“Hey, you can’t mass surveil our people, that’s our job!”
In fairness a government should be the only entity surveilling people in its own borders under most any circumstances.
I’m pretty opposed to most any kind of surveillance outside of warranted due process, and I don’t think that any domestic surveillance needs privacy for longer than it takes to do an investigation and prosecution.
It’s when governments are allowed to do things in secret and outside of the law that the whole concept of the law is undermined.
We have a lot of different political and government bodies. Like the “checks and balances” the US had.
So when you read “Switzerland wants to…” it could be:
* A survey of people living in Switzerland
* A initiative (an official political vote done by the swiss citicens)
* One big or multiple parties signing an agreement
* A group of cantons or communal legislative or executive politicians
* A group of semi-official people (like the conference of all the cantons data protection officers ("Kantonale Datenschützer”, keine Ahnung wie all das Zeug auf Englisch heisst, Hilfe)
* Our parliament or a comitee in it
* Our other parliament or a comitee in it
* The federal court
* The federal chancelor
* The federal government
* And sometimes internetusers even mix some company into the bag, for example Proton.
I probably forgot a few and misspelt a lot but you get the idea.
And all of them are different elected or appointed persons, with their own opinions.
That is why everything is so fast at changing here 😆
(We discuss, we decide, we get blocked, we discuss, we change, we get blocked, rinse and repeat)
It’s almost like we’re not a single monolithic entity or something. Go figure.
They want to spy on their people and protect their corporate interests.
Aren’t they also the ones trying to pass laws to remove the encryption from Proton/Threema and so on?
The cynic in me says this is an attempt to force private keys in-country and Swiss Datacenters which would then be subject to their laws and could be easier subpoenaed
That’s not how the swiss government works.
Here the data protection officers are mostly independent of the rest of the government and are just doing their (somewhat hopeless) job.
Of course “warn[ing] public bodies” is about all they are can do.
It’s almost like we’re a multiparty democracy or something.
The press and others tend to report proposals by one part or another as though they have already been passed into law. I think it makes for better headlines.
And Andy Yen uses it for what agenda he has, like moving into cheaper German data centres or whatever.
They should ditch Microsoft 365 due to lack of not sucking balls.
Windscribe are a bit late to the game -https://x.com/windscribecom/status/1995619967996494334
They are twittering today quoting an article that was published 3+ months ago.
Judging by the direction that Switzerland seems to be going, I am guessing (I could be wayyyy wrong) that Swiss privacy companies are going to be still effective for people outside of Switzerland, soon to be completely free from US big tech spying.
Canada are in the 5 eyes, whereas Switzerland aren’t even mentioned in the 14 eyes.
As for Canada being a better place for the Privacy or a VPN, I think Windscribe need to stop drinking their own nonsense.
Damn. I remember seeing a Reddit AMA when I first came across Protonmail some 7-odd years ago with the Protonmail CEO saying something along the lines of “we don’t plan on moving out of Switzerland because other country’s intelligence agencies concern us more than the Swiss intelligence” and I thought that was a good take. Hell, I still do in lieu of everything going on.
I wonder what happens now that they will be “physically diversifying across Europe”.
That’s like quitting Spotify now because you just realised it still doesn’t offer decent sound quality. It’s far from the only reason to quit using it and not a very good one.
I ditched it because it’s shit. I don’t need encryption. What - someone going to steal my fanfics? Let them, then I’d have 2 people reading them.
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
That’s from Edward Snowden. Evidently no one is going to force you to jump through hoops to use encryption if you don’t think you stand to benefit from it. That being said, the “nothing to hide” argument can be a bit of a slippery slope.
Also reminds me of someone I knew, who was doing pure maths research (so, read about as much as your fanfic) and was storing their papers on Dropbox. When informed that that was a private US entity, would enable other entities to access that data, they said “but I want people to read my paper”. They are now furious about LLMs. Go figure.