On 1 September 2023 the new Swiss Federal Act on Data Protection came into force. On their SME portal the Swiss Government states that companies that are compliant with GDPR will have minimal changes to make. ‘Swiss Privacy Law’ has produced a comparison table (in French) between the provisions of the GDPR and those of the new Swiss law. Access to this and more detail about the act can be found here.
In India, Parliament has passed the Digital Personal Data Protection Act. It has been reported that it departs significantly from the GDPR. It is not yet in force and we are not aware of a date for entry into force having been set at the time of writing.
The act will apply to personal data in digital form and has some extraterritorial effect, applying to “processing of digital personal data outside the territory of India, if such processing is in connection with any activity related to offering of goods or services to Data Principals (roughly equivalent to data subjects) within the territory of India.” Given the reported differences when compared with the GDPR regime, organisations doing business in/with India should take time to familiarise themselves with the key concepts and provisions of the act.
