At present, there is no legislation in Switzerland dealing specifically with AI, and there is no current initiative to enact general-purpose AI regulation (see 3.1 General Approach to AI-Specific Legislation for further details).

However, the majority of Swiss law is technology-neutral, and can therefore also apply to AI-based products and services. This includes the following.

• Civil liability: liability for damages or specific performance, as set out in the Swiss Code of Obligations, whether under contract or tort, is based on the conduct of natural or legal persons. AI systems themselves therefore cannot be held liable, but the owner, operator or manufacturer of the AI systems can. The Product Liability Act could potentially apply to AI-powered products (see also 10.1 Theories of Liability).
• Criminal liability: under Swiss criminal law, criminal liability primarily attaches to natural persons. Even legal persons such as companies are only criminally liable with respect to select offences, or if the responsible natural person cannot be identified due to organisational deficiencies. Where criminal offences are committed by or through the use of AI, the individuals developing the AI systems, manufacturing the AI-based products, or those operating the systems or products could be subject to criminal penalties. Where the offences are committed negligently, questions with respect to attribution and the standard of care are largely unresolved.
• Data protection: Swiss data protection law (primarily the Federal Act on Data Protection) already applies to AI-based processing of personal data. In view of the rapid developments in this field, the Federal Data Protection and Information Commissioner (FDPIC) issued a statement confirming this view in November 2023. The FDPIC highlighted, in particular, the requirement of transparency with respect to the purpose, functionality and data sources of AI-based processing of personal data.
• Intellectual property: intellectual property legislation, particularly the Patent Act and the Copyright Act, can apply to the collection and use of input for AI (eg, the training of the AI model), as well as to the generation of output by the AI. However, IP protection of AI-generated content is limited (see 15. Intellectual Property for further details).
• Unfair competition: the Unfair Competition Act prohibits business practices that are misleading or otherwise unfair or violating the principle of good faith. It applies both to vendors of AI systems/services and to other industries that make use of AI. Typical examples include providing incorrect or misleading information about one’s own business or disparaging or inaccurately comparing the offerings of competitors. The Unfair Competition Act also prohibits the exploitation of unlawfully obtained trade secrets.
• Employment law: this applies where AI is used in an employment context. The Swiss Code of Obligations, which governs employment relationships between private companies and individuals, provides for a general duty of care of the employer to respect and protect the employee’s personality rights and health, which can be affected by AI.

Notably, Switzerland is neither a member state of the European Union nor a member of the European Economic Area, so EU/EEA legislation only applies to the country where it is specifically referenced in Swiss legislation.

Before the launch of ChatGPT in November 2022, the use of AI in Switzerland focused primarily on predictive AI. Much innovation in AI was concentrated in industries that have historically been strong users of technology in the country, such as finance, pharmaceuticals and medical devices, and robotics. By way of example, financial institutions have been using predictive AI extensively for fraud and money laundering prevention, portfolio and suitability analysis, and trading strategies. The most widespread use of “generative” AI in all industries was arguably text translation, with tools such as DeepL.

Following the general availability of ChatGPT, generative AI tools have seen a massive uptake in various industries in Switzerland. This includes “high impact” industries such as software and technology, media, pharmaceuticals, and finance, as well as industries where the use of generative AI is still in earlier stages, such as marketing and professional services. According to a study conducted by PwC’s strategy consulting “Strategy&” in March 2024, the Swiss economy has the highest growth potential worldwide through generative AI and could expand by 0.5 to 0.8% annually in the coming years based solely on the use of generative AI.

In its “Guidelines on Artificial Intelligence for the Confederation” published on 25 November 2020 (AI Guidelines), the Federal Council (Switzerland’s highest executive authority) makes the case that Switzerland should create and maintain an environment conducive to the research, development and application of AI in order to ensure high-quality living standards. The Swiss government does not specifically facilitate investments in the AI sector or specific technology, but favours a bottom-up approach. There are two essential pillars to incentivise the development and use of AI, as follows.

• Regulatory conditions: the Federal Council strives to provide optimal regulatory conditions that encourage AI innovation. This involves adopting technology-neutral regulation that offers business and science stakeholders the freedom to choose and develop AI technologies.
• Education, research and innovation: the Federal Council emphasises the importance of education, research and innovation as foundations for AI development. Education should enable everyone to acquire the digital skills necessary to live in an AI-driven digital society, and should offer advanced AI-specific education for specialists. Research should be left in the hands of Switzerland’s research institutions, including the choice of technologies and areas of research, as well as permitting those institutions to adopt their own guidelines for the use of AI.

Consistent with the principle of technology-neutral regulation, the AI Guidelines do not distinguish between different kinds of AI, such as generative AI or predictive AI.

