For those unfamiliar with this "rental tax": If you own a house in Switzerland, the tax office assumes that you are your own landlord and rent your house to yourself. It estimates the fictitious rent you charge yourself, and you have to pay income tax on it. The Swiss German name for this estimated rent is "Eigenmietwert" ("self-rental value") and this is what will now be abolished.
What makes this strange tax even more absurd: as you are your own landlord, your property interest rate becomes a business expense of your hypothetical rental company. So you can deduct your property interest from this income tax on the fictitious rent you pay yourself.
In effect, it is unattractive to fully repay your mortgage (you just leave enough debt to avoid the income tax), and Switzerland has the highest household debt in the world. By a large margin [0].
It is not that absurd, we have the same in The Netherlands (eigenwoningforfait). And yes, we also have the property interest deduction, we literally call it mortgage interest deduction (hypotheekrenteaftrek, HRA).
They reason this is done is because it allows tax systems to tax main residencies differently from regular real estate tax measures, which is usually in the wealth section of tax policy.
It stems from the 1890s in The Netherlands, I assume it'll be around the same era for Switzerland and Germany.
And for other readers, yes it is as terrible a tax policy as it sounds. It is highly regressive, favoring home owners over renters, and the more expensive your house the bigger the deduction. In The Netherlands the current election cycle has it as one of the subpoints of our housing crisis, and it seems the battle won't even be about if it should be abolished, but rather if the timeline should be 30, 15, or 8 years.
It's only partially open source. Some server-side code remains proprietary, and the client-side will depend on proprietary code of Google and Apple and they do not plan to support platforms that are actually Free Software. The law overall is badly written. For example, articles 12 and 26 effectively say that "The source is shared with public, except if it is proprietary or insecure." Or take Article 4: "The government may operate systems that protect the privacy of the identity subjects."
The Swiyu team dropped the Play Integrity requirement on Android: https://github.com/swiyu-admin-ch/eidch-android-wallet/issue... This means that the E-ID will be officially supported on AOSP based secure ROMs like GrapheneOS, without any requirement for Google services.
I'm guessing you'd want to separate age verification from identity verification. A hash of your name is as good as your name since you don't change name and you provide both to certain providers, or it can be bruteforced.
Unlike the proposed UK digital ID (which is not a "card"), this one is optional. Nobody is being forced to buy a smartphone and accept Apple or Google's terms of service.
Define optional? There will be new checks introduced online where you can only enter if you have an E-ID.
Companies do have to accept a physical card as well, but only if you appear physically at the companies doors. Otherwise, that statement was kind of deceptive in my opinion because there will be a lot of pressure to get one. They also decided to make it free, which shows they probably want to achieve a high adoption.
“Les personnes habitant en Suisse et les Suisses de l'étranger pourront demander une e-ID. L'utilisation de cette dernière ne sera toutefois pas obligatoire. En effet, la Confédération continuera à offrir toutes ses prestations dans le monde réel. Il faudra modifier la loi si l'on veut un jour déclarer obligatoire l'utilisation de l'e-ID dans certains cas. Un référendum pourra alors être lancé contre la modification décidée par le Parlement.”
Automatic translation: “People living in Switzerland and Swiss abroad will be able to apply for an e-ID. However, the use of the latter will not be mandatory. Indeed, the Confederation will continue to offer all its services in the real world.
It will be necessary to amend the law if one day we want to declare the use of e-ID mandatory in certain cases. A referendum can then be launched against the amendment decided by Parliament.”
Optional meaning you have the choice of using the existing physical ID. I don't see how this is deceptive. "A lot of pressure" is not the same as being unable to legally work without the digital ID.
Because they did advertise it in a way to make people believe they could still do their things online without an E-ID, which will not be the case. It's not optional online.
Companies can already request and will still be able to request a PDF scan of your ID. Or worse, video ident through a private third party.
This is the status quo for ordering alcohol online, or if you want to open a bank account.
The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
> This is the status quo for ordering alcohol online, or if you want to open a bank account.
I just ordered alcohol yesterday and they only checked it up on delivery. There's no obligation to check it online.
