Bei grossen Gesetzen wie OR und ZGB kann dies bis zu 30 Sekunden dauern

Ordinance
on the Surveillance of Post and Telecommunications
(SPTO)

The Swiss Federal Council,

based on the Federal Act of 18 March 20161 on the Surveillance of Post and Telecommunications (SPTA),
on Articles 269bis paragraph 2, 269ter paragraph 4 and 445 of the Criminal Procedure Code (CrimPC)2
and on Articles 70bis paragraph 2, 70ter paragraph 4 and 218 of the Military Criminal Procedure Code of 23 March 19793 (MCPC),

ordains:

Chapter 1 General Provisions

Section 1 Introduction

Art. 1 Subject matter and scope of application  

1 This Or­din­ance reg­u­lates the or­gan­isa­tion­al as­pects of and pro­ced­ure for the sur­veil­lance of post and tele­com­mu­nic­a­tions and for the pro­vi­sion of in­form­a­tion on postal and tele­com­mu­nic­a­tions ser­vices.4

2 It ap­plies to:

a.
or­der­ing au­thor­it­ies and the au­thor­it­ies dir­ect­ing pro­ceed­ings;
b.
ap­prov­al au­thor­it­ies;
c.
fed­er­al, can­ton­al and com­mun­al po­lice forces;
d.
the Fed­er­al In­tel­li­gence Ser­vice (FIS);
e.
the State Sec­ret­ari­at for Eco­nom­ic Af­fairs (SECO);
f.
fed­er­al and can­ton­al au­thor­it­ies com­pet­ent to deal with ad­min­is­trat­ive crim­in­al cases;
g.
the Post and Tele­com­mu­nic­a­tions Sur­veil­lance Ser­vice (PTSS);
h.
postal ser­vice pro­viders (PSPs);
i.
tele­com­mu­nic­a­tions ser­vice pro­viders (TSPs);
j.5
pro­viders of de­rived com­mu­nic­a­tion ser­vices (PDC­Ss);
k.
op­er­at­ors of in­tern­al tele­com­mu­nic­a­tions net­works;
l.
per­sons who al­low third parties to use their ac­cess to a pub­lic tele­com­mu­nic­a­tions net­work;
m.
pro­fes­sion­al re­tail­ers of cards and sim­il­ar means of gain­ing ac­cess to a pub­lic tele­com­mu­nic­a­tions net­work.

4 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

5 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 2 Terms and abbreviations  

The terms and ab­bre­vi­ations used in this Or­din­ance are defined in the An­nex.

Section 2 Surveillance Order

Art. 3 Submissions to the PTSS 6  

The or­der­ing au­thor­ity and the ap­prov­al au­thor­ity shall trans­mit sur­veil­lance or­ders and or­ders for their ex­ten­sion or ter­min­a­tion, ap­provals and the ac­cess rights to be es­tab­lished to the PTSS as fol­lows:

a.
by means of a se­cure means of trans­mis­sion au­thor­ised by the FD­JP;
b.
by let­ter, if the means of trans­mis­sion in ac­cord­ance with let­ter a is un­avail­able for tech­nic­al reas­ons; or
c.
by tele­phone in ur­gent cases, provided the sur­veil­lance or­der is sub­mit­ted in ac­cord­ance with let­ter a or b with­in 24 hours.

6 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 4 Conduct of surveillance  

1 The PTSS shall de­term­ine in spe­cif­ic cases the tech­nic­al and or­gan­isa­tion­al meas­ures for con­duct­ing sur­veil­lance, un­less these are dir­ectly spe­cified in the ap­plic­able reg­u­la­tions, in par­tic­u­lar for stand­ard­ised types of in­form­a­tion and sur­veil­lance.

2 If, as a res­ult of op­er­a­tion­al prob­lems, a per­son or en­tity re­quired to co­oper­ate is un­able to meet its ob­lig­a­tions for the sur­veil­lance of post or tele­com­mu­nic­a­tions, it shall re­port this to the PTSS without delay and there­after sub­mit a writ­ten state­ment of the reas­ons. The PTSS shall in­form the per­son or en­tity re­quired to co­oper­ate without delay if sur­veil­lance can­not be car­ried out be­cause of op­er­a­tion­al prob­lems on its side.

3 Ir­re­spect­ive of where the cause of the er­ror lies, the per­son or en­tity re­quired to co­oper­ate must tem­por­ar­ily store at least the un­delivered sec­ond­ary tele­com­mu­nic­a­tions data from real-time sur­veil­lance and de­liv­er it without delay. If the sec­ond­ary tele­com­mu­nic­a­tions data from real-time sur­veil­lance is no longer avail­able or in­com­plete, the per­son or en­tity re­quired to co­oper­ate must de­liv­er without delay the sec­ond­ary tele­com­mu­nic­a­tions data from ret­ro­act­ive sur­veil­lance in ac­cord­ance with the in­struc­tions of the PTSS.

Art. 4a Beginning and end of retroactive surveillance 7  

1 Ret­ro­act­ive sur­veil­lance be­gins no earli­er than 6 months be­fore the day on which the or­der is re­ceived by the PTSS, i.e. on the day whose date cor­res­ponds to the date of the day on which the or­der is re­ceived. If the date in ques­tion does not fall with­in the month in which mon­it­or­ing be­gins, mon­it­or­ing be­gins at the earli­est on the last day of that month.

2 It ends no later than the day on which the or­der is re­ceived by the PTSS.

7 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 5 Protection of official or professional secrecy  

If the PTSS es­tab­lishes that the sur­veil­lance relates to a hold­er of of­fi­cial or pro­fes­sion­al secrets but that the stat­utory meas­ures to pro­tect these secrets have not been taken, it shall in the fol­low­ing situ­ations no­ti­fy the or­der­ing au­thor­ity and the ap­prov­al au­thor­ity without delay and ini­tially shall not al­low the former and the per­sons named in the sur­veil­lance or­der ac­cess to the sur­veil­lance data:

a.
if sur­veil­lance has been ordered by a ci­vil­ian pro­sec­u­tion au­thor­ity: in the case of per­sons from the pro­fes­sion­al groups spe­cified in Art­icles 170–173 Crim­PC un­less meas­ures have been taken in ac­cord­ance with Art­icle 271 Crim­PC;
b.
if sur­veil­lance has been ordered by a mil­it­ary pro­sec­u­tion au­thor­ity: in the case of per­sons from the pro­fes­sion­al groups spe­cified in Art­icle 75 let­ter b MCPC un­less meas­ures in ac­cord­ance with Art­icle 70b MCPC have been taken;
c.
if sur­veil­lance has been ordered by the FIS: in the case of per­sons from the pro­fes­sion­al groups spe­cified in Art­icles 171–173 Crim­PC un­less meas­ures have been taken in ac­cord­ance with Art­icle 58 para­graph 3 of the In­tel­li­gence Ser­vice Act of 25 Septem­ber 20158 in con­junc­tion with Art­icle 23 of the In­tel­li­gence Ser­vice Or­din­ance of 16 Au­gust 20179.
Art. 6 Duty of confidentiality  

The sur­veil­lance or the pro­vi­sion of in­form­a­tion shall be car­ried out so that neither the per­son con­cerned nor un­au­thor­ised third parties are aware of it.

Art. 7 Technical data sorting (filtering)  

The PTSS shall at the re­quest of the or­der­ing au­thor­ity carry out auto­mated fil­ter­ing if it is tech­nic­ally able to so and the cost and work­load in­volved is not dis­pro­por­tion­ate.

Art. 8 Recording telephone calls as evidence  

1 The PTSS shall re­cord as evid­ence the tele­phone calls made in con­nec­tion with its du­ties.

2 Any eval­u­ations of the re­cord­ing shall be car­ried out by the data pro­tec­tion of­ficer or the PTSS Data Pro­tec­tion Com­mis­sion­er.10

3 The PTTS shall re­tain the re­cor­ded tele­phone calls for two years and there­after des­troy the re­cord­ings.

10 Amended by An­nex 2 No II 85 of the Data Pro­tec­tion Or­din­ance of 31 Aug. 2022, in force since 1 Sept. 2023 (AS 2022 568).

Art. 9 Surveillance file  

1 The PTSS shall open a file in the pro­cessing sys­tem for each sur­veil­lance or­der.

2 The file con­tains all the doc­u­ments on the case con­cerned, namely:

a.
the sur­veil­lance or­der and its at­tach­ments;
b.
the sur­veil­lance as­sign­ment or as­sign­ments is­sued to the rel­ev­ant per­son or en­tity re­quired to co­oper­ate;
c.
the con­firm­a­tion or con­firm­a­tions of when the as­sign­ment was is­sued to the per­son or en­tity re­quired to co­oper­ate;
d.
the writ­ten ac­know­ledg­ment from the per­son or en­tity re­quired to co­oper­ate that the sur­veil­lance as­sign­ment or as­sign­ments has or have been car­ried out;
e.
the rul­ings from the ap­prov­al au­thor­ity on the ap­prov­al or non-ap­prov­al of the sur­veil­lance or­der to­geth­er with any ap­peal de­cisions;
f.
any ex­ten­sion or­ders and rul­ings from the ap­prov­al au­thor­ity;
g.
the ter­min­a­tion or­der;
h.
the cor­res­pond­ence re­lat­ing to the meas­ure;
i.
the pro­tec­tion meas­ures spe­cially ordered;
j.
the ac­count­ing re­cords.

3 The sur­veil­lance data shall be stored in ac­cord­ance with Art­icle 11 SPTA and des­troyed in ac­cord­ance with Art­icle 14 of the Or­din­ance of 15 Novem­ber 201711 on the Pro­cessing Sys­tem for the Sur­veil­lance of Post and Tele­com­mu­nic­a­tions (PSO-PTSS).

Section 3 Working Hours and On-Call Arrangements

Art. 10 Normal working hours and public holidays  

1 Nor­mal work­ing hours for the PTSS and the per­sons or en­tit­ies re­quired to co­oper­ate are Monday to Fri­day con­tinu­ously from 8am to 5pm.

2 Nor­mal work­ing hours do not ap­ply on pub­lic hol­i­days. These are 1 and 2 Janu­ary, Good Fri­day, East­er Monday, As­cen­sion Day, Whit Monday, 1 Au­gust, 24 Decem­ber from noon, 25 and 26 Decem­ber and New Year’s Eve (31 Decem­ber) from noon.

Art. 11 Services outside normal working hours and on public holidays 12  

1 Out­side nor­mal work­ing hours and on pub­lic hol­i­days, the PTSS, the TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), and the PDC­Ss with more ex­tens­ive sur­veil­lance du­ties (Art. 52) must provide an on-call ser­vice dur­ing which they must be avail­able at all times in or­der to rec­ti­fy faults and provide the fol­low­ing ser­vices in­so­far as they are re­quired to do so in ac­cord­ance with Art­icles 18 and 50:

a.
provid­ing in­form­a­tion in ac­cord­ance with Art­icles 35–43, 48a–48c and in ac­cord­ance with Art­icle 27 in con­junc­tion with the Art­icles 35, 40, 42 and 43;
b.
ac­tiv­at­ing real-time sur­veil­lance in ac­cord­ance with Art­icles 54–59;
c.
con­duct­ing ur­gent ret­ro­spect­ive sur­veil­lance activ­it­ies in ac­cord­ance with Art­icles 60–63, 65 and 66;
d.
con­duct­ing miss­ing per­son searches in ac­cord­ance with Art­icle 67 and wanted per­son searches in ac­cord­ance with Art­icle 68, with the ex­cep­tion of net­work cov­er­age ana­lys­is in pre­par­a­tion for an an­tenna search in ac­cord­ance with Art­icle 64;
e.
is­su­ing as­sign­ments for the mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists in ac­cord­ance with Art­icle 68a;

2 The au­thor­it­ies must no­ti­fy the PTSS on-call ser­vice by tele­phone of ser­vices provided un­der para­graph 1, un­less the in­form­a­tion is provided auto­mat­ic­ally via the query in­ter­face of the pro­cessing sys­tems.

3 Re­quests for spe­cial in­form­a­tion and or­ders for spe­cial sur­veil­lance activ­it­ies (Art. 25) shall not be ac­cep­ted or pro­cessed out­side nor­mal work­ing hours or on pub­lic hol­i­days.

4 TSPs with re­duced sur­veil­lance du­ties (Art. 51), PDC­Ss and PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion (Art. 22) that already have an in­tern­al on-call ser­vice must provide the PTSS with the cur­rent con­tact de­tails for their on-call ser­vice. In par­tic­u­larly ur­gent cases, the PTSS is per­mit­ted to con­tact them out­side nor­mal work­ing hours and on pub­lic hol­i­days via this chan­nel.

12 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 4 Statistics

Art. 12 Statistics on surveillance measures and information  

1 The PTSS shall pub­lish stat­ist­ics every year about the sur­veil­lance activ­it­ies ordered in the pre­vi­ous cal­en­dar year and the in­form­a­tion provided. These shall in­dic­ate in par­tic­u­lar the num­ber:

a.
of sur­veil­lance meas­ures in real time;
b.
of ret­ro­act­ive sur­veil­lance meas­ures;
c.
of in­stances in which in­form­a­tion was provided;
d.
of miss­ing per­son searches;
e.
of wanted per­son searches;
f.13
of mo­bile phone loc­al­isa­tions of sus­pec­ted ter­ror­ists.

2 The stat­ist­ics in ac­cord­ance with para­graph 1 shall in­dic­ate:

a.
the type of of­fence;
b.
the can­ton of the or­der­ing au­thor­ity, the or­der­ing fed­er­al au­thor­ity or, in the case of miss­ing per­son searches, also an au­thor­ity from the Prin­cip­al­ity of Liecht­en­stein, and in the case of in­form­a­tion, the com­pet­ent can­ton­al or fed­er­al au­thor­ity (Art. 1 para. 2 lets c–f);
c.14
the nature of the in­form­a­tion, sur­veil­lance, miss­ing per­son search or wanted per­son search or mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists;
d.
the dur­a­tion of sur­veil­lance, if ap­plic­able;
e.
the fees;
f.
the com­pens­a­tion.

13 In­ser­ted by No I 12 of the O of 4 May 2022 on Po­lice Coun­terter­ror­ism Meas­ures, in force since 1 June 2022 (AS 2022 301).

14 Amended by No I 12 of the O of 4 May 2022 on Po­lice Coun­terter­ror­ism Meas­ures, in force since 1 June 2022 (AS 2022 301).

Art. 13 S tatistics on surveillance measures with special technical devices and special IT programs  

1 Pub­lic pro­sec­utor’s of­fices and mil­it­ary ex­amin­ing ma­gis­trates shall keep an­nu­al stat­ist­ics on the spe­cial tech­nic­al devices and spe­cial in­form­a­tion tech­no­logy pro­grams used in the pre­vi­ous cal­en­dar year for sur­veil­lance activ­it­ies (Art. 269bis para. 2 and 269ter para. 4 Crim­PC and Art. 70bis para. 2 and 70ter para. 4 MCPC re­spect­ively). The stat­ist­ics shall in­dic­ate the type of of­fence.

2 Pub­lic pro­sec­utor’s of­fices and the Of­fice of the Mil­it­ary At­tor­ney Gen­er­al at the DDPS shall sub­mit the stat­ist­ics to the PTSS in the first quarter of the fol­low­ing year. The stat­ist­ics shall in­dic­ate only as­sign­ments con­cluded in the year con­cerned.

3 The PTSS shall pub­lish con­sol­id­ated stat­ist­ics every year. These do not con­tain any de­tails of the can­ton of the or­der­ing au­thor­ity or the fed­er­al or­der­ing au­thor­ity.

Chapter 2 Postal Deliveries

Art. 14 Obligations of PSPs  

1 Each PSP must be able to provide the in­form­a­tion spe­cified in Art­icle 20 SPTA and con­duct the types of sur­veil­lance spe­cified in Art­icle 16 in­so­far as the in­form­a­tion and sur­veil­lance activ­it­ies re­late to ser­vices that the PSP provides.

2 Each PSP must en­sure that it can ac­cept and ex­ecute the re­quests for in­form­a­tion and sur­veil­lance or­ders dur­ing nor­mal work­ing hours.

Art. 15 Order to conduct surveillance of postal deliveries  

The sur­veil­lance or­der sub­mit­ted to the PTSS shall con­tain the fol­low­ing in­form­a­tion:

a.
con­tact de­tails for the or­der­ing au­thor­ity;
b.
con­tact de­tails for the per­sons au­thor­ised to be the re­cip­i­ents of the sur­veil­lance data;
c.
if known, the sur­name, first name, date of birth, ad­dress and oc­cu­pa­tion of the per­son to be placed un­der sur­veil­lance;
d.
ref­er­ence num­bers and case names for the sur­veil­lance activ­it­ies;
e.
the reas­on for sur­veil­lance, in par­tic­u­lar the crim­in­al of­fence to be in­vest­ig­ated by means of sur­veil­lance;
f.
the name of the PSP;
g.
the types of sur­veil­lance ordered;
h.
if ne­ces­sary, ad­di­tion­al in­form­a­tion on a per­son’s postal traffic;
i.
the start and dur­a­tion of sur­veil­lance;
j.
in the case of per­sons bound by pro­fes­sion­al secrecy in ac­cord­ance with Art­icle 271 Crim­PC or Art­icle 70b MCPC: a note on this as­pect;
k.
if need be, the meas­ures to pro­tect per­sons hold­ing pro­fes­sion­al secrets and fur­ther pro­tec­tion meas­ures that the au­thor­it­ies, the PSP and the PTSS must take.
Art. 16 Types of surveillance  

The fol­low­ing types of sur­veil­lance may be ordered:

a.
the in­ter­cep­tion of postal de­liv­er­ies (real time-sur­veil­lance; Sur­veil­lance Type PO_1_RT_IN­TER­CEP­TION);
b.
the pro­vi­sion of the fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data (real-time sur­veil­lance; Sur­veil­lance Type PO_2_RT_DE­LIV­ERY), in­so­far as they are avail­able:
1.
the ad­dress­ee,
2.
the sender,
3.
the type,
4.
the mail­ing loc­a­tion,
5.
the de­liv­ery status,
6.
the re­cip­i­ent’s sig­na­ture;
c.
the pro­vi­sion of the fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data (ret­ro­act­ive sur­veil­lance; Sur­veil­lance Type PO_3_HD):
1.
for postal de­liv­er­ies with proof of de­liv­ery: the re­cip­i­ent and the sender as well as the type, the mail­ing loc­a­tion and the de­liv­ery status of the postal de­liv­ery, if avail­able,
2.
if the PSP has re­cor­ded any ad­di­tion­al sec­ond­ary tele­com­mu­nic­a­tions data: all avail­able data.

