At present, there is no legislation in Switzerland dealing specifically with AI. Switzerland has recently signed the Council of Europe’s AI Convention and is expected to ratify and incorporate it into Swiss law some time after 2026 (see 3.1 General Approach to AI-Specific Legislation for further details).

However, the majority of Swiss law is technology-neutral, and can therefore also apply to AI-based products and services. This includes the following.

• Civil liability: liability for damages or specific performance, as set out in the Swiss Code of Obligations (CO), whether under contract or tort, is based on the conduct of natural or legal persons. AI systems themselves therefore cannot be held liable, but the owner, operator or manufacturer of the AI systems can. The Product Liability Act could potentially apply to AI-powered products (see also 10.1 Theories of Liability).
• Criminal liability: under Swiss criminal law, criminal liability primarily attaches to natural persons. Even legal persons such as companies are only criminally liable with respect to select offences, or if the responsible natural person cannot be identified due to organisational deficiencies. Where criminal offences are committed by or through the use of AI, the individuals developing the AI systems, manufacturing the AI-based products or operating the systems or products could be subject to criminal penalties. Where the offences are committed negligently, questions with respect to attribution and the standard of care are largely unresolved.
• Data protection: Swiss data protection law (primarily the Federal Act on Data Protection; FADP) already applies to AI-based processing of personal data. In view of the rapid developments in this field, the Federal Data Protection and Information Commissioner (FDPIC) issued a statement confirming this view in November 2023. The FDPIC highlighted, in particular, the requirement of transparency with respect to the purpose, functionality and data sources of AI-based processing of personal data.
• Intellectual property: intellectual property legislation, particularly the Patent Act and the Copyright Act, can apply to the collection and use of input for AI (eg, the training of an AI model), as well as to the generation of output by the AI. However, IP protection of AI-generated content is limited (see 15. Intellectual Property for further details).
• Unfair competition: the Unfair Competition Act (UCA) prohibits business practices that are misleading or otherwise unfair or in violation of the principle of good faith. It applies both to the vendors of AI systems/services and to other industries that make use of AI. Typical examples include providing incorrect or misleading information about one’s own business or disparaging or inaccurately comparing the offerings of competitors. The UCA also prohibits the exploitation of unlawfully obtained trade secrets.
• Employment law: this applies where AI is used in an employment context. The CO, which governs employment relationships in the private sector, provides for a general duty of care of the employer to respect and protect the employee’s personality rights and health, which can be affected by AI.

Notably, Switzerland is neither a member state of the EU nor a member of the European Economic Area (EEA), so EU/EEA legislation only applies to the country where it is specifically referenced in Swiss legislation.

Before the launch of ChatGPT in November 2022, the use of AI in Switzerland focused primarily on predictive AI. Much innovation in AI was concentrated in industries that have historically been strong users of technology in the country, such as finance, pharmaceuticals and medical devices, and robotics. By way of example, financial institutions have been using predictive AI extensively for fraud and money laundering prevention, portfolio and suitability analysis and trading strategies. The most widespread use of “generative” AI in all industries was arguably text translation, with tools such as DeepL.

Following the general availability of ChatGPT, generative AI tools have seen a massive uptake in various industries in Switzerland. This includes “high-impact” industries such as software and technology, media, pharmaceuticals and finance, as well as industries where the use of generative AI is still in earlier stages, such as marketing and professional services. According to a study conducted by PwC’s strategy consulting “Strategy&” in March 2024, the Swiss economy has the highest growth potential worldwide through generative AI and could expand by 0.5% to 0.8% annually in the coming years based solely on the use of generative AI.

In its “Guidelines on Artificial Intelligence for the Confederation” published on 25 November 2020 (the “AI Guidelines”), the Federal Council (Switzerland’s highest executive authority) makes the case that Switzerland should create and maintain an environment conducive to the research, development and application of AI in order to ensure high-quality living standards. The Swiss government does not specifically facilitate investments in the AI sector or specific technology, instead favouring a bottom-up approach. There are two essential pillars to incentivise the development and use of AI, as follows.

• Regulatory conditions: the Federal Council strives to provide optimal regulatory conditions that encourage AI innovation. This involves adopting technology-neutral regulation that offers business and science stakeholders the freedom to choose and develop AI technologies.
• Education, research and innovation: the Federal Council emphasises the importance of education, research and innovation as foundations for AI development. Education should enable everyone to acquire the digital skills necessary to live in an AI-driven digital society, and should offer advanced AI-specific education for specialists. Research should be left in the hands of Switzerland’s research institutions, including with respect to the choice of technologies and areas of research, as well as permitting those institutions to adopt their own guidelines for the use of AI.

Consistent with the principle of technology-neutral regulation, the AI Guidelines do not distinguish between different kinds of AI, such as generative AI and predictive AI.

More recently, multiple Swiss public research universities have established dedicated research centres and hubs for AI, aiming to combine researchers from different faculties and industry stakeholders and to facilitate AI start-ups and spin-offs. One prominent example is the ETH AI Center of the Swiss Federal Institute of Technology in Zurich (ETH Zurich).

The Swiss government has historically adopted a “wait-and-see” approach with respect to regulating AI, and has favoured industry self-regulation. However, in light of other regulatory initiatives regarding AI, notably the EU’s AI Act and the Council of Europe’s Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (the “AI Convention”), the Federal Council decided in November 2023 to review possible regulatory approaches that would be compatible with those two regulatory frameworks.

