Who was against transparency?
Data protection officer contradicts Fehr!
Zurich Justice Director Jacqueline Fehr explained on Tuesday why she did not inform the public about the data scandal earlier. But now it turns out that what she said is not true.
1/5
Justice Director Jacqueline Fehr commented on the data scandal on Tuesday. She admitted mistakes.
Leah HartmannEditor Politics
“Amateur”, “negligent”, possibly even punishable. The Zurich Justice Director Jacqueline Fehr (59) chose clear words on Tuesday about the data scandal in her agency. “It cannot be justified under any title how data carriers of the Directorate of Justice and the Interior were allegedly disposed of in the noughties,” said the SP government councilor at a media conference.
Blick announced last week that hard drives with unencrypted, highly sensitive data from the public prosecutor’s office and the police had ended up with a convicted bartender from the Zurich milieu due to improper disposal. On Tuesday, the director of justice took a position on this for the first time – and published the investigation report, which had previously been kept secret.
Fehr admits mistakes
It’s not difficult to criticize what you have nothing to do with yourself. Fehr only came to the Directorate of Justice in 2015, and the data leak lasted until 2012. But the SP government councilor also bears responsibility for how the scandal was processed. The authority had known about the matter since 2020 and had an administrative investigation carried out parallel to criminal proceedings. But the public didn’t know about any of this.
In her first public statement on the case, Fehr now said that, in retrospect, it was a mistake not to have even sent the final report of the administrative investigation to the Cantonal Council’s Audit Committee.
The representation does not correspond entirely to the truth
As far as silence from the public is concerned, the government councilor has meanwhile shifted responsibility to the canton’s data protection officer. They have advised against informing. “Should we have published the report against the advice of the data protection officers?” she asked rhetorically.
There are still security gaps today
The Zurich Department of Justice kept the data scandal under lock and key for over a year and a half. Now that it has come to light, she is forced to create transparency and published the final report on the administrative investigation carried out by a company specializing in IT law.
This also examined the status of data protection in 2021. The report comes to the conclusion that IT security “has been guaranteed for years”, according to the Directorate of Justice. If you read the 39-page document, you wonder how she came up with that.
“In our opinion, concrete instructions for action for the attention of the employees are missing in many areas,” says the report. There is also criticism that security checks are not implemented uniformly and systematically in the directorate.
The investigation report contains 13 recommendations. Four have priority because there is a “high probability of breaking the law,” said investigator Maria Winkler. As government councilor Jacqueline Fehr (59) explained, the implementation of the recommendations is in progress.
The Zurich Department of Justice kept the data scandal under lock and key for over a year and a half. Now that it has come to light, she is forced to create transparency and published the final report on the administrative investigation carried out by a company specializing in IT law.
This also examined the status of data protection in 2021. The report comes to the conclusion that IT security “has been guaranteed for years”, according to the Directorate of Justice. If you read the 39-page document, you wonder how she came up with that.
“In our opinion, concrete instructions for action for the attention of the employees are missing in many areas,” says the report. There is also criticism that security checks are not implemented uniformly and systematically in the directorate.
The investigation report contains 13 recommendations. Four have priority because there is a “high probability of breaking the law,” said investigator Maria Winkler. As government councilor Jacqueline Fehr (59) explained, the implementation of the recommendations is in progress.
The problem is that Fehr’s account does not correspond to the truth.
«In my report, I only commented on the aspect of informing the persons concerned. I have not made any statement about the publication of the final report of the administrative investigation, »clarified the data protection officer Dominika Blonski when asked by Blick. That’s not in their area of expertise.
Prosecutor expands proceedings
But not only in terms of communication does Fehr have to put up with criticism. As if the debacle wasn’t big enough, she also confirmed on Tuesday that important documents relating to the events of 2019 had been destroyed without having been digitized beforehand. The whole thing was “very regrettable”. “We do not know whether the files would have contributed to our incrimination or exoneration.”
Blick reported on the data destruction on Monday. On the same day, the public prosecutor’s office decided to expand the ongoing investigation. The data disposal by the authorities is now to be examined in more detail – including those from 2019. Officials may have made themselves punishable.
It is unclear why the public prosecutor’s office is only investigating now. The fact is that the 2019 disposal campaign had been known to the authorities since November 2020.
About the data scandal: «The greatest risk in data security is the human being»(02:23)