Coordination

Control Delegation (CDel)

The CDel invited the OA-IA to one hearing. The topics discussed were the OA-IA’s practice on issuing and monitoring recommendations, the revision of the Intelligence Service Act and the 2025 audit plan.

Federal Administrative Court (FAC)

Representatives of the FAC and the OA-IA met twice during the year. At these meetings, the FAC’s practice with regard to intelligence activities requiring authorisation and requests for cable communications interception were discussed, and the OA-IA’s current audits and 2024 audit plan were presented. In addition, the OA-IA’s inclusion in the approval procedure was clarified and individual points concerning the revision of the IntelSA were discussed. The FAC’s practice of dealing with technical problems was shown to be effective, as problems hardly ever arise anymore. With regard to the revision of the IntelSA, the head of the OA-IA suggested that it cross-check the FAC’s annual report. The FAC agreed.

Swiss Federal Audit Office (SFAO)

The OA-IA coordinates its oversight activities with other control authorities, in particular with the SFAO.

In this context, and following the SFAO’s assessment of the service contracts between the FIS and private providers, the OA-IA and the SFAO established a clear line of coordination with regard to Audit 23-10. In this audit, the OA-IA examined the cooperation between the FIS and private actors, focusing mainly on covert operations, which are not covered by the usual service contracts. However, the audit also provided an opportunity to examine the non-undercover contracts and the implementation of the SFAO’s recommendation. No significant problems were found in the management of service contracts. The OA-IA subsequently communicated the relevant points of its report to the SFAO for information and follow-up.

In view of the major transformation that the FIS is currently undergoing, the OA-IA has intensified its dialogue with the SFAO. This is reflected in the exchange of audit findings and the optimisation of resources by avoiding duplicate audits.

This increased coordination reflects the desire of both oversight authorities to ensure comprehensive and efficient oversight of the FIS. It helps to verify compliance with recommendations and to closely monitor the transformation of the FIS.

Independent Control Authority for Radio and Cable Communications Intelligence (ICA)

During the year under review, a meeting was held between the president of the ICA and the head of the OA-IA. Discussions included an exchange with the FAC and a possible meeting between the ICA and a foreign regulator on cable communications surveillance.

A representative of the OA-IA also attended all five meetings of the ICA in connection with the planned transfer of oversight activities from the ICA to the OA-IA as part of the revision of the IntelSA. The purpose of attending these meetings was to gather information on the ICA’s audit methodologies and to ensure the transfer of expertise.

Federal Data Protection and Information Commissioner (FDPIC)

At a coordination meeting, the OA-IA informed the FDPIC of the main findings of the audits it had completed, as well as the ongoing and planned audits as far as they related to data processing. The meeting also dealt with the implementation of the right of access to information under the IntelSA.

OA-IA visits to the cantons

After the entry into force of the IntelSA, the OA-IA conducted a survey among the cantonal oversight authorities on the CISs and organised a first conference with them to discuss the results. The cantons participated in large numbers (see OA-IA 2018 annual report). In August 2021, the OA-IA organised a second conference for training, networking and sharing experiences. The number of participants was smaller, but specific topics were discussed in greater depth (see OA-IA 2021 annual report).

The OA-IA began its visits to the cantons in the summer of 2024. This cycle of visits will continue until early summer 2025. The dialogue partners include the heads of the various CISs and possibly some CIS staff, as well as the respective cantonal oversight authority, which takes many forms in the Swiss federal system.

Discussions on the following topics are planned:

• OA-IA feedback on its first round of CIS audits;
• Current intelligence-relevant topics of interest to the CISs and cantonal oversight authorities;
• Coordinating any possible duplication of efforts by the various oversight authorities (FIS, OA-IA, cantonal oversight authorities and others), possible need for oversight and any open questions from the cantonal oversight authorities;
• Cooperation between the CISs and the cantonal oversight authorities.

So far, the cantons have welcomed the visits, and the discussions have been valuable. At the end of the visits, the OA-IA will produce a report and discuss any issues of concern in more detail with the FIS.

Other meetings

• Chief of the Armed Forces
• Head of the DDPS General Secretariat
• Deputy Head of the DDPS General Secretariat
• Director of the FIS
• Chief of Joint Operations Command
• Head of the MIS
• Head of the CEA
• Head of DDPS Internal Revision
• Attorney General of Switzerland
• President of the Supervisory Authority for the Office of the Attorney General of Switzerland (SA-OAG)
• Director of the SFAO
• Head of SFAO Mandates
• DDPS Intelligence Advisor
• ICA members

Enquiries from the public

The OA-IA received 16 enquiries from the public in 2024.

The OA-IA can share audit methods, processes and experience with other oversight authorities working in the same field. This brings continuous benefits to audit activities. In 2024, the following international meetings took place:

Intelligence Oversight Working Group (IOWG)
Technical Meeting and Staff Meeting from 10 to 12 April 2024 in Brussels

The regular staff meeting was preceded for the first time by a technical meeting organised by the Belgian hosts. This new exchange platform was mainly attended by specialists with extensive technical knowledge from the oversight authorities. The focus of this first meeting was on artificial intelligence (AI) and included the following aspects:

• What do the oversight authorities understand by AI?
• Do the applicable laws already take into account the use of AI or machine learning?
• Do intelligence services already use this technology?
• Does the use of this technology fall within the supervisory remit of oversight authorities?
• Do oversight authorities themselves actively use this technology?
• How can the oversight authorities ensure that knowledge about new technologies is preserved and developed?

The exchange between the specialists proved to be very enriching, and the technical meetings will continue on a regular basis.

The technical meeting was followed by a staff meeting with representatives from the oversight authorities of Belgium, Denmark, the Netherlands, Norway, the United Kingdom, Sweden and Switzerland. The Canadian authority NSIRA, which has observer status, was also represented.

At the beginning of the meeting, the participants presented various intelligence-related developments that had taken place in their country since the last meeting in 2023. Lively discussions took place on the following topics:

• The oversight of intelligence service investigations of politicians and elected officials, using the example of a case that is currently in the public eye in Belgium.
• European Data Protection Convention 108+ regulating the protection and cross-border exchange of personal data. Each participating country provided information on its ratification status. There was also an exchange of views on the impact that this convention will have on possible cross-border intelligence cooperation between intelligence services and oversight authorities.
• The Canadian oversight authority, NSIRA, presented its risk control matrix for prioritising audit tasks.

IOWG Technical Meeting and Staff Meeting from 23 to 25 October 2024 in Stockholm

At the technical meeting, all participating oversight authorities presented for the first time practical examples from their countries on how to deal with large amounts of data. Participants benefited from each other’s experience and expertise, and lively discussions took place.

After reports on developments in the participating countries, the staff meeting also focused on the handling of large amounts of data, but in contrast to the technical meeting, the staff meeting focused on the non-technical aspects. Each country presented its current legal situation with regard to the oversight of the processing of large amounts of data by intelligence services.

The international meeting in Stockholm clearly showed that all countries are dealing with similar issues, such as an increase in the number of employees in the intelligence services, greater transparency of the intelligence services in the media, and changes in legislation.