Israeli Privacy Protection Authority Issues Draft Policy On Data Minimization

PC
Pearl Cohen Zedek Latzer Baratz
Contributor
Pearl Cohen Zedek Latzer Baratz logo
Pearl Cohen is an international law firm with offices in Israel, the United States, and the United Kingdom. Our strength is derived from decades of legal experience and an intimate knowledge of the cutting edge technological, legal, and transactional issues facing our clients in local and cross border matters. This combination of experience and knowledge allows us to provide sound and innovative advice to clients worldwide.
The Israeli Privacy Protection Authority (Israel's privacy regulator) published a draft policy paper on data minimization under Israeli law for public comments.
Israel Privacy
To print this article, all you need is to be registered or login on Mondaq.com.

The Israeli Privacy Protection Authority (Israel's privacy regulator) published a draft policy paper on data minimization under Israeli law for public comments. The draft paper highlights that data handlers must ensure that the personal data they collect is relevant and necessary for the purposes of the database in which the data is maintained.

Data handlers are expected to integrate the data minimization principle into their operations. Retention of excess data for purposes that exceed those it was collected for and those ancillary to it, increases the risk for privacy and data security-related violations. The draft paper also suggests that a database owner's failure to update or correct personal data at the request of a data subject could mean that the database owner retains excessive (outdated) data.

Since 2018, the Israeli information security regulations mandate that a database owner conduct an annual review to determine whether it maintains excessive personal data that is not necessary for the purposes that the database is intended to serve. The Privacy Protection Authority now recommends that this review be conducted several times throughout the year, to prevent extended retention of unnecessary personal data.

If a database owner concludes that any of the information it retains is indeed excessive, but neglects to discard that data, the database owner may violate the information security regulations and may be exposed to liability under a civil lawsuit.

The paper is open to public comments until April 29, 2021.

CLICK HERE to read the Israeli Privacy Protection Authority's Policy Document on Data Minimization (in Hebrew).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Israeli Privacy Protection Authority Issues Draft Policy On Data Minimization

Israel Privacy
Contributor
Pearl Cohen Zedek Latzer Baratz logo
Pearl Cohen is an international law firm with offices in Israel, the United States, and the United Kingdom. Our strength is derived from decades of legal experience and an intimate knowledge of the cutting edge technological, legal, and transactional issues facing our clients in local and cross border matters. This combination of experience and knowledge allows us to provide sound and innovative advice to clients worldwide.
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More