Sylvain Métille

Attorney-at-law

Attorney-at-law
PhD in law
Associate Professor at University

Email : metille[at]hdclegal.ch
Blog : https://smetille.ch/blog/

Field of expertise

Data Protection and Privacy
Technology, IT, and Telecommunications Law

Languages

French, English, German

Sylvain Métille is a recognized specialist in data protection and privacy law. He is also active in the fields of technology, media and telecommunications law, including IT law, cybersecurity and cybercrime, as well as transparency.

 

Pragmatic, he mainly advises Swiss and foreign companies, sports federations, as well as public institutions, in the context of compliance audits (in particular FADP and GDPR), new projects, security breaches, IT provider liability, monitoring, negotiations, agreements, etc. He also acts as an expert at the request of public institutions (Council of Europe, European Parliament, Federal Parliament committees, federal offices, cantonal parliaments) and provides legal opinions to several data protection authorities. He also represents his clients in front of judicial and supervisory authorities.

 

Admitted to the bar since 2005, Sylvain Métille holds a law degree (2003, magna cum laude) and a PhD in law from the University of Neuchâtel (2010, summa cum laude). He has been invited as a Visiting Scholar at the Berkeley Center for Law and Technology (University of California) in 2010-2011. He is an Associate Professor at the University of Lausanne where he teaches in particular Data Protection and Computer Crime. He is the director of the M Law in Legal Issues, Crime and Security of Information Technologies (M DCS) and a member of the University’s Research Ethics Commission. He is also the Scientific Director of the CAS in Data Protection offered by UniDistance. An author and editor of several books and scientific publications, he regularly organizes conferences in his fields of activity.

Publications

 

“Personal Data Protection and Research,” Sylvain Métille (ed.), Bern 2024.

 

“Face Recognition Technology in Swiss Law Enforcement Deployment, Legal Basis and Super-Recognizer-Centered Solution,” co-authored with Meike Ramon and Alexandre Barbey, in AJP/PJA 02/2024, pp. 128-143.

 

Commentary on the Swiss Federal Act on Data Protection, scientific editor with Philippe Meier.

 

Commentary on Articles 2-3 (with Livio di Tria), Article 9, Article 24 (with Pauline Meyer), Introduction to Articles 60-66, Articles 60-66, 68-74 (with Livio di Tria), in Commentary on the Swiss Federal Act on Data Protection, Meier/Métille, Basel 2023.

 

“Cybersecurity: Between Autonomy and State Support,” co-authored with Mélanie Knieps, Pauline Meyer, and Markus Christen, in Plaidoyer 4/2023, pp. 22-25. Read

 

“The (New) Federal Act on Data Protection of September 25, 2020: Principles, Rights, and Obligations,” in Epiney/Moser/Rovelli (eds.), Die Revision des Datenschutzgesetzes des Bundes = The Revision of the Swiss Federal Act on Data Protection, pp. 1-45, Zurich 2022. Read

 

“Cloud Computing,” Sylvain Métille (ed.), Bern 2022.

 

“Computer Security Incident Response Teams: Are They Legally Regulated? The Swiss Example,” co-authored with Pauline Meyer, in International Cybersecurity Law Review (2022). Read

 

“Federal Act on Information Security: Version 2.0,” co-authored with Pauline Meyer, in Jusletter, September 5, 2022. Read

 

“Data Breach Notification: A New Obligation under the Revised Federal Data Protection Act,” co-authored with Pauline Meyer, in SZW/RSDA 1/2021, pp. 23-33. Read

 

“Processing of Personal Data under the (New) Federal Act on Data Protection of September 25, 2020,” in SJ 2021 II 1ff. Read

 

The Right of Access, Sylvain Métille (ed.), 2021. Read

 

“After the End of Employment, Can Personal Data Still Be Processed?” in The End of Employment Relationships, Dupont/Mahon (Eds.), pp. 105-124, 2021.

 

“The GDPR and the Swiss Processor: How Does the General Data Protection Regulation Apply to a Processor Established Outside the EEA?” co-authored with David Raedler, in Jusletter, October 26, 2020. Read

 

“GDPR: Territorial and Extraterritorial Application,” with Annelise Ackermann, in Epiney, Datenschutzgrundverordnung (DSGVO): Scope and Initial Experiences = The General Data Protection Regulation (GDPR): Scope and Initial Experiences, pp. 77-97, 2020. Read

 

Data Protection: Federal Law, European Law, and International Conventions, Transparency and Archiving (Collection of Texts), 2019.