Chapter 3 Telecommunications

Section 1 General Provisions on Information and Surveillance Activities

Art. 17 Requests for information  

1 Re­quests for in­form­a­tion from the au­thor­it­ies spe­cified in Art­icle 15 SPTA to TSPs, pro­viders of de­rived com­mu­nic­a­tion, PDC­Ss15 and op­er­at­ors of in­tern­al tele­com­mu­nic­a­tions net­works as well as the in­form­a­tion re­turned to the au­thor­it­ies are trans­mit­ted in the on­line re­quest pro­ced­ure or via the in­ter­faces us­ing the pro­cessing sys­tem spe­cified in the PSO-PTSS16.

2 If the on­line re­quest pro­ced­ure us­ing the pro­cessing sys­tem is un­avail­able for tech­nic­al reas­ons, re­quests for in­form­a­tion and the in­form­a­tion re­turned to the au­thor­it­ies may be sub­mit­ted to the PTSS by post or fax.

3 In ur­gent cases, the au­thor­it­ies may sub­mit re­quests for in­form­a­tion by tele­phone to the PTSS, and sub­mit the re­quest for in­form­a­tion spe­cified in para­graph 1 or 2 sub­sequently.

4 The re­quest for in­form­a­tion must in­dic­ate, in ad­di­tion to the de­tails re­quired for the type of in­form­a­tion con­cerned, the max­im­um num­ber of data re­cords to be sup­plied and, if avail­able, the ref­er­ence num­bers and case names.

15 Term in ac­cord­ance with No 1 para. 2 of the FA of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685). This amend­ment is made in the pro­vi­sions spe­cified in the AS.

16 SR 780.12

Art. 18 Obligations of TSPs and PDCSs with more extensive duties to provide information 17  

1 The fol­low­ing pro­viders of de­rived com­mu­nic­a­tion ser­vices shall provide the in­form­a­tion via the query in­ter­face of the PTSS pro­cessing sys­tem:

a.
TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties 51);
b.
PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion (Art. 22);
c.
PDC­Ss with more ex­tens­ive sur­veil­lance du­ties (Art. 52).

2 TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties, shall provide the in­form­a­tion in ac­cord­ance with Art­icles 35–37, 40, 41 and 48b and in ac­cord­ance with Art­icle 27 in con­junc­tion with the Art­icles 35 and 40 auto­mat­ic­ally. They shall provide oth­er stand­ard­ised in­form­a­tion manu­ally or auto­mat­ic­ally if they so re­quest and by ar­range­ment with the PTSS.

3 TSPs with re­duced sur­veil­lance du­ties are not re­quired to provide in­form­a­tion in ac­cord­ance with Art­icle 48b. They shall provide the stand­ard­ised in­form­a­tion as fol­lows:

a.
in writ­ing, out­side the pro­cessing sys­tem by means of a se­cure means of trans­mis­sion au­thor­ised by the FD­JP;
b.
manu­ally, via the query in­ter­face of the pro­cessing sys­tem; or
c.
auto­mat­ic­ally, if they so re­quest and by ar­range­ment with the PTSS.

4 PDC­Ss with more ex­tens­ive du­ties in ac­cord­ance with Art­icle 22 or 52 shall provide the in­form­a­tion in ac­cord­ance with Art­icles 35–37, 40 and 41 and in ac­cord­ance with Art­icle 27 in con­junc­tion with Art­icles 35 and 40 auto­mat­ic­ally. They are not re­quired to provide in­form­a­tion in ac­cord­ance with Art­icles 48a–48c. They shall provide the oth­er stand­ard­ised in­form­a­tion manu­ally or, if they so re­quest and by ar­range­ment with the PTSS, auto­mat­ic­ally.

17 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 18a Obligations of PDCSs without more extensive duties and operators of internal telecommunications networks to provide information 18  

1 PDC­Ss without more ex­tens­ive du­ties and op­er­at­ors of in­tern­al tele­com­mu­nic­a­tions net­works are not re­quired to ad­here to the types provided for in this Or­din­ance when provid­ing in­form­a­tion.

2 They shall sup­ply the in­form­a­tion avail­able to them in writ­ing out­side the pro­cessing sys­tem via a se­cure means of trans­mis­sion au­thor­ised by the FD­JP.

3 They may if they so re­quest provide the in­form­a­tion manu­ally via the query in­ter­face of the PTSS pro­cessing sys­tem or auto­mat­ic­ally by ar­range­ment with the PTSS.

18 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 18b Involvement of third parties in providing information 19  

The per­sons or en­tit­ies re­quired to co­oper­ate may en­gage third parties to provide in­form­a­tion.

19 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 18c Disclosure of the number of data records when providing information 20  

If the num­ber the data re­cords found ex­ceeds the max­im­um num­ber spe­cified in the re­quest, the per­son or en­tity re­quired to co­oper­ate shall only dis­close their num­ber.

20 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 19 Identification of the participants  

1 TSPs, PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion in ac­cord­ance with Art­icle 22, PDC­Ss with more ex­tens­ive sur­veil­lance du­ties in ac­cord­ance with Art­icle 52 and re­tail­ers in ac­cord­ance with Art­icle 2 let­ter f SPTA must en­sure that sub­scribers are iden­ti­fied by suit­able means.

2 In the case of pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess points21, TSPs must en­sure that all end users are iden­ti­fied by suit­able means.

21 Term in ac­cord­ance with No 1 para. 1 of the FA of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685). This amend­ment is made in the pro­vi­sions spe­cified in the AS.

Art. 20 Verifying personal details in the case of mobile services 22  

1 When sup­ply­ing the means of ac­cess to mo­bile ser­vices or on the ini­tial ac­tiv­a­tion of such ser­vices, the TSP must veri­fy the proof of iden­tity in ac­cord­ance with Art­icles 20a and 20b.

2 This ob­lig­a­tion ap­plies to the re­tail­er in ac­cord­ance with Art­icle 2 let­ter f SPTA and not the TSP, if the means of ac­cess is sup­plied or the ser­vices are ini­tially ac­tiv­ated dir­ectly by the re­tail­er.

3 The TSP shall veri­fy in an ap­pro­pri­ate man­ner the due re­gis­tra­tion and iden­ti­fic­a­tion of the sub­scriber by the re­tail­er and that the TSP has re­ceived the in­form­a­tion and the copy of the iden­tity doc­u­ment.

22 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 20a Provision of the proof of identity by natural persons in the case of mobile services 23  

1 Where the sub­scriber is a nat­ur­al per­son, proof of the iden­tity must be provided by pro­du­cing any one of the fol­low­ing doc­u­ments, which must be val­id on the day of re­cord­ing:

a.
a Swiss or for­eign pass­port;
b.
a Swiss or for­eign iden­tity card; or
c.
a for­eign na­tion­al iden­tity card in ac­cord­ance with the Art­icle 71 and 71a of the Or­din­ance of 24 Oc­to­ber 200724 on Ad­mis­sion, Peri­od of Stay and Em­ploy­ment.

2 The fol­low­ing data about the sub­scriber shall be re­cor­ded:

a.
based on the doc­u­ment:
1.
sur­name and giv­en name(s),
2.
date of birth,
3.
type of doc­u­ment, num­ber and the is­su­ing coun­try or is­su­ing or­gan­isa­tion,
4.
na­tion­al­it­ies;
b.
ad­dress;
c.
if known: oc­cu­pa­tion.

3 In the case of cus­tom­er re­la­tion­ships that are not based on a sub­scrip­tion con­tract the fol­low­ing data must also be re­cor­ded:

a.
the time at which the means of ac­cess was sup­plied or the ser­vices were first ac­tiv­ated;
b.
the name and full ad­dress of the point of sup­ply or ac­tiv­a­tion;
c.
the sur­name and giv­en name(s) of the per­son re­cord­ing the data.

4 The TSP or if ap­plic­able the re­tail­er must make or have made an eas­ily legible elec­tron­ic copy of the ori­gin­al doc­u­ment. The re­tail­er shall sup­ply the data in ac­cord­ance with para­graphs 2 and 3 and the copy to the TSP with­in 3 days of re­cord­ing the data.

23 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

24 SR 142.201

Art. 20b Provision of proof of identity of legal entities in the case of mobile services 25  

1 In the case of leg­al en­tit­ies, the fol­low­ing data must be re­cor­ded and veri­fied based on suit­able proof:

a.
the name, re­gistered of­fice and con­tact data of the leg­al en­tity;
b.
the unique busi­ness iden­ti­fic­a­tion num­ber (UID) in ac­cord­ance with the Fed­er­al Act of 18 June 201026 on the Busi­ness Iden­ti­fic­a­tion Num­ber or the in­ter­na­tion­al leg­al en­tity iden­ti­fi­er (LEI) of the leg­al en­tity;
c.
if avail­able, the names and fore­names of the per­sons who will use the pro­vider’s ser­vices.

2 Re­tail­ers shall sup­ply the in­form­a­tion to the TSP with­in 3 days of re­cord­ing the data.

3 Art­icle 20apara­graph 3 ap­plies mu­tatis mutandis.

25 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

26 SR 431.03

Art. 20c Supply of means of access and activation of services for police authorities and the FIS 27  

1 The PTSS shall at the re­quest of the fed­er­al or can­ton­al po­lice au­thor­it­ies or of the FIS ar­range for a con­tract to be con­cluded between a TSP and the au­thor­ity on the sup­ply­ing the means of ac­cess and ac­tiv­at­ing the ser­vices. The con­tract shall provide that the in­form­a­tion in ac­cord­ance with Art­icle 20b is only ac­cess­ible to a par­tic­u­larly small group of trust­worthy per­sons. The TSP shall de­cide in con­sulta­tion with the PTSS on the meth­ods by which fur­ther dis­clos­ure of the data can be pre­ven­ted.

2 The PTSS shall veri­fy the iden­tity of the per­sons who are en­titled to ob­tain means of ac­cess and ser­vices on be­half of the au­thor­it­ies, and shall pass on the in­form­a­tion re­quired to sup­ply this means of ac­cess and to ac­tiv­ate these ser­vices to the TSP. The TSP shall doc­u­ment the means of ac­cess sup­plied to and the ser­vices ac­tiv­ated for the au­thor­it­ies in­tern­ally.

3 The means of ac­cess and ser­vices in ac­cord­ance with this Art­icle may only be used with­in the scope of the law ap­plic­able to the au­thor­ity con­cerned.

27 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 21 Retention periods 28  

1 The fol­low­ing pro­viders must re­tain and be able to provide the fol­low­ing data for the dur­a­tion of and for 6 months fol­low­ing the end of the cus­tom­er re­la­tion­ship:

a.
TSPs and PDC­Ss with more ex­tens­ive du­ties in ac­cord­ance with Art­icle 22 or 52: the data on the ser­vices and the data for the pur­pose of iden­ti­fic­a­tion in ac­cord­ance with Art­icle 19 para­graph 1;
b.
TSPs: in ad­di­tion, data on iden­ti­fi­ers as­signed on a long-term basis in ac­cord­ance with Art­icle 48a.

2 TSPs must re­tain and be able to provide iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 for the dur­a­tion of and for 6 months fol­low­ing the end of au­thor­isa­tion to ac­cess the pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess.

3 They must for the pur­pose of iden­ti­fic­a­tion re­tain the data on the unique as­sign­ment of IP ad­dresses for the net­work ac­cess point for 6 months and be able to provide the in­form­a­tion in ac­cord­ance with Art­icle 37.

4 TSPs that of­fer mo­bile ser­vices must re­tain and be able to sup­ply the data on the sub­scribers in ac­cord­ance with Art­icles 20a and 20b and a copy of the proof of iden­tity for the dur­a­tion of and for 6 months fol­low­ing the end of the cus­tom­er re­la­tion­ship.

5 TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), must re­tain the fol­low­ing data for the pur­pose of iden­ti­fic­a­tion for 6 months:

a.
sec­ond­ary tele­com­mu­nic­a­tions data re­lat­ing to the device iden­ti­fi­ers ac­tu­ally used, in or­der to be able to provide the in­form­a­tion spe­cified in Art­icles 36 para­graph 1 let­ter b and 41 para­graph 1 let­ter b num­ber 2;
b.
sec­ond­ary tele­com­mu­nic­a­tions data re­lat­ing to the as­sign­ment and trans­la­tion (NAT) of IP ad­dresses and port num­bers for the net­work ac­cess, in or­der to be able to provide the in­form­a­tion spe­cified in Art­icles 38 and 39; and
c.
sec­ond­ary tele­com­mu­nic­a­tions data to de­term­ine the net­works dir­ectly ad­ja­cent to a com­mu­nic­a­tion or an at­tempt at com­mu­nic­a­tion us­ing tele­phony and mul­ti­me­dia ser­vices in or­der to be able to provide the in­form­a­tion in ac­cord­ance with Art­icle 48c.

6 PDC­Ss with more ex­tens­ive sur­veil­lance du­ties (Art. 52) must re­tain the data in ac­cord­ance with para­graph 5 let­ters a and b for 6 months for the pur­pose of iden­ti­fic­a­tion.

7 The sec­ond­ary tele­com­mu­nic­a­tions data un­der para­graph 2 must be des­troyed as soon as the re­ten­tion peri­od has ex­pired, un­less oth­er le­gis­la­tion re­quires or per­mits such data to be re­tained for longer.

28 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 22 PDCSs with more extensive duties to provide information  

1 The PTSS shall de­clare a PDC­Ss to be a pro­vider with more ex­tens­ive du­ties to provide in­form­a­tion (Art. 22 para. 4 SPTA), if it has met one of the fol­low­ing cri­ter­ia:

a.
100 re­quests for in­form­a­tion in the past 12 months (ef­fect­ive date: 30 June);
b.
an­nu­al turnover in Switzer­land of CHF 100 mil­lion in two suc­cess­ive fin­an­cial years, provided a large part of its busi­ness op­er­a­tions provides de­rived com­mu­nic­a­tion ser­vices and 5,000 sub­scribers use the pro­vider’s ser­vices.

2 If a pro­vider con­trols one or more un­der­tak­ings re­quired to file fin­an­cial re­ports as defined in Art­icle 963 para­graph 2 of the Code of Ob­lig­a­tions29, the pro­vider and the con­trolled un­der­tak­ings must be re­garded as a single unit when cal­cu­lat­ing the val­ues in ac­cord­ance with para­graph 1.

3 Pro­viders that ex­ceed or fail to meet the cri­ter­ia in para­graph 1 let­ter b must no­ti­fy the PTSS of this in writ­ing with­in three months of the end of their fin­an­cial year and sub­mit re­lated sup­port­ing doc­u­ments.

4 Pro­viders must on re­quest provide the PTSS with the in­form­a­tion and sup­port­ing doc­u­ments for as­sess­ing the cri­ter­ia un­der para­graph 1 let­ter b. The PTSS may rely on data ob­tained in im­ple­ment­ing the le­gis­la­tion re­lat­ing to the sur­veil­lance of post and tele­com­mu­nic­a­tions or by oth­er au­thor­it­ies in im­ple­ment­ing fed­er­al law.

5 A pro­vider that is de­clared to have more ex­tens­ive du­ties to provide in­form­a­tion must en­sure that it can store the data re­quired for provid­ing in­form­a­tion with­in 2 months and provide the in­form­a­tion with­in 12 months of the de­clar­a­tion.

Art. 23 Assistance in providing information and conducting surveillance activities  

If third parties are en­gaged by the pro­vider to as­sist in provid­ing in­form­a­tion or con­duct­ing sur­veil­lance activ­it­ies, they shall be sub­ject to the same re­quire­ments as the pro­vider. The pro­vider re­mains re­spons­ible for provid­ing in­form­a­tion and con­duct­ing the sur­veil­lance activ­it­ies ordered to the ex­tent spe­cified; in par­tic­u­lar it shall take the meas­ures re­quired to en­sure that suit­able con­tact per­sons for provid­ing in­form­a­tion and con­duct­ing the sur­veil­lance activ­it­ies ordered are avail­able to the PTSS at all times. Both the pro­vider as­signed the task by the PTSS and its as­sist­ants serve as con­tact points for the PTSS.

Art. 24 Standardisation of types of information and surveillance  

1 The Fed­er­al Justice and Po­lice De­part­ment (FD­JP) shall stand­ard­ise the types of in­form­a­tion and sur­veil­lance that are defined in this Or­din­ance.

