By Steven C. Bennett

Recently, I had the opportunity to teach a short course on data security and privacy at an Israeli law school. The experience was enlightening.

Israel is a democracy with a highly educated, largely cosmopolitan population. It shares close ties with the United States. Yet, Israel faces unique problems of security, and religious and ethnic tensions are palpable. Israel’s legal system, moreover, embodies a unique combination of secular and religious law, with strands of precedent and procedure from many different traditions. The result is a special blend of attitudes on privacy that can only be called “Israeli.

Jewish views on privacy

Jewish scripture has long placed a special emphasis on certain aspects of privacy. One passage refers to the “tents of Israel” in ancient times, and suggests that the openings of tents were deliberately kept from facing each other. From this simple tale, the rabbinic scholars derived a sense of the importance of privacy in the home. Jewish law, for example, forbids a neighbor to open a window on a courtyard (without consent), to guard the privacy of a residence. Jewish law also prizes the confidentiality of correspondence and conversation, strictly forbidding a stranger to read a person’s private letters, and banning eavesdropping.
It was these Jewish views of privacy that Rabbi Shlomo Yaffe, dean of the Institute of American Talmudic Law, recently cited at a program in New York where U.S. Supreme Court Justice Antonin Scalia opined that people with nothing to hide should not be concerned about privacy. “Every single datum about my life is private? That’s silly,” the Justice suggested. Some weeks later, the Justice took great offense on learning that a law professor teaching a privacy course had instructed his students to create a dossier on Justice Scalia’s most private affairs. The students, with no special skills or assistance, assembled from readily-available sources 15 pages of details about Justice Scalia’s private life, including his home address and telephone number, his wife’s personal e-mail address, photographs of his grandchildren, and the names of TV shows and meals that he prefers. Scalia called the exercise “irresponsible” and “abominably poor judgment,” though “legal."

The Jewish view of privacy seems to agree with Justice Scalia’s later statement of outrage at the exposure of his private affairs. Indeed, Justice Louis Brandeis, the first Jewish justice of the Supreme Court, while still a lawyer, famously wrote in the Harvard Law Review (1890) on the “Right to Privacy,” a “right to be let alone.” Echoing (although not expressly citing) Jewish sources on the importance of the separation of public and private life, Brandeis remarked that the law “secures to each individual the right of determining, ordinarily, to what extent his thoughts, sentiments, and emotions shall be communicated to others.” Brandeis worried that “recent inventions and business methods (including the telephone and instant photography) could “invade the sacred precincts of private and domestic life.”
The Brandeis view of privacy did not immediately take hold in American law. In 1928, while on the Supreme Court, Brandeis failed to convince the Court that wiretapping of telephone conversations was unconstitutional. In dissent, Brandeis lamented that privacy, “the right most valued by civilized men,” could be lost through modern technologies.

Eventually, the Brandeis concern for privacy was enshrined in American constitutional and tort law. In 1967, for example, the Supreme Court ruled that wiretapping without court order was, indeed, a violation of the Fourth Amendment. And, over the course of the twentieth century, U.S. courts increasingly ruled that exposure of intimate details of a person’s life, misuse of a person’s photograph for commercial gain, and other intrusions could justify relief. Recently, in New York, for example, Woody Allen obtained a multi-million dollar settlement from a company that used a picture of him dressed as a Hassidic Jew from the movie Annie Hall, without his consent.
Thus, the Brandeis view of privacy, nourished and cross-bred in the American garden of common law, has grown into a broad (though still somewhat vague) “right of privacy.” The Jewish influences and origins of that right, also somewhat obscured, nevertheless can be traced. But what happens when those Jewish seeds are re-potted in another country and time?

Modern Israel and the right to privacy

Since 1948, Israel has grown quickly, from an agrarian, mostly small-town culture, to a modern, increasingly urban, and technologically astute society. Still, there are certain features of Israeli culture that remain rooted in traditional values.
“Jews have always lived together in close quarters,” says one law professor. “They know everything about each other.” A student echoes the sentiment: “In Israel, between every two people who don’t know each other, there is always one who can connect them.”

On the other hand, in enforcing Jewish values regarding privacy, the close, communal nature of Israeli society may offer some benefits. More than 900 years ago, Rabbi Gershom (a famous Jewish scholar in Germany) introduced the concept of a “cherem,” a community boycott applied against those who wrongly read the private letters of their neighbors. This form of community pressure, one student suggests, may still work: “It may be more effective to deal with what is a community issue, in breaches of privacy, with communal tools.”

Even the Army, a near-universal experience for Israeli citizens, offers a mix of experiences that may inform Israeli attitudes on privacy. “What privacy?” one student asks. “The government knows everything about us from the day we join the Army.” On the other hand, the Army is a key element in community building. As one older lawyer explains, recruits may form lifetime bonds in their units. Their annual reserve service, moreover, reinforces those bonds, as a sort of “retreat” from daily business concerns.

