Israeli Protection of Privacy Law
View Law TextNeed Help with Israeli Protection of Privacy Law Compliance?
Get expert guidance on implementing Israel's privacy requirements and ensuring ongoing compliance for your organization.
Get Expert HelpOverview
The Protection of Privacy Law establishes comprehensive requirements for privacy protection and personal data processing in Israel, enforced by the Privacy Protection Authority.
Key Facts
- Originally enacted in 1981, with significant amendments
- Enforced by Privacy Protection Authority
- Requires registration of databases
Key Principles
Privacy Rights Protection
Fundamental right to privacy and protection of personal information.
Requirements
- Respect individual privacy
- Obtain informed consent
- Protect sensitive data
- Enable rights exercise
- Document compliance
Examples
- Privacy policies
- Consent mechanisms
- Rights procedures
- Documentation systems
Database Management
Requirements for managing databases containing personal information.
Requirements
- Register databases
- Implement security measures
- Control access rights
- Regular audits
- Update procedures
Examples
- Registration records
- Security controls
- Access logs
- Audit reports
Direct Marketing Controls
Specific requirements for using personal data in direct marketing.
Requirements
- Obtain explicit consent
- Provide opt-out mechanism
- Maintain marketing lists
- Document procedures
- Regular reviews
Examples
- Marketing consent forms
- Opt-out systems
- List management
- Procedure documentation
Compliance Requirements
Database Registration
Organizations must register databases containing personal data with ILITA.
Implementation Steps
- Identify registrable databases
- Complete registration forms
- Submit to ILITA
- Maintain registration
- Update when changes occur
Required Documentation
- Database inventory
- Registration certificates
- Processing records
- Update history
- Change notifications
Security Requirements
Implementation of appropriate security measures based on database classification.
Implementation Steps
- Classify database security level
- Implement required controls
- Document security measures
- Regular security audits
- Incident response planning
Required Documentation
- Security policies
- Classification records
- Audit reports
- Incident procedures
- Review logs
International Transfer Requirements
Requirements for transferring personal data outside Israel.
Implementation Steps
- Assess recipient country adequacy
- Implement transfer safeguards
- Obtain necessary approvals
- Document transfers
- Monitor compliance
Required Documentation
- Transfer assessments
- Safeguard documentation
- Approval records
- Transfer logs
- Monitoring reports
Enforcement & Penalties
Administrative Penalties
The Privacy Protection Authority (PPA) can impose administrative penalties for violations.
Penalty Categories
Example Cases
Criminal Penalties
Serious violations may result in criminal prosecution.