The resulting report submitted to the Federal Council by the Federal Office of Communications (OFCOM) stated three objectives of potential AI regulation in Switzerland: strengthening Switzerland as a location for innovation, safeguarding the protection of fundamental rights (including economic freedom) and increasing public trust in AI. OFCOM outlined three possible regulatory approaches that could achieve those objectives:

• continuing with solely topic- and sector-specific regulation, without seeking any overarching (horizontal) regulation of AI;
• ratification of the Council of Europe’s AI Convention, either with a more limited implementation in Swiss law for the private sector or with a more extensive implementation that would subject the private sector to similar obligations as the public sector; or
• ratification of the Council of Europe’s AI Convention and implementation in line with the EU AI Act.

On 12 February 2025, the Federal Council decided on a regulatory approach that is largely based on the second option with limited implementation: ratifying the Council of Europe’s AI Convention and incorporating it into Swiss law, with a primary focus on public authorities and less extensive obligations for the private sector. The Federal Council also decided that legislative changes should primarily be sector-specific, and only key areas relevant to fundamental rights, such as data protection, should be subject to horizontal regulation. These legislative changes will be supplemented by non-binding measures.

The Federal Department of Justice and Police is tasked with drafting a bill for consultation by the end of 2026. The proposed bill will then likely undergo an extensive consultation process prior to being introduced to the Swiss parliament. Also by the end of 2026, the Federal Department of the Environment, Transport, Energy and Communications, together with other federal departments, will draw up a plan for non-binding measures.

In line with the chosen regulatory approach, Switzerland signed the Council of Europe’s AI Convention on 27 March 2025.

There is no applicable information in this jurisdiction.

AI Guidelines

The AI Guidelines of 25 November 2020 set out seven basic guidelines on the use of AI in Switzerland. They are not binding on the private sector as their primary purpose is to serve as a general frame of reference for the use of AI within the federal administration and to ensure a coherent policy. They can be summarised as follows.

• Putting people first: the dignity and well-being of the individual as well as the common good should be paramount when developing and using AI.
• Regulatory conditions: the Swiss government must continue to ensure the best possible regulatory conditions so that the opportunities offered by AI can be exploited (see 2.2 Involvement of Governments in AI Innovation).
• Transparency, traceability and “explainability”: AI-based decision-making and interaction with AI systems should be clearly recognisable as such. The functioning of AI and its purpose should be disclosed in a responsible and legally compliant manner, and data sets used for the training or development of AI should be disclosed within the framework of legal obligations in order to facilitate monitoring.
• Accountability: liability must be clearly defined when using AI. Delegating responsibility to machines must not be permissible.
• Safety and security: AI systems must be designed to be safe, robust and resilient in order to have a positive impact on people and the environment. They must not be vulnerable to misuse or misapplication, and safeguards must be in place to prevent serious misuse.
• Active shaping of AI governance: Switzerland should work to actively shape global AI governance, in particular through its membership of international organisations such as the United Nations (UN), Organisation for Economic Co-operation and Development (OECD), International Telecommunication Union (ITU) and Council of Europe.
• Involvement of all relevant national and international stakeholders: Switzerland should aim to include all relevant stakeholders, including the private sector, civil society and scientific experts, in the political decision-making process.

As part of surveys conducted within the federal administration in 2022 and 2024, OFCOM found that the AI Guidelines generally still cover the relevant topics, but that they may require amendments to remain of practical use. The AI Guidelines are likely to be re-evaluated in the course of 2025 when a new strategy for the use of AI systems within the federal administration, published on 21 March 2025, is implemented.

Fact Sheet for Generative AI

In response to the rapid rise of generative AI chatbots, particularly ChatGPT, the Swiss government issued the “Fact sheet on the use of generative AI tools in the Federal Administration”, with the most recent version dating from 18 January 2024. The goal of this fact sheet is to give practical guidance to the employees of the federal administration and other federal agencies on how to use generative AI tools for their daily work.

The fact sheet encourages responsible experimentation with generative AI tools, such as summarising publicly available sources, obtaining code suggestions or generating images for presentations. It also reminds users not to violate existing regulations and policies. In particular:

• users must never enter government information classified as confidential or secret, information subject to official or professional secrecy or contractual confidentiality obligations, or personal data;
• users must critically review and verify any AI-generated output to be used for government functions, and should clearly indicate that AI tools were used where appropriate; and
• users must at all times comply with applicable IT and cybersecurity regulations.

Similar fact sheets for the use of generative AI tools by government employees have been issued at the cantonal (state) and local levels.

There is no applicable information in this jurisdiction.

There is no applicable information in this jurisdiction.

There is no applicable information in this jurisdiction.

At present, no judicial decisions dealing with AI in substance have been reported in Switzerland.

OFCOM

OFCOM is considered the leading agency dealing with the regulation of AI in Switzerland. OFCOM’s regulatory authority generally comprises telecommunications, radio and television, and postal services. OFCOM plays an important role in initiatives regarding the digitalisation of the federal administration and was also the office tasked with leading the evaluation of possible regulatory approaches for AI (see 3.1 General Approach to AI-Specific Legislation).

FDPIC

The FDPIC is an independent agency responsible for tasks in the areas of data protection and the principle of freedom of information. In its role as supervisory authority, the FDPIC monitors and enforces compliance by federal bodies and the private sector with Swiss federal data protection legislation. The FDPIC’s views and guidelines on the application of data protection legislation to AI are of significant practical importance.