 

Commentary on Articles 269-281 CCP (Surveillance Measures), in Commentary on the Swiss Code of Criminal Procedure, Yvan Jeanneret, André Kuhn, Camille Perrier Depeursinge (eds.), 2019.

 

“The Use of Cloud Computing by Public Administration,” AJP/PJA 6/2019, pp. 609-621. Read

 

“Data Protection: Increasing Liability?” co-authored with Livio di Tria, Expert Focus 4/2019, pp. 308-309.

 

“The Right to Privacy: Digital Challenges, A Comparative Law Perspective,” Comparative Law Library Unit, Directorate-General for Parliamentary Research Services (DG EPRS), European Parliament Secretariat, 2018. Read

 

“The General Data Protection Regulation and Swiss Private Insurers,” co-authored with Yasmine Arasteh, Annales SDRCA 2018, pp. 107-138. Read

 

“The General Data Protection Regulation and Switzerland,” in Bulletin CEDIDAC No. 72.

 

“A Personality Profile Is Not Necessary to Assess a Person’s Creditworthiness,” co-authored with Nadja Nguyen Xuan, Medialex 2017, pp. 176-179. Read

 

“Reporting Security Breaches Is No Longer an Option,” in Expert Focus 11/2017, pp. 863-867. Read

 

“Open Wi-Fi Still Has a Future in Switzerland,” in Jusletter, September 4, 2017. Read

 

“What Legal Status for Autonomous Machines?” in Bulletin SAGW 4/17. Read

 

Internet and Law: Personality Protection and Practical Issues, 184 pages, 2017.

 

“Revision of the Federal Data Protection Act: Sanctions Against the Tide and Against Reason,” co-authored with David Raedler, in Plaidoyer 02/2017, pp. 38ff. Read

 

“Swiss Data Protection Act Reform Set in Motion,” co-authored with David Raedler, in Data Protection Leader, February 2017, pp. 14ff. Read

“Criminal Coercion Recognized in a Stalking Case,” Medialex, 4/2016. Read

 

“The Swiss Federal Court Denies Criminal Seizure of a Domain or Website,” co-authored with Nicolas Guyot, Medialex2015, pp. 67-69. Read

 

“It’s Time to Recognize a Legal Status for Robots,” co-authored with Nicolas Guyot, Plaidoyer 03/2015. Read

 

“Infrastructure and IT Data: What Protection Under Swiss Criminal Law?” co-authored with Joanna Aeschlimann, Swiss Criminal Law Review 03/2014, pp. 283-317. Read

 

“Electronic Surveillance of Employees,” in Dunand/Mahon, Internet at Work, pp. 99-132, 2014. Read

 

“Reforming Surveillance Law,” co-authored with Susan Freiwald, Berkeley Technology Law Journal, vol. 28, pp. 1261-1332, 2013. Read

 

“Recent Case Law on Data Protection: Surveillance, Infiltration, and Data Transmission to Third Parties – Recent Privacy Issues Before the Courts,” in Epiney/Fasnacht/Blaser, Instruments for Implementing the Right to Informational Self-Determination, pp. 113-124, 2013. Read

 

“The Use of Cloud Computing in a Law Firm,” Plaidoyer 5/13, pp. 39-43, 2013. Read

 

“Entrusting Data to a Foreign Company Is Not Without Risk,” Medialex 02/2013, pp. 63ff. Read

 

“The Use of Skype in a Law Firm,” Plaidoyer 2/13, pp. 58, 2013.

 

“Swiss Information Privacy Law and the Transborder Flow of Personal Data,” Journal of International Commercial Law and Technology (JICLT), Vol. 8, No. 1, 2013. Read

 

“Lessons Learned from the Unlawful Surveillance of Judges and Civil Servants by an IT Service,” in Jusletter, September 3, 2012. Read

 

“Data Protection Law in Switzerland and the Transmission of Data to the U.S.,” The Privacy Advisor, Vol. 12, No. 8, 2012.

 

“Technical Surveillance Measures and Fundamental Rights,” 378 pages, 2011. Read

 

“The Technical Surveillance Measures: Avoided and Created Risks,” in Meier/Papaux, Risk(s) and Law, pp. 47-62, 2010.