Israeli privacy law

The aim of the law, says one student, is to “design a fair and right society,” with people who can “develop and think freely.” Despite these lofty aspirations, Israel has never settled on a single, complete, formal constitution. Instead, over a lengthy period, the Knesset (legislature) has adopted a series of “basic” laws, establishing the essential structures of government, and outlining fundamental rights.
In 1992, Israel adopted a basic law on Human Freedom and Dignity, which, among other things, recognized that “all persons have the right to privacy and to intimacy.” The basic law, in a classic restatement of Jewish concerns for private life, declares: shall be no entry into the private premises of a person who has not consented thereto,” and “there shall be no violation of the confidentiality of the spoken utterances, writings, or records of a person.” A Secret Monitoring Law, moreover, specifically precludes “listening in” (wiretapping) conversations without consent or court order, and a separate Protection of Privacy Law requires registration of mass databases with a central government authority.

In 1998, moreover, Israel adopted a Freedom of Information Law. And the Israeli Supreme Court has enforced the principle of openness in government, requiring (in one famous case) that Knesset members reveal the terms of the coalition agreements they sign.

Despite these basic laws, a recent report of government and academic experts (the Schoffman Committee) suggested that Israeli data privacy law requires stepped up civil (and even criminal) law enforcement efforts. The report criticized administrative regulation of privacy, and recommended some form of class-action device to aggregate small privacy claims that might otherwise escape judicial attention. The report also suggested development of a data breach notification law to ensure that individual citizens are made aware of compromises of their personal data.

Partially in the wake of these reform concerns, the Israeli Law, Information, and Technology Authority (ILITA), an agency within the Justice Ministry, recently commenced operations. Although small (with a staff of less than 10) the Authority is growing in influence. A recent ILITA conference featured a large and lively audience intent on debating the best means to improve Israeli data protection and privacy.

In December 2008, moreover, Israel’s new anti-SPAM law went into effect. The law, consistent with European practice, adopts an “opt-in” approach to commercial messages. Consumers must affirmatively choose to receive advertising. Advertisers who violate the law are subject to serious fines.

National security concerns

“We are living in a police state. You must get used to that fact,” said an American-born Israeli lawyer over dinner in Jerusalem. “The need for security is paramount.” A student emphasized that “when it comes to fighting terrorism,” a person “has to trust someone,” and “it might as well be your own government.” Another law professor went further: “Privacy is a liberal western concept. It is not part of the Middle East. Besides,” she said, “it is ‘survival first’ here.”
In Israel, says one student, “security” is almost a “religious, holy” word. Israelis well know the forces arrayed against them and the real risks of terrorism. Tzipi Livni, then foreign minister of Israel, warned the United Nations in October 2007 of a “global battle” with extremists in which Israel was “on the front lines.” Israel, she said, faces daily suicide bombers, rocket attacks, and more.

Tensions have only increased since then, with the election of a more right-oriented Likud coalition government, led by Benjamin Netanyahu. During the election campaign, Netanyahu suggested that the Israeli incursion into Gaza did not go far enough, and that “extremists” would continue wherever Israel relinquished control.

In this highly-charged atmosphere, one might expect some imbalance in Israeli views on the trade-off between security and privacy. Yet, the imbalance is moderated by genuine concern for personal freedom. In the classroom, for example, students vigorously debate the issue. “They are experts,” says one student, referring to security personnel. “Not like the Americans bumbling at their airports.” His classmate disagrees, suggesting that those in charge of the most sensitive information “may not always be qualified or experienced enough.” Besides, she says, there is too great a temptation to target those who speak or look Arabic: “It’s discrimination,” she concludes.

And the consequences can be harrowing. One student told a frightening tale about a drive to Be'er Sheva. Suddenly, his vehicle was surrounded by Army scouts with rifles pointed directly at him. They checked his identification and let him go with a brief explanation that he was driving a car that resembled one mentioned in a terrorist alert. Others in the class murmured that this scene is not unique. The pervasive sense of surveillance, they said, can be unsettling.

New technologies, moreover, increase the prospects for surveillance and government data control. Pending before the Knesset, for example, is a bill to create a biometric registry, including fingerprints and digital photographs, for use in all Israeli identification cards and passports. The system would create a national database, registering information on all citizens and residents. A similar system is already in use at certain Palestinian border crossings, and at the Ben Gurion Airport.

Concerns about such systems evoke deep-seated memories. Given the history of the Holocaust, “there is a very uncomfortable sensation of the moral implications of such a [biometric] database,” writes one student. Indeed, the head of the Israeli Bar Association Committee on Privacy Law severely criticized the database, noting the risk that it could be hacked by data criminals, or even terrorists. Further, he said, the “government will make potential criminals out of every law-abiding citizen.” Another law professor (and advisor to the ILITA) suggests that there is no real security need for the database. The Israeli Security Agency, he said, already has sufficient information regarding real security threats (versus the mass of citizens who would become subjects of the database). Yet, the effort has strong support in the Knesset, and may be adopted this year.