FINMA

The Swiss Financial Market Supervisory Authority (FINMA) is the independent agency responsible for financial market supervision in Switzerland. FINMA’s regulatory mandate is to supervise banks, insurance companies, exchanges and financial institutions, among others. It is charged with protecting creditors, investors and policyholders and ensuring that Switzerland’s financial markets function effectively. While FINMA’s regulatory authority is not specifically aimed at AI, it has identified the use of AI by supervised institutions as a focus area of its supervisory activities. In its risk monitoring published in November 2023, FINMA stated that AI creates particular challenges in the financial sector in connection with the responsibility for AI decisions, the reliability of AI applications, the transparency and “explainability” of AI decisions, and the equal treatment of financial market clients. In the recent FINMA Guidance 08/2024 of 18 December 2024, FINMA also stated that it will review the use of AI by supervised institutions, refine its expectations of appropriate AI governance and risk management and strive for a technology-neutral, proportionate and standardised approach (see 14.2 Financial Services for further details).

CNAI

The Swiss federal government’s Competence Network for Artificial Intelligence (CNAI) is not a regulatory agency but is the only AI-specific body established within the federal government. The CNAI combines representatives of multiple federal departments and offices, and collaborates with AI experts in its “community of experts” and with other interested individuals, institutions, organisations and companies in its “community of practice”.

In addition to drawing on expert knowledge and ensuring that knowledge gained from AI projects is shared within the federal administration, the CNAI has issued an official AI terminology document to introduce the uniform use of terms throughout the federal administration. The CNAI terminology includes inter alia the following definitions.

• “Artificial intelligence” or “AI” is defined as “building or programming a computer to do things that normally require human or biological skills (‘intelligence’)”. Examples include image recognition, speech recognition, language translation, visual translation and playing games with concrete rules.
• “Generative AI” is defined as “AI systems that are trained on large amounts of data from the physical and virtual world in order to generate data themselves (eg, texts, imagery, sound recordings, videos, simulations, and codes)”.

See 3.3 Jurisdictional Directives.

So far, there have been no reported enforcement actions regarding the use of AI in Switzerland. However, the FDPIC issued a press release on 20 March 2025 stating that it had conducted a preliminary investigation into X (formerly Twitter) regarding the use of personal data of users to train AI models for Grok, the generative AI chatbot of xAI. After being provided with information by X, the FDPIC concluded that this use was consistent with the FADP due to a setting that allows users to opt out of having their data used for training by default.

The Swiss Association for Standardization (Schweizerische Normen-Vereinigung; SNV), a private body and Switzerland’s member of the European Committee for Standardization (CEN) and the International Organization for Standardization (ISO), is the primary forum for industry standardisation in the country. The SNV has not yet issued any standards related to AI, but is involved in the standards being adopted and considered by ISO.

Most standards in Switzerland are based on the relevant international standards developed in global or European standard-setting bodies. The most important international standard-setting bodies for Switzerland with respect to technology include ISO, the International Electrotechnical Commission (IEC), the ITU, CEN, the European Committee for Electrotechnical Standardization (CENELEC) and the European Telecommunications Standards Institute (ETSI).

Given that Switzerland does not have AI-specific regulation at present, international standards relating to AI do not have the force of law in Switzerland. However, international standards could be taken into account by the courts when assessing the required standard of care in questions of liability.

Government use of AI in Switzerland varies significantly between the federal government and the different cantonal (state) and local governments, and is still in its early stages overall. While the federal government and most cantons are already using or evaluating some form of AI, many of those proposed applications do not raise major concerns. Examples include semantic search in legislative texts, the summarisation of administrative guidance, automatically assigning incoming questions or requests to the responsible departments for a response and government chatbots.

Proposed new applications of AI in the areas of policing and criminal justice, on the other hand, have proven more controversial. One example is the Swiss Federal Office of Police (fedpol) modernising its automated fingerprint and palmprint identification system (AFIS) to add facial image comparison capabilities. The new system is expected to be operational in 2027 and will provide federal and cantonal immigration authorities, prosecutors and border security with an additional means for identifying people. Currently, the proposed uses do not include real-time identification of individuals, which is highly controversial.

The most comprehensive list of government use of AI in Switzerland is compiled by the NGO AlgorithmWatch CH in its “Atlas of Automation Switzerland”.

There is no applicable information in this jurisdiction.

To the extent that such information is public, AI does not yet play a key role in national security matters in Switzerland. However, the Swiss Federal Intelligence Service (FIS) has stated in its annual situation report titled “Switzerland’s Security 2023” that it expects foreign intelligence services to increase their use of AI to process and analyse the ever-increasing amounts of data being transmitted. The FIS also expects intelligence services to further improve their data-gathering capabilities domestically and abroad, which has implications for the FIS’ counter-intelligence and counter-espionage activities. In the 2024 edition of its situation report, the FIS has highlighted that China is becoming a technology leader in the areas of AI and big data, which may increase the malware capabilities of Chinese threat actors.

On 12 December 2024, the National Council (the larger house of the Swiss parliament) tasked the Federal Council with compiling a report for a comprehensive security and defence strategy regarding the dangers of autonomous weapons systems and systems with AI, considering both the risks and opportunities for Switzerland’s security and its defence industry.

See 8.2 Data Protection and Generative AI and 15.1 IP and Generative AI.

