Johanna Moesch (Mösch)

Johanna advises Swiss and international companies on a broad range of IT and technology‑related matters, with a particular focus on artificial intelligence, data protection, telecommunications regulation, cybersecurity, and complex IT and cloud contracts. Her work regularly involves data‑driven and highly regulated projects, including the use of AI technologies, cross‑border data transfers, cloud outsourcing subject to secrecy obligations, and cybersecurity incident response. She also advises on e‑commerce, digital consumer‑facing products, and general commercial and contract law. Johanna represents clients across various industries, in particular the technology, financial services and consumer goods sectors.

• Advised a Swiss financial institution on the successful deployment of AI‑powered AML monitoring tools, including navigating regulatory requirements for model training using client data subject to Swiss banking secrecy.
• Advised technology companies on the lawful use of personal data for the development and improvement of AI technologies, including data protection and governance considerations.
• Advised Swiss and international companies across various industries on complex cloud outsourcing arrangements, including projects involving data subject to Swiss secrecy obligations and multi‑jurisdictional data flows.
• Advised globally operating and Swiss companies on cybersecurity readiness and incident response, including post‑incident support following major data breaches and coordination of Swiss and international notification assessments.
• Advised a broad range of Swiss and multinational clients, including financial institutions and pharmaceutical companies, on the implementation of the revised Swiss Data Protection Act, operational data protection matters, and the structuring of compliant international data transfers.
• Advised companies primarily in the technology and automotive sectors on complex telecommunications regulatory matters, including compliance with Swiss telecoms rules, connectivity‑related obligations, and the regulatory implications of deploying data‑driven products and services.
• Advised Swiss and international companies on website and e‑commerce compliance, including terms of use, imprints, privacy notices, cookies and similar technologies, price indications, unfair competition, consumer protection, and contract law.
• Advised a technology company on the structuring and negotiation of customer contracts for the deployment of robotics technology under a Robotics‑as‑a‑Service (RaaS) model.
• Advised on legal issues relating to autonomous and self‑driving vehicles, including liability frameworks, regulatory compliance, contractual risk allocation, and incident‑related legal exposure.
• Advised many Swiss and multinational companies during (internal) investigations on all data‑protection‑related matters, including issues involving statutory and professional secrecy, such as attorney‑client privilege.
• Completed a six‑month secondee assignment (followed by subsequent part‑time secondments) with a large financial institution, advising on personal data sharing, Swiss banking secrecy, implementation of the revised Swiss Data Protection Act, and data protection law more generally.

• Associate to watch: TMT, Chambers Europe Guide, 2026
• Rising Star Data Protection, The Legal 500, 2021-2026

• Certified Information Privacy Professional/Europe (CIPP/E) (2021)
• International Association of Privacy Professionals (IAPP)
• International Bar Association
• Zurich Bar Association - Member