 

“The Immunity of Heads of State in the 21st Century: Consequences of the Arrest Warrant Case of April 11, 2002,” in Revue de Droit International et de Sciences Diplomatiques et Politiques, vol. 82, No. 1 (January-April 2004), pp. 29-86. Read

 

“The European Constitution: Adoption and Revision,” in Revue Québécoise de Droit International Public, vol. 17.1 (2004), pp. 3-38. Read

 

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

 

Certificate of Advanced Studies in Data Protection, UniDistance, since 2020.

 

Data Protection at the University of Lausanne (Master’s in Law, Crime, and Information Technology Security), since 2018.

 

Best Practices in Data Protection for Businesses at Romandie Formation, since 2016.

 

Cybercriminal Law at the University of Lausanne (Master’s in Law, Crime, and Information Technology Security), since 2013.

 

Data Protection at the International Institute of Management in Technology, University of Fribourg (Executive MBA in ICT and Utility Management), 2013-2018.

 

Telecommunications Law at the International Institute of Management in Technology, University of Fribourg (Executive MBA in ICT and Utility Management), 2012-2016.

 

Data Protection and Law at the University of Applied Sciences of Western Switzerland (Master of Science HES-SO in Engineering), 2012.

 

 

“Personal Data Protection and Research,” Sylvain Métille (ed.), Bern 2024.

 

“Face Recognition Technology in Swiss Law Enforcement Deployment, Legal Basis and Super-Recognizer-Centered Solution,” co-authored with Meike Ramon and Alexandre Barbey, in AJP/PJA 02/2024, pp. 128-143.

 

Commentary on the Swiss Federal Act on Data Protection, scientific editor with Philippe Meier.

 

Commentary on Articles 2-3 (with Livio di Tria), Article 9, Article 24 (with Pauline Meyer), Introduction to Articles 60-66, Articles 60-66, 68-74 (with Livio di Tria), in Commentary on the Swiss Federal Act on Data Protection, Meier/Métille, Basel 2023.

 

“Cybersecurity: Between Autonomy and State Support,” co-authored with Mélanie Knieps, Pauline Meyer, and Markus Christen, in Plaidoyer 4/2023, pp. 22-25. Read

 

“The (New) Federal Act on Data Protection of September 25, 2020: Principles, Rights, and Obligations,” in Epiney/Moser/Rovelli (eds.), Die Revision des Datenschutzgesetzes des Bundes = The Revision of the Swiss Federal Act on Data Protection, pp. 1-45, Zurich 2022. Read

 

“Cloud Computing,” Sylvain Métille (ed.), Bern 2022.

 

“Computer Security Incident Response Teams: Are They Legally Regulated? The Swiss Example,” co-authored with Pauline Meyer, in International Cybersecurity Law Review (2022). Read

 

“Federal Act on Information Security: Version 2.0,” co-authored with Pauline Meyer, in Jusletter, September 5, 2022. Read

 

“Data Breach Notification: A New Obligation under the Revised Federal Data Protection Act,” co-authored with Pauline Meyer, in SZW/RSDA 1/2021, pp. 23-33. Read

 

“Processing of Personal Data under the (New) Federal Act on Data Protection of September 25, 2020,” in SJ 2021 II 1ff. Read

 

The Right of Access, Sylvain Métille (ed.), 2021. Read

 

“After the End of Employment, Can Personal Data Still Be Processed?” in The End of Employment Relationships, Dupont/Mahon (Eds.), pp. 105-124, 2021.

 

“The GDPR and the Swiss Processor: How Does the General Data Protection Regulation Apply to a Processor Established Outside the EEA?” co-authored with David Raedler, in Jusletter, October 26, 2020. Read

 

“GDPR: Territorial and Extraterritorial Application,” with Annelise Ackermann, in Epiney, Datenschutzgrundverordnung (DSGVO): Scope and Initial Experiences = The General Data Protection Regulation (GDPR): Scope and Initial Experiences, pp. 77-97, 2020. Read

 

Data Protection: Federal Law, European Law, and International Conventions, Transparency and Archiving (Collection of Texts), 2019.

 

Commentary on Articles 269-281 CCP (Surveillance Measures), in Commentary on the Swiss Code of Criminal Procedure, Yvan Jeanneret, André Kuhn, Camille Perrier Depeursinge (eds.), 2019.