Under the FADP, which applies to federal bodies and private persons, the processing of personal data is generally lawful if the principles set out in Articles 6 (eg, proportionality, purpose limitation) and 8 (data security) of the FADP are complied with. A legal justification (consent, overriding private or public interest, or as provided by law) is required for the processing to remain lawful if the processing deviates from these principles, or if the data subject has objected to the processing. This concept differs slightly from the EU GDPR, where a lawful basis is required for all processing.

In the context of generative AI, data protection is relevant both with respect to the training of the AI model and with respect to its operation, particularly regarding the data subject’s right to rectification and deletion, as follows.

• Training: if the training data set contains personal data, the data protection principles have to be complied with (eg, the training of the AI model must be a “purpose that the data subject can recognise”) or a legal justification needs to be applicable. However, if the personal data is scraped from publicly available sources, such as the internet, and the data subject has not expressly objected, the processing is presumed to be lawful under Article 30(3) of the FADP.
• Generation: depending on the input (prompt) provided, generative AI models can output personal data. Whether AI models actually contain personal data is subject to debate, given that Switzerland follows a relative concept as to what constitutes personal data (ie, the same data may be personal data for one party but not for another). In the authors’ view, generative AI models do not store personal data as such, and the right to rectification or deletion would not require the deletion or the re-training or finetuning of the entire AI model. Rather, it would be sufficient for the operator of the AI-based application to filter out the inaccurate output that gives rise to a claim for rectification or deletion.

One key way in which the FADP differs from data protection laws in other jurisdictions is that fines for criminal offences of up to CHF250,000 are imposed on the responsible individuals (natural persons), not on the company. The main offences under the FADP include the intentional violation of information and co-operation obligations, duties of care (eg, in connection with delegation to a processor) and data protection secrecy obligations.

While it is unlikely that the use of AI as such will constitute a criminal offence under the FADP, the individuals responsible for the design and implementation of data processing using AI should carefully review data protection compliance to avoid personal criminal responsibility.

Use of AI Tools

Apart from translation tools, early applications of AI in the legal profession in Switzerland were primarily focused on reviewing large numbers of documents as part of legal due diligence in M&A, or as part of internal investigations.

However, the availability and use of AI tools is currently undergoing rapid change. Ever since ChatGPT was released to the public, generative AI based on large language models has attracted significant interest from law firms and in-house legal departments. Tasks that Swiss law firms are experimenting with include summarisation, the generation of analyses and memoranda based on legal source documents, the drafting of contracts, the analysis of weaknesses and inconsistencies in argumentation, etc. Another application is semantic document search in a law firm’s or legal department’s own document database. AI offerings for the legal profession are now shifting towards more complex workflows and use cases of agentic AI.

Legal information providers are also experimenting with generative AI to offer semantic document search and the AI-based answering of questions based on their database of legal literature, scholarly articles and court cases.

Legal and Ethical Concerns

The main legal and ethical concerns in the use of AI, and generative AI in particular, relate to professional secrecy and the quality of legal advice, as follows.

• Professional secrecy: Swiss attorneys are obliged to keep all information entrusted to them by their clients confidential pursuant to Article 13 of the Lawyer’s Act and to the contract governing the attorney-client relationship. In addition, the intentional breach of the professional secrecy obligation by attorneys or their support staff constitutes a criminal offence under Article 321 of the Swiss Criminal Code. In the absence of specific legislation relating to the acceptable level of risk when outsourcing client information, many Swiss law firms have been reluctant to use foreign cloud-based applications to process or store any client information. While this has gradually changed over the past few years, the use of cloud-based AI applications, maintaining professional secrecy and reservations regarding foreign lawful access to client information remain concerns.
• Quality: the accuracy of AI-generated texts is a major concern for the legal profession. The tendency of large language models to inaccurately rephrase statements of legal significance or to hallucinate information in very convincing ways often necessitates a careful review of every single statement generated, reducing the intended efficiency gains. A newer generation of generative AI tools aims to counteract this with improved support for citations from source documents, but the need for critical review remains. And although there are no reported examples of hallucinated content leading to liability in the Swiss legal profession, examples from the United States have made legal practitioners in Switzerland cautious about using generative AI for legal work.

Only natural and legal persons can be held liable under Swiss private law. When using AI-powered products or services, the key question that arises is, therefore, which person the liability for the conduct of the AI is attributed to. Liability for damage or losses caused can be either contractual or non-contractual (tortious).

Contractual Liability

Pursuant to Article 97 of the Swiss Code of Obligations (CO), a party to a contract is liable for failing to fulfil its contractual obligations unless it can prove that it was not at fault (ie, that the failure occurred without intent or negligence). Pursuant to Article 101 of the CO, the contractual liability extends to the conduct of any auxiliaries, such as employees or subcontractors, used in the performance of the contractual obligations; only natural or legal persons can qualify as auxiliaries. If the use of AI leads to a breach of a contractual obligation, the key question will be whether the breaching party can prove it did not act negligently in its use of AI.

Non-Contractual (Tort) Liability

Article 41 of the CO covers non-contractual liability, where any person who unlawfully causes damage to another person is obliged to provide compensation. The application of this provision further requires intent or negligence on the part of the person causing the damage. Article 55 of the CO extends this liability to an employer for the conduct of their employees or other auxiliary staff.

This liability regime is supplemented by the Product Liability Act, which imposes liability on the manufacturer of defective products. However, there is no established conclusion on whether software products such as AI systems qualify as products within the meaning of the Product Liability Act, and to what extent an individual AI system or component could be considered defective while the technology as such is known to produce unintended results. Furthermore, the manufacturer of a defective product is not liable if they can prove that the defect could not have been detected based on the state of the art in science and technology at the time the product was placed on the market.

