Media Centre

Israeli Employment Law – Did You Know? privacy update

30 October 2025

As we enter the final quarter of 2025, we are pleased to present our Fourth Quarterly Update, focusing on a major regulatory development in Israeli employment and privacy law: Amendment 13 to the Protection of Privacy Law, 1981. In Israel, it has long been established that employees have a legitimate expectation of privacy in the workplace. Effective as of August 14, 2025, Amendment 13 introduces a significant shift in the legal landscape, particularly for employers and organizations that process personal data.

 

Amendment 13 – A New Era of Accountability

This reform brings Israel’s privacy framework closer to global standards such as the EU GDPR (yes, Israel’s privacy rules are more similar to European rules). For employers, this means heightened responsibility as data controllers with clear obligations to ensure the lawful, transparent, and secure handling of employee personal data.

 

Expanded Transparency Obligations

In addition to existing requirements regarding the legal basis, purposes of use, and third-party disclosures, employers must now also provide enhanced privacy notices to employees and candidates that include the following elements:

  • The identity and contact details of the data controller.
  • Where processing is based on consent (as common in Israel) a clear explanation of the consequences of refusing to provide consent.
  • A summary of employee rights under the law regarding their personal data.

 Did you know? Immediate action is recommended. It is advisable to review and update employment agreements, privacy notices and other documents, including those provided to job applicants, to meet new transparency standards.

 

Database Registration – No Longer the Default

The requirement to register databases with the Privacy Protection Authority (PPA) has been significantly narrowed. Registration is now required only in specific cases (typically not applicable to standard employment databases), reducing administrative burdens and aligning with international best practices. However, pursuant to a new obligation, organizations must notify the PPA if they process highly sensitive personal data on a significant scale, though this is unlikely to affect typical employment databases.

Did you  know ? Under Israeli law, sensitive data includes information such as health status, sexual orientation, political opinions and biometric definers.

 

Data Protection Officer (DPO) Requirements

Organizations whose core activity involves large-scale data processing or systematic monitoring must appoint a DPO. This role is responsible for, inter alia:

  • Ensuring compliance with privacy laws.
  • Promoting internal privacy awareness.
  • Overseeing risk assessments and audits.
  • Acting as the Contact person with the PPA

Did you know? Good News – according to the PPA’s current position, most routine HR activities, such as handling employee personal data, do not require a DPO. However, there may be a statutory obligation to appoint one in your organization – it is crucial to seek local advice here.

 

Enforcement – A Serious Business

The PPA has been granted expanded enforcement powers, including:

  • Significant Administrative Fines – the exact amount depends on the nature, scope, and scale of the infringement (for example, violations of data security obligations may result in fines of up to NIS 640,000, a penalty newly introduced by Amendment 13).
  • Statutory Damages – Employers may face statutory damages of up to NIS 10,000 for certain violations of the PPL (e.g. failing to notify individuals regarding data practices or not correcting personal data).
  • The ability to petition courts to cease unlawful data processing

Did you know? It is highly recommended to conduct compliance trainings and train HR and IT teams on new compliance obligations.

 

Same-Same but Different

While the legal framework now more closely resembles European standards, the statutory provisions are specific to Israel. Given the significance of these changes and the strong enforcement environment, we strongly recommend consulting with local counsel specializing in labour and privacy law to assess exposure and implement appropriate safeguards.

Did you know ? This is a great time to schedule trainings for the upcoming year, including on compliance topics such as privacy.

 

We, together with our privacy practice, are happy to assist with any needs you may have, including amending data protection and privacy provisions in your employment agreements, drafting updated privacy notices, assessing DPO obligations, reviewing database registration/notification requirements, and preparing internal compliance plans.

For further details, please contact us at – [email protected]

We also take this opportunity to thank you for your continued cooperation and wish you a successful and compliant year ahead.

Wishing you a joyful festive season – Merry Christmas, Happy Hanukkah, and a Happy New Year!

The Labour & Employment Department

Herzog, Fox & Neeman

Related Practice Areas

More news

Israeli Employment Law – Did You Know? Managing your Workforce in Times of Emergency
Springtime Update: Navigating Between Emergency and Routine
New Tax Incentives for New Immigrants and Veteran Returning Residents to Israel
JOIN OUR
Newsletter

    © 2020, All rights reserved, Herzog Law
    Site by Gootte

    The information contained in this web site is provided for informational purposes only and should not be construed as legal advice on any subject matter and should not be relied upon as such. Herzog accepts no responsibility for any consequences whatsoever arising from use of the information contained in this web site. The accessing of information contained in this web site shall under no circumstances be considered as creating an attorney-client relationship between Herzog and any party accessing this web site. Contacting through email any lawyer named in this web site or sending information without prior agreement of Herzog shall not be construed as automatically creating an attorney-client relationship between Herzog and the party sending an email or information. The material contained in this web site has been created by and remains the property of Herzog. No reproduction, transmission, publication or any other form of dissemination shall be permitted unless the prior written consent of Herzog has been obtained. This web site may contain links to other web sites operated by third parties. Herzog does not sponsor, approve or endorse the content of any such web site and is not responsible for the materials appearing in such sites.