Because hundreds of thousands of data were apparently openly viewable and manipulable on the Swiss vaccination platform “Meineimpfungen.ch”, the federal data protection officer is active. Consumer protection demands that the vaccination platform be permanently offline.
In the spring session, the Swiss Parliament created the legal basis for an electronic vaccination card.
However, there is a huge problem with the implementation: According to the media report, the intended platform “Meineimpfungen.ch” has serious security gaps.
The Federal Data Protection Officer Adrian Lobsiger is now opening proceedings.
The Federal Data Protection Officer Adrian Lobsiger has initiated proceedings against the operator of the “Meineimpfungen.ch” platform. He writes that in a message. There it says: “The data processing of the vaccination platform is suitable for violating the personal rights of a large number of people, especially since in this case it is particularly sensitive personal data relating to health.”
As the republic (payment text) wrote on Tuesday, 450,000 records were publicly accessible with the electronic vaccination card. Also from federal councilors. As research by the republic shows, there are serious security gaps.
Visible for everyone
According to its own statements, the news portal managed to locate the accounts of Foreign Minister Ignazio Cassis and Defense Minister Viola Amherd. This makes it possible for everyone to see whether the two federal councilors are vaccinated. Furthermore, it would have been “problem-free for the republic to open its vaccination records and access health data that are particularly worthy of protection.” And what applies to them potentially also applies to every other person whose data is stored on “meinimpfungen.ch”.
Meineimpfungen.ch has been temporarily taken offline. Anyone who is currently accessing the platform will only see a maintenance message. In response to a 20-minute request, Nicole Bürki, the communications officer at “Meineimpfungen.ch”, said: “Our primary goal is to eliminate the weaknesses that have become known and to fully guarantee the security of the“ Meineimpfungen.ch ”platform again.” At the moment, the operators have no indications that unauthorized persons have gained access to data.
“BAG must take responsibility”
The Consumer Protection Foundation wants “Meineimpfungen.ch” to go offline permanently. “The activity of Meineimfpungen.ch must be stopped immediately and permanently,” says consumer advocate Sara Stalder in a message. The BAG must now assume its responsibility and ensure that “the population can be issued with a safe and reliable vaccination card.” To this end, consumer protection demands that those already registered are informed whether their data has been misused.
Meineimpfungen.ch is a platform operated by a foundation. It has contracts with nine cantons to coordinate registrations in the cantonal vaccination registration platforms and the nationwide electronic vaccination booklet. It was not until the spring session that parliament decided to adapt the Covid19 law in order to legally legitimize a national vaccination card.
(her / dmo / or)