The Swiss army has banned the use of WhatsApp, Signal, Telegram, and other foreign encrypted messaging services by army personnel, according to Associated Press reports, and instructed staff to use the Swiss-made Threema app instead. The announcement was made in a letter sent to top army staff in December, citing privacy concerns based on US authorities’ ability to access data.
The original letter reportedly told army chiefs that “no other messaging service will be authorized,” although a spokesperson subsequently seemed to tone down the strength of the decree, describing it to the AP as a “recommendation.”
The primary concern seems to be the ability of authorities in Washington to access data stored by companies that fall under US jurisdiction, as described in the US CLOUD Act. The CLOUD Act obliges service providers under US jurisdiction to comply with search warrants, regardless of where servers are located.
As a Swiss company with no servers hosted in the US, Threema would not be obliged to respond to such search warrants.
Given the strong privacy protections mandated by European GDPR regulations, privacy advocates and multinational corporations alike had hoped that records stored in the EU would be outside the purview of the US court system.
However, in January 2020, a New York federal judge ruled that compliance with foreign privacy laws did not negate an obligation to produce documents in discovery, in a case related to the SEC’s pursuit of the Telegram messaging app for not adequately registering its cryptocurrency token sale.