> The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
While I agree it's better than scanning your documents, it probably will become more popular since it's easier to check and integrate. That will in my opinion become a net negative for privacy
Fair, this may be a legal option for ordering alcohol. I really don't see the pure cryptographic hash "is older than 18y" as a big privacy issue though, as long as it is properly salted, does not provide other information on my identity and is unlinkable (i.e. multiple such signed claims are different).
The last time I opened an account for a financial service, as well as when creating an account with a service for digital document signatures, I had to do a video ident process with a private third party company. There was no other option, and I felt quite uneasy about it. I would have preferred the E-ID by far in both cases.
Both companies will inevitably store information about me to provide their service, independently of the identity verification. That is legitimate and inevitable for their service. That other, third party company storing a video of me holding my ID and my face into the camera is now not inevitable anymore.
But the Swiss already have a unique digital identifier for everyone living and working in Switzerland (your AVS number I think?) so it's really not optional, and is the primary purpose of the new UK id. The actual application itself is much of a muchness.
Also, the UK gov has already said there will be solutions for old people/time travellers/the Amish etc without phones. Nobody is going to force anybody to buy a phone.
A sad development. At least in the US, the fact that rent is taxable income to the landlord but imputed rent is untaxed is a regressive tax break for property owners (and was apparently a mistake of the original Form 1040; see Lawrence Zelenak, “The Early Income Tax and the Imputed Rental Income of Homeowners” https://doi.org/10.1017/9781108377157.008). I wonder what convinced majority-renter Swiss voters to enact such a tax break?
Wages are taxable income to workers but imputed wages are untaxed. That’s a regressive tax break for people who cook their own food and care for their own children.
lol but it’s true. The less productive stuff you do outside the formal economy the more value you get to keep. That’s why digital cash is so problematic
The difference is that you’re comparing labor income (making your own dinner) to rental income from land (imputed rent). Poor people tend to not own property, whereas poor people do tend to make their own meals, so I doubt your claim that taxing home meals would be equally progressive.
Switzerland is transitioning to online voting, and having a digital ID for authentication is helpful for that. I hope it is used as part of the voting process.
My understanding is that the current approach for e-voting in Switzerland works with voters being sent a PIN in the mail [1]. Then the voter uses the PIN to log into the system and vote. Unfortunately that means that insecurely discarded letters from non-voters could be used to cast votes on behalf of these voters.
Some jurisdictions try to use a second factor to prevent these attacks. In Ontario, for example, many municipalities use a combination of the voter's PIN in the mail + the voter's date of birth. But a date of birth isn't really secret. Lots of people know your date of birth (especially insiders at organizations that collect this data), and it may appear in data breaches or even publicly on social media. If you're curious about this, I recently co-authored a paper which is all about security problems relating to online voting credentials in Ontario -- It's relevant to the Swiss case as well: https://link.springer.com/chapter/10.1007/978-3-032-05036-6_...
Long story short, using a digital ID to authenticate to the system (like Estonia does) goes a long way to mitigate this authentication problem. However, there are still plenty of other potential risks with online voting that are unrelated to authentication (how do you prevent ballot stuffing, clientside-vote-altering malware, falsified counts, etc). And there may be privacy risks with digital ID depending on the practical implementation.
Different systems have different approaches. If you're a voter, you can use your web browser's developer tools to see what's going on, and part of my research is essentially doing that with systems like this.
With one Ontario online voting system used by dozens of municipalities, your choice is sent via a form submission (POST) to the server. The POST contains your choice in its body (in plain text) and your browser also sends a cookie/authorization header which contains a token which was generated by the server and given to the client when the client logged in with the PIN/birthday. In that case, the online voting system could identify you and who you voted for at the time the request is made (they receive both the authorization token linked to your identity and the vote in the same request). The vendors then takes procedural steps to then separate you from your vote, and the elections authority running the election receives a report of the totals (but not who each voter voted for) from the vendor.
However, other systems are a bit more complicated. They'll serve you client-side javascript which does cryptography with your PIN / voting choice such that you can prove to the server you are authorized and made a valid vote, but the server can't link your vote to your identity. Then there's a lot of stuff that happens to mix votes together before they are unsealed and counted. I'm not a cryptographer, so I can't give you the best explanation off the dome.
