Israel Enacts Strict Privacy Reform
Israel will implement Amendment 13 to its Privacy Protection Law on August 14, 2025, introducing sweeping reforms that align its data privacy regime with global standards such as the GDPR. The amendment expands the definition of “personal data” to include IP addresses, biometric identifiers, and health-related information, and broadens “data processing” to cover all uses of personal information, including storage, analysis, and sharing.
The law imposes new requirements on businesses, including mandatory Data Protection Officer (DPO) appointments for entities handling sensitive or large-scale data, and mandatory registration with the Privacy Protection Authority (PPA) for databases exceeding 100,000 records. The PPA gains expanded enforcement authority, including powers to freeze or delete databases, conduct criminal investigations, and impose fines without court approval.
Penalties include administrative fines of up to NIS 320,000 per violation (and NIS 640,000 in aggravated cases), criminal sanctions of up to 3 years’ imprisonment, and civil liability with statutory damages of up to NIS 65,000. Businesses face heightened risk exposure and are urged to audit data assets, update privacy protocols, appoint DPOs, and ensure employee compliance training.
Read more in Globes.