2 If, based on the in­ter­na­tion­al stand­ards and the en­quir­ies made of the per­sons or en­tit­ies re­quired to co­oper­ate, it proves im­possible or un­reas­on­able to stand­ard­ise a type of in­form­a­tion or sur­veil­lance, the FD­JP shall dis­pense with do­ing so.

Art. 25 Special information and surveillance activities  

In the case of in­form­a­tion and sur­veil­lance activ­it­ies that do not cor­res­pond to a stand­ard­ised type of in­form­a­tion or sur­veil­lance, TSPs and PDC­Ss shall provide the PTSS with all already avail­able in­ter­faces and con­nec­tions to the PTSS pro­cessing sys­tem. The con­tent and the sec­ond­ary tele­com­mu­nic­a­tions data of the tele­com­mu­nic­a­tion of the per­son un­der sur­veil­lance must be sup­plied as far as pos­sible in ac­cord­ance with Art­icle 26 para­graph 1 SPTA. The PTSS shall de­term­ine the mod­al­it­ies in spe­cif­ic cases.

Art. 26 Types of information 30  

1 The types of in­form­a­tion re­late to in­form­a­tion about:

a.
the sub­scribers (Art. 35, 40, 42 and 43 to­geth­er with Art. 27 in con­junc­tion with these art­icles);
b.
ser­vices (Art. 36–39 and 41);
c.
the meth­od of pay­ment (Art. 44);
d.
the proof of iden­tity (Art. 45);
e.
the cop­ies of in­voices (Art. 46);
f.
the cop­ies of con­tracts (Art. 47);
g.
the tech­nic­al data re­lat­ing to tele­com­mu­nic­a­tions sys­tems and net­work ele­ments (Art. 48);
h.
the iden­ti­fi­ers as­signed (Art. 48a and 48b); and
i.
de­term­in­ing the ad­ja­cent net­works (Art. 48c).

2 The au­thor­it­ies may only re­quest the in­form­a­tion that per­sons or en­tit­ies re­quired to co­oper­ate are re­quired to provide in ac­cord­ance with the pro­ced­ures defined in this Or­din­ance.

30 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 27 Obtaining information with a flexible name search  

1 Re­quests for types of in­form­a­tion spe­cified in Art­icles 35, 40, 42 and 43 may be com­plied with by car­ry­ing out a search that tol­er­ates er­rors and finds phon­et­ic matches (flex­ible name search). In this case, the suf­fix “FLEX” shall be ad­ded to the ab­bre­vi­ation for the rel­ev­ant in­form­a­tion re­quest type: IR_5_N­A_FLEX, IR_11_TEL_FLEX, IR_14_e­mail _FLEX and IR_16_­COM_FLEX.

2 The re­quest for in­form­a­tion shall in each case con­tain the first and at least one ad­di­tion­al query cri­terion for the un­der­ly­ing in­form­a­tion re­quest type.

Art. 28 Types of surveillance 31  

The types of sur­veil­lance are as fol­lows:

a.
real-time sur­veil­lance:
1.
of sec­ond­ary tele­com­mu­nic­a­tions data in the case of net­work ac­cess ser­vices (Art. 54),
2.
of con­tent and sec­ond­ary tele­com­mu­nic­a­tions data in the case of net­work ac­cess ser­vices (Art. 55),
3.
of sec­ond­ary tele­com­mu­nic­a­tions data in the case of ap­plic­a­tions (Art. 56 and 58),
4.
by means of po­s­i­tion de­term­in­a­tion by the net­work (Art. 56a and 56b),
5.
of con­tent and sec­ond­ary tele­com­mu­nic­a­tions data in the case of ap­plic­a­tions (Art. 57 and 59);
b.
ret­ro­act­ive sur­veil­lance:
1.
of net­work ac­cess ser­vices (Art. 60),
2.
of ap­plic­a­tions (Art. 61 and 62),
3.
by de­term­in­ing the loc­a­tion of the most re­cent activ­ity (Art. 63),
4.
by means of an an­tenna search (Art. 66) and the re­lated pre­par­a­tions (Art. 64 and 65);
c.
the miss­ing per­son search (Art. 67):
1.
by de­term­in­ing the loc­a­tion of the most re­cent activ­ity (Art. 67 let. a),
2.
by means of po­s­i­tion de­term­in­a­tion by the net­work (Art. 67 let. b and c),
3.
by means of real-time sur­veil­lance of con­tent and sec­ond­ary tele­com­mu­nic­a­tions data for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices (Art. 67 let. d),
4.
by means of real-time sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices (Art. 67 let. e),
5.
by means of ret­ro­act­ive sur­veil­lance of net­work ac­cess ser­vices and in the case of tele­phony and mul­ti­me­dia ser­vices (Art. 67 let. f);
d.
the wanted per­son search (Art. 68):
1.
by de­term­in­ing the loc­a­tion of the most re­cent activ­ity (Art. 68 para. 1 let. a),
2.
by means of po­s­i­tion de­term­in­a­tion by the net­work (Art. 68 para. 1 let. b and c),
3.
by means of real-time sur­veil­lance of con­tent and sec­ond­ary tele­com­mu­nic­a­tions data for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices (Art. 68 para. 1 let. d),
4.
by means of real-time sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices (Art. 68 para. 1 let. e),
5.
by means of real-time sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices (Art. 68 para. 1 let. f),
6.
by means of an an­tenna search and the re­lated pre­par­a­tions (Art. 68 para. 1 let. g);
e.
real-time mo­bile phone loc­al­isa­tion of ter­ror­ist sus­pects (Art. 68a).

31 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 2 Quality Assurance

Art. 29 Quality of the data transmitted  

1 The qual­ity of the data trans­mit­ted is ac­cept­able if:

a.
the data de­liv­ery meets the re­quire­ments spe­cified by the FD­JP;
b.
the data is de­livered without loss of data and without in­ter­rup­tions; and
c.
the trans­mit­ted sur­veil­lance data or in­form­a­tion data cor­res­pond to that spe­cified in the sur­veil­lance or­der or re­quest for in­form­a­tion.

2 The per­sons or en­tit­ies re­quired to co­oper­ate are re­spons­ible for the qual­ity of the trans­mit­ted in­form­a­tion and sur­veil­lance data up to the point of de­liv­ery.

3 If a pro­vider or the PTSS iden­ti­fies any de­fects in the qual­ity of the data trans­mit­ted, they shall in­form each oth­er without delay. The PTSS shall de­term­ine the ser­i­ous­ness of the de­fects and the pro­ced­ure for their rec­ti­fic­a­tion after con­sult­ing the pro­vider. The pro­vider and the PTSS shall in­form each oth­er reg­u­larly and promptly about the status of the rec­ti­fic­a­tion of de­fects.

Art. 30 Test connections  

1 The PTSS may make test con­nec­tions; in do­ing so, it may work with the pro­sec­u­tion au­thor­it­ies and the FIS. The tests serve the fol­low­ing pur­poses in par­tic­u­lar:

a.
as­sur­ing the qual­ity of the data di­ver­ted to the PTSS and the pro­sec­u­tion au­thor­it­ies by the per­sons or en­tit­ies re­quired to co­oper­ate;
b.
veri­fy­ing the abil­ity of the per­sons or en­tit­ies re­quired to co­oper­ate to provide in­form­a­tion and con­duct sur­veil­lance;
c.
test­ing the PTSS pro­cessing sys­tem;
d.
train­ing;
e.
gen­er­at­ing ref­er­ence data.

2 The PTSS may in­struct the per­sons or en­tit­ies re­quired to co­oper­ate to par­ti­cip­ate in gen­er­at­ing the test data. The PTSS shall draw up a test plan after con­sult­ing the per­sons or en­tit­ies re­quired to co­oper­ate.

3 The per­sons or en­tit­ies re­quired to co­oper­ate shall provide the PTSS with the re­quired test con­nec­tions and the re­quired tele­com­mu­nic­a­tions ser­vices or de­rived com­mu­nic­a­tions ser­vices at its re­quest free of charge and per­man­ently. They shall as­sist the PTSS in mak­ing the re­quired test con­nec­tions that they can­not them­selves provide.32

4 The pro­sec­u­tion au­thor­it­ies and the FIS may also make test con­nec­tions at their own ex­pense for the pur­pose of qual­ity as­sur­ance and the train­ing. To this end, they shall sub­mit or­ders to the PTSS and pay fees.

32 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 3 Ensuring Ability to provide Information and conduct Surveillance

Art. 31 Verifying ability to provide information and conduct surveillance  

1 TSPs and PDC­Ss with more ex­tens­ive in­form­a­tion (Art. 22) or sur­veil­lance du­ties (Art. 52) shall in ac­cord­ance with Art­icle 33 para­graph 1 SPTA provide proof of their abil­ity to provide in­form­a­tion and con­duct sur­veil­lance.

2 Proof is provided if:

a.
the tests that must be con­duc­ted in ac­cord­ance with PTSS re­quire­ments have been suc­cess­fully com­pleted; and
b.
the pro­vider con­firms in a ques­tion­naire drawn up by the PTSS it meets the re­quire­ments in re­la­tion to stand­ard­ised in­form­a­tion and sur­veil­lance activ­it­ies that can­not be proven by test­ing.

3 The PTSS shall en­sure that it con­ducts the veri­fic­a­tion pro­cess promptly and does not cause any delay in mar­ket in­tro­duc­tion. To do so, it shall carry out the fol­low­ing tasks:

a.
It shall check the res­ults of the tests in ac­cord­ance with para­graph 2 let­ter a.
b.
It shall eval­u­ate the ques­tion­naire in ac­cord­ance with para­graph 2 let­ter b.
c.
It shall keep a re­cord of the test pro­ced­ures.
d.
It shall is­sue the pro­viders with con­firm­a­tion in ac­cord­ance with Art­icle 33 para­graph 6 SPTA.
e.
It shall re­tain the re­cords for as long as the con­firm­a­tion re­mains val­id and for ten years after its ex­piry.

4 The PTSS shall state in the con­firm­a­tion that the pro­vider has proven its abil­ity to provide cer­tain types of in­form­a­tion and con­duct cer­tain types of sur­veil­lance activ­it­ies.

Art. 32 Term of validity of the confirmation  

1 The con­firm­a­tion of abil­ity to provide in­form­a­tion and con­duct sur­veil­lance is val­id for three years.

2 On ex­piry of the term of valid­ity, the PTSS may ex­tend the con­firm­a­tion by a fur­ther three years if the per­son or en­tity re­quired to co­oper­ate cer­ti­fies that since con­firm­a­tion was gran­ted no modi­fic­a­tions have been car­ried out that in­flu­ence data de­liv­ery or the abil­ity to provide in­form­a­tion or con­duct sur­veil­lance.

3 If a pro­vider can no longer provide in­form­a­tion or con­duct sur­veil­lance, it shall no­ti­fy the PTSS im­me­di­ately.

Art. 33 Acceptance procedure  

The FD­JP shall reg­u­late the pro­ced­ure for veri­fy­ing abil­ity to provide in­form­a­tion and con­duct sur­veil­lance.

Art. 34 Declaration of invalidity of the confirmation of ability to provide information and conduct surveillance  

The PTSS shall im­me­di­ately de­clare a con­firm­a­tion of abil­ity to provide in­form­a­tion and con­duct sur­veil­lance that has already been is­sued to be in­val­id for the rel­ev­ant types of in­form­a­tion or sur­veil­lance if:

a.
the pro­vider gives no­tice that it can no longer provide in­form­a­tion or con­duct sur­veil­lance;
b.
the pro­vider is un­able on two or more oc­ca­sions to de­liv­er data, provide in­form­a­tion or con­duct sur­veil­lance;
c.
the in­form­a­tion on the pro­vider that un­der­lies the con­firm­a­tion is un­true.

Section 4 Types of Information Requests for Network Access Services

Art. 35 Information Request Type IR_4_NA: Information on subscribers to network access services  

1 In­form­a­tion Re­quest Type IR_4_NA com­prises the fol­low­ing data about sub­scribers to net­work ac­cess ser­vices:

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);


b.33
in the case of mo­bile ser­vices:
1.
the data on the nat­ur­al per­son or leg­al en­tity in ac­cord­ance with Art­icles 20–20b,
2.
if avail­able, ad­di­tion­al ad­dresses and con­tact data and their term of valid­ity, and
3.
in the case of nat­ur­al per­sons, gender;
c.34
in the case of the oth­er net­work ac­cess ser­vices:
1.
the iden­ti­fic­a­tion data spe­cified in Art­icle 19,
2.
if known, the de­tails of the nat­ur­al or leg­al en­tity, ad­di­tion­al ad­dresses and con­tact data and their term of valid­ity, and
3.
in the case of nat­ur­al per­sons, gender;
d.
the fol­low­ing in­form­a­tion about each net­work ac­cess ser­vice that the sub­scriber ob­tains from the pro­vider:35
1.
the unique iden­ti­fi­er for the pro­vider (e.g. TSP num­ber),
2.36
the main unique ser­vice iden­ti­fi­er (e.g. user name, MS­ISDN, GP­SI),
3.
the peri­od over which the ser­vice was used (start, first ac­tiv­a­tion and, if ap­plic­able, ter­min­a­tion),
4.
if ap­plic­able, fur­ther in­form­a­tion about ad­di­tion­al op­tions or re­stric­tions on the net­work ac­cess ser­vice,
5.
if ap­plic­able, the in­stall­a­tion ad­dresses of the fixed loc­a­tion ac­cess to the net­work and their peri­od of valid­ity in each case,
6.
the statuses of the ser­vice as des­ig­nated in­tern­ally by the pro­vider (e.g. act­ive, sus­pen­ded, blocked) and their peri­od of valid­ity in each case,
7.
if ap­plic­able, all stat­ic IP ad­dresses, IP pre­fixes, IP ad­dress ranges and net masks or pre­fix lengths as­signed to net­work ac­cess ser­vice con­cerned and their peri­od of valid­ity in each case,
8.
in the case of cus­tom­er re­la­tion­ships that are not based on a sub­scrip­tion con­tract, the time and the point of sup­ply (name and com­plete ad­dress) for the means of ac­cess and the name of the per­son who made the sup­ply,
9.37
if ap­plic­able, the as­so­ci­ated IC­CID at the time of its sup­ply,
10.38
if ap­plic­able, the as­so­ci­ated IM­SI or SUPI,
11.39
the type of cus­tom­er re­la­tion­ship (e.g. pre­paid, sub­scrip­tion),


12.40
if ap­plic­able, the list or area for the ad­di­tion­al ad­dress­ing re­sources and iden­ti­fi­ers (e.g. IC­CID) re­gistered in con­nec­tion with or as­so­ci­ated with the ser­vice (e.g. MS­ISDN) and their term of valid­ity,
13.41
the name of the ser­vice (e.g. name of the sub­scrip­tions or of the tar­iff).

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia.42

a.
sur­name(s), first name(s);
b.
date of birth;
c.
coun­try and post­code or coun­try and place;
d.
street and, if pos­sible, house num­ber;
e.
iden­tity doc­u­ment num­ber and, op­tion­ally, the type of iden­tity doc­u­ment;
f.
name and, op­tion­ally, the re­gistered of­fice of the leg­al en­tity;
g.43
UID or LEI;
h.
sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
i.44
sub­scriber iden­ti­fi­er or ser­vice iden­ti­fi­er oth­er than IP ad­dresses (e.g. user name, MS­ISDN, GP­SI);
j.45
IM­SI or SUPI;
k.46
IC­CID.

3 In the case of the cri­ter­ia in ac­cord­ance with para­graph 2 let­ters a–d, a second query cri­terion shall be ad­ded. In the case of searches for char­ac­ter strings (para. 2 let. a, c, d and f), the pro­vider shall search for the spe­cified spelling in ac­cord­ance with the FD­JP reg­u­la­tions.47

33 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

34 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

35 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

36 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

37 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

38 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

39 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

40 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

41 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

42 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

43 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

44 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

45 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

46 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

47 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 36 Information Request Type IR_6_NA: Information on network access services 48  

1 In­form­a­tion Re­quest Type IR_6_NA com­prises the fol­low­ing data about net­work ac­cess ser­vices:

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.
the fol­low­ing data about the re­ques­ted ser­vices and any ad­di­tion­al as­so­ci­ated net­work ac­cess ser­vices:
1.
the unique ser­vice iden­ti­fi­er (e.g. user name),
2.
if ap­plic­able, all iden­ti­fi­ers as­so­ci­ated with the ser­vice con­cerned (e.g. user name, MS­ISDN, GP­SI) and their term of valid­ity,
3.
if avail­able, the al­tern­at­ive sub­scriber iden­ti­fi­er, and in par­tic­u­lar in the case of pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess, an iden­ti­fi­er that en­ables a re­quest for the iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 to be made,
4.
the unique device iden­ti­fi­ers in ac­cord­ance with in­ter­na­tion­al stand­ards (e.g. IMEI, PEI, MAC ad­dress) of the devices used in con­nec­tion with the ser­vice for the devices used at the pro­vider in con­nec­tion with the ser­vice con­cerned in the last 6 months and, if avail­able, the in­di­vidu­al names of the devices,
5.
if ap­plic­able, the IC­CID of all SIMs as­so­ci­ated with the ser­vice con­cerned and their term of valid­ity, the PUK and PUK2 codes, the IM­SI or the SUPI, the MS­ISDN or the GP­SI and the eUICC-ID,
6.
in the case of a multi-device of­fer: in­form­a­tion on wheth­er the device is the main device or a sec­ond­ary device.

