The Federal Act on Data Protection (FADP) of Switzerland uses the judicial proceedings exemption to limit the scope of its applicability.

Text of Relevant Provisions

FADP Article 2(2)(c):

"It does not apply to: pending civil proceedings, criminal proceedings, international mutual assistance proceedings and proceedings under constitutional or under administrative law, with the exception of administrative proceedings of first instance;"

Analysis of Provisions

The FADP explicitly excludes certain types of judicial and administrative proceedings from its scope of application. Specifically, the law does not apply to "

pending civil proceedings, criminal proceedings, international mutual assistance proceedings and proceedings under constitutional or under administrative law

". This exemption is broad and covers a wide range of legal proceedings.However, it's important to note that the exemption includes a significant exception: "

administrative proceedings of first instance

" are not excluded from the FADP's scope. This means that initial administrative proceedings are still subject to data protection regulations under the FADP.The rationale behind this exemption is likely to prevent interference with the judicial process and to recognize the specific data processing needs and existing procedural safeguards within the justice system. Courts and other judicial bodies often have their own rules and procedures for handling sensitive information, which may be deemed sufficient to protect individuals' privacy rights in the context of legal proceedings.

Implications

This exemption has several implications for data controllers and processors:

1. Data processing activities related to ongoing legal proceedings (civil, criminal, international mutual assistance, constitutional, or higher-level administrative) are not subject to the FADP's requirements.
2. However, data processing in first-instance administrative proceedings must comply with the FADP.
3. Organizations involved in legal proceedings should be aware that while the FADP may not apply to the proceedings themselves, it may still apply to their other data processing activities related to the same individuals outside the context of the proceedings.
4. Once legal proceedings are concluded, the exemption may no longer apply, and normal data protection rules under the FADP may come into effect for any continued processing of personal data obtained during the proceedings.
5. Data controllers and processors should have clear policies and procedures in place to distinguish between data processing activities that fall under this exemption and those that do not, to ensure compliance with the FADP where required.