People’s online privacy and digital integrity under threat in Switzerland and beyond

Q: What recent policy changes in Switzerland raised concerns over internet privacy?

Draft legislation proposing [IP logging](/blog/what-is-my-ip-address) retention, memory‑logging requirements, or [metadata sharing](/blog/what-is-metadata) with international partners sparked public privacy debate.

Q: What defensive measures can Swiss-based tech users adopt using mixnet VPNs like NymVPN?

Nym’s [Noise Generating Mixnet](/mixnet) anonymizes metadata, while [zk‑nyms](/zk-nyms) and decentralized exit routing prevent region-based surveillance—even when local ISPs are mandated to collect logs.

Nym’s call to action to defend our digital rights

Author: Casey Ford, PhD

April 3, 20258 mins Read

A new digital surveillance ordinance in Switzerland is being proposed that would require telecommunication companies in the country, including encrypted email providers like Proton and VPNs like NymVPN, to collect identification from people using their services. Egregiously, it also demands a backdoor on encrypted content.

As a privacy provider, NymVPN believes this would be a violation of people’s rights to online privacy and digital integrity without democratic referendum. As Alexis Roussel, Nym’s Chief Operating Officer, has put it in a public statement:

“This ordinance profoundly alters the spirit of the law. But the Federal Council has chosen the path not subject the ordinance to a referendum in order to push through its demands. At a time when the Swiss are celebrating the success of leading privacy-preserving companies such as Proton and Threema, when the army itself has chosen to use Threema, and when other promising players, such as Nym, are emerging in the field of privacy-friendly technologies and the protection of people's digital integrity, this ordinance by the Federal Council is destroying an entire sector.”

Read the full statement below, and what you can do to help prevent it.

Try NymVPN for 80% off today

What can you do to help?

Help us get the word out: Share this news as widely as possible on your social networks
Live in Switzerland?

Respond to the consultation by 6 May 2025

Write to your federal elected representatives to express your concern about how this ordinance will affect your digital rights and integrity.

Live in the EU? Continue to be on guard against legislative attempts to undermine end-to-end encryption, as Nym has been reporting, and privacy-preserving technologies like NymVPN, Signal, Proton, and many others.

Resources

Full Nym statement

Original French below

A new ordinance issued by the Swiss Federal Council not only puts companies such as Proton, Threema, and Nym at direct risk, but also the security of individuals.

The new version of the Ordinance on the Surveillance of Correspondence by Post and Telecommunications (OSCPT) aims to extend surveillance obligations to those offering services such as e-mail, messaging, social networking, and VPNs.

As of 5,000 users, the ordinance requires operators to identify users by means of a form of identification. The operator must keep this information for 6 months after the end of the relationship (Article 19). For example, an association running a mastodon server would have to identify users if it exceeded 5,000.
The ordinance seeks to impose the decryption of communications when the operator possesses one of the encryption keys (Article 50a).

Generally speaking, the ordinance imposes completely disproportionate conditions for data collection, storage, and accessibility, the cost of which will be borne entirely by the operator. This ordinance directly endangers the people who use these services.

In addition to an extremely technical approach to amending the ordinance, which is designed to prevent citizens from understanding the text, the Federal Council is in fact seeking to circumvent the case law of the Swiss Federal Court, which ruled in favor of Threema's refusal of access to its users’ data.

This ordinance profoundly alters the spirit of the law. In order to push through its demands, the Federal Council has chosen the path of not subjecting the ordinance to a referendum.

At a time when the Swiss are celebrating the success of young privacy-preserving companies such as Proton and Threema, when the Swiss army itself has chosen to use Threema, and when other promising players, such as Nym, are emerging in the field of privacy-friendly technologies and the protection of people’s digital integrity, this ordinance by the Federal Council is destroying an entire sector.

We invite you to respond to the consultation (deadline 6 May 2025), and we also urge you to contact your cantonal and federal elected representatives to ask questions about the legitimacy of such an ordinance today.

Une nouvelle ordonnance du Conseil Fédéral met directement en danger des entreprises comme Proton, Threema ou Nym, mais aussi la sécurité des personnes.

La nouvelle version de l’ordonnance sur la surveillance de la correspondance par poste et télécommunication (OSCPT) veut étendre les obligations de surveillance aux personnes qui proposent des services tels que des courriers électroniques, des messageries, des réseaux sociaux ou des VPNs.

L’ordonnance veut imposer à l’opérateur, dés 5000 utilisateurs, d’identifier avec une pièce d’identité les utilisateurs. L’opérateur doit notamment conserver cette information 6 mois après la fin de la mise en relation. (Article 19) Par exemple, une association gérant un serveur mastodon, devrait identifier les utilisateurs s’il dépasse 5000 utilisateurs.
L’ordonnance veut imposer le déchiffrement des communications lorsque l’opérateur possède une des clés de chiffrement. (Article 50a)

De manière générale, l’ordonnance impose des conditions de collectes de données, de conservation et d’accessibilité complètement démesurées dont le coût sera entièrement à la charge de l’opérateur. Cette ordonnance met directement les utilisateurs de ces services en danger.