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:

a.
the ser­vice iden­ti­fi­er, oth­er than IP ad­dresses (e.g. user name, MS­ISDN, GP­SI or an iden­ti­fi­er) that en­ables a re­quest for the iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 to be made;
b.
the IM­SI or the SUPI;
c.
the unique device iden­ti­fi­er in ac­cord­ance with in­ter­na­tion­al stand­ards (e.g. IMEI, PEI, MAC ad­dress);
d.
the in­stall­a­tion ad­dress of the fixed loc­a­tion ac­cess to the net­work;
e.
the IC­CID.

48 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 37 Information Request Type IR_7_IP: Identification of the users in the case of uniquely assigned IP addresses  

1 In­form­a­tion Re­quest Type IR_7_IP com­prises the fol­low­ing data for the pur­pose of iden­ti­fic­a­tion if a unique IP ad­dress was not as­signed:49

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. user name);
b.50
the unique ser­vice iden­ti­fi­er (e.g. user name, MS­ISDN, GP­SI) of the net­work ac­cess ser­vice or an iden­ti­fi­er that en­ables a re­quest for the iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 to be made;
c.
the unique iden­ti­fi­er that in­dic­ates the pro­vider of the net­work ac­cess ser­vice (e.g. TSP num­ber).


2 The re­quest for in­form­a­tion shall con­tain the fol­low­ing in­form­a­tion:

a.
the IP ad­dress;
b.
the date and time.

49 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

50 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 38 Information Request Type IR_8_IP (NAT): Identification of the users in the case of IP addresses that are not uniquely assigned (NAT)  

1 In­form­a­tion Re­quest Type IR_8_IP (NAT) com­prises the fol­low­ing data for the pur­pose of iden­ti­fic­a­tion if a unique IP ad­dress was not as­signed (NAT ):51

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. user name);
b.52
the unique ser­vice iden­ti­fi­er (e.g. user name, MS­ISDN, GP­SI) of the net­work ac­cess ser­vice or an iden­ti­fi­er that en­ables a re­quest for the iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 to be made.

2 The re­quest for in­form­a­tion shall con­tain the in­form­a­tion known about the re­ques­ted NAT con­text:53

a.
the pub­lic source IP ad­dress;
b.
if re­quired for iden­ti­fic­a­tion, the pub­lic source port num­ber;
c.
if re­quired for iden­ti­fic­a­tion, the pub­lic des­tin­a­tion IP ad­dress;
d.
if re­quired for iden­ti­fic­a­tion, the des­tin­a­tion port num­ber;
e.
if re­quired for iden­ti­fic­a­tion, the type of trans­port pro­tocol;
f.54
the rel­ev­ant date and time, at the be­gin­ning, with­in or at the end of the NAT con­text.

51 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

52 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

53 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

54 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 39 Information Request Type IR_9_NAT: Information on NAT contexts 55  

1 In­form­a­tion Re­quest Type IR_9_N­AT com­prises the fol­low­ing data on a spe­cif­ic NAT con­text for the pur­pose of iden­ti­fic­a­tion in con­nec­tion with a NAT pro­ced­ure at pro­vider level:

a.
the source IP ad­dress be­fore or after the NAT trans­la­tion;
b.
the source port num­ber be­fore or after the NAT trans­la­tion.

2 The re­quest for in­form­a­tion shall con­tain the data known about the re­ques­ted NAT con­text:

a.
the source IP ad­dress after or be­fore the NAT trans­la­tion;
b.
the source port num­ber after or be­fore the NAT trans­la­tion;
c.
if re­quired for iden­ti­fic­a­tion, the pub­lic des­tin­a­tion IP ad­dress;
d.
if re­quired for iden­ti­fic­a­tion, the des­tin­a­tion port num­ber;
e.
if re­quired for iden­ti­fic­a­tion, the type of the trans­port pro­tocol;
f.
the rel­ev­ant date and time, at the be­gin­ning, with­in or at the end of the NAT con­text.

55 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 5 Types of Information on Applications

Art. 40 Information Request Type IR_10_TEL: Information on subscribers to telephony and multimedia services  

1 In­form­a­tion Re­quest Type IR_10_TEL com­prises the fol­low­ing data about sub­scribers to tele­phony and mul­ti­me­dia ser­vices:

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.56
in the case of mo­bile ser­vices:
1.
data on the nat­ur­al per­son or leg­al en­tity in ac­cord­ance with Art­icles 20, 20a and 20b,
2.
if avail­able, ad­di­tion­al ad­dresses and con­tact data and their term of valid­ity, and
3.
in the case of nat­ur­al per­sons, gender;
c.57
in the case of the oth­er tele­phony and mul­ti­me­dia ser­vices:
1.
the iden­ti­fic­a­tion data spe­cified in Art­icle 19,
2.
if avail­able, data on the nat­ur­al per­son or leg­al en­tity, ad­di­tion­al ad­dresses and con­tact de­tails and their term of valid­ity, and
3.
in the case of nat­ur­al per­sons, gender;
d.
the fol­low­ing data about each tele­phony and mul­ti­me­dia ser­vice ob­tained by the sub­scriber from the pro­vider:58
1.
the unique iden­ti­fi­er des­ig­nat­ing the pro­vider (e.g. TSP num­ber),
2.59
the unique main ser­vice iden­ti­fi­er (e.g. tele­phone num­ber, SIP URI),
3.
the peri­od over which the ser­vice was used (start, first ac­tiv­a­tion and if ap­plic­able, ter­min­a­tion),
4.
the type of the ser­vice (e.g. private tele­com­mu­nic­a­tions in­stall­a­tion, pub­lic call sta­tion, fixed loc­a­tion or mo­bile loc­a­tion ser­vice),
5.
if ap­plic­able, the in­stall­a­tion ad­dresses of the fixed loc­a­tion net­work ac­cess to the ser­vice and their peri­od of valid­ity in each case,
6.60
the statuses of the ser­vice as des­ig­nated in­tern­ally by the pro­vider (e.g. act­ive, sus­pen­ded, blocked) and their term of valid­ity,
7.61
if ap­plic­able, the list or range of oth­er ad­dress­ing re­sources (e.g. tele­phone num­bers, IM­PU) or iden­ti­fi­ers (e.g. IC­CID) re­gistered in con­nec­tion with this ser­vice and their term of valid­ity,
8.
in the case of cus­tom­er re­la­tion­ships that are not based on a sub­scrip­tion con­tract, the time and the point of sup­ply (name and com­plete ad­dress) of the means of ac­cess and the name of the per­son who made the sup­ply,
9.
if ap­plic­able, de­tails of pre­de­ter­mined free choice of ser­vice pro­vider for con­nec­tions,
10.62
if ap­plic­able, the as­so­ci­ated IM­SI or SUPI,
11.63 if ap­plic­able, the as­so­ci­ated IC­CID at the time of sup­ply,
12.64
the type of cus­tom­er re­la­tion­ship (e.g. pre­paid, sub­scrip­tion),
13.65
the name of the ser­vice (e.g. name of the sub­scrip­tions or of the tar­iff).

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:66

a.
sur­name(s), first name(s);
b.
date of birth;
c.
coun­try and post­code or coun­try and place;
d.
street and, if pos­sible, house num­ber;
e.
iden­tity doc­u­ment num­ber and op­tion­ally, the type of iden­tity doc­u­ment;
f.
name and op­tion­al re­gistered of­fice the leg­al en­tity;
g.67
UID or LEI;
h
sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber)
i.
ad­dress­ing re­sources or iden­ti­fi­ers (e.g. tele­phone num­ber, SIP URI, TEL URI, IM­PU);
j.68
IM­SI or SUPI;
k.69
IC­CID.

3 In the case of the cri­ter­ia in para­graph 2 let­ters a–d, a second query cri­terion shall be ad­ded. In the case of searches for char­ac­ter strings (para. 2 let. a, c, d and f), the pro­vider shall search for the spe­cified spelling in ac­cord­ance with the FD­JP reg­u­la­tions.70

56 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

57 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

58 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

59 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

60 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

61 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

62 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

63 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

64 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

65 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

66 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

67 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

68 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

69 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

70 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 41 Information Request Type IR_12_TEL: Information on telephony and multimedia services 71  

1 In­form­a­tion Re­quest Type IR_12_TEL com­prises the fol­low­ing data about tele­phony and mul­ti­me­dia ser­vices:

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.
the fol­low­ing data about the re­ques­ted ser­vices and any ad­di­tion­al as­so­ci­ated tele­phony and mul­ti­me­dia ser­vices:
1.
if ap­plic­able, pub­lic ad­dress­ing re­sources (e.g. MS­ISDN, SIP URI, TEL URI) and private ad­dress­ing re­sources (e.g. IMPI) as­so­ci­ated with the ser­vice con­cerned and their term of valid­ity,
2.
the unique device iden­ti­fi­ers in ac­cord­ance with in­ter­na­tion­al stand­ards (e.g. PEI) of the devices used in con­nec­tion with the ser­vice con­cerned from the pro­vider in the last 6 months and, if avail­able, the names of the devices,
3.
if ap­plic­able, the IC­CID of all SIMs as­so­ci­ated with the ser­vice con­cerned and their term of valid­ity, the PUK and PUK2 codes, the IM­SI or the SUPI, the MS­ISDN or the GP­SI and the eUICC-ID,
4.
in the case of a multi-device of­fer: in­form­a­tion on wheth­er the device is the main device or a sec­ond­ary device.

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:

a.
the pub­lic ad­dress­ing re­source (e.g. SIP URI, MS­ISDN, GP­SI);
b.
the IM­SI or the SUPI;
c.
the unique device iden­ti­fi­er in ac­cord­ance with in­ter­na­tion­al stand­ards (e.g. IMEI, PEI, MAC ad­dress);
d.
the in­stall­a­tion ad­dress of the fixed loc­a­tion ac­cess to the net­work;
e.
the private ad­dress­ing re­source (e.g. IMPI);
f.
the IC­CID.

71 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 42 Information Request Type IR_13_EMAIL: Information on subscribers to E‑Mail-services  

1 In­form­a­tion Re­quest Type IR_13_E­MAIL com­prises the fol­low­ing data about sub­scribers to email ser­vices:

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.
the iden­ti­fic­a­tion data spe­cified in Art­icle 19 and, if known, the data on the nat­ur­al per­son or leg­al en­tity, ad­di­tion­al con­tact data and the gender of the nat­ur­al per­son;
c.
the fol­low­ing in­form­a­tion about each email ser­vice that the sub­scriber ob­tains from the pro­vider:72
1.
the unique iden­ti­fi­er that in­dic­ates the pro­vider of the ser­vice,
2.
the unique ser­vice iden­ti­fi­er (e.g. email ad­dress, user name),
3.
the peri­od over which the ser­vice was used (start, first ac­tiv­a­tion and if ap­plic­able, ter­min­a­tion),
4.
if ap­plic­able, the list of all ad­di­tion­al ad­dress­ing re­sources (e.g. ali­as ad­dress) that per­tain to this ser­vice,
5.
if ap­plic­able, the list of all ad­dresses, to which mes­sages ad­dressed to the re­ques­ted ad­dress are for­war­ded (e.g. mail­ing list),
6.73
the name of the ser­vice;
d.74
if ap­plic­able, the ad­di­tion­al ad­dress­ing re­sources or iden­ti­fi­ers re­cor­ded by the pro­vider in con­nec­tion with this ser­vice (e.g. email ad­dress, MS­ISDN, GP­SI, ad­dress­ing re­source provided to re­store lost ac­cess to the email ac­count).

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:75

a.
sur­name(s), first name(s);
b.
date of birth;
c.
coun­try and post­code or coun­try and place;
d.
street and if pos­sible house num­ber;
e.
iden­tity doc­u­ment num­ber and, op­tion­ally, the type of iden­tity doc­u­ment;
f.
name and, op­tion­ally, re­gistered of­fice of the leg­al en­tity;
g.76
UID or LEI;
h.
sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
i.
ser­vice iden­ti­fi­er (e.g. email ad­dress, user name);
j.77
iden­ti­fi­ers as­so­ci­ated with the ser­vice con­cerned, such as a re­cov­ery ad­dress­ing re­source.

3 In the case of the cri­ter­ia in para­graph 2 let­ters a–d, a second query cri­terion shall be ad­ded. If search­ing for char­ac­ter strings (let. a, c, d and f), the pro­vider shall search for the spe­cified spelling of the term in ac­cord­ance with the FD­JP reg­u­la­tions.78

72 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

73 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

74 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

75 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

76 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

77 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

78 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 43 Information Request Type IR_15_COM: Information on subscribers to other telecommunications or derived communications services  

1 In­form­a­tion Re­quest Type IR_15_­COM com­prises the fol­low­ing data about sub­scribers to oth­er tele­com­mu­nic­a­tions or de­rived com­mu­nic­a­tions ser­vices (e.g. mes­saging ser­vices, com­mu­nic­a­tions ser­vices in so­cial net­works:79

a.
if avail­able, the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.
the iden­ti­fic­a­tion data spe­cified in Art­icle 19 and, if known, data on the nat­ur­al per­son or leg­al en­tity, ad­di­tion­al con­tact data and the gender of the nat­ur­al per­son;
c.
the fol­low­ing data about each ad­di­tion­al tele­com­mu­nic­a­tions ser­vice or de­rived com­mu­nic­a­tions ser­vice that the sub­scriber ob­tains from the pro­vider:80
1.
the unique iden­ti­fi­er that in­dic­ates the pro­vider,
2.
the unique ser­vice iden­ti­fi­er (e.g. user name),
3.
the peri­od over which the ser­vice was used (start, first ac­tiv­a­tion and if ap­plic­able, ter­min­a­tion),
4.
the statuses of the ser­vice as des­ig­nated in­tern­ally by the pro­vider (e.g. act­ive, sus­pen­ded, blocked) and their peri­od of valid­ity in each case,
5.
the list of oth­er ad­dress­ing re­sources or iden­ti­fi­ers re­gistered in con­nec­tion with this ser­vice,
6.81
the name of the ser­vice.

2 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:82

a.
sur­name(s), first name(s);
b.
date of birth;
c.
coun­try and post­code or coun­try and place;
d.
street and, if pos­sible, house num­ber;
e.
iden­tity doc­u­ment num­ber and, op­tion­ally, the type of iden­tity doc­u­ment;
f.
name and, op­tion­ally, the re­gistered of­fice of the leg­al en­tity;
g.83
UID or LEI;
h.
sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
i.84
ad­dress­ing re­source or iden­ti­fi­er (e.g. user ad­dress, pseud­onym, unique ap­plic­a­tion-spe­cif­ic iden­ti­fi­er);
j.85
iden­ti­fi­er as­so­ci­ated with the ser­vice con­cerned, such as a re­cov­ery ad­dress­ing re­source.

3 In the case of the cri­ter­ia in para­graph 2 let­ters a–d, a second query cri­terion shall be ad­ded. If search­ing for char­ac­ter strings (let. a, c, d and f), the pro­vider shall search for the spe­cified spelling of the term in ac­cord­ance with the FD­JP reg­u­la­tions.86

79 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

80 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

81 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

82 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

83 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

84 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

85 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

86 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 6 Further Types of Information

Art. 44 Information Request Type IR_17_PAY: Information on the method of payment used by subscribers to telecommunications and derived communications services  

1 In­form­a­tion Re­quest Type IR_17_PAY com­prises the fol­low­ing data about the meth­od of pay­ment used by sub­scribers to tele­com­mu­nic­a­tions and de­rived com­mu­nic­a­tions ser­vices:

a.
the unique iden­ti­fi­er that in­dic­ates the pro­vider;
b.
the unique sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
c.87
the unique iden­ti­fi­er that the pro­vider has as­signed to the sub­scriber for ac­count­ing or billing pur­poses;
d.
the unique ser­vice iden­ti­fi­er (e.g. tele­phone num­ber, SIP URI, user name);
e.
the meth­od of pay­ment (deb­it, bank trans­fer or pre­paid);
f.88
the ac­count in­form­a­tion that the sub­scriber has giv­en to the pro­vider, con­sist­ing of the name of the bank, ac­count hold­er and IBAN (or BIC and ac­count num­ber) or na­tion­al bank num­ber and ac­count num­ber;
g.
the billing ad­dresses (house num­ber, street, PO box, post­code, place, coun­try) and their peri­od of valid­ity (start and if ap­plic­able, ter­min­a­tion).

2 The data spe­cified in para­graph 1 must be sup­plied if the pro­vider has it.

3 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:

a.
the sub­scriber iden­ti­fi­er (e.g. cus­tom­er num­ber);
b.
the ser­vice iden­ti­fi­er (e.g. tele­phone num­ber, SIP URI, user name);
c.89
the iden­ti­fi­er that the pro­vider has as­signed to the sub­scriber for ac­count­ing or billing pur­poses;
d.90
the sub­scriber’s bank ac­count in­form­a­tion: IBAN (or BIC and ac­count num­ber) or na­tion­al bank num­ber and ac­count num­ber;
e.
the billing ad­dress (house num­ber, street, PO box, post­code, place, coun­try);
f.91
the code for top­ping up the cred­it or pay­ing for the ser­vice.

87 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

88 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

89 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

90 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

91 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 45 Information Request Type IR_18_ID: Proof of identity 92  

1 In­form­a­tion Re­quest Type IR_18_ID com­prises the pro­vi­sion of an elec­tron­ic copy of the sub­scriber’s iden­ti­fic­a­tion doc­u­ment re­cor­ded in ac­cord­ance with Art­icle 20a para­graph 4.

2 The re­quest for in­form­a­tion shall spe­cify the peri­od and sub­scriber or ser­vice iden­ti­fi­er, IC­CID, IM­SI or SUPI or, if ap­plic­able, device iden­ti­fi­er to which it relates.