There is no applicable information in this jurisdiction.

At present, there is no specific regulation on algorithmic bias in Switzerland. However, the fundamental right to equal treatment and non-discrimination contained in the Federal Constitution applies throughout the Swiss legal system and can also affect the relationship between private parties (eg, between employee and employer) in addition to the state.

Biometric information that uniquely identifies a natural person expressly qualifies as “sensitive personal data” under the FADP, which means that such data may not be disclosed to third-party controllers without justification and, where the consent of the data subject is required for processing, the consent must be explicit.

The public’s unease regarding facial recognition and biometrics allegedly already in use by the police forces in certain cantons has led to legislative initiatives in multiple cantons to expressly prohibit their use.

Automated decision-making is addressed by the FADP. Its Article 21 obliges a data controller to inform the data subject if a decision is made solely by the automated processing of personal data that has a legal or otherwise significant consequence for the data subject. This obligation does not apply in the context of entering into an agreement if the request of the individual is granted in full (eg, a loan application is fully approved by an automated decision). Where the data subject has to be informed, they are entitled to request that a human review the automated decision. Intentional omission of the information of the data subject under Article 21 of the FADP constitutes a criminal offence for which a fine of up to CHF250,000 may be imposed on the responsible individual.

Article 21 of the FADP is not applicable to decisions recommended by AI but manually approved by a human, even if the level of human review is superficial. An initiative was launched in the Swiss parliament to include similar information obligations for any decision significantly based on AI, but the initiative was rejected by the relevant parliamentary commission as premature given the Federal Council’s review of potential approaches to general AI regulation (see 3.1 General Approach to AI-Specific Legislation).

There is no general obligation for businesses to disclose the use of AI in Switzerland. An obligation of transparency may exist with respect to individual uses of AI, such as:

• when processing personal data with AI, the personal data collected and the purpose and other important circumstances of the processing must be transparent to the data subject (otherwise, such processing requires a legal justification); and
• where a business uses AI to describe or advertise its products or services, doing so without disclosing the use of AI could, in theory, violate the UCA – this might be the case if product pictures are AI-generated rather than photos of real products (to the extent this is not obvious to the potential customer).

As AI models are only as good as the data they were trained with, businesses procuring AI solutions intended for productive use should include provisions regarding the quality of the training data and corresponding properties of the AI model (eg, no discriminatory bias, no infringement of IP rights) in their procurement contracts. Otherwise, they themselves risk becoming liable for the output of the AI solutions. While the use of due care is a possible defence under most provisions giving rise to liability under Swiss law, businesses ignoring well-known risks inherent in current AI technology may face the accusation of not having used the required standard of care.

Hiring

Résumé screening software (with or without AI) has been used in Switzerland for some time. Under the principle of freedom of contract, private sector employers in Switzerland are not required to hire individual applicants, and, by default, are not required to explain why an applicant was rejected.

However, under the Gender Equality Act, employers are not permitted to discriminate against applicants based on gender in the selection process: if an applicant is rejected due to gender-based discrimination, the applicant is entitled to a written explanation for the rejection and, if they can prove discrimination, to compensation under Article 5(2) of the Gender Equality Act. However, this does not apply at the stage of job ads, where employers are permitted to advertise a position only for a specific gender. Where AI-based selection tools discriminate based on gender, for example due to inherent gender bias in the training data, the employer may become liable.

In addition, if any rejection of an applicant is made by an automated decision without human control, the applicant must be informed and is entitled to have a human review the decision based on data protection law (see 11.3 Automated Decision-Making).

Termination

Termination of a private sector employment relationship is governed primarily by the CO. In principle, employers do not need specific legal grounds for termination, but do need to provide a written explanation upon request of the employee. However, Article 336 of the CO prohibits wrongful termination, including termination due to a quality inherent in the employee’s profile (eg, age, ethnicity, religion), unless this quality is related to the employment relationship or significantly affects work in the business. If an employee is terminated based on recommendations by AI (eg, due to inherent bias in the training data), the employer may therefore become liable for compensation due to wrongful termination (up to six months’ salary).

The prohibition of gender-based discrimination under the Gender Equality Act and the provisions on automated decision-making also apply to any termination that is discriminatory or automated, respectively.

Monitoring and surveillance is considered detrimental to employee health, and is therefore subject to multiple restrictions. Article 328 of the CO provides for a general duty of care of the employer to respect and protect the employee’s personality rights and health. Based on this principle, all measures taken that can affect employee health and wellbeing must be proportionate to the (legitimate) aim pursued. In addition, Article 26 of Ordinance 3 to the Employment Act specifically prohibits the use of systems to monitor the general behaviour of employees in the workplace. Such systems are only permitted where they pursue legitimate aims, such as security, performance or efficiency, and only if their use is proportionate. In practice, this means employers must be able to prove that less intrusive alternative solutions were not sufficient to achieve the aim. Specifically, the FDPIC has stated that AI-based systems for the automated evaluation of employee-based data (eg, vision, movement, communication patterns) are prohibited under these provisions.

Employees are also entitled to employee participation regarding all matters that concern the protection of their health. They must be sufficiently informed of measures and circumstances affecting their health, and have a right to be consulted before the employer takes relevant decisions. This includes the right of employees to make suggestions, and the obligation of the employer to explain decisions that do not take employees’ objections into account.