 

“The Use of Cloud Computing by Public Administration,” AJP/PJA 6/2019, pp. 609-621. Read

 

“Data Protection: Increasing Liability?” co-authored with Livio di Tria, Expert Focus 4/2019, pp. 308-309.

 

“The Right to Privacy: Digital Challenges, A Comparative Law Perspective,” Comparative Law Library Unit, Directorate-General for Parliamentary Research Services (DG EPRS), European Parliament Secretariat, 2018. Read

 

“The General Data Protection Regulation and Swiss Private Insurers,” co-authored with Yasmine Arasteh, Annales SDRCA 2018, pp. 107-138. Read

 

“The General Data Protection Regulation and Switzerland,” in Bulletin CEDIDAC No. 72.

 

“A Personality Profile Is Not Necessary to Assess a Person’s Creditworthiness,” co-authored with Nadja Nguyen Xuan, Medialex 2017, pp. 176-179. Read

 

“Reporting Security Breaches Is No Longer an Option,” in Expert Focus 11/2017, pp. 863-867. Read

 

“Open Wi-Fi Still Has a Future in Switzerland,” in Jusletter, September 4, 2017. Read

 

“What Legal Status for Autonomous Machines?” in Bulletin SAGW 4/17. Read

 

Internet and Law: Personality Protection and Practical Issues, 184 pages, 2017.

 

“Revision of the Federal Data Protection Act: Sanctions Against the Tide and Against Reason,” co-authored with David Raedler, in Plaidoyer 02/2017, pp. 38ff. Read

 

“Swiss Data Protection Act Reform Set in Motion,” co-authored with David Raedler, in Data Protection Leader, February 2017, pp. 14ff. Read

“Criminal Coercion Recognized in a Stalking Case,” Medialex, 4/2016. Read

 

“The Swiss Federal Court Denies Criminal Seizure of a Domain or Website,” co-authored with Nicolas Guyot, Medialex2015, pp. 67-69. Read

 

“It’s Time to Recognize a Legal Status for Robots,” co-authored with Nicolas Guyot, Plaidoyer 03/2015. Read

 

“Infrastructure and IT Data: What Protection Under Swiss Criminal Law?” co-authored with Joanna Aeschlimann, Swiss Criminal Law Review 03/2014, pp. 283-317. Read

 

“Electronic Surveillance of Employees,” in Dunand/Mahon, Internet at Work, pp. 99-132, 2014. Read

 

“Reforming Surveillance Law,” co-authored with Susan Freiwald, Berkeley Technology Law Journal, vol. 28, pp. 1261-1332, 2013. Read

 

“Recent Case Law on Data Protection: Surveillance, Infiltration, and Data Transmission to Third Parties – Recent Privacy Issues Before the Courts,” in Epiney/Fasnacht/Blaser, Instruments for Implementing the Right to Informational Self-Determination, pp. 113-124, 2013. Read

 

“The Use of Cloud Computing in a Law Firm,” Plaidoyer 5/13, pp. 39-43, 2013. Read

 

“Entrusting Data to a Foreign Company Is Not Without Risk,” Medialex 02/2013, pp. 63ff. Read

 

“The Use of Skype in a Law Firm,” Plaidoyer 2/13, pp. 58, 2013.

 

“Swiss Information Privacy Law and the Transborder Flow of Personal Data,” Journal of International Commercial Law and Technology (JICLT), Vol. 8, No. 1, 2013. Read

 

“Lessons Learned from the Unlawful Surveillance of Judges and Civil Servants by an IT Service,” in Jusletter, September 3, 2012. Read

 

“Data Protection Law in Switzerland and the Transmission of Data to the U.S.,” The Privacy Advisor, Vol. 12, No. 8, 2012.

 

“Technical Surveillance Measures and Fundamental Rights,” 378 pages, 2011. Read

 

“The Technical Surveillance Measures: Avoided and Created Risks,” in Meier/Papaux, Risk(s) and Law, pp. 47-62, 2010.

 

“The Immunity of Heads of State in the 21st Century: Consequences of the Arrest Warrant Case of April 11, 2002,” in Revue de Droit International et de Sciences Diplomatiques et Politiques, vol. 82, No. 1 (January-April 2004), pp. 29-86. Read

 

“The European Constitution: Adoption and Revision,” in Revue Québécoise de Droit International Public, vol. 17.1 (2004), pp. 3-38. Read

 

Back