Recently, multiple Swiss public research universities have established dedicated research centres and hubs for AI, aiming to combine researchers from different faculties and industry stakeholders and to facilitate AI start-ups and spin-offs. One prominent example is the ETH AI Center of the Swiss Federal Institute of Technology in Zurich (ETH Zurich).

The Swiss government has historically adopted a “wait-and-see” approach with respect to regulating AI, and has favoured industry self-regulation. However, in light of other regulatory initiatives regarding AI, notably the European Union’s AI Act and the Council of Europe’s proposed AI Convention, the Federal Council decided in November 2023 to review possible regulatory approaches that would be compatible with those two regulatory frameworks.

The results of this review are expected to be available by the end of 2024, and are intended to serve as a basis for the preparation of a specific regulatory proposal. The proposed regulation will then likely undergo an extensive consultation process prior to being introduced to the Swiss parliament.

There is no applicable information in this jurisdiction.

AI Guidelines

The AI Guidelines set out seven basic guidelines on the use of AI in Switzerland. They are not binding on the private sector as their primary purpose is to serve as a general frame of reference for the use of AI within the federal administration and to ensure a coherent policy. They can be summarised as follows.

• Putting people first: the dignity and well-being of the individual as well as the common good should be paramount when developing and using AI.
• Regulatory conditions: the Swiss government must continue to ensure the best possible regulatory conditions so that the opportunities offered by AI can be exploited (see 2.2Involvement of Governments in AI Innovation).
• Transparency, traceability and “explainability”: AI-based decision-making and interaction with AI systems should be clearly recognisable as such. The functioning of AI and its purpose should be disclosed in a responsible and legally compliant manner, and data sets used for the training or development of AI should be disclosed within the framework of legal obligations in order to facilitate monitoring.
• Accountability: liability must be clearly defined when using AI. Delegating responsibility to machines must not be permissible.
• Safety and security: AI systems must be designed to be safe, robust and resilient in order to have a positive impact on people and the environment. They must not be vulnerable to misuse or misapplication, and safeguards must be in place to prevent serious misuse.
• Active shaping of AI governance: Switzerland should work to actively shape global AI governance, in particular through its membership in international organisations such as the UN, OECD, ITU and Council of Europe.
• Involvement of all relevant national and international stakeholders: Switzerland should aim to include all relevant stakeholders, including the private sector, civil society and scientific experts, in the political decision-making process.

Fact Sheet Generative AI

In response to the rapid rise of generative AI chatbots, particularly ChatGPT, the Swiss government issued a “Fact sheet on the use of generative AI tools in the Federal Administration”, the most recent version dating from 18 January 2024. The goal of this fact sheet is to give practical guidance to the employees of the federal administration and other federal agencies on how to use generative AI tools for their daily work.

The fact sheet encourages responsible experimentation with generative AI tools, such as summarising publicly available sources, obtaining code suggestions or generating images for presentations. It also reminds users not to violate existing regulations and policies. In particular:

• users must never enter government information classified as confidential or secret, subject to official or professional secrecy or contractual confidentiality obligations, or personal data;
• users must critically review and verify any AI-generated output to be used for government functions, and should clearly indicate that AI tools were used where appropriate; and
• users must at all times comply with applicable IT and cybersecurity regulations.

Similar fact sheets for the use of generative AI tools by government employees have been issued at cantonal (state) and local levels, eg, in the Canton of St. Gallen.

There is no applicable information in this jurisdiction.

There is no applicable information in this jurisdiction.

There is no applicable information in this jurisdiction.

At present, no judicial decisions dealing with AI in substance have been reported in Switzerland.

Given the lack of reported judicial decisions on AI, there are no established definitions of AI used by the courts. In the absence of definitions established by case law, Swiss courts are likely to refer to definitions established by future statutes (if any) or definitions used by the Swiss government, such as the Federal Council’s dispatch accompanying a draft act or guidelines and fact sheets adopted by the federal government or its agencies (see 5.2 Technology Definitions for further information).

OFCOM

The Federal Office of Communications (OFCOM) is considered the leading agency dealing with the regulation of AI in Switzerland. OFCOM’s regulatory authority generally comprises telecommunications, radio and television, and postal services. OFCOM plays an important role in initiatives regarding the digitalisation of the federal administration and is also the office tasked with leading the evaluation of possible regulatory approaches for AI (see 3.1 General Approach to AI-Specific Legislation).

FDPIC

The Federal Data Protection and Information Commissioner (FDPIC) is an independent agency responsible for tasks in the areas of data protection and the principle of freedom of information. In its role as supervisory authority, the FDPIC monitors and enforces compliance by federal bodies and the private sector with Swiss federal data protection legislation. The FDPIC’s views and guidelines on the application of data protection legislation to AI are of significant practical importance.

