4. Information systems

To date, the OA-IA has audited the following FIS information systems:

[18-1] Overview of the FIS data landscape and content of the residual data memory

Purpose: Article 47 of the Federal Act on the Intelligence Service (Intelligence Service Act, IntelSA)¹ lists the information systems operated by the FIS. The information systems are further regulated at the ordinance level.² The OA-IA used this audit to obtain an overview of all the FIS’s information systems. The audit served as a basis for future audits. As the residual data memory can contain data that cannot be assigned to any other information system, the OA-IA inspected the system in order to determine what kind of data it contained.
Year / Source: 2018 (2018 Annual Report, page 13)

[19-15] Operation, content and use of the information systems GEVER FIS , BURAUT data storage, and SiLAN data storage (temporary evaluations)

Purpose: In 2012, the FIS introduced a business management system containing both administrative and intelligence data. All FIS staff have access to it. In view of the kind of data processed and the large number of authorised users, the OA-IA chose to perform an initial in-depth audit of a system.
Year / Source: 2019 (2019 Annual Report, page 23 ff.)

[20-16] Operation, content and use of the IASA information system⁶

Purpose: IASA comprises three key intelligence information systems and is the FIS’s main work instrument, which was the reason for the OA-IA audit.
Year / Source: 2020 (2020 Annual Report, page 23 ff.)

[21-17] Selected FIS information system (Quattro P)

Purpose: This information system stores and processes a large volume of data on the [travel] movements of foreign nationals. The OA-IA chose to audit Quattro P because it contains a large volume of personal data and because the system is used for the FIS’s facial recognition system.
Year / Source: 2021 (2021 Annual Report, page 21 ff.)

To date, the OA-IA has performed an audit of the following MIS information systems:

[20-17] MIS information system landscape

Purpose: The OA-IA used the audit results to gain an understanding of the information systems and to plan further audits.
Year / Source: 2020 (this topic was not dealt with specifically in the annual report, but a summary is available on the OA-IA website.)

[21-18] Data protection within the MIS

Purpose: The MIS processes personal data although this is not the main focus of its activities. The OA-IA therefore inspected the data protection aspects of its activities in certain information systems.
Year / Source: 2021 (2021 Annual Report, page 24 ff.)

To date, the OA-IA has audited the following EOC information systems:

[19-18] EOC information system landscape

Purpose: The purpose of this audit was to gain an overview of the EOC information systems landscape and to serve as a starting point for further audits. There is no specific legal base governing the EOC’s information systems; their operation is regulated in various acts and ordinances.
Year / Source: 2019 (2019 Annual Report, page 27)

Besides examining specific information systems, the OA-IA has also carried out audits in the area of data processing and archiving, amounting to ten additional audits since the beginning of its oversight activities. Thus, since taking up its duties, the OA-IA has carried out sixteen audits of the information systems of the intelligence services and of data processing in these systems. The findings of these audits are presented below.

“The relevant legal bases for operating the FIS’s information systems are more detailed and more transparent than the legal bases for operating the MIS and EOC systems.”

¹ SR 121
² Ordinance on the Federal Intelligence Service Information and Storage Systems (ISSO-FIS; SR 121.2)
³ Electronic records and process management system of the FIS
⁴ Data storage system of the FIS
⁵ Secure network of the FIS
⁶ Integral analysis system of the FIS

The intelligence services must be in a position to anticipate societal and technological changes that negatively impact the security of Switzerland. Although new technologies can pose risks to our country’s security, they can also have a positive impact on the work of the intelligence services. The FIS’s cross-system search engine, for example, has greatly facilitated the work of its staff since its introduction six years ago.

All three services keep track of technological developments and make use of them in their intelligence activities. For example, a new facial recognition system allows the FIS to pull up an overview of facial images in its systems (see page 18 ff.). The MIS, for its part, is increasingly promoting satellite imagery analysis. And the EOC is addressing the question of how decreasing radio traffic – a result of the emergence of new communication technologies – can be monitored using other technical means.

Legislation on data management generally uses the term ‘information system’. This is also the case in the Intelligence Service Act (IntelSA). Article 47 IntelSA lists the various FIS information systems. The dispatch to the IntelSA states that the FIS should file the information it collects or receives in a network of information systems according to topic, source or sensitivity.⁷

However, linking the term ‘information system’ to the intended purpose of data processing in legislation may no longer correspond to modern concepts of data management. The new Data Protection Act, for example, does not use the term 7 BBl 2014 2106 ‘collection of data’. The reason given for this is that, thanks to new technologies, data is used like a collection of data even if it is not stored centrally.⁸

The draft revision of the IntelSA requires an amendment to the legal provisions governing the FIS’s information systems. The term ‘information’ should be replaced by the term ‘data’. Data should be categorised according to the legal requirements. The content of these categories should correspond approximately to those of the information systems described in the IntelSA.

⁷ BBl 2014 2106
⁸ BBl 2017 7023