Outre une approche extrêmement technique de la modification de l’ordonnance qui vise à éviter que les citoyens puissent appréhender le texte, le Conseil Fédéral veut en réalité contourner la jurisprudence du Tribunal Fédéral qui avait donné raison à Threema qui refusait l’accès aux données de ses utilisateurs.

Cette ordonnance modifie profondément l’esprit de la loi. Mais le Conseil Fédéral choisit la voie qui n’est pas soumise au référendum pour faire passer ses exigences.

Alors que les Suisses se félicitent du succès de pépites comme Proton et Threema, que l’armée même a choisi Threema, et que d’autres acteurs prometteurs, comme NYM, émergent dans le domaine des technologies respectueuses de la vie privé et de la protection de l’intégrité numérique des personnes, cette ordonnance du Conseil Fédéral vient anéantir tout un secteur.

Le modèle d'affaires de ces entreprises est incompatible avec ces exigences du CF. Elles devront faire des choix drastiques et la plupart ne feront pas de compromis sur la sécurité de leurs utilisateurs. Entre-temps, le marché est déjà dévasté. Aucun projet ne prendra le risque de choisir de s’établir en Suisse, connue pour être respectueuse de la vie privée, avant que ce texte ne soit retiré.

Dans un contexte international turbulent, nous devons écouter le peuple qui a voté à Genève et Neuchâtel à plus de 90 % pour le droit à l’intégrité numérique, ainsi que le droit à la sécurité dans l’espace numérique. Le Conseil Fédéral veut refuser ces droits à la population.

Nous vous invitons à répondre à la consultation (délai au 6 mai 2025) et nous vous incitons également à contacter vos élus cantonaux et fédéraux afin de poser des questions sur l’opportunité aujourd’hui d’une telle ordonnance.

Privacy in Switzerland: FAQs

What recent policy changes in Switzerland raised concerns over internet privacy?

Draft legislation proposing IP logging retention, memory‑logging requirements, or metadata sharing with international partners sparked public privacy debate.

How does Switzerland’s legal framework compare to other privacy‑friendly jurisdictions?

Though known for strong data protection laws, proposed amendments challenge this reputation—revealing tensions in balancing surveillance and privacy rights.

What defensive measures can Swiss-based tech users adopt using mixnet VPNs like NymVPN?

Nym’s Noise Generating Mixnet anonymizes metadata, while zk‑nyms and decentralized exit routing prevent region-based surveillance—even when local ISPs are mandated to collect logs.

Can developers or local organizations in Switzerland run nodes to support privacy efforts mundanely?

Yes—the protocol allows community-operated nodes, enabling Swiss developers or privacy nonprofits to contribute infrastructure and offset domestic surveillance risk.

Does Nym provide transparency about its Swiss-based operation or node presence under privacy legislation?

All node operations are globally distributed and publicly visible; participation in Swiss-based infrastructure does not compromise user anonymity since identity is never tied to node ownership.

Keep Reading...

Nym in the World,Surveillance

NymVPN

Nym is more than a VPN

The first app that protects you from AI surveillance thanks to a noise-generating mixnet

November 26, 20248 mins read

Crypto and cash payments for NymVPN are temporarily disabled. But they will be back up shortly !

People’s online privacy and digital integrity under threat in Switzerland and beyond

What can you do to help?

Resources

Full Nym statement

A new ordinance issued by the Swiss Federal Council not only puts companies such as Proton, Threema, and Nym at direct risk, but also the security of individuals.

Une nouvelle ordonnance du Conseil Fédéral met directement en danger des entreprises comme Proton, Threema ou Nym, mais aussi la sécurité des personnes.

Privacy in Switzerland: FAQs

What recent policy changes in Switzerland raised concerns over internet privacy?

How does Switzerland’s legal framework compare to other privacy‑friendly jurisdictions?

What defensive measures can Swiss-based tech users adopt using mixnet VPNs like NymVPN?

Can developers or local organizations in Switzerland run nodes to support privacy efforts mundanely?

Does Nym provide transparency about its Swiss-based operation or node presence under privacy legislation?

Share

Table of contents

Keep Reading...

AI-surveillance won’t save your kids: Chat control rearing its head again

The Nym Dispatch: The arrest of Durov reconsidered

The Nym Dispatch: X blackout in Brazil

Nym is more than a VPN

What can you do to help?

Resources

Full Nym statement

A new ordinance issued by the Swiss Federal Council not only puts companies such as Proton, Threema, and Nym at direct risk, but also the security of individuals.

Une nouvelle ordonnance du Conseil Fédéral met directement en danger des entreprises comme Proton, Threema ou Nym, mais aussi la sécurité des personnes.