FINMA

FINMA is the independent agency responsible for financial-market supervision in Switzerland. FINMA’s regulatory mandate is to supervise banks, insurance companies, exchanges and financial institutions, among others. It is charged with protecting creditors, investors and policyholders and ensuring that Switzerland’s financial markets function effectively. While FINMA’s regulatory authority is not specifically aimed at AI, it has recently identified AI as a key trend in its risk monitoring published in November 2023. FINMA stated that AI creates particular challenges in the financial sector in connection with the responsibility for AI decisions, the reliability of AI applications, the transparency and “explainability” of AI decisions, and the equal treatment of financial market clients. In its report, FINMA also states that it will review the use of AI by supervised institutions in line with the risk-based approach and the principle of proportionality.

CNAI

The Swiss federal government’s Competence Network for Artificial Intelligence (CNAI) is not a regulatory agency but is the only AI-specific body established within the federal government. The CNAI combines representatives of multiple federal departments and offices, and collaborates with AI experts in its “community of experts” and with other interested individuals, institutions, organisations and companies in its “community of practice”. In addition to drawing on expert knowledge and ensuring that knowledge gained from AI projects is shared within the federal administration, the CNAI has issued an official document for uniform AI terminology in the federal administration (see 5.2 Technology Definitions).

The CNAI has issued an official AI terminology document to introduce uniform use of terms throughout the federal administration. The CNAI terminology includes inter alia the following definitions.

• Artificial intelligence or AI is defined as “building or programming a computer to do things that normally require human or biological skills (‘intelligence’)”. Examples include image recognition, speech recognition, language translation, visual translation and playing games with concrete rules.
• Generative AI is defined as “AI systems that are trained on large amounts of data from the physical and virtual world in order to generate data themselves (eg, texts, imagery, sound recordings, videos, simulations, and codes)”.

At present, there are no definitions of equivalent significance issued by other government entities that would conflict with the definition of the CNAI.

Please see 5.1 Regulatory Agencies.

So far, there have been no reported enforcement actions regarding the use of AI in Switzerland.

The Swiss Association for Standardization (SNV), a private body and Switzerland’s member of CEN and ISO, is the primary forum for industry standardisation in the country. The SNV has not yet issued any standards related to AI, but is involved in the standards being adopted and considered by ISO.

Most standards in Switzerland are based on the relevant international standards developed in global or European standard-setting bodies. The most important international standard-setting bodies for Switzerland with respect to technology include ISO, IEC, ITU, CEN, CENELEC, and ETSI.

Given that Switzerland does not have AI-specific regulation at present, international standards relating to AI do not have the force of law in Switzerland. However, international standards could be taken into account by the courts when assessing the required standard of care in questions of liability.

Government use of AI in Switzerland varies significantly between the federal government and the different cantonal (state) and local governments, and is still in its early stages overall. While the federal government and most Cantons are already using or evaluating some form of AI, many of those proposed applications do not raise major concerns. Examples include semantic search in legislative texts, summarisation of administrative guidance, automatically assigning incoming questions or requests to the responsible departments for a response, and government chatbots.

Proposed new applications of AI in the areas of policing and criminal justice, on the other hand, have proven more controversial. One example is the Swiss Federal Office of Police (fedpol) working on an upgrade of its automated fingerprint and palmprint identification system (AFIS) to enable facial image comparison. The new system is expected to be operational in 2026, and will provide federal and cantonal immigration authorities, prosecutors, and border security with an additional means for identifying people. Currently, the proposed uses do not include real-time identification of individuals, which is highly controversial.

The most comprehensive list of government use of AI in Switzerland is compiled by the NGO AlgorithmWatch CH in its “Atlas of Automation Switzerland”.

There is no applicable information in this jurisdiction.

To the extent that such information is public, AI does not yet play a key role in national security matters in Switzerland. However, the Swiss Federal Intelligence Service (FIS) has stated in its most recent annual situation report “Switzerland’s Security 2023” that it expects foreign intelligence services to increase their use of AI to process and analyse the ever-increasing amounts of data being transmitted. The FIS also expects intelligence services to further improve their data-gathering capabilities domestically and abroad, which has implications for the FIS’ counter-intelligence and counter-espionage activities.

See 8.2 IP and Generative AI and 8.3 Data Protection and Generative AI.

IP protection of training data and AI models

The degree of IP protection of training data will depend on the nature of the data: if the training data consist of works that are subject to copyright, such as works of literature, newspaper articles, website contents, images, songs or software code, the Copyright Act prohibits unauthorised use, copying or distribution (among other actions). There are statutory limitations to copyright, but many of them will likely not apply in a commercial context (see IP infringement when training generative AI below). The unauthorised copying and distribution under the Copyright Act can trigger civil liability (injunctive relief, damages, disgorgement of profits) and, if committed with intent, constitutes a criminal offence.

Where the training data is not subject to copyright, as would likely be the case for statistical data, measurements, etc., or where copyright protection has expired, the data would have to be protected as such. The same applies to AI models, which, at their core, are simply structured sets of data points (weights, biases, other parameters). With respect to these kinds of data, two main avenues of protection are available, as follows.