92 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 46 Information Request Type IR_19_BILL: Copy of invoice  

1 In­form­a­tion Re­quest Type IR_19_­BILL com­prises the pro­vi­sion of elec­tron­ic cop­ies of all avail­able billing re­cords per­tain­ing to the sub­scriber, not in­clud­ing sec­ond­ary tele­com­mu­nic­a­tions data on tele­com­mu­nic­a­tions ser­vices and de­rived com­mu­nic­a­tions ser­vices.93

2 The re­quest for in­form­a­tion shall spe­cify the peri­od and unique sub­scriber or ser­vice iden­ti­fi­er or unique iden­ti­fi­er for ac­count­ing or billing to which it relates.

93 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 47 Information Request Type IR_20_CONTRACT: Copy of contract 94  

1 In­form­a­tion Re­quest Type IR_20_­CON­TRACT com­prises the pro­vi­sion of elec­tron­ic cop­ies of all avail­able con­tract doc­u­ments per­tain­ing to the sub­scriber to tele­com­mu­nic­a­tions ser­vices and de­rived com­mu­nic­a­tions ser­vices.

2 The re­quest for in­form­a­tion shall spe­cify the peri­od and sub­scriber or ser­vice iden­ti­fi­er, IC­CID, IM­SI or SUPI or, if ap­plic­able, the device iden­ti­fi­er to which it relates.

94 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 48 Information Request Type IR_21_TECH: Technical data 95  

1 In­form­a­tion Re­quest Type IR_21_TECH com­prises the pro­vi­sion of tech­nic­al data re­lat­ing to tele­com­mu­nic­a­tions sys­tems and net­work ele­ments at the re­ques­ted loc­a­tion, in par­tic­u­lar the loc­a­tion data for mo­bile ra­dio cells and pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess points.

2 The loc­a­tion data com­prise:

a.
the iden­ti­fi­ers of net­work ele­ments (e.g. cell or geo­graph­ic­al area iden­ti­fi­er) or an­oth­er suit­able des­ig­na­tion (e.g. hot­spot name)) and the geo­graph­ic­al co­ordin­ates or oth­er de­tails of the loc­a­tion in ac­cord­ance with in­ter­na­tion­al stand­ards;
b.
the avail­able postal ad­dress of the loc­a­tion;
c.
if ap­plic­able, the main dir­ec­tions of emis­sion of the an­ten­nae of the cells;
d.
oth­er avail­able loc­a­tion fea­tures; and
e.
if ap­plic­able, the as­so­ci­ated timestamps.

3 The re­quest for in­form­a­tion shall spe­cify the peri­od to which the re­quest relates. It shall con­tain at least one of the fol­low­ing query cri­ter­ia:

a.
the geo­graph­ic­al co­ordin­ates of the re­ques­ted loc­a­tion of the net­work ele­ment;
b.
the iden­ti­fi­er of the net­work ele­ment (e.g. cell or geo­graph­ic­al area iden­ti­fi­er) or an­oth­er suit­able des­ig­na­tion (e.g. hot­spot name).

95 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 48a Information Request Type IR_51_ASSOC_PERM: Information on identifiers assigned on a long-term basis 96  

1 In­form­a­tion Re­quest Type IR_51_AS­SOC_PERM com­prises the pro­vi­sion of all iden­ti­fi­ers (IM­PU and IMPI) that are or were as­signed to the re­ques­ted iden­ti­fi­er (IM­PU or IMPI) at the rel­ev­ant point in time for the pro­vi­sion of a spe­cif­ic tele­phone and mul­ti­me­dia ser­vice, and the term of valid­ity of this as­sign­ment.

2 The re­quest for in­form­a­tion shall spe­cify the rel­ev­ant point in time, the re­ques­ted iden­ti­fi­er and its type (IM­PU or IMPI).

96 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 48b Information Request Type IR_52_ASSOC_TEMP: Immediate information on identifiers assigned on a short-term basis 97  

1 In­form­a­tion Re­quest Type IR_52_AS­SOC_TEMP com­prises the pro­vi­sion of the per­man­ent iden­ti­fi­ers (e.g. SUPI) that are as­signed to the re­ques­ted tem­por­ary iden­ti­fi­ers (e.g. SUCI, 5G-GUTI) at the time that the pro­vi­sion of a spe­cif­ic tele­com­mu­nic­a­tions ser­vice is re­ques­ted.

2 The re­quest for in­form­a­tion shall spe­cify the re­ques­ted tem­por­ary iden­ti­fi­ers and the as­so­ci­ated mo­bile area.

97 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 48c Information Request Type IR_53_TEL_ADJ_NET: Determination of the adjacent networks in the case of telephony and multimedia services  

1 In­form­a­tion Re­quest Type IR_53_TEL_AD­J_NET com­prises, if ap­plic­able, the de­term­in­a­tion and pro­vi­sion of the name of the net­works dir­ectly ad­ja­cent to a com­mu­nic­a­tion or an at­tempt at com­mu­nic­a­tion in the case of tele­phony and mul­ti­me­dia ser­vices (e.g. Inter-Op­er­at­or-Iden­ti­fi­er, IP-ad­dress).

2 The re­quest for in­form­a­tion shall spe­cify the com­mu­nic­a­tion or at­tempt at com­mu­nic­a­tion to which the re­quest relates. It shall con­tain the fol­low­ing query cri­ter­ia:

a.
the time of the com­mu­nic­a­tion or at­tempt at com­mu­nic­a­tion;
b.
the ad­dress­ing re­sources to which the com­mu­nic­a­tion or at­tempt at com­mu­nic­a­tion was ad­dressed; and
c.
if avail­able, the ad­dress­ing re­sources for the ori­gin of the com­mu­nic­a­tion or the at­tempt at com­mu­nic­a­tion.

98 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 7 General Provisions on the Surveillance of Telecommunications

Art. 49 Order to conduct surveillance of telecommunications  

1 The sur­veil­lance or­der sub­mit­ted to the PTSS shall con­tain the fol­low­ing data:

a.
the con­tact data of the or­der­ing au­thor­ity;
b.
the con­tact data of the au­thor­ised per­sons en­vis­aged as re­cip­i­ents of the sur­veil­lance data;
c.
if known, the sur­name, first name, date of birth, ad­dress and oc­cu­pa­tion of the per­son to be placed un­der sur­veil­lance;
d.
the ref­er­ence num­bers and case names for the sur­veil­lance activ­it­ies;
e.
the reas­on for sur­veil­lance, in par­tic­u­lar the of­fence to be in­vest­ig­ated by means of sur­veil­lance;
f.
the names of the per­sons or en­tit­ies re­quired to co­oper­ate;
g.
the types of sur­veil­lance ordered or the type of spe­cial sur­veil­lance;
h.
the iden­ti­fi­ers sub­ject to sur­veil­lance (tar­get ID);
i.
if ne­ces­sary, an ap­plic­a­tion for gen­er­al au­thor­isa­tion for the sur­veil­lance of sev­er­al con­nec­tions without au­thor­isa­tion in spe­cif­ic cases (Art. 272 para. 2 and 3 Crim­PC or Art. 70c para. 2 and 3 MCPC);
j.
the start­ing date and the dur­a­tion of the sur­veil­lance;
k.
in the case of per­sons bound by pro­fes­sion­al secrecy in ac­cord­ance with Art­icle 271 Crim­PC or Art­icle 70b MCPC: a note to this ef­fect;
l.
if need be, meas­ures to pro­tect per­sons hold­ing pro­fes­sion­al secrets and fur­ther pro­tec­tion meas­ures that the au­thor­it­ies and the PTSS must take.

2 If con­duct­ing the sur­veil­lance so re­quires, the FD­JP may provide that the sur­veil­lance or­der sub­mit­ted to the PTSS must in­clude fur­ther tech­nic­al data.

Art. 50 Surveillance duties  

1 Each TSP, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), and each PDCS with more ex­tens­ive sur­veil­lance du­ties (Art. 52) must be able to con­duct the sur­veil­lance activ­it­ies in Sec­tions 8–12 of this Chapter (Art. 54–69) that re­late to ser­vices that they provide, or they must be able to ar­range for third parties to con­duct the sur­veil­lance. PDC­Ss with more ex­tens­ive sur­veil­lance du­ties are not re­quired to con­duct the types of sur­veil­lance in Art­icles 56a, 56b, 67 let­ters b and c and 68 para­graph 1 let­ters b and c.99

2 The pro­vider shall en­sure its abil­ity to con­duct sur­veil­lance of tele­com­mu­nic­a­tions from the com­mer­cial launch of a ser­vice provided to cus­tom­ers.

3 It shall en­sure that it can ac­cept sur­veil­lance as­sign­ments out­side nor­mal work­ing hours in ac­cord­ance with Art­icle 10 and can con­duct them or ar­range for third party to do so in ac­cord­ance with the FD­JP re­quire­ments.

4 It shall guar­an­tee that with­in the peri­od spe­cified in the sur­veil­lance as­sign­ment sur­veil­lance will be con­duc­ted of all tele­com­mu­nic­a­tions traffic car­ried on the in­fra­struc­tures un­der its con­trol provided the traffic is part of the ser­vices un­der sur­veil­lance and can be as­signed to the tar­get ID100.

5 It shall sup­port the PTSS, at its re­quest, in or­der to en­sure that the trans­mit­ted sur­veil­lance data ac­tu­ally cor­res­ponds to the tele­com­mu­nic­a­tions traffic spe­cified in the sur­veil­lance as­sign­ment.101

6 If ad­di­tion­al iden­ti­fi­ers are as­so­ci­ated with the tar­get ID (e.g. IMPI with IM­PU, email ad­dress with ali­as ad­dress, ex­tra-SIM, multi-device), the pro­vider shall en­sure that these iden­ti­fi­ers are also mon­itored as part of the type of sur­veil­lance.102

7 In the case of real-time sur­veil­lance of mo­bile ser­vices, rel­ev­ant net­work ele­ments such as HLR, HSS and UDM shall also be mon­itored, in par­tic­u­lar to re­cord in­form­a­tion about the net­work provid­ing the ser­vice, a change in the as­signed ser­vice and device iden­ti­fi­ers, loc­a­tion-re­lated events, a change in the net­work ele­ment provid­ing the ser­vice, and iden­ti­fic­a­tion and au­then­tic­a­tion events in­volving the tar­get ID and shall be trans­mit­ted to the IRI in stand­ard­ised form.103

8 In the case of real-time sur­veil­lance in the IMS, de­term­in­a­tion of loc­a­tion data for the tar­get ID from the net­work side shall if ne­ces­sary be ini­ti­ated.104

9 If a new ter­min­al device (multi-device) or a new SIM (ex­tra SIM) is ad­ded to a ser­vice when real-time sur­veil­lance or peri­od­ic po­s­i­tion de­term­in­a­tion is already act­ive, this device or SIM must also be mon­itored. No ad­di­tion­al fee is pay­able for this and no ad­di­tion­al com­pens­a­tion is paid. If ne­ces­sary, the pro­vider may re­quest an ad­di­tion­al ad­min­is­trat­ive iden­ti­fic­a­tion num­ber for the sur­veil­lance.105

99 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

100 Term in ac­cord­ance with No 1 para. 2 of the FA of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685). This amend­ment is made in the pro­vi­sions spe­cified in the AS.

101 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

102 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

103 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

104 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

105 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 51 TSPs with reduced surveillance duties  

1 At the re­quest of a TSP, the PTSS shall de­clare it to be a TSP with re­duced sur­veil­lance du­ties (Art. 26 para. 6 SPTA) if it:

a.
only of­fers its tele­com­mu­nic­a­tions ser­vices in the field of edu­ca­tion and re­search; or
b.
meets neither of the fol­low­ing cri­ter­ia:
1.
sur­veil­lance as­sign­ments for 10 dif­fer­ent sur­veil­lance tar­gets in the past 12 months (ef­fect­ive date: 30 June),
2.
an­nu­al turnover in Switzer­land from tele­com­mu­nic­a­tions ser­vices and de­rived com­mu­nic­a­tions ser­vices of CHF 100 mil­lion in two suc­cess­ive fin­an­cial years.

2 Art­icle 22 para­graph 2 ap­plies to the cal­cu­la­tion of the val­ues spe­cified in para­graph 1 let­ter b.

3 TSPs with re­duced sur­veil­lance du­ties are re­quired to give writ­ten no­tice to the PTSS with sup­port­ing doc­u­ments if they:

a.
no longer of­fer their ser­vices ex­clus­ively in the field of edu­ca­tion and re­search; or
b.
achieve the value spe­cified in para­graph 1 let­ter b num­ber 2 for a second suc­cess­ive fin­an­cial year; no­tice must be giv­en with­in three months of the end of the fin­an­cial year.

4 The PTSS may rely on data ob­tained in im­ple­ment­ing the le­gis­la­tion re­lat­ing to the sur­veil­lance of post and tele­com­mu­nic­a­tions or by oth­er au­thor­it­ies in im­ple­ment­ing fed­er­al law.

5 A pro­vider that is de­clared to have more ex­tens­ive du­ties to provide in­form­a­tion must en­sure that it can store the data re­quired for provid­ing in­form­a­tion and provide the in­form­a­tion with­in 2 months and 12 months of the de­clar­a­tion re­spect­ively.

Art. 52 PDCSs with more extensive surveillance duties  

1 The PTSS shall in a rul­ing de­clare a PDC­Ss to have more ex­tens­ive sur­veil­lance du­ties (Art. 27 para. 3 SPTA) if it has met one of the fol­low­ing cri­ter­ia:

a.
sur­veil­lance as­sign­ments for 10 dif­fer­ent sur­veil­lance tar­gets in the past 12 months (ef­fect­ive date: 30 June);
b.
an­nu­al turnover in Switzer­land of CHF 100 mil­lion in two suc­cess­ive fin­an­cial years, provided a large part of its busi­ness op­er­a­tions is provid­ing de­rived com­mu­nic­a­tion ser­vices, and 5000 sub­scribers use the pro­vider’s ser­vices.

2 Art­icle 22 para­graphs 2–5 ap­ply mu­tatis mutandis.

Art. 53 Access to the installations 106  

1 The per­sons or en­tit­ies re­quired to co­oper­ate that must al­low the PTSS or the third parties that it in­structs ac­cess to its in­stall­a­tions and shall al­low the PTSS or the third parties ac­cess to build­ings, devices, lines, sys­tems, net­works and ser­vices to the ex­tent that this is re­quired for sur­veil­lance or for mak­ing test con­nec­tions.

2 They shall make ex­ist­ing means of net­work ac­cess to pub­lic tele­com­mu­nic­a­tions net­works avail­able free of charge. By agree­ment with the PTSS or the third parties that it in­structs, they shall provide new means of net­work ac­cess at the ex­pense of the PTSS to the ex­tent that this is re­quired for sur­veil­lance.

106 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Section 8 Types of Real-Time Monitoring of Network Access Services

Art. 54 Surveillance Type RT_22_NA_IRI: Real-time monitoring of secondary telecommunications data in the case of network access services 107  

1 Sur­veil­lance Type RT_22_N­A_IRI com­prises the real-time sur­veil­lance of a net­work ac­cess ser­vice in the mo­bile com­mu­nic­a­tions sec­tor.

2 The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of tele­com­mu­nic­a­tions traffic sent or re­ceived via the net­work ac­cess ser­vice un­der sur­veil­lance must be trans­mit­ted in real time:

a.
when ac­cess to the net­work is es­tab­lished or dis­con­nec­ted: the date, the time, the type of event and the tech­no­logy and, if ap­plic­able, the reas­on for dis­con­nec­tion;
b.
the type of cur­rent ac­cess to the net­work;
c.
the AAA in­form­a­tion used by the net­work ac­cess ser­vice un­der sur­veil­lance, in par­tic­u­lar the sub­scriber iden­ti­fi­ers and the as­so­ci­ated IM­SI or SUPI;
d.
the IP ad­dresses as­signed to the net­work ac­cess ser­vice and the as­so­ci­ated ter­min­al devices un­der sur­veil­lance and the date and time of each as­sign­ment;
e.
the avail­able ad­dress­ing re­sources and iden­ti­fi­ers of the net­work ac­cess ser­vice un­der sur­veil­lance, in par­tic­u­lar the as­so­ci­ated MS­ISDN or GP­SI and the as­so­ci­ated IM­SI or SUPI;
f.
the unique device iden­ti­fi­ers in ac­cord­ance with in­ter­na­tion­al stand­ards for the cur­rently as­so­ci­ated ter­min­al devices of the net­work ac­cess ser­vice un­der sur­veil­lance (e.g. IMEI, PEI, MAC ad­dress);
g.
the type, date and time of the start and if ap­plic­able the end of events that modi­fy the tech­nic­al prop­er­ties of the net­work ac­cess ser­vice un­der sur­veil­lance or its mo­bil­ity man­age­ment, and, if known, their causes;
h.
the cur­rent loc­a­tion data for the tar­get, the cells used or the non-3GPP ac­cess used, de­term­ined by the net­work if pos­sible and in­dic­ated ac­cord­ingly, whereby the loc­a­tion in­form­a­tion re­lat­ing to the tar­get from NAS sig­nalling mes­sages shall also be trans­mit­ted and, in the case of EPS and 5GS, the loc­a­tion in­form­a­tion shall be sup­ple­men­ted with the re­spect­ive as­so­ci­ated time stamp or the age of the loc­a­tion data, if avail­able;
i.
if pos­sible, in­form­a­tion on the pre­vi­ous and cur­rent net­work provid­ing the ser­vice;
j.
in­form­a­tion about any change in the as­signed ser­vice and device iden­ti­fi­ers, loc­a­tion-re­lated events and if ap­plic­able their reas­on, about any change in the net­work ele­ment provid­ing the ser­vice and iden­ti­fic­a­tion and au­then­tic­a­tion events in­volving the tar­get;
k.
in the case of 5G-tech­no­logy: ad­di­tion­al in­form­a­tion about as­sign­ing a new tem­por­ary iden­ti­fi­er for the tar­get.

