Smartphones are now often the central evidence hub in criminal proceedings. Almost everyone carries one, which makes them one of the most important data carriers for investigators. That is precisely why access to them must never become a legal vacuum; an effective sealing procedure upon seizure is needed as a safeguard for privacy, personality rights, and professional secrecy.

Law enforcement is under pressure to review digital evidence quickly, while affected individuals often can only challenge a search with a significant delay. That tension is exactly what makes sealing so essential.

Why this issue matters now

Recent media reporting points to a marked rise in sealing-related proceedings involving smartphones; in Zurich alone, the number is said to have increased by 75 percent. At the same time, the federal authorities are working on more efficient procedures for securing electronic evidence while expressly emphasizing data protection and procedural rights.

This shows two things: digital evidence has become indispensable for criminal prosecutors, but the rule-of-law safeguards must operate with equal seriousness. If sealing and unsealing are not handled promptly and carefully, irreparable intrusions into highly sensitive personal data can follow.

The role of sealing

Sealing is not a technical footnote; it is a core procedural safeguard for sensitive information upon seizure. Anyone whose devices or documents are seized and who invokes confidentiality interests can request that the contents remain sealed until a court decides whether inspection is allowed.

This is especially important for smartphones, because they often contain an exceptionally broad digital footprint: chats, photos, health data, location history, work documents, and private communications. A search therefore almost inevitably interferes with privacy and must be justified with particular care.

What the court must assess

In unsealing proceedings, the question is not simply whether the public prosecutor would like to review the data. The compulsory measures court must also determine whether there is sufficient suspicion of an offence and whether the search is proportionate.

This review is crucial in digital cases because the interference is so far-reaching. Authorities must not access an entire device on a blanket basis if the relevant information can already be narrowed down more precisely, or if protected secrets outweigh the investigative interest.

Current developments and practical problems

The current debate around digital evidence reveals a structural problem: proceedings often take too long, even though digital data can quickly lose evidentiary value or appear in massive volumes. At the same time, the affected person’s duty to cooperate is sometimes applied too strictly in practice, although the Federal Supreme Court has stressed in relevant cases that substantiated disclosures can be sufficient.

Added to this is the new statutory three-day deadline for filing a sealing request after seizure, which has been described in legal commentary as a significant tightening and a potential trap. Missing that deadline, or failing to justify the request properly, can mean the irreversible loss of protection.

Why this matters for personality rights

The right to sealing protects not only lawyers, journalists, and other holders of professional secrecy, but ultimately every person whose most intimate life domains are stored on a device. A smartphone search often provides a comprehensive view of someone’s digital life, far beyond what is relevant to the criminal proceedings.

For that reason, the rule of law must not weaken the sealing mechanism simply because some courts have not yet fully adapted to the pace of technological change. The correct response is not less legal protection, but more precise procedures, faster judicial review, and stricter reasoning requirements for any intrusion.

Conclusion

In digital criminal proceedings, sealing is not a luxury; it is a rule-of-law necessity. Especially with smartphones and other data carriers, it determines whether privacy remains effectively protected or whether sensitive data are disclosed too early.

Anyone who wants to make searches of digital devices easier must not gradually dismantle the protection of affected persons. A functioning sealing procedure is the condition for keeping criminal prosecution, personality rights, and privacy in fair balance.

Decision 2C_47/2025 of 27 March 2026 – Labelling of vegan products

The Federal Supreme Court has ruled that the term ‘milk’ may not be used in connection with vegan drinks – not even in a modified or ironic form. In the case of an oat drink bearing the label ‘SHHH… THIS IS NOT M[*]LK’, the Federal Supreme Court upheld the ban imposed by the Zurich Cantonal Laboratory. Even the stylised spelling, with a drop symbol in place of the ‘i’, is sufficient to give the impression of a reference to milk.

