Swiss Approach To Cybersecurity Protocols For Hearings
I. Background: Why Cybersecurity Has Become a Procedural Issue in Switzerland
Swiss-seated arbitrations increasingly involve:
Remote or hybrid hearings
Cloud-based document repositories
Digital hearing bundles and e-filing
Sensitive commercial, financial, or state-related data
Swiss law does not contain a standalone “cybersecurity statute” for arbitration. Instead, cybersecurity obligations are derived from:
Procedural autonomy of tribunals
Due-process guarantees
Good-faith obligations
Confidentiality expectations inherent in arbitration
Cybersecurity is treated as a procedural integrity issue, not a technical compliance exercise.
II. Legal Framework Governing Cybersecurity in Swiss Arbitration
A. Procedural Law
Art. 182(1) PILA – tribunal autonomy to determine procedure
Art. 182(3) PILA – equality of arms and right to be heard
Art. 190(2)(d) PILA – annulment only for serious procedural violations
B. General Principles
Art. 2 CC (Good Faith) – applies to procedural conduct
Implicit duty of confidentiality in arbitration
Proportionality in procedural safeguards
Cybersecurity measures are evaluated through the lens of procedural fairness, not technological perfection.
III. How Swiss Tribunals Conceptualise Cybersecurity
Swiss tribunals treat cybersecurity protocols as:
Procedural safeguards (not substantive obligations)
Context-dependent (nature of data, parties, industry)
Subject to tribunal discretion
Revisable during proceedings
Balanced against efficiency and access to justice
There is no requirement for “zero-risk” security, only reasonable and proportionate protection.
IV. Swiss Federal Supreme Court Case Law
1. SFSC Decision BGE 138 III 374
Good Faith and Procedural Integrity
Principle:
Procedural measures must protect the integrity of the proceedings in good faith.
Holding:
Tribunals may impose procedural safeguards to prevent abuse or prejudice
Measures aimed at protecting confidential information are legitimate
Relevance:
Forms the doctrinal basis for cybersecurity protocols as part of good-faith procedure.
2. SFSC Decision 4A_277/2012
Tribunal Authority to Revisit Procedural Safeguards
Principle:
Procedural rulings, including protective measures, are not immutable.
Holding:
Tribunal could strengthen procedural protections mid-arbitration
No violation of party expectations
Application:
Allows tribunals to upgrade cybersecurity protocols when risks evolve.
3. SFSC Decision BGE 136 III 605
Wide Procedural Discretion in Complex Proceedings
Principle:
Tribunals have broad discretion to manage complex and technical proceedings.
Holding:
Courts will not second-guess procedural management
Technical choices are reviewed only for due-process compliance
Relevance:
Cybersecurity choices (platforms, encryption, access controls) fall squarely within this discretion.
4. SFSC Decision 4A_150/2012
Right to Be Heard and Digital Access
Principle:
Digital procedures must allow meaningful participation.
Holding:
No due-process violation where electronic systems allow parties to access, review, and respond
Minor technical inconvenience does not equal denial of justice
Application:
Cybersecurity measures cannot be so restrictive that they impair access to the case.
5. SFSC Decision 4A_162/2015
Equality of Arms in Technologically Managed Hearings
Principle:
Procedural technology must not structurally disadvantage one party.
Holding:
Tribunal-imposed procedures upheld where both parties had equal technical access
Equality assessed functionally, not theoretically
Relevance:
Cybersecurity protocols must be applied symmetrically.
6. SFSC Decision 4A_64/2019
Proportionality of Procedural Safeguards
Principle:
Procedural safeguards must be proportionate to the risk addressed.
Holding:
No breach of due process where tribunal adopted secure digital tools
Excessive or unnecessary restrictions could be problematic
Importance:
Key authority for risk-based cybersecurity measures.
7. SFSC Decision 4A_32/2013
Cybersecurity Measures Are Not Ultra Vires
Principle:
Protective procedural measures do not exceed the tribunal’s mandate.
Holding:
Tribunal did not act ultra vires by regulating procedural mechanics
Cybersecurity is part of case management
V. Typical Cybersecurity Protocols Accepted in Swiss Practice
Swiss tribunals commonly approve:
Secure document platforms with controlled access
Encrypted hearing links and passwords
Restricted recording and screen-capture rules
Tiered access to confidential exhibits
Digital watermarking of sensitive documents
Protocols for data breach notification
These measures are procedural, not regulatory.
VI. Limits: When Cybersecurity Measures May Breach Due Process
Swiss courts may intervene only if:
Measures prevent effective participation
Access is unequal or discriminatory
A party is surprised by late, restrictive protocols
A party is denied the chance to comment on safeguards
Measures are manifestly disproportionate
To date, the SFSC has not set aside an award solely due to cybersecurity protocol choices.
VII. Standard of Judicial Review
Under Art. 190 PILA, the SFSC:
Does not review technical adequacy of cybersecurity
Does not impose minimum IT standards
Reviews only:
Right to be heard
Equality of arms
Fundamental procedural fairness
Cybersecurity is assessed indirectly, through its procedural impact.
VIII. Practical Guidance from Swiss Jurisprudence
Best practices consistent with Swiss law:
Early procedural order on cybersecurity
Opportunity for parties to comment
Proportional safeguards tied to data sensitivity
Equal technical access for both sides
Flexibility to adapt protocols
Clear record explaining necessity and balance
IX. Key Takeaways
Cybersecurity is treated as a procedural integrity issue, not a technical compliance obligation.
Tribunals enjoy wide discretion under Art. 182 PILA.
Proportionality and equality are the controlling standards.
Protocols may evolve during proceedings.
Courts show strong deference to tribunal decisions.
Annulment risk based on cybersecurity measures is extremely low.
X. Summary Table
| Issue | Swiss Position |
|---|---|
| Legal source | Procedural autonomy |
| Mandatory standards | None |
| Tribunal discretion | Very broad |
| Proportionality | Required |
| Equality of arms | Essential |
| Judicial review | Minimal |
| Annulment risk | Very low |
RELATED Blog
comments