Swiss data protection officers have warned public bodies not to use cloud services from industry hyperscalers Microsoft, Amazon, and Google, due to a lack of true end-to-end encryption.
This comes as many SaaS vendors, especially those falling under the US Cloud Act, could be required to hand over data to US authorities, even if it’s stored in Switzerland.
The cynic in me says this is an attempt to force private keys in-country and Swiss Datacenters which would then be subject to their laws and could be easier subpoenaed
That’s not how the swiss government works.
Here the data protection officers are mostly independent of the rest of the government and are just doing their (somewhat hopeless) job. Of course “warn[ing] public bodies” is about all they are can do.