The court based its decision on its 2025 case law (decision 2C_26/2023), according to which terms such as ‘milk’, ‘cream’ or ‘yoghurt’ are protected designations for animal products under the Federal Act

on Foodstuffs and Consumer Products (Foodstuffs Act, FSA) and the Foodstuffs Ordinances. Such terms may only be used for products that are actually made from milk of animal origin.

Focus on differentiation and consumer protection

The Federal Supreme Court emphasises that the term ‘milk’ raises clear expectations among consumers – particularly with regard to nutritional value, composition and origin. A ‘negative claim’ (‘this is not milk’) does not alter this, because the connection to real milk is deliberately established. The decision provides legal certainty for manufacturers, inspectors and consumers and sends a further signal in favour of transparent labelling in the growing market for vegan alternatives.

Administrative procedures for the placing of foodstuffs on the market

The authorisation and supervision of foodstuffs in Switzerland is governed by the Ordinance on Foodstuffs and Consumer Goods (LGV; SR 817.02). The Federal Food Safety and Veterinary Office (BLV) is responsible for coordinating enforcement, whilst the cantons (e.g. the Zurich Cantonal Laboratory) carry out enforcement.

Anyone wishing to place a food product on the market must, in particular, ensure:

Special provisions apply to so-called ‘novel foods’. Breaches result in a ban on placing the product on the market, as in the present case, sometimes accompanied by administrative proceedings up to the Federal Supreme Court.

International trend towards clear labelling

The Federal Supreme Court’s ruling is part of a European and international trend calling for a clear linguistic distinction between animal-based and plant-based foods. In the European Union, the term ‘milk’ is reserved exclusively for animal products under EU Regulation No 1308/2013. The same applies to terms such as ‘cheese’ or ‘butter’.

The European Commission and national authorities – such as the Federal Ministry of Food and Agriculture (BMEL) in Germany – emphasise the importance of uniform and transparent product labelling so as not to mislead consumers. The recent EU dispute over the terms ‘veggie burger’ or ‘veggie schnitzel’ shows that whilst legislators are granting more leeway for plant-based products, they are simultaneously drawing clear boundaries as soon as protected terms such as ‘milk’ are involved.

Switzerland – albeit as a non-EU member – thus follows a similar line to the EU: Consumer protection and legal certainty take precedence over creative wordplay in marketing.

Conclusion

The new ruling makes it clear: creativity in the marketing of vegan products has legal limits. Anyone selling plant-based alternatives must adhere to the labelling rules of food law – even if playful wordplay appears attractive from a marketing perspective.

Dear Partners and Clients

The year is approaching its end. We would like to thank you for the excellent cooperation this year and look forward to more pleasant encounters next year. We wish you a Merry Christmas, a relaxing winter break and a Happy New Year.

Our office will be closed from the afternoon of December 24, 2025 until and including January 2, 2025. We look forward to returning to work with renewed vigour on 5 January 2026. In urgent cases, please contact us at info@bps-legal.ch.

Your expert for travel law

Whether it’s a cancelled flight, lost luggage or trouble with the tour operator – Julius Paulicka will stand up for your rights. As a specialist in travel law and a lawyer admitted in Switzerland and Germany, I know the stumbling blocks on holiday and will help you to assert your claims if the anticipation of your trip is spoilt.

Travelling from Switzerland – your rights know no bounds

Switzerland is strongly orientated towards European standards when it comes to regulating travel rights. Package holidays in Switzerland are governed by the Federal Package Travel Act, which is based on the EU Package Travel Directive. As a result, Swiss travellers benefit from comprehensive protection in the event of defects, service deviations and in the event of the tour operator’s insolvency. Individual travellers also benefit from clear claims in the event of defects and can demand compensation if the requirements of the Code of Obligations are met.