The Swiss system does try to do something that looks like the latter approach, and they hire cryptographers and security professionals (and have public testing) to ensure the system's design meets requirements for ballot secrecy and if the implementation is correct.
There's a video about how ballot secrecy is ensured with the Swiss system which you can watch at this link:
So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
How do you override a previously cast vote in that system?
(Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
> So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
With the Ontario system I described (first example), no. You can't ensure this. In fact, the server that receives your authentication credentials is the same as the server that receives your vote.
How things work:
1. You send a POST with {"DOB":"1995-01-01", "PIN":"12345678"} to server.
2. Server responds with a session cookie. That cookie is included with all subsequent requests in order for the server to know you are authenticated. This is a typical authentication scheme for web applications.
3. Eventually you make a selection and cast your vote. This will send your vote, and the cookie, to the server.
4. The server verifies the cookie is valid and records your vote.
It is definitely possible for the server to connect the identification information you provided in your initial login with the cookie, if it chooses to log that data. There's no way for the client to know if it's happening or not.
It's also a proprietary system, and because it's owned and operated by the online voting vendor (and not a government body) it's exempt from freedom of information legislation, so you wouldn't be able to see any information about the system's design even if you really wanted to. We do know steps 1-4 exist though, because we can infer all of it from the browser's development tools when interacting with the website.
With this type of system, there is also no meaningful way for a municipality to verify the count is correct, beyond the testimony of the vendor. The system is a black box, where votes go in and a result comes out. The vendor reports the result, and the municipality then declares candidates elected.
To be clear: Not a hypothetical. This is a real system! Used by 49 municipalities in 2022!
> How do you override a previously cast vote in that system? (Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
You don't! To the best of my knowledge, no vendor/municipality offers this feature in Ontario.
There have been plenty of suggested online voting schemes over the past several decades, yet the prevailing theme is that the ones that actually see practical use don't even try to solve the problem.
The reason why we have public elections is to ensure a peaceful transfer of power. I believe each and every scholar of political science would agree with this statement.
What's important is that there must be no reason to sow distrust into the process. No party should be able to claim their votes weren't properly counted, or that the process is somehow suspicious. The voting process could be mathematically perfect, but if people doesn't trust that votes can't be bought and counters can't be bribed then it's all for nothing.
That's why we need transparency. Not because of some higher theoretical lofty ideas, but because the basis for peaceful transfer of power between parties mutually suspicious of each other is not there.
If trust gets broken then society gets broken. Elections will continue, but in a generation or two they will cease to be able to fulfill their intended goals, and that's when we see the outcome. Not next year. That's what scares me.
So the short answer is that you're shit out of luck and have to trust the voting system, the server, the javascript, and the vendors that produce them? Presumably all of this source code is available somewhere for auditing?
There's a nugget of truth there, but I will say that the Swiss government has taken a very thorough/careful approach to implementing online voting. There are legislated cybersecurity standards for e-voting, individual and universal verifiability, pilot programs, meaningful observation, everything is open source, funding is set aside to incentivize researchers to find vulnerabilities [1].
When critical vulnerabilities were found with the previous implementation done by a private vendor, they dropped their vendor and restarted from scratch, doing everything in-house [2,3].
Not all jurisdictions are so careful. Over 200 municipalities in Ontario do voting online, despite no legislated standards (though a voluntary standard was recently developed). The voting systems are offered by private vendors, no organization is responsible for certifying these systems, and many systems do not offer any cryptographic verification of the results. It's quite interesting [4].
The idea is, if you live in your own house, you’re no better off than if you lived in another property and rented out your property, and paid the tax on the rent you get.
It’s supposed to reduce friction / bias in the market (though you could also obviously argue the reverse).
Suppose you buy bread, meat, and cheese and pay sales tax for each of them. You make a sandwich. You eat the sandwich.
Do you now owe the government the difference in sales tax on the market price of a pre-assembled sandwich versus on the market price of the individual bread, meat, and cheese?
