Privacy Companies Flee Switzerland Amid Harsh New Surveillance Law
Switzerland — long considered a global safe haven for privacy-first technology — is facing a mass exodus of companies following the government’s proposal to radically expand its surveillance framework. The updated VÜPF/OSCPT regulations could reshape the entire European privacy landscape before they come into force in 2026.A Law That Redefines Digital Privacy
The proposed legislation introduces strict identification and data-access obligations for digital services operating in Switzerland. Any platform with more than 5,000 users would be required to verify identities via passports or other official documents.In addition, service providers must store sensitive metadata — including IP addresses, ports, email accounts, and phone numbers — for at least six months. The obligation applies even after a user cancels their subscription, effectively extending surveillance beyond active service usage.
Decryption on Demand and 24/7 Compliance
One of the law’s most controversial elements is the requirement to decrypt user information upon request from authorities. Providers must also maintain round-the-clock readiness to respond to surveillance demands and automatically disclose specific categories of user data.For privacy-focused companies, these provisions fundamentally conflict with core technical principles such as end-to-end encryption, zero-access architecture, and data minimization.
Proton Begins Moving Out of Switzerland
Proton — one of the world’s leading encrypted service providers with over 100 million users — has already begun migrating substantial infrastructure to Germany and Norway. The company confirmed that its first product to leave Switzerland was the AI assistant Lumo, whose servers now operate abroad.Proton announced plans to invest more than 100 million Swiss francs into new data centers outside the country. The move signals a broader strategic shift driven by concerns over Switzerland’s changing regulatory environment.
Threema Warns the Industry Could Collapse
Encrypted messenger Threema publicly criticized the proposed rules, emphasizing that compliance would make their model of secure communication practically impossible. The company argues that the legislation risks destroying Switzerland’s reputation as a center for privacy innovation.Industry observers note that Switzerland’s privacy sector has grown into a significant economic and research hub over the past decade. The new requirements could reverse that progress, pushing companies toward jurisdictions with clearer protections for encrypted communication.
Public Backlash: Thousands Oppose the Bill
Public resistance has been strong. More than 15,000 Swiss citizens have already signed a petition demanding that the government withdraw or rewrite the bill. Many argue that the proposed rules not only undermine digital autonomy but also contradict Switzerland’s historically pro-privacy culture.Civil liberties groups warn that such legislation could set a precedent for other European governments seeking broader surveillance power.
A Turning Point for European Digital Privacy
If enacted, the new VÜPF/OSCPT framework would fundamentally alter the balance between user privacy and government oversight in Switzerland. Companies built on end-to-end encryption and anonymity may simply be unable to operate within the new legal boundaries.The mass relocation already underway suggests a dramatic shift in where privacy technologies will be developed and hosted in the coming years. For Europe, this marks a pivotal moment — one where the continent’s digital privacy map may be redrawn entirely.
Editorial Team — CoinBotLab