Flight rights – enforcement in Switzerland too

In the event of flight delays or cancellations and problems with baggage, Swiss consumers can often also rely on the EU Air Passenger Rights Regulation (EC No. 261/2004), as this is often applicable under bilateral agreements and in air transport – for example, if the departure takes place in Switzerland or an EU country. The case law of the Court of Justice of the European Union (CJEU) is also regularly taken into account by Swiss courts, as Switzerland has expressly recognised the primacy of international law within the framework of the Agreement on the Free Movement of Persons.

Competent advice on all travel law issues

As a specialist in travel law, I will help you to enforce your rights. Not with empty phrases, but with sound expertise, empathy and a genuine understanding of your situation, I will support you in

Special features for Swiss travellers

Even though Switzerland is not a member of the EU, Swiss travellers benefit from the association with important EU legal acts in the area of travel and consumer protection. The application of European air passenger rights and the recognition of corresponding ECJ case law are an integral part of the Swiss legal framework in travel law according to the current interpretation.

Your advantage with a specialised law firm in Central Switzerland

Travel relaxed – I will take care of your rights in the event of a dispute. Contact me for a non-binding initial assessment.

Employment relationships in the public sector differ from private labour law in key respects. A recent decision by the Administrative Court of Zug clarifies the conditions under which a dismissal in a public sector employment relationship can be lawfully pronounced, in particular in the event of a breach of trust.

Special features of the employment relationship under public law

In contrast to private labour law, which generally provides for extensive freedom of dismissal, public employers may only terminate the employment relationship for objective reasons. Such reasons include, for example, operational reorganisation, poor performance or – as in the present case – a lasting breach of trust. The relevant personnel laws of the cantons and municipalities require that the termination appears to be an objectively justifiable measure and that the general principles of state action, in particular the principle of proportionality, are observed.

Facts of the case: Trade union commitment and conflict of loyalty

In this case, a teacher at the Menzingen cantonal school reactivated the internal teachers’ union after a change in school management and campaigned on behalf of colleagues who had lost their jobs as a result of personnel decisions. Despite repeated requests from the school management to accept personnel decisions and respect competences, the teacher turned to the superior authority as a trade unionist. The school management saw this as a sustained breach of the relationship of trust and terminated the employment relationship.

Legal assessment by the administrative court

The Administrative Court of Zug examined whether there were objective grounds for termination and whether the dismissal was proportionate. It came to the conclusion that even a serious loss of trust – even without disciplinary misconduct – can justify a dismissal if cooperation is objectively no longer possible. The court emphasised that in such exceptional cases, milder measures such as a transfer or warning are not mandatory if they cannot restore the damaged relationship of trust. The dismissal was classified as not abusive; there was no entitlement to severance pay as there were no corresponding applications.

Procedural law requirements

Public employers are obliged to respect the right to be heard and to conduct the proceedings correctly. In particular in the case of performance or behavioural problems, a written warning and a probationary period are generally required before dismissal. The principle of proportionality requires that the mildest appropriate measure is always chosen. This can only be deviated from in the event of particularly serious disruptions – such as an irreparable loss of trust.

Practical conclusion

The decision of the Administrative Court of Zug shows that dismissal in the public sector can be permissible even without disciplinary offences, provided that the relationship of trust has been permanently and objectively disturbed. Nevertheless, each case remains a case-by-case examination: as a rule, warnings, the right to be heard and the examination of less severe measures are mandatory. Public employers should therefore document dismissals carefully and strictly adhere to the procedural requirements in order to avoid legal disputes.

Frequently asked Questions on public sector employment Law

An employment relationship under public law exists if the employment relationship is expressly regulated by cantonal personnel law, such as the Personalgesetz (PG) of the Canton of Zug. This applies in particular to teachers, administrative staff and employees of public authorities.

Depending on the applicable personnel law, notice of termination must be given in the form of a ruling, and the person concerned must be given the right to be heard. The dismissal must be justified in writing and there is a 30-day deadline for lodging an appeal. The procedure must be transparent and comprehensible.