Future directions for Israel

There are very few degrees of separation between Israelis and Americans. Israelis embrace American fashions, language, and business customs. Yet, in the privacy arena, Israel has much more in common with Europe than the U.S. The European Union has adopted more comprehensive and stringent directives on privacy protection than has the United States. The Europeans, moreover, set the “tone” for Israeli views on privacy regulation. Israel has worked hard in recent years to convince European regulators that its privacy-protection system is “adequate”—a term of significance in European regulation. Yet, the European Union may be influenced by the politics that so pervade all foreign relations with Israel. “We were told by the EU: ‘When you stop killing kids in Gaza, we will certify you,’” said one advisor to Israel’s mission to the EU.
Still, the parallels to Europe will almost certainly persist. Despite the Holocaust experience, Israelis, much like Europeans, largely depend upon their government for security and welfare in ways that may seem excessive to Americans. Israelis did not suffer through Johnson and Vietnam or Nixon and Watergate. And, in an inversion of Pogo, “they have met the government and it is us.” Thus Israelis, like Europeans, may spend more time fretting about unnecessary interference with consumer and employee privacy, and much less time worrying about the government.

Steven C. Bennett is a partner in the New York offices of Jones Day. The views expressed are solely those of the author, and should not be attributed to the author’s firm or its clients.

Impact of law on privacy policies, practices

Researchers from the University of Haifa and Tel Aviv University studied Israeli Web sites’ compliance with information privacy regulation to determine what impact, if any, the law has on Internet privacy.  

For the study, “Does Law Matter? Informational Privacy and Online Compliance in Israeli Web Sites,” law professors Michael Birnhack (Tel Aviv University) and Niva Elkin-Koren (University of Haifa) examined nearly 1,400 active Israeli Web sites, finding that the majority fail to follow the letter of the law when it comes to protecting users’ personal information.

Specifically, Birnhack and Elkin-Koren examined:

    * Legal requirements that apply to information privacy practices under Israeli law
    * Web sites’ privacy policies
    * Web sites’ privacy practices

The researchers determined that legal compliance among public and private-sector sites was relatively low (16-22 percent). Popular and “sensitive” Web sites had better compliance levels and fewer violations, according to the researchers’ report.
“The overall picture that emerges from the findings is one in which the law seems to have only a relatively minor role in shaping users' 'privacy experience' online, with other forces and factors clearly at play,” the researchers wrote.

Birnhack and Elkin-Koren also noted that commercial enterprises with more robust legal bandwidth seem more likely to comply with privacy regulation, while small enterprises with limited legal counsel resources seem less likely to comply. This, they say, “is a troublesome conclusion, given the increasing threats to the privacy of users in the Web 2.0 environment.”

For the full abstract, or to download the report, go to: http://cyberlaw.stanford


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

The Privacy Core™ Library Has Evolved

Privacy Core™ e-learning essentials just expanded to include seven new units for marketers. Keep your data safe and your staff in the know!

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

Let’s Get You DPO Ready

There’s no better time to train than right now! We have all the resources you need to meet the challenges of the GDPR.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.


The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for DPO readiness. Learn more today.

Learn more about IAPP certification »

Are You Ready for the GDPR?

Check out the IAPP's EU Data Protection Reform page for all the tools and resources you need.

IAPP-OneTrust PIA Platform

New U.S. Government Agency privacy impact assessments - free to IAPP members!

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

Privacy Vendor List

Find a privacy vendor to meet your needs with our filterable list of global service providers.

More Resources »

Europe Data Protection Intensive 2017

The Intensive is sold out! But cancellations do happen—so hurry and get on the wait list in case more seats become available.

Global Privacy Summit 2017

The world’s premier privacy conference returns with the sharpest minds, unparalleled programs and preeminent networking opportunities.

Canada Privacy Symposium 2017

The Symposium returns to Toronto this spring and registration has opened! Take advantage of Early Bird rates and join your fellow privacy pros for another stellar program.

The Privacy Bar Section Forum 2017

The Privacy Bar Section Forum is sold out! But you can still add your name to the wait list, and we'll keep in touch about your status. Good luck!

Asia Privacy Forum 2017

Call for Speakers open! Join the Forum in Singapore for exclusive networking and intensive education on data protection trends and challenges in the Asia Pacific region.

Privacy. Security. Risk. 2017

Call for Speakers open! This year, we're bringing P.S.R. to San Diego. Submit today and be a part of something big! Submission deadline: February 26.

Europe Data Protection Congress 2017

Call for Speakers open! The Congress is your source for European policy debate, multi-level strategic thinking and thought-provoking discussion. Submit a proposal by March 19.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»