• Contractual restrictions on use and disclosure: parties may contractually agree to protect and keep training data or AI models confidential and to use them only for specific purposes, be it under an NDA, license agreement or as part of a provider’s terms and conditions. These kinds of obligations are generally valid and enforceable under Swiss law. However, the available remedies in case of a breach may be difficult to successfully enforce in practice. While a party may obtain injunctive relief forcing the other party to cease unauthorised disclosure, the injunction cannot undo the disclosure and potential loss of the confidential nature of the data. With respect to compensation, the actual losses suffered are likely difficult to evidence in a claim for damages. Contractual penalties are sometimes included in contracts to avoid the burden of proof, but penalties may be reduced by the court if found to be excessive. It is also unlikely that contractual penalties included only in the general terms and conditions of an AI provider would be enforceable as they may be considered uncommon and therefore not validly agreed to. In addition, all contractual obligations only bind the parties to the contract, and not a third party that is exploiting a (potentially unauthorised) disclosure.
• Trade secret protection: trade secret protection is likely available for both the training data and the AI model (see 15.2 Applicability of Trade Secrecy and Similar Protection for further details).

IP protection of generative AI output

According to the prevailing doctrine in Switzerland, inventions generated by generative AI are not eligible for patent protection and works created by AI, including texts, images, audio, video and software, are not eligible for copyright protection (see 15.1 Applicability of Patent and Copyright Law).

The output itself may however be protected contractually or as a trade secret if it is kept confidential (see IP protection of training data and AI models above and 15.2 Applicability of Trade Secrecy and Similar Protection).

IP infringement when training generative AI

The training of AI models usually occurs in two steps: the compilation of a training data set and the actual training of the model by iterating over the training data and adjusting the parameters. Both activities involve the creation of copies of data, and can therefore constitute copyright infringement. The Copyright Act does provide for two relevant limitations, but these are unlikely to apply in a commercial context, as follows.

• The text and data mining exception under Article 24d of the Copyright Act only applies to the creation of copies for scientific research, which does not cover commercial purposes. The exception also expressly does not apply to computer programs (source code).
• Under Article 24a of the Copyright Act, the creation of copies is permitted if they are transient or incidental, a necessary step of a technical process, only made for a lawful use of the work, and have no independent economic significance. The last criterion is unlikely to apply to the training of AI models, and the copies made to create the training data sate are not transient or incidental.

In addition, where the training of an AI model involves the use of unlawfully obtained data that is subject to trade secret protection, the training would also constitute unfair competition under the Unfair Competition Act.

IP infringement by generative AI output

The disclosure or distribution of AI-generated output can infringe on copyright where it reproduces sufficiently large parts of a copyrighted work without authorisation of the copyright holder.

Under the Swiss Federal Act on Data Protection (FADP), the processing of personal data is generally lawful if the principles set out in Articles 6 (eg, proportionality, purpose limitation) and 8 (data security) of the FADP are complied with. A legal justification (consent, overriding private or public interest, or as provided by law) is required for the processing to remain lawful if the processing deviates from these principles, or if the data subject has objected to the processing. This concept differs slightly from the EU GDPR, where a lawful basis is required for all processing.

In the context of generative AI, data protection is relevant both with respect to the training of the AI model and with respect to its operation, particularly regarding the data subject’s right to rectification and deletion, as follows.

• Training: if the training data set contains personal data, the data protection principles have to be complied with (eg, the training of the AI model must be a “purpose that the data subject can recognise”) or a legal justification needs to be applicable. However, if the personal data is scraped from publicly available sources such as the internet and the data subject has not expressly objected, the processing is presumed to be lawful under Article 30(3) of the FADP.
• Generation: depending on the input (prompt) provided, generative AI models can output personal data. Whether AI models actually contain personal data is subject to debate, given that Switzerland follows a relative concept as to what constitutes personal data (ie, the same data may be personal data for one party but not for another). In our view, generative AI models do not store personal data, and the right to rectification or deletion would not require the deletion or the re-training or finetuning of the entire AI model. Rather, it would be sufficient for the operator of the AI-based application to filter out the inaccurate output that gives rise to a claim for rectification or deletion.

Use of AI tools

Apart from translation tools, early applications of AI in the legal profession in Switzerland were primarily focused on reviewing large numbers of documents as part of legal due diligence in M&A, or as part of internal investigations.

However, the availability and use of AI tools is currently undergoing rapid change. Ever since ChatGPT was released to the public, generative AI based on large language models has attracted significant interest from law firms and in-house legal departments. Tasks that Swiss law firms are experimenting with include summarisation, generation of analyses and memoranda based on legal source documents, drafting of contracts, the analysis of weaknesses and inconsistencies in argumentation, etc. Another upcoming application is semantic document search in a law firm’s or legal department’s own document database.