Yes, a profound breach of trust can justify dismissal – even without disciplinary misconduct – if no milder measure (e.g. transfer, warning) is reasonable or likely to succeed. This was expressly confirmed by the Administrative Court of Zug in its ruling on the dismissal of a teacher.

In addition to the loss of trust, the following reasons may justify ordinary dismissal (see also BGer 8C_995/2012):

  • Lack of willingness to co-operate
  • Sustained breakdown of the relationship of trust
  • Quantitatively or qualitatively inadequate work performance
  • Personal difficulties with superiors or subordinates that affect the working atmosphere
  • Repeated criticism of social skills, confirmed by various stakeholders (e.g. pupils, parents, colleagues)
  • Work performance that does not improve despite support
  • Minimalist attitude in the fulfilment of the work assignment

No. An entitlement to severance pay only exists in the event of abusive dismissal. If there is an objective reason and the procedure was followed correctly, there is no such claim.

Debtors should not be able to discharge their financial obligations through abusive bankruptcy. At its meeting on October 25, 2023, the Federal Council enacted the necessary amendments to the law and ordinances, in particular the Federal Act on Debt Enforcement and Bankruptcy, with effect from January 1, 2025.

As a result, the hurdles to freeing oneself from debts to the detriment of creditors have become higher. If the debtor is registered in the Commercial Registry, claims under public law will no longer be pursued for seizure but for bankruptcy from January 1, 2025. These claims include, for example, tax arrears, fines or outstanding state pension contributions. Companies are therefore exposed to an increased risk of bankruptcy. Art. 43 no. 1 and 1bis SchKG, which excluded these claims from bankruptcy proceedings, will be deleted from the law.

This change has a major impact on companies and their creditors. This is because, unlike the previous procedure with loss certificates (‘Pfändungsverlustscheinen’), bankruptcy proceedings can put an end to a company’s activities. Only companies that are generally subject to bankruptcy are affected. Who is subject to bankruptcy is determined by Art. 39 para. 1 SchKG. Parliament justified the change by stating that debtors should no longer be able to misuse bankruptcy proceedings to avoid their financial obligations, such as salary payments or debts, and thus harm other people.

Private creditors benefit because the creditor who files for bankruptcy bears the costs. As the public sector is the most common creditor, private individuals can file their claim free of charge after the state has initiated bankruptcy proceedings. However, the deadline of 15 months for filing a bankruptcy petition must be observed. At the same time, this makes it more difficult for the authorities to enforce their claims, as they now have to go through the more complex bankruptcy proceedings.

The Federal Act on Combating Abusive Bankruptcy not only resulted in amendments to several laws, namely the Swiss Code of Obligations, the Debt Enforcement and Bankruptcy Act, the Swiss Criminal Code and the Federal Act on Direct Federal Taxation. As a result, the Commercial Register Ordinance and the Criminal Records Ordinance were also revised in order to provide the necessary implementing provisions for the implementation of the law.

From now on, bans on activities entered in the criminal register will be reported to the Federal Supervisory Authority for the Commercial Register, which will check whether a ban on activities is incompatible with entries in the commercial register. In addition, measures can be taken that go as far as deleting the person concerned from the commercial register. Furthermore, the cantonal tax authorities are obliged to notify the commercial register offices if a company has not submitted the annual financial statement required by law. These provisions strengthen cooperation between the authorities and prevent such companies from operating for long periods without keeping accounts and thus acting to the detriment of their creditors.

Presently there is no dedicated Artificial Intelligence (AI) legislation in Switzerland. Nevertheless, given the ever increasing adoption and use of AI tools in various sectors – in particular in finance, the risks associated with such systems would inevitably require thorough scrutiny.

To this end, the Swiss Financial Markets Authority (FINMA) has recently[i] published a set of findings and observations which take a risk-based approach defined from operational, data-related, IT and cyber alongside legal and reputational perspectives. The supervised entities would therefore need to identify, assess, monitor, manage and control the risks associated with their AI applications, either as an in-house development or outsourced, and to make sure these are aligned and reflected in their respective governance models.