3 The loc­a­tion data com­prise the as­so­ci­ated timestamps and, if avail­able, the type of net­work ac­cess point tech­no­logy used and:

a.
the iden­ti­fi­ers (e.g. cell or geo­graph­ic­al area iden­ti­fi­er) and the geo­graph­ic­al co­ordin­ates of the cells and if ap­plic­able the dir­ec­tions of emis­sion of the cells and in the case of a com­bined cell, ad­di­tion­al loc­a­tion data in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions;
b.
the po­s­i­tion of the tar­get de­term­ined by the net­work, for ex­ample in the form of geo­graph­ic­al co­ordin­ates and the re­lated un­cer­tainty value, or in the form of poly­gons with de­tails of the geo­graph­ic­al co­ordin­ates of each poly­gon point;
c.
oth­er data on the loc­a­tion of the tar­get or of the cells in ac­cord­ance with in­ter­na­tion­al stand­ards;
d.
in the case of a non-3GPP ac­cess:
1.
the iden­ti­fi­ers or an­oth­er suit­able des­ig­na­tion (e.g. hot­spot name) for the non-3GPP ac­cess, the pub­lic source IP ad­dress for the se­cured con­nec­tion of the tar­get to the gate­way and, in the case of NAT, the source port num­ber and the pro­tocol, or
2.
the iden­ti­fi­er for the net­work ac­cess point and, if avail­able, its postal ad­dress.

107 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 55 Surveillance Type RT_23_NA_CC_IRI: Real-time monitoring of content and secondary telecommunications data in the case of network access services  

Sur­veil­lance Type RT_23_N­A_C­C_IRI in­volves the real-time sur­veil­lance of a net­work ac­cess ser­vice. The con­tent of the tele­com­mu­nic­a­tion sent or re­ceived via the net­work ac­cess ser­vice un­der sur­veil­lance, and the re­lated sec­ond­ary tele­com­mu­nic­a­tions data in ac­cord­ance with Art­icle 54 para­graphs 2 and 3 must be trans­mit­ted in real time.

Section 9 Types of Real-Time Monitoring of Applications

Art. 56 Surveillance Type RT_24_TEL_IRI: Real-time monitoring of secondary telecommunications data for telephony and multimedia services 108  

1 Sur­veil­lance Type RT_24_TEL_IRI com­prises the real-time mon­it­or­ing of a tele­phony and mul­ti­me­dia ser­vice and, if ap­plic­able, the real-time mon­it­or­ing of con­ver­ging ser­vices, in par­tic­u­lar SMS, voice mail and RCS.

2 The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of the tele­com­mu­nic­a­tion that is sent, pro­cessed or re­ceived via the ser­vices un­der sur­veil­lance must be trans­mit­ted in real time:

a.
the date and the time of log­ging-in and log­ging-out pro­cesses and their res­ult;
b.
the AAA in­form­a­tion used by the ser­vices un­der sur­veil­lance and the in­form­a­tion on re­gis­tra­tion and sub­scrip­tion events and the cor­res­pond­ing re­sponses, in par­tic­u­lar the sub­scriber iden­ti­fi­er (e.g. SIP URI, IMPI) and the IM­SI in the case of mo­bile ser­vices or the SUPI and if ap­plic­able, the cus­tom­er’s and serv­er’s IP ad­dresses and port num­bers as well as de­tails of the pro­tocol used;
c.
the sig­nalling in­form­a­tion, in par­tic­u­lar on the serving sys­tem, on sub­scriber status and on ser­vice qual­ity;
d.
if ap­plic­able, the pres­ence in­form­a­tion;
e.
in the case of com­mu­nic­a­tions, com­mu­nic­a­tion at­tempts and tech­nic­al modi­fic­a­tions (e.g. in­clu­sion of ad­di­tion­al ser­vices, in­clu­sion of con­ver­ging ser­vices or change to con­ver­ging ser­vices, changes in net­work ac­cess tech­no­logy, loc­a­tion up­dates), if ap­plic­able:
1.
their type, the date and the time of their start and if ap­plic­able their end,
2.
the ad­dress­ing re­sources (e.g. MS­ISDN, GP­SI, E.164-num­ber, SIP URI, IM­PU) of all sub­scribers in com­mu­nic­a­tion and their role,
3.
the ac­tu­al known des­tin­a­tion ad­dress and the avail­able in­ter­me­di­ate ad­dresses where the com­mu­nic­a­tion or the com­mu­nic­a­tion at­tempt is di­ver­ted or for­war­ded,
4.
the unique device iden­ti­fi­ers in ac­cord­ance with in­ter­na­tion­al stand­ards for the ter­min­al devices of the ser­vices un­der sur­veil­lance (e.g. IMEI, PEI, MAC ad­dress),
5.
the oth­er avail­able iden­ti­fi­ers,
6.
the reas­ons for the ter­min­a­tion of com­mu­nic­a­tion or its non-ma­ter­i­al­isa­tion or for the tech­nic­al modi­fic­a­tion,
7.
the sig­nalling in­form­a­tion on ad­di­tion­al ser­vices (e.g. con­fer­ence calls, call for­ward­ing, DTMF),
8.
the status of the com­mu­nic­a­tion or of the com­mu­nic­a­tion at­tempt,
9.
in the case of mo­bile ser­vices: in ad­di­tion the cur­rent loc­a­tion data in ac­cord­ance with Art­icle 54 para­graphs 2 let­ter h and 3 de­term­ined by the net­work if pos­sible and in­dic­ated ac­cord­ingly;
f.
in the case of mo­bile ser­vices: ad­di­tion­al in­form­a­tion about the pre­vi­ous and cur­rent net­work provid­ing the ser­vice, any change in the as­signed ser­vice and device iden­ti­fi­ers, loc­a­tion-re­lated events and if ap­plic­able their reas­on, any change in the net­work ele­ment provid­ing the ser­vice, and iden­ti­fic­a­tion and au­then­tic­a­tion events in­volving the tar­get.

108 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 56a Surveillance Type RT_54_POS_ONCE: Immediate non-recurrent position determination by the network 109  

1 Sur­veil­lance Type RT_54_­POS_ONCE com­prises in each case the im­me­di­ate non-re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID.

2 Po­s­i­tion de­term­in­a­tion shall be car­ried out by the net­work us­ing an im­me­di­ate po­s­i­tion­ing func­tion in ac­cord­ance with the FD­JP reg­u­la­tions.

3 The fol­low­ing data shall be trans­mit­ted im­me­di­ately:

a.
the MS­ISDN or GP­SI, IMEI or PEI and IM­SI or SUPI ob­served, at least one of these data, and any of the oth­ers if avail­able;
b.
net­work iden­ti­fi­er for the loc­a­tion ser­vice cli­ent and the timestamp of the po­s­i­tion de­term­ined;
c.
in the case of suc­cess­ful po­s­i­tion de­term­in­a­tion: the timestamp of the po­s­i­tion and the fol­low­ing po­s­i­tion data:
1.
if avail­able, the po­s­i­tion­ing meth­od,
2.
if avail­able, data on the ac­cur­acy of the po­s­i­tion,
3.
the po­s­i­tion in the form of:
geo­graph­ic­al co­ordin­ates and if ap­plic­able the as­so­ci­ated un­cer­tainty val­ues
poly­gons, with de­tails of the geo­graph­ic­al co­ordin­ates of each poly­gon point or
oth­er data in ac­cord­ance with in­ter­na­tion­al stand­ards, and
4.
if avail­able, the alti­tude data for the po­s­i­tion, the ser­vice qual­ity, the move­ment status and the speed and dir­ec­tion of move­ment of the ter­min­al device;
d.
in the case of un­suc­cess­ful po­s­i­tion de­term­in­a­tion: the reas­on for fail­ure (er­ror code) and the loc­a­tion data spe­cified in Art­icle 63 for the most re­cent de­tect­able activ­ity, at no ad­di­tion­al cost.

109 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 56b Surveillance Type RT_55_POS_PERIOD: Recurrent position determination by the network 110  

1 Sur­veil­lance Type RT_55_­POS_PERI­OD com­prises in each case the re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID.

2 Po­s­i­tion de­term­in­a­tion shall be car­ried out by the net­work us­ing a reg­u­lar po­s­i­tion­ing func­tion in ac­cord­ance with the FD­JP reg­u­la­tions.

3 The fol­low­ing data shall be trans­mit­ted im­me­di­ately:

a.
the MS­ISDN or GP­SI, IMEI or PEI and IM­SI or SUPI ob­served, at least one of these data, and any of the oth­ers if avail­able;
b.
net­work iden­ti­fi­er for the loc­a­tion ser­vice cli­ent and the timestamp of the po­s­i­tion de­term­ined;
c.
in the case of suc­cess­ful po­s­i­tion de­term­in­a­tion, the timestamp of the po­s­i­tion and the fol­low­ing po­s­i­tion data:
1.
the po­s­i­tion­ing meth­od,
2.
data on the ac­cur­acy of the po­s­i­tion,
3.
the po­s­i­tion in the form of:
geo­graph­ic­al co­ordin­ates and if ap­plic­able the as­so­ci­ated un­cer­tainty val­ues
poly­gons, with de­tails of the geo­graph­ic­al co­ordin­ates of each poly­gon point or
oth­er in­form­a­tion in ac­cord­ance with in­ter­na­tion­al stand­ards, and
4.
if avail­able, the alti­tude data for the po­s­i­tion, the ser­vice qual­ity, the move­ment status and the speed and dir­ec­tion of move­ment of the ter­min­al device;
d.
in the case of un­suc­cess­ful po­s­i­tion de­term­in­a­tion: the reas­on for fail­ure (er­ror code).

110 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 57 Surveillance Type RT_25_TEL_CC_IRI: Real-time surveillance of content and secondary telecommunications data in the case of telephony and multimedia services  

Sur­veil­lance Type RT_25_TEL_C­C_IRI com­prises the real-time sur­veil­lance of a tele­phony and mul­ti­me­dia ser­vice and, if ap­plic­able, con­ver­ging ser­vices, in par­tic­u­lar SMS, voice mail and RCS. The con­tent of the tele­com­mu­nic­a­tions traffic sent, pro­cessed or re­ceived via the ser­vices un­der sur­veil­lance, as well as the re­lated sec­ond­ary tele­com­mu­nic­a­tions data in ac­cord­ance with Art­icle 56 must be trans­mit­ted in real time.

Art. 58 Surveillance Type RT_26_EMAIL_IRI: Real-time monitoring of secondary telecommunications data on email services  

Sur­veil­lance Type RT_26_E­MAIL_IRI com­prises the real-time sur­veil­lance of an email ser­vice. The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data on the tele­com­mu­nic­a­tions traffic sent, pro­cessed or re­ceived via the ser­vice un­der sur­veil­lance must be trans­mit­ted in real time:

a.
the date and the time of log­ging-in and log­ging-out pro­cesses and their status;
b.
the AAA in­form­a­tion used by the ser­vice un­der sur­veil­lance, in par­tic­u­lar the sub­scriber iden­ti­fi­er and, if ap­plic­able, the ali­as ad­dress;
c.
the cus­tom­er’s and serv­er’s IP ad­dresses and port num­bers as well as de­tails of the pro­tocol used;
d.
the date, time, volume of data, email ad­dresses of the sender and the re­cip­i­ent of the mes­sage and the IP ad­dresses and port num­bers of the send­ing and re­ceiv­ing email serv­ers for the fol­low­ing events:
1.
send­ing or for­ward­ing of a mes­sage,
2.
re­ceipt of a mes­sage,
3.
pro­cessing of a mes­sage in the mail­box,
4.
down­load­ing of a mes­sage from the mail­box,
5.
up­load­ing of a mes­sage to the mail­box.
Art. 59 Surveillance Type RT_27_EMAIL_CC_IRI: Real-time monitoring of content and secondary telecommunications data on email services  

Sur­veil­lance Type RT_27_E­MAIL_C­C_IRI com­prises the real-time sur­veil­lance of an email -ser­vice. The con­tent of the tele­com­mu­nic­a­tions traffic sent, pro­cessed or re­ceived via the ser­vice un­der sur­veil­lance, as well as the re­lated sec­ond­ary tele­com­mu­nic­a­tions data in ac­cord­ance with Art­icle 58 must be trans­mit­ted in real time.

Section 10 Types of Retroactive Surveillance

Art. 60 Surveillance Type HD_28_NA: Retroactive surveillance of secondary telecommunications data in the case of network access services 111  

Sur­veil­lance Type HD_28_NA com­prises the ret­ro­act­ive sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data of a net­work ac­cess ser­vice. The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of the tele­com­mu­nic­a­tion that has been sent or has been re­ceived via the net­work ac­cess ser­vice un­der sur­veil­lance must be trans­mit­ted:

a.
the date and the time of the start and if ap­plic­able the end or the dur­a­tion or the ses­sion;
b.
the type and status of the net­work ac­cess;
c.
the iden­ti­fi­er that was used for au­then­tic­at­ing the user at the ac­cess point un­der sur­veil­lance, for ex­ample the user name;
d.
the IP ad­dress as­signed to the tar­get and their type or in the case of non-3GPP ac­cess the pub­lic source IP ad­dress for the se­cured con­nec­tion of the tar­get to the gate­way and the as­so­ci­ated source port num­ber;
e.
the unique device iden­ti­fi­er of the ter­min­al device used by the tar­get in ac­cord­ance with in­ter­na­tion­al stand­ards (e.g. MAC ad­dress, IMEI or PEI in the case of mo­bile ser­vices);
f.
the volumes of data that were up­loaded and down­loaded dur­ing the ses­sion;
g.
in the case of mo­bile ser­vices: the GPRS, EPS or 5GS in­form­a­tion (in par­tic­u­lar IM­SI, SUPI, MS­ISDN. GP­SI) and the loc­a­tion data at the be­gin­ning, end of and dur­ing the ses­sion in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions;
h.
in the case of ac­cess to the net­work via a pro­fes­sion­ally op­er­ated pub­lic WLAN: the iden­ti­fi­ers (e.g. BSSID) or oth­er suit­able des­ig­na­tions (e.g. hot­spot name), the loc­a­tion data (geo­graph­ic­al co­ordin­ates or postal ad­dress) and, if avail­able, the type of au­then­tic­a­tion, an iden­ti­fi­er that en­ables a re­quest for the iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 to be made and the IP-ad­dress of the ac­cess used by the tar­get;
i.
if avail­able, in ad­di­tion to the data in let­ters g and h, the loc­a­tion in­form­a­tion from mari­time nav­ig­a­tion or avi­ation;
j.
in the case of fixed net­work ac­cess: the ad­dress­ing re­sources of the ac­cess and. if avail­able, the postal ad­dress.

111 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 61 Surveillance Type HD_29_TEL: Retroactive surveillance of secondary telecommunications data relating to telephony and multimedia services  

Sur­veil­lance Type HD_29_TEL com­prises the ret­ro­act­ive sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data of a tele­phony and mul­ti­me­dia ser­vice and, if ap­plic­able, con­ver­ging ser­vices, in par­tic­u­lar SMS, voice mail and RCS. The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of the past tele­com­mu­nic­a­tions traffic in com­mu­nic­a­tions and com­mu­nic­a­tion at­tempts us­ing the ser­vices un­der sur­veil­lance must be trans­mit­ted:112

a.
their type, the date and time of the start and, if ap­plic­able, the end or their dur­a­tion;
b.113
the ad­dress­ing re­sources (e.g. MS­ISDN, GP­SI, E.164 num­ber, SIP URI, IM­PU) of all per­sons com­mu­nic­at­ing with each oth­er and their roles;
c.
the reas­on for the end of the com­mu­nic­a­tion or the com­mu­nic­a­tion at­tempt;
d.114
in the case of mo­bile ser­vices: IMEI or PEI of the ter­min­al device used by the tar­get and the IM­SI or SUPI of the tar­get;
e.
if ap­plic­able, the type of car­ri­er ser­vice;
f.
in the case of SMS and MMS: the in­form­a­tion on the event, the type (only in the case of SMS) and the status;
g.115
in the case of mo­bile ser­vices: the loc­a­tion data de­term­ined by the net­work if pos­sible and in­dic­ated ac­cord­ingly for the cell or the non-3GPP ac­cess used by the tar­get at the be­gin­ning and at the end of the com­mu­nic­a­tion or the com­mu­nic­a­tion at­tempt and, if avail­able, dur­ing the com­mu­nic­a­tion, in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions;
1.
the cell and geo­graph­ic­al area iden­ti­fi­ers, the geo­graph­ic­al co­ordin­ates and if ap­plic­able the main dir­ec­tions of emis­sion and the postal ad­dress, or
2.
the po­s­i­tions of the tar­get de­term­ined by the net­work (e.g. in the form of geo­graph­ic­al co­ordin­ates and the re­lated un­cer­tainty value or in the form of poly­gons with de­tails of the geo­graph­ic­al co­ordin­ates of each poly­gon point) as well as the re­lated postal ad­dresses, or
3.
oth­er de­tails in ac­cord­ance with in­ter­na­tion­al stand­ards of the tar­get’s loc­a­tions or the cells that he or she used, as well as the re­lated postal ad­dresses;
gbis.116 if avail­able, in ad­di­tion to the data in let­ter g, the loc­a­tion in­form­a­tion from mari­time nav­ig­a­tion or avi­ation;
h.
in the case of mul­ti­me­dia ser­vices:
1.
the cus­tom­er’s IP ad­dress and its type and the port num­ber,
2.
the com­mu­nic­a­tion cor­rel­a­tion iden­ti­fi­er,
3.
the types of mul­ti­me­dia con­tent,
4.
in­form­a­tion on the mul­ti­me­dia com­pon­ents (time, name, de­scrip­tion, ini­ti­at­or, ac­cess-cor­rel­a­tion iden­ti­fi­er), and
5.
if ap­plic­able, in­form­a­tion on the IMS ser­vices (type of IMS ser­vice used, role of the net­work ele­ment from which the sec­ond­ary tele­com­mu­nic­a­tions data come);
i.117
in the case of mul­ti­me­dia ser­vices: in­form­a­tion on the tar­get’s net­work ac­cess:
1.
the ac­cess type,
2.
the ac­cess class,
3.
an in­dic­a­tion of wheth­er the in­form­a­tion on ac­cess to the net­work comes from the net­work, and
4.
the loc­a­tion data re­lat­ing to the net­work ac­cess at the be­gin­ning and the end of the mul­ti­me­dia ses­sion, and, if avail­able, dur­ing the mul­ti­me­dia ses­sion in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions;
j.118
if ap­plic­able, the name of net­works dir­ectly ad­ja­cent to the com­mu­nic­a­tion or the at­tempt at com­mu­nic­a­tion.

