The Swiss data protection authority is currently grappling with significant challenges stemming from the impending resignation of Fabienne Tresch, who has served as the data protection officer. The vacancy her departure creates not only highlights the difficulties of succession within this specialized role but also puts the spotlight on the agency's resource limitations amid rising demands for data security.
Since her appointment, Tresch has reported advising around 95 governmental and private entities, alongside handling numerous smaller inquiries over the phone. These statistics were detailed in her activity report covering the period from June 2023 to December 2024. According to Tresch, her current 20% work schedule, equaling only 400 working hours, is no longer sufficient to meet the needs of her legal responsibilities. "The duties of the data protection officer are not limited to responding to inquiries," she stated. "They also involve inspections and training for authorities to monitor and secure compliance with data protection laws."
The challenges have been exacerbated by recent revisions to both the cantonal and federal data protection laws, which have created stricter compliance requirements, particularly as the pace of digitization accelerates. With Tresch's resignation now set for the end of February, the immediate responsibility will fall to her deputy, MLaw Michael Zgraggen, until her successor is appointed.
Tresch explained the upward trend of inquiries received—which are attributed to heightened awareness among authorities and civilians about data protection principles. For example, she noted a request from the local fire department seeking access to the lists of new residents for recruitment purposes. She confirmed, "The municipality is permitted to share the necessary personal data as it falls under the legitimate duties of the fire department."
Unfortunately, filling the position of data protection officer presents challenges. Tresch pointed out the specialized nature of the work, coupled with the insufficient time commitment. She currently balances this role with her job as a lawyer, underscoring the need for reform to make this position more appealing. The current remuneration and the part-time nature of the role make the position less attractive for potential candidates.
Meanwhile, the Zuger government has previously responded to requests for more resources by consistently denying them. Authorities have now acknowledged the need for greater independence and resource allocation for oversight institutions, including the data protection office.
Recent discussions within the Zug government signal potential changes. A draft for partial revisions to the Ombuds- and data protection legislation has been initiated, aimed at addressing the funding independence of both offices. Previously, when the data protection office applied for increased budget allocation, their requests were often met with refusal by the Zug government. Upcoming modifications are intended to prevent the government from altering the budget drafts submitted by these independence-seeking institutions, placing financial decisions solely within the Cantonal Parliament's authority.
"Current budgetary constraints limit the scope of our functions, and it’s high time the government acknowledges the growing demands on our services," said Tresch. Her emphasis aligns with concerns stemming from state and public engagement with data protection issues.
Future deliberations surrounding these legislative changes will occur within the framework of ensuring effective governance. A motion introduced by various Zug cantonal representatives argued against the government’s oversight over resource allocations for these independent entities, highlighting the need for the system of checks and balances when it pertains to oversight institutions.
The Zuger Cantonal Parliament reviewed this motion earlier this March, affirming the necessity of maintaining oversight, albeit allowing the independent offices complete autonomy over their budget processes. Once approved, the proposals will reinforce the power of budget requests made by these offices, marking progress toward stronger governance and data protection frameworks.
While the focus remains on transitioning this important role smoothly, the overarching challenge lies within effectively responding to and adapting to these looming changes in data protection legislation and public awareness. There’s no doubt these next few months will be pivotal as appointment processes for Tresch's successor and budget modifications seek to redefine the future of data protection oversight across Swiss regions.