Above all, FINMA highlights operational risks such as lack of robustness, correctness, bias and explainability, the risks associated with third party service providers as well as challenges in the allocation of responsibilities and accountability as the most compelling issues.

Once identified, the ‘materiality’ of the risks in question would need to be determined. In other words, to define whether a given AI application may carry a higher threshold in cases where it “…is used to comply with supervisory law or to perform critical functions, or when customers or employees are strongly affected by its results”.

From the perspective of date-related risks, it is apparent that incorrect, inconsistent, incomplete, unrepresentative or outdated data would undermine the credibility and effectiveness of an AI application. Therefore, certain measures would need to be put in place to ensure input data integrity and that the availability of and access to data is secured. On the other hand, FINMA refers to regular checks in order to detect data drifts, and to validation methods in order to guarantee ongoing quality of output data.

Lastly, it is noted that explainability of results would be critical for an effective assessment of an AI application, whereby the drivers of a given application and its behaviour under varying circumstances and conditions would need to be comprehensible even to non-experts such as clients, investors and supervisory authorities etc. For those applications carrying higher ‘materiality’, the results of an independent review forming an informed and unbiased opinion as to the reliability of the application in question would also need to be taken into account in the development phase of that application.

[i] See here https://www.finma.ch/en/news/2024/12/20241218-mm-finma-am-08-24/.

The new FINMA circular 2025/2 on rules of conduct under the Financial Services Act (FinSA) and Financial Services Ordinance (FinSO) which is set to enter into force on 1 January 2025[i] aims to put together a series of uniform standards for the provision of information and support of clients in the financial services sector.

A transitional period until 30 June 2025 is introduced for the implementation of certain requirements.

The circular will essentially be applicable to banks and security firms, managers of collective assets, companies with provision of fund management as well as portfolio management services. Therefore, those financial service providers which are not subject to FINMA supervision would in principle fall outside of the scope of the circular.

In a nutshell, a number of points as follows.

[i] See here https://www.finma.ch/en/news/2024/11/20241121-mm-rs-verhaltenspflichten-fidleg/.

On 17 October 2024[i] the European Commission adopted the first implementing rules of cybersecurity of critical entities and networks, in consonance with the NIS2 Directive, in the form of an Implementing Regulation.[ii] The Regulation is set to come into force in late November, to be precise 20 days after its publication in the Official Journal – which took place on 7 November 2024.

The adoption of the Regulation also coincides with the last day of the deadline set for the EU Member States to transpose the NIS2 Directive into their national laws.

The implementing rules essentially detail measures pertaining to cybersecurity risk management, and reporting obligations to national authorities across the bloc which are imposed on companies providing digital infrastructures and services in the event “significant” incidents may occur. Specifically, those companies with provision of digital services for instance cloud computing service providers, data centre service providers, online marketplaces, online search engines and social networking platforms would fall under the scope.

NIS2 Directive[iii] re-categories and noticeably expands the previous scope, which initially covered two categories of i) operators of essential services (OESs) and ii) relevant digital service providers (RDSPs), by classifying covered entities under either Essential Entities (EE) or Important Entities (IE).

EE includes sectors of energy, transport, finance, public administration, health, space, water supply and digital infrastructure such as cloud computing service providers and ICT management.

IE includes sectors of postal services, waste management, chemicals, research organisations, food processing, manufacturing and digital providers such as social networks, search engines and online marketplaces.

With micro and small entities in principle excluded from the scope, the Directive puts in place a size threshold. In other words, a threshold of 250 employees, annual turnover of €50 million or balance sheet of €43 million concerning the EE entities, respectively a threshold of 50 employees, annual turnover of €10 million or balance sheet of €10 million concerning those under the IE list.

Nevertheless, an entity may still be considered as ‘essential’ or ‘important’ irrespective of its size, if it is the sole provider of a critical service for societal or economic activity in a given Member State, respectively a trust service provider or any central or regional government entity.