112 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

113 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

114 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

115 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

116 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

117 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

118 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 62 Surveillance Type HD_30_EMAIL: Retroactive surveillance of secondary telecommunications data in the case of email services 119  

Sur­veil­lance Type HD_30_E­MAIL com­prises the ret­ro­act­ive sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data of an email ser­vice. The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of the past tele­com­mu­nic­a­tion sent, pro­cessed or re­ceived via the ser­vice un­der sur­veil­lance must be trans­mit­ted:

a.
the date, the time, the type of event, the sub­scriber iden­ti­fi­ers, if ap­plic­able the ali­as ad­dress, the sender and re­cip­i­ent ad­dresses, the pro­tocol used, the IP ad­dresses and port num­bers of the serv­er and the cli­ent, and, if ap­plic­able, the de­liv­ery status of the mes­sage in the case of the fol­low­ing events: send­ing, re­ceipt, mail­box log-in, mail­box log-out and in the case of the fol­low­ing events, if avail­able: down­load­ing, up­load­ing, de­le­tion, pro­cessing, ad­di­tion of a mes­sage;
b.
the IP ad­dresses and names of the send­ing and re­ceiv­ing email serv­ers.

119 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 63 Surveillance Type HD_31_PAGING: Determination of the location of the most recent activity 120  

1 Sur­veil­lance Type HD_31_PA­GING com­prises the de­term­in­a­tion of the loc­a­tion of the most re­cent activ­ity de­tect­able by the mo­bile tele­phony pro­vider (net­work ac­cess ser­vices, tele­phony and mul­ti­me­dia ser­vices) for all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the per­son un­der sur­veil­lance.

2 The fol­low­ing data shall be trans­mit­ted:

a.
the MS­ISDN or the GP­SI;
b.
the IM­SI or the SUPI;
c.
if avail­able, the IMEI or der PEI;
d.
the type of net­work ac­cess point tech­no­logy;
e.
if ap­plic­able, the fre­quency band;
f.
the unique iden­ti­fi­er for the mo­bile net­work;
g.
the date and time of the most re­cent de­tect­able activ­ity for net­work ac­cess ser­vices and tele­phony and mul­ti­me­dia ser­vices; and
h.
the loc­a­tion data in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions.

120 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 64 Surveillance Type AS_32_PREP_COV: Network coverage analysis in preparation for an antenna search  

1 Sur­veil­lance Type AS­_32_­PREP_­COV com­prises the net­work ana­lys­is in pre­par­a­tion for an an­tenna search in ac­cord­ance with Art­icle 66. It is car­ried out by the TSPs and serves to identi­fy the mo­bile ra­dio cells or pub­lic WLAN ac­cess points that most prob­ably cov­er the loc­a­tion de­scribed by the or­der­ing au­thor­ity in the form of geo­graph­ic­al co­ordin­ates or by means of postal ad­dress, if ap­plic­able tak­ing ac­count of ad­di­tion­al in­form­a­tion (e.g. time of day, weath­er, day of the week, loc­a­tion with­in or out­side of a build­ing).

2 TSPs shall sup­ply the PTSS with a list of cell or geo­graph­ic­al area iden­ti­fi­ers for the mo­bile ra­dio cells and iden­ti­fi­ers iden­ti­fied (e.g. BSSID) or oth­er suit­able des­ig­na­tions (e.g. hot­spot name) for the pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess points iden­ti­fied.121

121 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 65 Surveillance Type AS_33_PREP_REF: Reference communications or instances of reference network access in preparation for an antenna search  

1 Sur­veil­lance Type AS­_33_­PREP_REF com­prises the iden­ti­fic­a­tion of mo­bile ra­dio cells or pub­lic WLAN ac­cess points on the basis of ref­er­ence com­mu­nic­a­tions and in­stances of ref­er­ence net­work ac­cess in pre­par­a­tion for an an­tenna search in ac­cord­ance with Art­icle 66.

2 The or­der­ing au­thor­ity shall it­self ar­range for ref­er­ence com­mu­nic­a­tions to be made and the ref­er­ence net­work to be ac­cessed at the rel­ev­ant loc­a­tion and shall send the PTSS a list with the fol­low­ing re­lated data:122

a.
the type of com­mu­nic­a­tion or of ac­cess to the net­work;
b.
the date and the time of the com­mu­nic­a­tion or ac­cess to the net­work;
c.
the ad­dress­ing re­source of the tele­phony and mul­ti­me­dia ser­vice used or of the net­work ac­cess ser­vice;
d.
if ap­plic­able, the name of the mo­bile net­work used.

3 The PTSS shall in­struct the TSPs, on the basis of the sec­ond­ary tele­com­mu­nic­a­tions data re­lat­ing to pre­vi­ous tele­com­mu­nic­a­tions traffic, to identi­fy the mo­bile ra­dio cells or pub­lic WLAN ac­cess points used in each case at the be­gin­ning and at the end of the ref­er­ence com­mu­nic­a­tions and in­stances of ref­er­ence net­work ac­cess in ac­cord­ance with para­graph 2 and to provide it with a list of the cor­res­pond­ing cell or geo­graph­ic­al area iden­ti­fi­ers der mo­bile cells, the as­so­ci­ated iden­ti­fi­ers (e.g. BSSID) or suit­able des­ig­na­tions (e.g. hot­spot name) for the WLAN ac­cesses com­pleted in ac­cord­ance with para­graph 2.123

122 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

123 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 66 Surveillance Type AS_34: Antenna search  

1 Sur­veil­lance Type AS­_34 com­prises the ret­ro­act­ive sur­veil­lance of all com­mu­nic­a­tions, com­mu­nic­a­tion at­tempts and in­stances of net­work ac­cess that have taken place via a spe­cif­ic mo­bile ra­dio cell or a spe­cif­ic pub­lic WLAN ac­cess point over a peri­od of up to two hours.124

2 The TSP shall sup­ply the sec­ond­ary tele­com­mu­nic­a­tions data res­ult­ing from para­graph 1 re­lat­ing to pre­vi­ous tele­com­mu­nic­a­tions traffic in ac­cord­ance with Art­icle 60 and 61.

124 The cor­rec­tion of 3 Ju­ly 2018 relates to the Itali­an text only (AS 2018 2551).

Section 11 Missing Person and Wanted Person Searches and Mobile Phone Localisation of Suspected Terrorists 125125

125 Amended by No I 12 of the O of 4 May 2022 on Police Counterterrorism Measures, in force since 1 June 2022 (AS 2022 301).

Art. 67 Types of surveillance EP: Missing person search 126  

The fol­low­ing types of sur­veil­lance may be ordered for a miss­ing per­son search in ac­cord­ance with Art­icle 35 SPTA:

a.
Type EP_35_PA­GING: de­term­in­ing the loc­a­tion of the most re­cent activ­ity de­tect­able by the mo­bile tele­phony pro­vider of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the miss­ing per­son or a third party; this type cor­res­ponds to Type HD_31_PA­GING in ac­cord­ance with Art­icle 63;
b.
Type EP_56_­POS_ONCE: the im­me­di­ate non-re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the miss­ing per­son or a third party; this type cor­res­ponds to Type RT_54_­POS_ONCE in ac­cord­ance with Art­icle 56a;
c.
Type EP_57_­POS_PERI­OD: the re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the miss­ing per­son or a third party; this type cor­res­ponds to Type RT_55_­POS_PERI­OD in ac­cord­ance with Art­icle 56b;
d.
Type EP_36_RT_C­C_IRI: real-time sur­veil­lance of con­tent and sec­ond­ary tele­com­mu­nic­a­tions data; this type cor­res­ponds to the com­bin­a­tion of types of sur­veil­lance in ac­cord­ance with Art­icle 55 (net­work ac­cess ser­vices) and in ac­cord­ance with Art­icle 57 (tele­phony and mul­ti­me­dia ser­vices);
e.
Type EP_37_RT_IRI: real-time sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data; this type cor­res­ponds to the com­bin­a­tion of types of sur­veil­lance in ac­cord­ance with Art­icle 54 (net­work ac­cess ser­vices) and in ac­cord­ance with Art­icle 56 (tele­phony and mul­ti­me­dia ser­vices);
f.
Type EP_38_HD: ret­ro­act­ive sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data); this type cor­res­ponds to the com­bin­a­tion of types of sur­veil­lance in ac­cord­ance with Art­icle 60 (net­work ac­cess ser­vices) and in ac­cord­ance with Art­icle 61 (tele­phony and mul­ti­me­dia ser­vices).

126 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 68 Wanted person search 127  

1 The fol­low­ing types of sur­veil­lance may be ordered for a search for con­victed per­sons in ac­cord­ance with Art­icle 36 SPTA; “wanted per­son search” must be in­dic­ated in the sur­veil­lance or­der as the reas­on for sur­veil­lance (Art. 49 para. 1 let. e):

a.
the loc­a­tion de­term­in­a­tion in the case of the most re­cent activ­ity de­tect­able by the mo­bile ser­vice pro­vider of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the con­victed per­son or a third party in ac­cord­ance with Art­icle 63;
b.
the im­me­di­ate non-re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the con­victed per­son or a third party in ac­cord­ance with Art­icle 56a;
c.
the re­cur­rent po­s­i­tion de­term­in­a­tion by the net­work of all mo­bile ter­min­al devices as­so­ci­ated with the tar­get ID of the con­victed per­son or a third party in ac­cord­ance with Art­icle 56b;
d.
any of the types of real-time sur­veil­lance of the con­tent and sec­ond­ary tele­com­mu­nic­a­tions data of net­work ac­cess ser­vices or ap­plic­a­tions in ac­cord­ance with Art­icles 55, 57 or 59;
e.
any of the types of real-time sur­veil­lance of sec­ond­ary tele­com­mu­nic­a­tions data of net­work ac­cess ser­vices or ap­plic­a­tions in ac­cord­ance with Art­icles 54, 56 or 58;
f.
any of the types of ret­ro­act­ive sur­veil­lance in ac­cord­ance with Art­icles 60–62;
g.
an an­tenna search in ac­cord­ance with Art­icle 66 and the cor­res­pond­ing pre­par­a­tions in ac­cord­ance with Art­icles 64 and 65.

2 In the case of the sur­veil­lance type in para­graph 1 let­ter f, the start and end of the sur­veil­lance are gov­erned by Art­icle 4a.

127 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 68a Surveillance Type ML_50_RT: Mobile phone localisation of suspected terrorists in real time 128  

1 Sur­veil­lance Type ML_50_RT may be ordered for the mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists in ac­cord­ance with Art­icle 23q para­graph 3 of the Fed­er­al Act of 21 March 1997129 on Meas­ures to Safe­guard In­tern­al Se­cur­ity.

2 It com­prises the com­bin­a­tion of real-time sur­veil­lance of the sec­ond­ary tele­com­mu­nic­a­tions data re­quired for mo­bile phone loc­al­isa­tion in the case of mo­bile net­work ac­cess ser­vices, mo­bile tele­phony and mul­ti­me­dia ser­vices and, if ap­plic­able, con­ver­gent mo­bile ser­vices, in par­tic­u­lar SMS, Voice Mail and RCS.

3 In the case of mo­bile net­work ac­cess ser­vices, the sec­ond­ary tele­com­mu­nic­a­tions data from tele­com­mu­nic­a­tions traffic in ac­cord­ance with Art­icle 54 para­graph 2 let­ters a–c, g and h and para­graph 3 must be trans­mit­ted.

4 In the case of mo­bile tele­phony and mul­ti­me­dia ser­vices and con­ver­gent mo­bile ser­vices, the sec­ond­ary tele­com­mu­nic­a­tions data from tele­com­mu­nic­a­tions traffic in ac­cord­ance with Art­icle 56 para­graph 1 let­ters a, b, d and e num­bers 1 and 9 and para­graph 2 must be trans­mit­ted.

128 In­ser­ted by No I 12 of the O of 4 May 2022 on Po­lice Coun­terter­ror­ism Meas­ures, in force since 1 June 2022 (AS 2022 301).

129 SR 120

Section 12 Off-Network Identifiers

Art. 69  

Sur­veil­lance in ac­cord­ance with Art­icles 56–59, 61 and 62 also in­cludes tele­com­mu­nic­a­tion car­ried out via the ser­vices un­der sur­veil­lance that can be as­signed to the tar­get ID even if the iden­ti­fi­er un­der sur­veil­lance is not ad­min­istered by the pro­vider giv­en the as­sign­ment.

Chapter 4 Final Provisions

Art. 70 Organisational, administrative and technical regulations  

The FD­JP shall is­sue the or­gan­isa­tion­al, ad­min­is­trat­ive and tech­nic­al reg­u­la­tions on con­duct­ing sur­veil­lance of post and tele­com­mu­nic­a­tions. In par­tic­u­lar, it shall de­term­ine the dead­lines with­in which the rel­ev­ant data must be sup­plied.

Art.71 Implementation  

1 The PTSS shall provide elec­tron­ic forms and in­ter­faces to be used by those con­cerned. The forms and in­ter­faces shall make it pos­sible in par­tic­u­lar for:

a.
the or­der­ing au­thor­it­ies:
1.
to sub­mit a sur­veil­lance or­der to the PTSS,
2.
to in­struct the PTSS to grant or amend rights of ac­cess;
b.
the PTSS:
1.
to in­struct the per­sons or en­tit­ies re­quired to co­oper­ate with con­duct­ing a sur­veil­lance meas­ure,
2.
to pass on a re­quest for in­form­a­tion to the per­sons or en­tit­ies re­quired to co­oper­ate and to for­ward their an­swers to the re­quest­ing au­thor­ity;
c.
the au­thor­ised au­thor­it­ies to sub­mit a re­quest for in­form­a­tion to the PTSS.

2 The PTSS may at the ap­pro­pri­ate time re­place the elec­tron­ic forms with on­line ac­cess to the Ser­vice’s pro­cessing sys­tem and in­tro­duce an elec­tron­ic ap­prov­al pro­cess for or­ders re­quir­ing ap­prov­al. The elec­tron­ic forms may con­tin­ue to be used if on­line ac­cess to the pro­cessing sys­tem is im­possible for tech­nic­al reas­ons or if the pro­cessing sys­tem fails.

Art.72 Repeal of another enactment  

The Or­din­ance of 31 Oc­to­ber 2001130 on the Sur­veil­lance of Post and Tele­com­mu­nic­a­tions is re­pealed.

130 [AS 2001 3111; 2004 1431, 2021Art. 7, 3383; 2006 4705No II 77; 2007 4029; 2011 5955; 2016 4337No II; 2017 4151 An­nex 4 No II 11]

Art.73 Amendment of other enactments  

The or­din­ances be­low are amended as fol­lows:

131

131 The amend­ments may be con­sul­ted un­der AS 2018 147.

Art. 74 Transitional provisions  

1 Sur­veil­lance activ­it­ies ordered be­fore this Or­din­ance comes in­to force shall con­tin­ue un­changed. These activ­it­ies shall be ex­ten­ded or ter­min­ated in ac­cord­ance with the pre­vi­ous law ap­plic­able to those types of sur­veil­lance.

2 Test con­nec­tions on­go­ing in ac­cord­ance with the pre­vi­ous prac­tice when this Or­din­ance comes in­to force shall be ter­min­ated.

3 TSPs that sub­mit an ap­plic­a­tion to the PTSS for cat­egor­isa­tion as a TSP with re­duced sur­veil­lance du­ties in ac­cord­ance with Art­icle 51 with­in three months of this Or­din­ance com­ing in­to force shall be deemed to be such from the date on which this Or­din­ance comes in­to force and for the dur­a­tion of the pro­ced­ure. The PTSS may re­voke this cat­egor­isa­tion for the dur­a­tion of the pro­ced­ure if ap­prov­al of the ap­plic­a­tion is un­likely. Art­icle 51 para­graph 5 does not ap­ply to TSPs pre­vi­ously re­quired to re­port.