Certain legal information providers are also experimenting with generative AI to offer semantic document search and the AI-based answering of questions based on their database of legal literature, scholarly articles and court cases.

Legal and ethical concerns

The main legal and ethical concerns in the use of AI, and generative AI, in particular, relate to professional secrecy and quality of legal advice as follows.

• Professional secrecy: Swiss attorneys are obliged to keep all information entrusted to them by their clients confidential pursuant to Article 13 of the Lawyer’s Act and to the contract governing the attorney-client relationship. In addition, the intentional breach of the professional secrecy obligation by attorneys or their support staff constitutes a criminal offence under Article 321 of the Swiss Criminal Code. In the absence of specific legislation relating to the acceptable level of risk when outsourcing client information, many Swiss law firms have been reluctant to use foreign cloud-based applications to process or store any client information. While this has gradually changed over the past few years, the use of cloud-based AI applications, maintaining professional secrecy and the reservations regarding foreign lawful access to client information, remains a concern.
• Quality: the accuracy of AI-generated texts is a major concern for the legal profession. The tendency of large language models to inaccurately rephrase statements of legal significance or to hallucinate information in very convincing ways often necessitates a careful review of every single statement generated, reducing the intended efficiency gains. A newer generation of generative AI tools aims to counteract this with improved support for citations from source documents, but the need for critical review remains. And although there are no reported examples of hallucinated content leading to liability in the Swiss legal profession, examples from the United States have made legal practitioners in Switzerland cautious about using generative AI for legal work.

Only natural and legal persons can be held liable under Swiss private law. When using AI-powered products or services, the key question that arises is therefore which person the liability for the conduct of the AI is attributed to. Liability for damage or losses caused can be either contractual or non-contractual (tortious).

Contractual liability

Pursuant to Article 97 of the Swiss Code of Obligations (CO), a party to a contract is liable for failing to fulfil its contractual obligations unless it can prove that it was not at fault (ie, that the failure occurred without intent or negligence). Pursuant to Article 101 CO, the contractual liability extends to the conduct of any auxiliaries, such as employees or subcontractors, that are used in the performance of the contractual obligations; only natural or legal persons can qualify as auxiliaries. If the use of AI leads to a breach of a contractual obligation, the key question will be whether the breaching party can prove it did not act negligently in its use of AI.

Non-contractual (tort) liability

Article 41 CO covers non-contractual liability, where any person who unlawfully causes damage to another person is obliged to provide compensation. The application of this provision further requires intent or negligence on the part of the person causing the damage. Article 55 CO extends this liability to an employer for the conduct of their employees or other auxiliary staff.

This liability regime is supplemented by the Product Liability Act, which imposes liability on the manufacturer of defective products. However, there is no established conclusion on whether software such as AI systems qualify as products within the meaning of the Product Liability Act, and to what extent an individual AI system or component could be considered defective while the technology as such is known to produce unintended results. Furthermore, the manufacturer of a defective product is not liable if they can prove that the defect could not have been detected based on the state of the art in science and technology at the time the product was placed on the market.

There is no applicable information in this jurisdiction.

At present, there is no specific regulation on algorithmic bias in Switzerland. However, the fundamental right to equal treatment and non-discrimination contained in the Federal Constitution applies throughout the Swiss legal system and can also affect the relationship between private parties (eg, between employee and employer) in addition to the state.

Please refer to 8.3 Data Protection and Generative AI for general remarks on the lawfulness of processing and to 11.4 Automated Decision-Making for the consequences of fully automated decisions.

One key point in which the Federal Act on Data Protection (FADP) differs from other data protection laws is that fines for criminal offences of up to CHF250,000 are imposed on the responsible individuals (natural persons), not on the company. The main offences under the FADP include the intentional violation of information and cooperation obligations, of duties of care (eg, in connection with delegation to a processor), and of data protection secrecy obligations.

While it is unlikely that the use of AI as such will constitute a criminal offence under the FADP, the individuals responsible for the design and implementation of data processing using AI should carefully review data protection compliance to avoid personal criminal responsibility.

Biometric information that uniquely identifies a natural person expressly qualifies as “sensitive personal data” under the Federal Act on Data Protection, which means that such data may not be disclosed to third-party controllers without justification and, where the consent of the data subject is required for processing, the consent must be explicit.

The public’s unease regarding facial recognition and biometrics allegedly already in use by the police forces in certain Cantons has led to legislative initiatives in multiple Cantons to expressly prohibit their use.

