Israel marks a new era in privacy law: Amendment 13 ushers in sweeping reform

On 14 Aug., Israel enters a new chapter in its data protection regime. With the enactment of Amendment 13 to the Protection of Privacy Law, 5741-1981, the country has introduced a comprehensive overhaul of its privacy framework. This reform not only modernizes statutory obligations but also significantly expands the enforcement powers of the Protection of Privacy Authority, signaling a decisive shift toward proactive governance and regulatory assertiveness.

A turning point in Israel's privacy law

Amendment 13 is not merely a legislative update. It is a structural transformation that introduces the mandatory appointment of privacy protection officers, enhanced transparency obligations, specific requirements for data brokers and a new broad perception of sensitive data. It also empowers the PPA to impose hefty fines, order the suspension of data processing and conduct criminal investigations. As an especially active regulator, the PPA has indicated that they will enforce their many quasi-legislative guidelines and directives as if they were binding law.

The reform reflects Israel’s intent to align with global privacy standards while preserving its unique regulatory identity. Previous analysis of the reform noted that Israel is “charting its own path” by combining European adequacy with a strong focus on cybersecurity. 

Risks and liabilities: A new compliance landscape

The consequences of non-compliance under Amendment 13 are severe. The PPA will soon have the authority to impose administrative orders, monetary sanctions and cease-and-desist directives. Fines can reach millions of shekels, with multipliers for large-scale databases or sensitive data processing.