4 With­in 3 months of this Or­din­ance com­ing in­to force, TSPs and PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion in ac­cord­ance with Art­icle 22 shall modi­fy their sys­tems in or­der to im­ple­ment the new re­quire­ments on the iden­ti­fic­a­tion the sub­scribers (Art. 19) and re­cord­ing per­sons’ data in the case of mo­bile ser­vices (Art. 20).

5 With­in 6 months of this Or­din­ance com­ing in­to force, TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties in ac­cord­ance with Art­icle 51, and PDC­Ss with more ex­tens­ive sur­veil­lance du­ties in ac­cord­ance with Art­icle 52 shall modi­fy their sys­tems in or­der to be able to sup­ply the in­form­a­tion spe­cified in Art­icles 38 and 39.

6 With­in 24 months of this Or­din­ance com­ing in­to force:

a.
it must be pos­sible to sup­ply the sec­ond­ary tele­com­mu­nic­a­tions data on com­mu­nic­a­tion at­tempts in the case of ret­ro­act­ive sur­veil­lance activ­it­ies;
b.
TSPs must make tech­nic­al modi­fic­a­tions to the sys­tems they have avail­able in or­der to be able to sup­ply the data on email ser­vices spe­cified in Art­icles 58, 59 and 62. Be­fore then, they must sup­ply the data on email ser­vices in the same way as be­fore.

7 Un­til the new pro­cessing sys­tem pro­cured un­der the tele­com­mu­nic­a­tions sur­veil­lance132 pro­gramme comes in­to op­er­a­tion:

a.
the PTSS may con­tin­ue to com­pile stat­ist­ics (Art. 12) in ac­cord­ance with the pre­vi­ous law;
b.
in­form­a­tion pro­vi­sion (Art. 35–48) and sur­veil­lance activ­it­ies (Art. 54–68) shall con­tin­ue to be car­ried out with the ex­ist­ing sys­tem, the pre­vi­ous formats and the cor­res­pond­ing forms. They shall be trans­mit­ted us­ing a se­cure means of trans­mis­sion au­thor­ised by the PTSS, by post or fax; Art­icle 17 para­graphs 1–2 does not ap­ply;
c.
in­form­a­tion pro­vi­sion based on a flex­ible name search in ac­cord­ance with Art­icle 27 in con­junc­tion with Art­icles 35, 40, 42 and 43 is not pos­sible; from the date on which the new sys­tem comes in­to op­er­a­tion, it will only be car­ried out by TSPs and PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion in ac­cord­ance with Art­icle 22 that have mod­i­fied their sys­tems ac­cord­ingly.

8 With­in 12 months of the new pro­cessing sys­tem com­ing in­to op­er­a­tion, TSPs and PDC­Ss with more ex­tens­ive du­ties to provide in­form­a­tion in ac­cord­ance with Art­icle 22 shall modi­fy their sys­tems in or­der to sup­ply the in­form­a­tion spe­cified in Art­icles 35–37 and 40–42 and in Art­icle 27 in con­junc­tion with Art­icles 35, 40 and 42 auto­mat­ic­ally via the query in­ter­face of the pro­cessing sys­tem (Art. 18 para. 2) and in or­der to be able to carry out the flex­ible name search in ac­cord­ance with Art­icle 27 in con­junc­tion with Art­icles 35, 40, 42 and 43.

Art. 74a Transitional provision to the Amendment of 4 May 2022 relating to the mobile phone localisation of suspected terrorists 133  

1 The PTSS shall ad­apt its pro­cessing sys­tem with­in 12 months of the re­place­ment of the real-time sys­tem com­pon­ents of the pro­cessing sys­tems in or­der to be able to con­duct the mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists in a stand­ard­ised man­ner and re­cord the same in the stat­ist­ics.

2 The TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), and PDC­Ss with more ex­tens­ive sur­veil­lance du­ties (Art. 52) shall ad­apt their sys­tems with­in 12 months of the re­place­ment of the real-time sys­tem com­pon­ents of the pro­cessing sys­tems in or­der to be able to con­duct the mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists (Art. 68a) in a stand­ard­ised man­ner.

3 If the mo­bile phone loc­al­isa­tion of sus­pec­ted ter­ror­ists can­not yet be con­duc­ted in a stand­ard­ised man­ner in ac­cord­ance with Art­icle 68a, pro­viders shall in­stead con­duct the types of sur­veil­lance spe­cified in Art­icle 54 and, if re­quired, Art­icles 56 and 63. The PTSS shall pass on the data in ac­cord­ance with Art­icles 54 and 63 to the au­thor­ised au­thor­it­ies. The PTSS shall only pass on the data in ac­cord­ance with Art­icle 56 to the ex­tent spe­cified in Art­icle 68a. If its pro­cessing sys­tem is un­able to guar­an­tee this fil­ter­ing, it shall not pass on any data. It shall des­troy data that it does not pass on. The fees and com­pens­a­tion are de­term­ined by the type of sur­veil­lance ordered (Art. 54, 56 and 63).

133 In­ser­ted by No I 12 of the O of 4 May 2022 on Po­lice Coun­terter­ror­ism Meas­ures, in force since 1 June 2022 (AS 2022 301).

Art. 74b Transitional provision to the Amendment of 15 November 2023 134  

1 TSPs shall be ready to provide the in­form­a­tion in ac­cord­ance with Art­icles 48a and 48c with­in 24 months of the Amend­ment of 15 Novem­ber 2023 com­ing in­to force.

2 The TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), must be able to provide the in­form­a­tion in ac­cord­ance with Art­icle 48b in stand­ard­ised form from the time at which their first com­mer­cial mo­bile net­work ac­cess point which con­ceals the per­man­ent iden­ti­fi­ers on the ra­dio in­ter­face comes in­to op­er­a­tion.

3 They must be able to carry out the sur­veil­lance pro­ced­ures in stand­ard­ised form in ac­cord­ance with Art­icles 56a and 67 let­ter b with­in 24 months of the Amend­ment of 15 Novem­ber 2023 com­ing in­to force.

4 They must the im­ple­ment the ad­di­tion­al type of ret­ro­act­ive sur­veil­lance in ac­cord­ance with Art­icle 61 let­ter j with­in 24 months and en­sure the sav­ing of the data re­quired there­for with­in 18 months of the Amend­ment of 15 Novem­ber 2023 com­ing in­to force.

5 They must be able to carry out the sur­veil­lance pro­ced­ures in stand­ard­ised form in ac­cord­ance with Art­icles 56b and 67 let­ter c with­in 24 months of the re­place­ment of the real-time sys­tem com­pon­ents of the pro­cessing sys­tems.

6 The PTSS shall ad­apt its pro­cessing sys­tem with­in 24 months of the Amend­ment of 15 Novem­ber 2023 com­ing in­to force, so that:

a.
the in­form­a­tion in ac­cord­ance with Art­icles 48a and 48c can be provided in stand­ard­ised form and the sur­veil­lance pro­ced­ures in ac­cord­ance with Art­icles 56a and 67 let­ter b can be car­ried out and be re­cor­ded in the stat­ist­ics in stand­ard­ised form;
b.
the data in ac­cord­ance with Art­icle 61 let­ter j can be re­ceived.

7 It shall ad­apt its pro­cessing sys­tem so that in­form­a­tion in ac­cord­ance with Art­icle 48b can be provided and re­cor­ded in the stat­ist­ics in stand­ard­ised form from the time at which their first com­mer­cial mo­bile net­work ac­cess point which con­ceals the per­man­ent iden­ti­fi­ers on the ra­dio in­ter­face comes in­to op­er­a­tion.

8 It shall ad­apt its pro­cessing sys­tem with­in 24 months of the re­place­ment of the real-time sys­tem com­pon­ents of the pro­cessing sys­tems so that the sur­veil­lance pro­ced­ures in ac­cord­ance with Art­icles 56b and 67 let­ter c in can be car­ried out and re­cor­ded in the stat­ist­ics in stand­ard­ised form.

134 In­ser­ted by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Art. 75 Commencement  

This Or­din­ance comes in­to force on 1 March 2018.

Annex 135

135 Amended by No II of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

(Art. 2)

Terms and abbreviations

1.
Communication service: service that enables communication using telecommunications technology; it includes telecommunications services and derived communication services;
2.
Subscribers: persons who have entered into a contract with a TSP or a PDCS in order to use their services or who have registered for their services or have been granted access by a TSP or a PDCS to their services;
3.
WLAN: wireless local area network;
4.
Identifier: addressing resource, identification number or any other unique indicator of a specific subscriber, service or device;
5.
IP address (internet protocol address): address that identifies all devices connected to a network that communicate using the internet protocol; there are Version 4 (IPv4) and the Version 6 (IPv6) IP addresses;
6.
Port number: address of a port; a port is the logical end point for communications with or within a computer system; a port is linked to an IP address and the communication protocol type;
7.
NAT (network address translation):procedure for translating network addresses. The address information in IP packages is automatically replaced with other address information by a network element (e.g. router);
8.
Telephony service: interactive service that allows simultaneous real-time voice communication between persons communicating with each other, with addressing according to a numbering plan; a provider’s answerphone systems associated with a telephony service (e.g. voice box, voice mail, visual voice mail) are also regarded as a telephony service;
9.
Multimedia service: more sophisticated telephony service, with which, in addition to speech, other types of media and functions can be used, such as video, images, audio, file transfer, parts of content, presentation of content, transmission of presence information (e.g. video telephony, unified communication, RCS, conference calls, video conference calls, online meetings);
10.
GPSI (Generic Public Subscription Identifier):unique public addressing resource within and outside 5G networks (e.g. MSISDN);
11.
MSISDN (Mobile Subscriber Integrated Services Digital Network Number):unique telephone number on which subscribers to a mobile network can be called;
12.
IP prefix: part of the IP address that identifies network concerned;
13.
IP address range:a number of successive IP addresses;
14.
Net mask:in internet protocol Version 4 (IPv4), describes how many bits at the start of the IP address displayed identify the network concerned;
15.
Prefix length:in internet protocol Version 6 (IPv6), describes how many bits at the start of the IP address displayed identify the network concerned;
16.
ICCID (Integrated Circuit Card Identifier):series-number of a smart card (e.g. ICCID of a SIM card) or a profile on a built-in chip (e.g. the EID of an eUICC) that uniquely identifies the chip or the profile worldwide;
17.
IMSI (International Mobile Subscriber Identity): number that allows the unique international identification of mobile communication subscribers;
18.
SUPI (SUbscription Permanent Identifier): number that allows the unique international identification of mobile subscribers in 5G networks;
19.
IMEI (International Mobile Equipment Identity): number that allows the unique international identification of mobile communication terminals;
20.
PEI (Permanent Equipment Identifier): number that allows the unique international identification of mobile communication terminals in 5G networks;
21.
MAC address (Media Access Control Address): hardware address that is stored in a network card or a network adapter and that is used as the unique address at the level of OSI layer 2;
22.
SIM (Subscriber Identity Module): smart card or chip permanently built into to the terminal device on which the IMSI or SUPI and the related key are securely stored; the SIM is used to authenticate the subscribers to a mobile network, and includes the USIM (Universal Subscriber Identity Module), UICC (Universal Integrated Circuit Card) and eSIM (embedded SIM);
23.
PUK code (Personal Unblocking Key): unchangeable PIN assigned to the SIM used to unblock the SIM if the PIN code has been entered incorrectly on several occasions;
24.
PUK2-Code (Personal Unblocking Key 2): same as the PUK code, but assigned to the PIN2 code;
25.
eUICC-ID (shortened to EID, embedded Universal Integrated Circuit Card-Identifier): unique worldwide identifier for a chip permanently built into a terminal device, which hosts the SIM functions (see ICCID and SIM);
26.
Source IP address:IP address that is assigned to the communication end point (normally the client) that establishes the connection;
27.
Source port number: port number that is assigned to the communication end point (normally the client) that establishes the connection;
28.
Destination IP address: IP address that is assigned to the communication end point (normally the server) with which the connection is established;
29.
Destination port number: port number that is assigned to the communication end point (normally the server) with which the connection is established;
30.
SIP (Session Initiation Protocol):communication protocol that is used for signalling and maintaining multimedia communication sessions;
31.
SIP URI (SIP Uniform Resource Identifier): URI scheme for addressing the SIP. The SIP URI are addressing resources in the format user@domain.tld;
32.
IMPU (IP Multimedia Public Identity): identifier that allows communication with other subscribers; a subscriber to the IMS has one or more IMPUs in addition to the IMPI; one IMPI may be assigned several IMPUs. Conversely an IMPU may also be shared with other subscribers;
33.
TEL URI (Telephone Uniform Resource Identifier): URI scheme for telephone numbers. The TEL URI are addressing resources in the format tel:number, e.g.tel:+41-868-868-868;
34.
IMPI (IP Multimedia Private Identity): internationally unique identifier in the IMS, assigned by providers to their subscribers, which is used inter alia for registration and AAA events.
35.
Email service: mailbox or interface for reading, writing, editing, sending, receiving or forwarding emails, based on SMTP
36.
Alias address:additional email address that the subscriber can set up, change and delete at will; the email provider determines its maximum number of alias addresses and their structure; the alias addresses are linked to the email account. An email sent to an alias address is delivered to the same email box as used for the subscriber’s related main email address;
37.
Mailing list: list of email addresses, also known as a distribution list or distribution group. The list has its own email address. The messages that are sent to the mailing list address are forwarded on to the email addresses of its members;
38.
Messaging services:message transmitting services that are independent of from telephony and multimedia services. They include instant messaging, IMS messaging and messaging applications (apps) and SMS services from third-party providers (i.e. SMS services not provided by the subscriber’s TSP). These services may also include additional functions such as multimedia communication, data transmission and presence information (e.g. a subscriber can see the current status and potentially the location of the other subscribers);
39.
Cell identifier: unmodified identifier for radio cells in mobile networks, such as CGI (Cell Global Identity), ECGI (E-UTRAN Cell Global Identity), NCGI (New Radio Cell Global Identity);
40.
Geographical area identifier: unmodified identifier for geographical areas in mobile networks, e.g. SAI (Service Area Identity), RAI (Routing Area Identity), TAI (Tracking Area Identity);
41.
Hotspot name (SSID): name of a hotspot freely chosen by the provider, which is generally easy to read and is displayed to users; a hotspot in terms of this Ordinance is public access to the internet via WLAN (Wi-Fi), as opposed to a stationary or mobile (tethering) private hotspot;
42.
Target ID: identifier under surveillance, i.e. the identifier of the target of the surveillance;
43.
IRI (Intercept Related Information): secondary telecommunications data of the target recorded during real-time surveillance. The data are normally also transmitted in real time; they must be distinguished from retained secondary telecommunications data (historical data), which are only selectively recorded, normally with a time delay, for the purpose of retroactive surveillance;
44.
HLR (Home Location Register): in second- and third-generation mobile networks; a database kept by a mobile service provider, in which the functional characteristics of its subscribers (e.g. IMSI, MSISDN, configuration, service profiles) and their current service-providing network are recorded;
45.
HSS (Home Subscriber Server): in fourth-generation mobile networks; a database with similar functions to the HLR;
46.
UDM (Unified Data Management): in fifth-generation mobile networks; a database with similar functions to the HLR and HSS;
47.
IMS (IP Multimedia Subsystem): a telecommunications system based on the internet that integrates mobile voice services and internet functions;
48.
AAA (authentication, authorisation and accounting information):information on which subscribers are allowed to use which services, and information which is used to bill subscribers for service usage. For the purposes of this Ordinance, passwords are not regarded as AAA information. Authentication is the process by which a subscriber is identified before the access is granted. Authorisation determines which rights of access to resources or services that a subscriber holds and also guarantees access control. The subscriber’s use of resources is measured for accounting purposes;
49.
3GPP (3rd Generation Partnership Project): worldwide cooperation among standardisation bodies on standardisation in mobile communications;
50.
Non-3GPP access: access to the mobile communications core network that is based on technology that is not standardised by the 3GPP (e.g. WLAN access);
51.
EPS (Evolved Packet System): architecture of the LTE mobile communication standard of 3GPP, marketed as “4G”;
52.
5GS (5G-System): system architecture of the 5G mobile communication standard of the 3GPP;
53.
SMS (Short Message Service): messaging service for transmitting short text messages;
54.
Voice mail: storage devices used in telecommunication networks that offer answering services (e.g. receiving, forwarding and storing voice messages). There are extensions for various types of media and services, such as SMS, email, fax or video messages as well as function extensions such as converting from one type of media to another (e.g. text to voice) and the sending of messages;
45.
RCS (Rich Communications Services,originally: Rich Communication Suite) specification of the international industry organisation for mobile telephony providers GSM Association, GSMA for the IMS based provision of interoperable (i.e. cross-provider and cross-terminal) multimedia services with extended functional scope. Various types of media (e.g. language, music, photographs, videos) and services (e.g. chat, chat groups, calls, multimedia messages, short messages, instant messages, presence information, transmission of files, address books) can be combined; what is meant here is only the RCS services that are provided to subscribers by their mobile telephony provider;
56.
E.164 number: telephone number in accordance with international numbering plan E.164 of the ITU-T;
57.
DTMF (Dual-Tone Multi-Frequency): a signalling procedure, i.e. during a telephone conversation, sound signals can be sent by pressing the telephone keypad, for example to interact with answering machines or automatic voice response systems;
58.
BSSID (Basic Service Set Identifier): unique identifier (MAC address) of the WLAN access point;
59.
Radio interface:the interface for radio transmission in the mobile communications network, e.g. 5G New Radio (5G NR), also known as the air interface or 3GPP access.

Diese Seite ist durch reCAPTCHA geschützt und die Google Datenschutzrichtlinie und Nutzungsbedingungen gelten.

Feedback
Laden