Automated decision-making is addressed by the Federal Act on Data Protection. Its Article 21 obliges a data controller to inform the data subject if a decision is made solely by the automated processing of personal data that has a legal or otherwise significant consequence for the data subject. This obligation does not apply in the context of entering into an agreement if the request of the individual is granted in full (eg, a loan application is fully approved by an automated decision). Where the data subject has to be informed, they are entitled to request a human to review the automated decision. Intentional omission of the information of the data subject under Article 21 constitutes a criminal offence for which a fine of up to CHF250,000 may be imposed on the responsible individual.

Article 21 is not applicable to decisions recommended by AI but manually approved by a human, even if the level of human review is superficial. There is a pending initiative in the Swiss parliament to include similar information obligations for any decision significantly based on AI, but it is likely that further consideration will be postponed until the Federal Council’s review of potential approaches to general AI regulation is completed (see 3.1 General Approach to AI-Specific Legislation).

There is no general obligation for businesses to disclose the use of AI in Switzerland. An obligation of transparency may exist with respect to individual uses of AI, such as:

• when processing personal data with AI, the personal data collected and the purpose and other important circumstances of the processing must be transparent to the data subject (otherwise such processing requires a legal justification); and
• where a business uses AI to describe or advertise its products or services, doing so without disclosing the use of AI could, in theory, violate the Unfair Competition Act; this might be the case if product pictures are AI-generated rather than photos of real products (to the extent this is not obvious to the potential customer).

Many antitrust implications of price-setting using AI are complex and not yet clearly established under Swiss antitrust law. While it is clear that the use of AI to implement pre-agreed horizontal price fixing remains illegal, the possibility of AI autonomously coordinating prices among competitors is being discussed among scholars, but there is no settled case law yet.

However, in a vertical price-fixing case, the Swiss Federal Supreme Court held that the communication of manufacturer-suggested retail prices by the manufacturer to its distributors through an automated electronic system with daily price updates constituted an illegal agreement on fixed prices, seeing as all distributors and retailers had reason to believe that these prices would also be used by their competitors (and they in fact complied with the suggested pricing).

As AI models are only as good as the data they were trained with, businesses procuring AI solutions intended for productive use should include provisions regarding the quality of the training data and corresponding properties of the AI model (eg, no discriminatory bias, no infringement of IP rights) in their procurement contracts. Otherwise, they themselves risk becoming liable for the output of the AI solutions. While the use of due care is a possible defence under most provisions giving rise to liability under Swiss law, businesses ignoring well-known risks inherent in current AI technology may face the accusation of not having used the required standard of care.

Hiring

Résumé screening software (with or without AI) has been used in Switzerland for some time. Under the principle of freedom of contract, private-sector employers in Switzerland are not required to hire individual applicants, and, by default, are not required to explain why an applicant was rejected.

However, under the Gender Equality Act, employers are not permitted to discriminate against applicants based on gender in the selection process: if an applicant is rejected due gender-based discrimination, the applicant is entitled to a written explanation for the rejection and, if they can prove discrimination, to compensation under Article 5(2) of the Gender Equality Act. However, this does not apply at the stage of job ads, where employers are permitted to advertise a position only for a specific gender. Where AI-based selection tools discriminate based on gender, for example due to inherent gender bias in the training data, the employer may become liable.

In addition, if any rejection of an applicant is made by an automated decision without human control, the applicant must be informed, and is entitled to have a human review the decision based on data protection law (see 11.4 Automated Decision-Making).

Termination

Termination of a private-sector employment relationship is governed primarily by the Swiss Code of Obligations. In principle, employers do not need specific legal grounds for termination, but do need to provide a written explanation upon request of the employee. However, Article 336 of the Swiss Code of Obligations prohibits wrongful termination, including termination due to a quality inherent in the employee’s profile (eg, age, ethnicity, religion), unless this quality is related to the employment relationship or significantly affects work in the business. If an employee is terminated based on recommendations by AI (eg, due to inherent bias in the training data), the employer may therefore become liable for compensation due to wrongful termination (up to six months’ salary).

The prohibition of gender-based discrimination under the Gender Equality Act and the provisions on automated decision-making also apply to any termination that is discriminatory or automated, respectively.

Monitoring and surveillance is considered detrimental to employee health, and is therefore subject to multiple restrictions. Article 328 of the Swiss Code of Obligations provides for a general duty of care of the employer to respect and protect the employee’s personality rights and health. Based on this principle, all measures taken that can affect employee health and wellbeing must be proportionate to the (legitimate) aim pursued. In addition, Article 26 of Ordinance 3 to the Employment Act specifically prohibits the use of systems to monitor the general behaviour of employees in the workplace. Such systems are only permitted where they pursue legitimate aims, such as security, performance or efficiency, and only if their use is proportionate. In practice, this means employers must be able to prove that less intrusive alternative solutions were not sufficient to achieve the aim. Specifically, the FDPIC has stated that AI-based systems for the automated evaluation of employee-based data (eg, vision, movement, communication patterns) are prohibited under these provisions.