At present, there is no specific regulation regarding the use of AI in digital platform companies, and general observations regarding the use of AI in data protection, and potentially in employment contexts, also apply to digital platform companies. Extensive use of AI to control the conduct of platform participants (eg, which participants get to serve which customers when, and at what price) may lead to increased findings by courts that the platform participants lack autonomy and are in fact employees of the digital platform companies.

At present, there is no specific regulation regarding the use of AI in financial services. General financial services regulation, including with respect to risk management, also applies to the use of AI. As set out under 5.1 Regulatory Agencies, FINMA has identified AI as a focus area of its supervisory activities and will review the use of AI by supervised institutions. In its recent FINMA Guidance 08/2024 of 18 December 2024, FINMA draws attention to a number of risks relating to the use of AI by supervised institutions. Risks from the use of AI primarily constitute operational risks, although other risks, such as the risk of dependence on third parties, legal risks or reputational risks, are also of relevance. FINMA highlighted the following findings, among others:

• Governance: supervised institutions currently focus primarily on data protection risks, but less on model risks (eg, lack of robustness and correctness, bias, lack of explainability). With respect to third-party solutions, supervised institutions sometimes have difficulties determining whether AI is included at all.
• Inventories: supervised institutions sometimes define AI narrowly, leading to incomplete inventories of AI development and use, which tends to be spread across the organisation.
• Documentation: supervised institutions sometimes do not have centralised documentation requirements, and the existing documentation does not cover topics such as risk category, data selection, model selection, assumptions, controls and fallback solutions.
• Data quality: supervised institutions sometimes lack defined requirements or controls to ensure data quality for AI applications. This problem is particularly pronounced with respect to third-party AI solutions.
• Explainability: the results of AI solutions often cannot be understood, explained or reproduced, and therefore cannot be critically assessed.

At present, there is no specific regulation regarding the use of AI in healthcare. The primary areas of existing law governing the use of AI in healthcare are sector-specific regulations, such as the Therapeutic Products Act and the Medical Devices Ordinance, which specifically includes software in its definition of medical devices. Where AI-based products qualify as medical devices, they need to comply with the general safety and performance requirements set out in Annex I to the EU’s Medical Device Regulation (by virtue of an express reference to EU legislation). Medical devices placed on the market in Switzerland require a conformity marking (CE label), predominantly based on self-assessment by the manufacturer. The relevant assessment criteria depend on the applicable risk category.

In addition, the FADP applies also in the healthcare sector, although in the area of research on humans it is supplemented and partially overridden by the Human Research Act.

Fully autonomous vehicles are not yet permitted on Switzerland’s streets in general. However, the Swiss parliament amended the Road Traffic Act in 2023 to permit the Federal Council to authorise vehicles with automatic driving systems in a delegated act. This delegated act, the Ordinance on Automated Driving (OAD), entered into force on 1 March 2025. The OAD governs the approval and operation of autonomous vehicles in Switzerland and at present permits three categories of operation of autonomous vehicles, subject to strict safeguards:

• automated driving systems may take over control of the vehicle on Swiss highways, but drivers must be ready to resume operating the vehicle themselves at any time;
• fully driverless vehicles are permitted to operate on specifically designated routes, which are subject to remote monitoring; and
• automated parking systems without the presence of a driver are permitted to operate at designated parking areas – however, the automated parking system may only be activated at designated drop-off locations.

At present, there are no specific regulations regarding the use of AI in manufacturing. The liability aspects of manufacturing primarily depend on whether there is a contractual relationship or not (see 10.1 Theories of Liability). Where the use of AI causes manufactured products to be defective, this may trigger liability of the manufacturer under the Product Liability Act.

Please refer to 9.1 AI in the Legal Profession and Ethical Considerations for the main concerns. Many professional services occupations are subject to professional secrecy obligations similar to those of lawyers (accountants, doctors, other medical professionals, etc), and most professional services firms are concerned about the confidentiality of the information provided by their clients as well as the accuracy of their advice.

IP Protection of Training Data and AI Models

The degree of IP protection of training data will depend on the nature of the data: if the training data consist of works that are subject to copyright, such as works of literature, newspaper articles, website contents, images, songs or software code, the Copyright Act prohibits unauthorised use, copying or distribution (among other actions). There are statutory limitations to copyright, but many of them will likely not apply in a commercial context (see “IP Infringement When Training Generative AI” in the following). Unauthorised copying and distribution under the Copyright Act can trigger civil liability (injunctive relief, damages, disgorgement of profits) and, if committed with intent, constitutes a criminal offence.

Where the training data is not subject to copyright, as would likely be the case for statistical data, measurements, etc, or where copyright protection has expired, the data would have to be protected as such. The same applies to AI models, which, at their core, are simply structured sets of data points (weights, biases, other parameters). With respect to these kinds of data, two main avenues of protection are available, as follows.

• Contractual restrictions on use and disclosure: parties may contractually agree to protect and keep training data or AI models confidential and to use them only for specific purposes, be it under a non-disclosure agreement (NDA) or licence agreement or as part of a provider’s terms and conditions. These kinds of obligations are generally valid and enforceable under Swiss law. However, the available remedies in case of a breach may be difficult to successfully enforce in practice. While a party may obtain injunctive relief forcing the other party to cease unauthorised disclosure, the injunction cannot undo the disclosure and potential loss of the confidential nature of the data. With respect to compensation, the actual losses suffered are likely difficult to evidence in a claim for damages. Contractual penalties are sometimes included in contracts to avoid the burden of proof, but penalties may be reduced by the court if found to be excessive. It is also unlikely that contractual penalties included only in the general terms and conditions of an AI provider would be enforceable, as they may be considered uncommon and therefore not validly agreed to. In addition, all contractual obligations only bind the parties to the contract, and not a third party that is exploiting a (potentially unauthorised) disclosure.
• Trade secret protection: trade secret protection is likely available for both the training data and the AI model (see 15.3 Applicability of Trade Secrecy and Similar Protection for further details).

