For years, Switzerland has stood as a worldwide symbol for privacy protection. That’s about to change as they have made a move to implement new laws requiring businesses to store users’ information for six months.
Many advocates of online privacy have expressed their discontent with this proposal, arguing that it strips away individuals’ ability to protect their own privacy while using the internet.
A direct hit on anonymous communication
The Swiss government wants to update its surveillance regulations. The new plan would make companies that offer digital services follow more rules. Companies with over 5,000 users would be the most affected. They’d have to get a government ID from everyone who uses their service.
Think passports or driver’s licenses. No more anonymous signups with just an email address. Providers would also have to retain metadata for six months. That includes IP addresses, phone numbers, and device port numbers.
Metadata doesn’t show message content, but it can reveal a lot. Who you communicate with. When you sent the message. And even your location. When you gather the pieces together, it’s enough to build a complete profile on someone, something experts consider a goldmine for surveillance.
Encryption under fire
The proposal doesn’t force companies to break encryption that they can’t access. But there’s a catch.
If a provider holds encryption keys, authorities can demand decrypted communications. Critics say that creates dangerous backdoors.
“A backdoor drives encryption ad absurdum,” security experts warn. Once there’s a weakness, bad people can take advantage of it.
Apple encountered something similar in the UK. The company chose to withdraw encrypted services rather than compromise security.
Swiss-based privacy companies now face that same impossible choice.
Proton says it would leave
Proton is Switzerland’s most famous privacy company. It offers encrypted email, VPN, and cloud storage to over 100 million users.
CEO Andy Yen didn’t hold back in a recent interview. “This revision attempts to implement something illegal in the EU and United States,” he said.
“The only country in Europe with a roughly equivalent law is Russia.”
Yen warned that the rules would make Proton less private than Google. That’s a stunning statement for a privacy-first company. Yen told RTS that it would leave them with no choice but to exit Switzerland. Proton has already started moving infrastructure.
The company is investing over €100 million in the European Union. It’s building facilities in Norway and Germany. Proton’s Lumo AI chatbot is already hosted in Germany. The goal is to avoid being “held hostage by Switzerland” if laws change.
NymVPN and others are ready to follow
Proton isn’t alone in this fight. NymVPN, Threema, Session, and PVY.swiss are all pushing back.
Nym’s COO Alexis Roussel confirmed his company would also leave. “There is a great worrying paradox,” he told Recorded Future News.
“When the need for privacy tech is so important, the state actively destroys its own local privacy industry.”
Roussel believes the government may tweak the proposal. But he doubts the changes will go far enough.
Some Swiss cantons, including Geneva, have already pushed back. They’ve introduced a right to digital integrity. That measure passed with over 90% consensus.
The approval was suspended because of too much backlash
Swiss lawmakers called for public consultation. That concluded last year on May 6. Almost everyone who participated condemned the surveillance move. Digital rights groups were against it. Politicians even opposed it.
Tech companies weren’t an exception. They pointed out that this law, if approved, could jeopardise the work of journalists, activists, whistleblowers, and others who handle sensitive information.
“The right to anonymity supports communities seeking safety online,” said Chloé Berthélémy from European Digital Rights.
Swiss lawmakers heard the message. They slowed the process and sent the proposal back for further review. Currently, the proposed surveillance rules haven’t yet received approval to become law. But privacy advocates believe the fight is not yet over.
A global test for privacy
The Swiss debate reflects a wider global conflict. The UK, EU, Australia, and the US face similar struggles. Governments want access to digital evidence. Privacy advocates warn about long-term civil liberties damage.
What makes Switzerland different is its reputation. Companies and users chose Swiss services because they believed the laws offered stronger protection.
The United States is no exception. Utah’s new law holding websites liable for VPN use represents another example of government efforts to regulate online privacy tools.
If Switzerland adopts broader surveillance, other governments may follow its lead.
Proton’s Marc Loebekken made that clear at a United Nations forum in Geneva. “Switzerland is taking a first step in Europe,” he said.
“This would lead to severe difficulty for Swiss businesses to compete in digital trust.”
The outcome matters far beyond Swiss borders. It will test whether privacy-first services can survive under their original principles.
For now, how this will affect online security and privacy in the future is still up for debate.