Similar to GDPR, the Directive requires Member States to impose penalties for non-compliance, the ratio of which would differ per classification. €10 million or at least 2% of global annual turnover for the previous fiscal year, whichever is higher, for the EE entities, respectively €7 million or at least 1.4% of global annual turnover for the previous fiscal year, whichever is higher, for the IE entities.

Notably, the covered entities’ management bodies, such as board of directors, would also be held liable for non-compliance.

On the other hand, the Swiss Information Security Act (Informationssicherheitsgesetz, ISG) applies primarily to the federal administration, cantonal authorities and their partner companies in the country, and its revised version is set to come into force by 1 January 2025. In this context, partner companies could be active in similar sectors as those within the scope of the Directive in the EU, such as financial and information and communication sectors as well as those service providers and manufacturers of hardware and software products that are used by critical infrastructures.

Therefore, supplier companies would indirectly fall under the scope of ISG, similar to that of the Directive in the EU. The Swiss entities forming part of a supply chain which ultimately target those EU based entities covered by the Directive, would as a result be affected by the requirements and obligations under both instruments.

Specifically, the subsidiaries and branches of Swiss entities registered within the EU, which fall under either of the EE or IE classifications, will have to comply with the Directive in the EU and comply with the requirement to register with the national authority of an affiliated Member State, among other things. In this scenario, the parent or affiliated entity in Switzerland may also be indirectly caught under the radar of the Directive through the supply chain connection.

[i] See here https://ec.europa.eu/commission/presscorner/detail/en/ip_24_5342.

[ii] See here https://eur-lex.europa.eu/eli/reg_impl/2024/2690/oj.

[iii] See here https://eur-lex.europa.eu/eli/dir/2022/2555.

Following the judgement of 4 October 2024 of the Court of Justice of the European Union (CJEU)[i], case C‑446/21 between Maximilian Schrems and Meta Platforms Ireland Ltd (“Meta”), the scope of collection of personal data on social media network platforms and the applicable restrictions thereof in particular in the context of targeted advertising were put under strict scrutiny.

Here, the EU General Data Protection Regulation (GDPR) principles of data minimisation and purpose limitation were specifically delved into.

Meta generally manages the provision of services of the online social network Facebook in the EU and is considered as the controller within the meaning of the GDPR. The present case concerns data collected from Facebook users’ activities by Meta not only on Facebook but also outside, including those data related to online platform visits and navigation patterns as well as third party websites and applications. For this, Meta is seen to utilise cookies, social plug-ins and pixels, which are embedded on the relevant websites, for the purpose of targeted advertising.

The CJEU decision brings further clarity to the following:

. the scope of the principle of data minimisation under Art. 5(1)(c) GDPR covers all personal data which is collected from data subjects or third parties by a controller, collected on or outside the platform, for the purpose of aggregation, analysis and processing in the context of targeted advertising, whereby the retention time would at all times need to be restricted and the type of personal data would need to be distinguished. Furthermore, the principle is applicable irrespective of the legal basis used for the processing, and even if a data subject may have consented to targeted advertising, their personal data cannot be used indefinitely.

. Article 9(2)(e) GDPR, on processing of special categories of personal data, would need to be interpreted in a restrictive manner, whereby the mere mentioning of a fact by a data subject in a public setting should not easily give rise to any other information related to that particular fact being labelled as “manifestly made public” and hence legally permitted to be processed.

As a consequence of the CJEU ruling, any operator of a social media network platform or online advertisement company would need to restrict their data pool and put in place an effective data deletion policy.  

[i] See here https://curia.europa.eu/juris/document/document.jsf;jsessionid=5CE53D5E3FCC1ABA77F2ACD5AAC2F038?text=&docid=290674&pageIndex=0&doclang=en&mode=req&dir=&occ=first&part=1&cid=1306139.