IP Protection of Generative AI Output

According to the prevailing doctrine in Switzerland, inventions generated by generative AI are not eligible for patent protection and works created by AI, including texts, images, audio, video and software, are not eligible for copyright protection (see 15.2 Applicability of Patent and Copyright Law).

The output itself may however be protected contractually, or as a trade secret, if it is kept confidential (see “IP Protection of Training Data and AI Models” in the foregoing and 15.3 Applicability of Trade Secrecy and Similar Protection).

IP Infringement When Training Generative AI

The training of AI models usually occurs in two steps: the compilation of a training data set and the actual training of the model by iterating over the training data and adjusting the parameters. Both activities involve the creation of copies of data, and can therefore constitute copyright infringement. The Copyright Act does provide for two relevant limitations, but these are unlikely to apply in a commercial context, as follows.

• The text and data mining exception under Article 24d of the Copyright Act only applies to the creation of copies for scientific research, which does not cover commercial purposes. The exception also expressly does not apply to computer programmes (source code).
• Under Article 24a of the Copyright Act, the creation of copies is permitted if they are transient or incidental, a necessary step of a technical process, only made for a lawful use of the work and have no independent economic significance. The last criterion is unlikely to apply to the training of AI models, and the copies made to create the training data sate are not transient or incidental.

In addition, where the training of an AI model involves the use of unlawfully obtained data that is subject to trade secret protection, the training would also constitute unfair competition under the UCA.

IP Infringement by Generative AI Output

The disclosure or distribution of AI-generated output can infringe on copyright where it reproduces sufficiently large parts of a copyrighted work without the authorisation of the copyright holder.

At present, there are no reported judicial or agency decisions in Switzerland on whether AI technology can be an inventor for patent purposes or an author for copyright purposes. However, the prevailing doctrine among legal scholars is that AI can neither be an inventor nor an author.

Patent Law

Article 3 of the Swiss Patent Act refers to an “inventor” being entitled to a patent. Prevailing doctrine in Switzerland provides that only a natural person (ie, a human) can be an inventor for the purposes of the Patent Act, which excludes both legal persons and AI. Switzerland is party to the European Patent Convention (EPC), which contains analogous wording in its Article 60. With respect to the EPC, the European Patent Office’s legal board of appeal ruled on 21 December 2021 in the DABUS case (case no J 0008/20) that AI may not be named as an inventor.

The foregoing applies to the extent AI itself generates the invention without significant human contribution. If a human uses an AI application solely as a tool to make a discovery, in the same way they might use other computer software, the human using AI as a tool would be considered the inventor under the Patent Act, and the invention may be eligible for patent protection.

Copyright Law

Article 2 of the Swiss Copyright Act defines a work in which copyright may subsist as an “intellectual creation of literature or the arts with individual character”. The criterion of “intellectual creation” is widely interpreted as an expression of the human mind. Consistent with this interpretation, Article 6 of the Copyright Act states that “the author is the natural person who has created the work”. A work within the meaning of copyright can therefore only be created by a human, and not by AI.

While AI may not be an author and purely AI-generated content can therefore not be protected by copyright in Switzerland, works created using AI may be protected. If AI is used solely as a tool by the human author to express their thoughts, for example by having generative AI translate or edit existing text of the author or by modifying pictures similar to what an artist might do with photo editing software, the resulting AI-generated work may still be subject to copyright protection. Equally, if a human sufficiently modifies purely AI-generated content or is creative in the selection or ordering of pieces of AI-generated content, the resulting overall work may also be protected by copyright.

Swiss law uses the terms “manufacturing secrets” and “business secrets”, rather than trade secrets, but there is no distinction in practice. While there is no statutory definition, case law defines trade secrets as any information that (i) is not publicly known, (ii) has commercial value, (iii) the owner has a legitimate interest in keeping secret and (iv) the owner intends to keep secret. A curated training data set, an AI model and the source code of an AI application can therefore constitute a trade secret if the foregoing criteria are met.

Trade secrets are not protected as an absolute right (such as copyright) under Swiss law, but their disclosure or misappropriation is prohibited under specific circumstances, as follows:

• the intentional disclosure of a trade secret by a person subject to a statutory or contractual obligation of secrecy, as well as the exploitation of a secret so disclosed by a third party, constitutes a criminal offence under Article 162 of the Swiss Criminal Code;
• the disclosure or exploitation of trade secrets that were unlawfully accessed or obtained constitutes unfair competition under Article 6 of the UCA;
• the use or exploitation of a work result that was entrusted to a person constitutes unfair competition under Article 5(a) of the UCA;
• the exploitation of a work result by a third party that knew or should have known that the work result was unlawfully made available to it constitutes unfair competition under Article 5(b) of the UCA;
• inducing an employee, agent or other auxiliary staff to disclose a trade secret of their employer constitutes unfair competition under Article 4(c) of the UCA; and
• The disclosure of trade secrets by employees and agents is further prohibited by statutory law applicable to employment agreements (with certain limitations after the expiration of the employment agreement) and to agency agreements.