Employees are also entitled to employee participation regarding all matters that concern the protection of their health. They must be sufficiently informed of measures and circumstances affecting their health, and have a right to be consulted before the employer takes relevant decisions. This includes the right of employees to make suggestions, and the obligation of the employer to explain decisions that do not take employees’ objections into account.

At present, there is no specific regulation regarding the use of AI in digital platform companies, and general observations regarding the use of AI in data protection and potentially in employment contexts also apply to digital platform companies. Extensive use of AI to control the conduct of platform participants (eg, which participants get to serve which customers when, and at what price) may lead to increased findings by courts that the platform participants lack autonomy and are in fact employees of the digital platform companies.

At present, there is no specific regulation regarding the use of AI in financial services. General financial services regulation, including with respect to risk management, also applies to the use of AI. As set out under 5.1 Regulatory Agencies, FINMA has identified AI as a trend in its risk monitoring report, and will review the use of AI by supervised institutions.

At present, there is no specific regulation regarding the use of AI in healthcare. The primary areas of existing law governing the use of AI in healthcare are sector-specific regulation, such as the Therapeutic Products Act and the Medical Devices Ordinance, which specifically includes software in its definition of medical devices. Where AI-based products qualify as medical devices, they need to comply with the general safety and performance requirements set out in Annex I to the EU’s Medical Device Regulation (by virtue of an express reference to EU legislation). Medical devices placed on the market in Switzerland require a conformity marking (CE label), predominantly based on self-assessment by the manufacturer. The relevant assessment criteria depend on the applicable risk category.

In addition, the Federal Act on Data Protection applies also in the healthcare sector, although in the area of research on humans it is supplemented and partially overridden by the Human Research Act.

Fully autonomous vehicles are not yet permitted on Switzerland’s streets (outside of specific, limited pilot experiments), and drivers must always have their hands on the steering wheel. However, the Swiss parliament amended the Road Traffic Act in 2023 to permit the Federal Council to authorise vehicles with automatic driving systems in a delegated act. In the near future, drivers of such vehicles may therefore let go of the steering wheel, provided they remain ready to resume operating the vehicle themselves if the system indicates a need for manual intervention or otherwise reaches its limits.

At present, there are no specific regulations regarding the use of AI in manufacturing. The liability aspects of manufacturing primarily depend on whether there is a contractual relationship or not (see 10.1 Theories of Liability). Where the use of AI causes manufactured products to be defective, this may trigger liability of the manufacturer under the Product Liability Act.

Please refer to 9.1 AI in the Legal Profession and Ethical Considerations for the main concerns. Many professional services occupations are subject to similar professional secrecy obligations as lawyers (accountants, doctors, other medical professionals, etc.), and most professional services firms are concerned about the confidentiality of the information provided by their clients as well as the accuracy of their advice.

At present, there are no reported judicial or agency decisions in Switzerland on whether AI technology can be an inventor for patent purposes or an author for copyright purposes. However, the prevailing doctrine among legal scholars is that AI can neither be an inventor nor an author.

Patent law

Article 3 of the Swiss Patent Act refers to an “inventor” being entitled to a patent. Prevailing doctrine in Switzerland provides that only a natural person (ie, a human) can be an inventor for the purposes of the Patent Act, which excludes both legal persons and AI. Switzerland is party to the European Patent Convention (EPC), which contains analogous wording in its Article 60. With respect to the EPC, the European Patent Office’s Legal Board of Appeal ruled on 21 December 2021 in the DABUS case (case no. J 0008/20) that AI may not be named as an inventor.

The foregoing applies to the extent AI itself generates the invention without significant human contribution. If a human uses an AI application solely as a tool to make a discovery, the same way they might use other computer software, the human using AI as a tool would be considered the inventor under the Patent Act, and the invention may be eligible for patent protection.

Copyright law

Article 2 of the Swiss Copyright Act defines a work in which copyright may subsist as an “intellectual creation of literature or the arts with individual character”. The criterion of “intellectual creation” is widely interpreted as an expression of the human mind. Consistent with this interpretation, Article 6 of the Copyright Act states that “the author is the natural person who has created the work”. A work within the meaning of copyright can therefore only be created by a human, and not by AI.

While AI may not be an author and purely AI-generated content can therefore not be protected by copyright in Switzerland, works created using AI may be protected. If AI is used solely as a tool by the human author to express their thoughts, for example by having generative AI translate or edit existing text of the author or by modifying pictures similar to what an artist might do with photo editing software, the resulting AI-generated work may still be subject to copyright protection. Equally, if a human sufficiently modifies purely AI-generated content or is creative in the selection or ordering of pieces of AI-generated content, the resulting overall work may also be protected by copyright.