Is it "fair" to owe the government the incremental sandwich sales tax? Should someone who can buy separate bread, meat, and cheese ingredients get such marginal sales tax benefits relative to someone who only can buy pre-made sandwiches? Or does owning the bread, meat, and cheese mean that whatever marginal value you extract from the ingredients' use is fully yours?
Supporting imputed rent seems consistent with supporting my hypothetical sandwich marginal sales tax. It's ridiculous.
Switzerland doesn't have property taxes, so it's better to think of the imputed rental tax as a more progressive implementation of a property tax. Low earners pay less tax on a home of the same value than high earners. And the tax is less distorted by asset price bubbles, since you're taxing the imputed rent instead of the market value.
Now it's abolished, owner-occupied homes will mostly go untaxed, while investor owned ones will be taxed just as before. This is distortionary, but it seems politically infeasible to also abolish income tax on investment income.
It’s not a really good analogy because it’s mostly labour (whereas housing is mostly an investment) but yeah, this argument of “fairness” is common, e.g. by feminists (“housework should be paid or at least accounted for pension”) and governments (e.g. in Slovenia, it’s illegal to help neighbors for free).
I think it’s mostly ridiculous, though on other grounds than “fairness”.
There’s nothing inherently wrong with e-ID, it can be mighty useful, especially when implemented thoughtfully. The real problem is when it’s imposed despite widespread societal opposition and refusal (which obviously is not the issue here, but is in other countries).
I agree that it can be useful, but I fear that in the future, we will have many more online platforms that require an ID than we currently do.
In the past, things like age verification required users to upload a scan or photo, and someone had to verify it. Because that was too much work for the platform operators, they didn't do it (or only with the banner "Are you over 18?").
With the e-ID instead, this will be much simpler to implement. And I expect it to become much more widespread in the future.
Even though I am for the eID I do share your worry but I don‘t think it‘s hopeless. Both politically and socially there are avenues to combat such over-identification. Still, most uses will probably more private than sharing copies of your ID so I am not sure what the gain for companies will be as it might just limit the customer base without much data gained. That does not seem in the interest of those companies. It‘s easier for the government to enforce certain checks, which is also not ideal but still there are avenues to fight this if it happens.
Quite a few actually do require ID-scan-through-email (which is horrible). Or, they simply delegate to a third party video ident service, often in another country (because cheaper).
How exactly is the status quo not much worse than "I give you a cryptographic hash proving that I am over 18, but nothing else, and without the state knowing that this transaction happened"?
The status quo is that companies which are required by law to have this information (banks, telecommunication providers etc) do require an ID scan (and often video identification as well).
All the others don't really care and just let you register with whatever name and birthdate you want, because the ID scan method is too cumbersome and expensive to them.
I expect those to move to eID, effectively requiring people to have an eID, with no way to provide false information.
The inherently wrong part about it is that it is extremely easy to revoke at the push of a button, vs a physical card that must be physically confiscated.
Not much. They are moving from a regime where owner-occupier mortgage interest is deductible but you have to pay income tax on the imputed rental value of your owner-occupied home, to one where you don't pay the tax but also can't take the deduction.
For most Swiss people, who rent, it doesn't directly affect them. And even for most owner-occupiers, they never pay off their mortgages, and so the two effects currently cancel out. It's mostly a handout to rich people who can pay off a house (or inherited one).
Destroys it. The change will immediately raise property prices 5-10%. The only beneficiaries are those who own property today. It becomes harder to buy property, while people who own property free and clear get a huge tax benefit and only lose a tax deduction they weren't using. Essentially, it is generational warfare in the style of Prop. 13 in California.
The price of houses has just gone up because they have removed a real estate tax. Simple, and short sighted. The taxes need to be raised from somewhere so now let's see what convoluted and complex schemes they come up with to do that.
What makes this strange tax even more absurd: as you are your own landlord, your property interest rate becomes a business expense of your hypothetical rental company. So you can deduct your property interest from this income tax on the fictitious rent you pay yourself.
In effect, it is unattractive to fully repay your mortgage (you just leave enough debt to avoid the income tax), and Switzerland has the highest household debt in the world. By a large margin [0].
[0] https://en.wikipedia.org/wiki/List_of_countries_by_household...