All of these examples of unfair competition can trigger both civil and criminal liability.

See 15.2 Applicability of Patent and Copyright Law.

Using OpenAI’s products, particularly ChatGPT, touches on multiple issues relating to intellectual property, both on the “input” and on the “output” side, as follows:

• providing a copyrighted work as input to ChatGPT without authorisation by the copyright holder may constitute copyright infringement;
• providing input that is confidential may constitute a breach of contractual confidentiality obligations or trade secrecy;
• using content generated by ChatGPT may constitute copyright infringement if the content includes sufficiently large parts of a copyrighted work (although OpenAI has been working to prevent this type of output in successive updates);
• as content generated by ChatGPT cannot be protected by copyright in Switzerland, a business has no exclusivity for that content, and competitors are generally free to (re-)use the same content (outside of limited restrictions under the UCA); and
• if the content generated by ChatGPT is published and contains inaccuracies with respect to the offerings of the business itself (eg, promoting features its products do not have) or of its competitors (eg, inaccurate comparisons to the competitor’s products), the publication may constitute unfair competition under the UCA.

Many antitrust implications of price-setting using AI are complex and not yet clearly established under Swiss antitrust law. While it is clear that the use of AI to implement pre-agreed horizontal price fixing remains illegal, the possibility of AI autonomously co-ordinating prices among competitors is being discussed among scholars, but there is no settled case law yet.

However, in a vertical price-fixing case, the Swiss Federal Supreme Court held that the communication of manufacturer-suggested retail prices by the manufacturer to its distributors through an automated electronic system with daily price updates constituted an illegal agreement on fixed prices, seeing as all distributors and retailers had reason to believe that these prices would also be used by their competitors (and they in fact complied with the suggested pricing).

At present, Switzerland does not have overarching cybersecurity legislation. Instead, cybersecurity aspects are covered by different acts and regulations at the federal and cantonal (state) level. The FADP, together with the Data Protection Ordinance (DPO), requires federal bodies and private persons that process personal data to ensure an adequate level of data security and to report breaches of data security that likely result in a high risk to the personality or fundamental rights of data subjects to the FDPIC, and in certain cases also to the data subject. Although they do not specifically address AI, these provisions will be of relevance wherever AI is used to process personal data in the private sector.

In addition, the Information Security Act (ISA), which entered into force on 1 January 2024 and primarily governs information security practices by federal authorities and organisations, was amended to include reporting obligations for cyber-attacks on public authorities and providers of critical infrastructure. These reporting obligations apply as of 1 April 2025. Organisations in scope must report cyber-attacks of a certain severity to the National Cyber Security Centre within 24 hours of discovery. The list of critical infrastructure providers specifically includes cloud computing and data centre providers in Switzerland, as well as hardware and software vendors whose products are used by other critical infrastructure providers to control and monitor operational systems and processes or to ensure public safety. It is likely that the reporting obligations will become increasingly relevant for the AI-based solutions used by these two categories of critical infrastructure provider.

Since 1 January 2024, Swiss public companies and supervised financial institutions with at least 500 FTE, and at least CHF20 million in total assets or more than CHF40 million in turnover during two consecutive financial years, are required to submit a report on non-financial (ESG) matters to their annual general meeting for approval. Additional reporting requirements exist for certain companies active in commodities trading and those importing conflict minerals or at risk of using child labour. AI tools may be used to support the drafting of these reports; however, the responsibility for their accuracy remains with the board of directors.

None of these reporting obligations specifically relate to AI, but the use of AI may need to be covered in the report on ESG matters depending on the business model of the reporting company and the environmental impact. Certain Swiss companies have already included statements regarding their use of AI in their ESG reports (mostly highlighting the fact that increased use of AI will increase energy consumption and therefore emissions).

Given that Switzerland does not have AI-specific regulation at present, there are no specific legal requirements with respect to AI governance and compliance. AI governance and compliance strategies should be aimed at ensuring that the use of AI complies with the existing body of Swiss law and should consider the company’s potential exposure to the EU AI Act, which may be relevant by virtue of its extraterritorial application.

Companies should integrate AI governance into their overall corporate governance frameworks. This involves defining clear roles and responsibilities for overseeing compliance, AI initiatives and ensuring that AI aligns with the company’s strategic objectives. If no specific position for AI is to be created, companies should consider allocating the AI portfolio to an existing officer with technical expertise, such as a chief information officer (CIO)/chief technology officer (CTO) or the data protection officer (DPO).

Companies should also ensure sufficient AI competence, both within the board of directors and in the executive teams, to be able to make informed decisions about AI. Ideally, at least one member of the board of directors should have a technical background to provide leadership on AI topics.

AI compliance strategies should include practical guidance for employees to use AI tools. Businesses should ideally adopt internal policies on the use of AI tools, clearly outlining which types of use are permitted and which are not. Depending on the field of business and the contractual frameworks in place, this may include an outright prohibition on using publicly available generative AI tools (eg, public versions of ChatGPT), restrictions on the type of data that may be submitted as input (eg, no confidential information, no personal data) or restrictions on the use of output (eg, mandatory review for accuracy prior to publication).

Businesses should also invest in training their staff in AI literacy to help avoid issues based on ignorance or misunderstanding of the nature and limitations of current AI technologies (eg, mistaking a generative AI chatbot for a classic search engine or not noticing hallucinations).