Swiss law uses the terms “manufacturing secrets” and “business secrets”, rather than trade secrets, but there is no distinction in practice. While there is no statutory definition, case law defines trade secrets as any information that: (1) is not publicly known, (2) has commercial value, (3) the owner has a legitimate interest in keeping secret, and (4) the owner intends to keep secret. A curated training data set, an AI model, and the source code of an AI application can therefore constitute a trade secret if the foregoing criteria are met.

Trade secrets are not protected as an absolute right (such as copyright) under Swiss law, but their disclosure or misappropriation is prohibited under specific circumstances, as follows.

• The intentional disclosure of a trade secret by a person subject to a statutory or contractual obligation of secrecy, as well as the exploitation of a secret so disclosed by a third party, constitutes a criminal offence under Article 162 of the Swiss Criminal Code.
• The disclosure or exploitation of trade secrets that were unlawfully accessed or obtained constitutes unfair competition under Article 6 of the Unfair Competition Act (UCA).
• The use or exploitation of a work result that was entrusted to a person constitutes unfair competition under Article 5(a) UCA.
• The exploitation of a work result by a third party that knew or should have known that the work result was unlawfully made available to it constitutes unfair competition under Article 5(b) UCA.
• Inducing an employee, agent or other auxiliary staff to disclose a trade secret of their employer constitutes unfair competition under Article 4(c) UCA.
• The disclosure of trade secrets by employees and agents is further prohibited by statutory law applicable to employment agreements (with certain limitations after the expiration of the employment agreement) and to agency agreements.

All examples of unfair competition above can trigger both civil and criminal liability.

See 15.1 Applicability of Patent and Copyright Law.

Using OpenAI’s products, particularly ChatGPT, touches on multiple issues relating to intellectual property, both on the “input” and on the “output” side, as follows.

• Providing a copyrighted work as input to ChatGPT without authorisation by the copyright holder may constitute copyright infringement.
• Providing input that is confidential may constitute a breach of contractual confidentiality obligations or trade secrecy.
• Using content generated by ChatGPT may constitute copyright infringement if the content includes sufficiently large parts of a copyrighted work (although OpenAI has been working to prevent this type of output in successive updates).
• As content generated by ChatGPT cannot be protected by copyright in Switzerland, a business has no exclusivity for that content and competitors are generally free to (re-)use the same content (outside of limited restrictions under the Unfair Competition Act).
• If the content generated by ChatGPT is published and contains inaccuracies with respect to the offerings of the business itself (eg, promoting features its products do not have) or of its competitors (eg, inaccurate comparisons to the competitor’s products), the publication may constitute unfair competition under the Unfair Competition Act.

Pursuant to Article 716 of the Code of Obligations, the board of directors of a Swiss corporation has the non-transferable and inalienable duty to set the company’s overall strategy, to determine the company’s organisation and to supervise the executive officers.

When advising corporate boards of directors on identifying and mitigating risks associated with the adoption of AI, several key issues should therefore be addressed. These include the following.

• Business impact: Boards should understand the potential impact of AI on the business. This includes recognising how AI can transform business models, create new opportunities, and disrupt existing practices.
• Technical competence: Boards should ensure sufficient AI competence both within the board and in the executive teams. Boards should promote AI literacy and ensure that they have the necessary expertise to make informed decisions about AI. Ideally, at least one member of the board should have a technical background to provide leadership on AI topics.
• Corporate governance: Boards should integrate AI governance into their overall corporate governance frameworks. This involves defining clear roles and responsibilities for overseeing compliance, AI initiatives and ensuring that AI aligns with the company’s strategic objectives. If no specific position is to be created, boards should consider allocating the AI portfolio to an existing officer with technical expertise, such as a CIO/CTO or the Data Protection Officer (DPO).
• Risk management: given the potential legal, ethical and reputational risks of AI, boards should adapt their risk management frameworks for AI. This includes ensuring compliance with evolving AI regulation, managing data privacy and security concerns, and addressing potential biases in AI models.
• Internal policies and guidelines: in line with the corporate governance and risk management aspects, boards should consider adopting internal policies and guidelines on the use of AI applications by employees (see also 17.1 AI Best Practice Compliance Strategies).

Given that Switzerland does not have AI-specific regulation at present, compliance strategies should be aimed at ensuring that the use of AI tools complies with the existing body of law, and should therefore focus on practical guidance for employees to use AI tools. Businesses should ideally adopt internal policies on the use of AI tools, clearly outlining which types of use are permitted and which are not.

Depending on the field of business and the contractual frameworks in place, this may include an outright prohibition on using publicly available generative AI tools (eg, public versions of ChatGPT), restrictions on the type of data that may be submitted as input (eg, no confidential information, no personal data) or restrictions on the use of output (eg, mandatory review for accuracy prior to publication).

Businesses should also invest in training their staff in AI literacy to help avoid issues based on ignorance or misunderstanding the nature and limitations of current AI technologies (eg, mistaking a generative AI chatbot for a search engine).