Sovereignty

Hosting in Switzerland is not enough. Sovereignty is.

For a profession bound by secrecy (Art. 321 of the Swiss Criminal Code), the real test is not where the servers are, but who can be legally compelled to access them. A “Swiss region” operated by a group subject to foreign law remains exposed.


Residency ≠ sovereignty

Swiss location is necessary — but not sufficient

Hosting data in Switzerland answers a data-protection question. Professional secrecy asks another one: can that third party be compelled to open your files?

“My data is in a Swiss region.”

An extraterritorial access law — for instance the US CLOUD Act (18 U.S.C. §2713) — targets the operator subject to that law and obliges it to produce the data “regardless of whether… located within or outside of the United States”: hence even in a “Swiss region”. What matters is not the datacentre's flag, but the law the operator is subject to.

Two datacentres in Switzerland, two outcomes On the left, a datacentre in Switzerland operated by a group subject to foreign law: the extraterritorial order reaches the operator, wherever the servers are — the files remain exposed. On the right, an independent Swiss operator, with no tie to foreign law: the order does not apply — the files are out of reach. That is LEMIA's test. case 1 — residency alone case 2 — sovereignty (LEMIA) Foreign law CLOUD Act, 18 U.S.C. §2713 the order reaches the operator, wherever the servers are Datacentre in Switzerland group subject to foreign law your files exposed, despite the Swiss location Foreign law CLOUD Act, 18 U.S.C. §2713 does not apply: no tie to foreign law Datacentre in Switzerland independent Swiss operator your files out of reach — LEMIA's test

What LEMIA does

Sovereignty, not mere residency

A Swiss operator that cannot be compelled under foreign law

Your files are processed, without exception, by a Swiss operator — with no foreign parent company, on its own servers in Switzerland. Out of reach of any extraterritorial access right.

The rest stays on your own computer

Your content is never read by the vendor, and nothing is written or sent without your approval. The mechanisms are detailed on the Security page.

What we do not claim. The exact threshold at which a foreign cloud becomes inadmissible has not been settled by the courts: that assessment is your lawyer's. We argue on legal compellability, not on proven cases — and your external sends remain your decision.

Source

Verifiable, not declarative

  1. Extraterritorial access — CLOUD Act, 18 U.S.C. §2713: obliges an operator subject to US law to produce the data “regardless of whether… located within or outside of the United States” — compellable even in a “Swiss region”. law.cornell.edu/uscode/text/18/2713 · US federal statute

The risk of foreign access is legally established but has not been publicly demonstrated against Swiss data (sealed proceedings). The full panorama of professional secrecy (Art. 321 of the Swiss Criminal Code, the Swiss Federal Act on Data Protection (nFADP)) is detailed on What LEMIA protects.

Let's talk about your files — without exposing a single one

Write to us: we will clarify what is admissible — or not — for your profession, and how LEMIA fits in.