(6)
The legal standards for the protection of personal data in the State of Israel are largely based on the standards set out in Directive 95/46/EC and are laid down in the Privacy Protection Act 5741-1981, lastly amended in 2007 in order to establish new processing requirements for personal data and the detailed organization of the supervisory authority.
(7)
That data protection legislation is further complemented by governmental decisions on the implementation of the Privacy Protection Act 5741-1981 and on the organisation and functioning of the supervisory authority, largely based upon recommendations formulated in the Report to the Ministry of Justice by the Committee for the Examination of Legislation relating to Databases (Schoffman Report).
(10)
The application of the legal data protection standards is guaranteed by administrative and judicial remedies and by independent supervision carried out by the supervisory authority, the Israeli Law, Information and Technology Authority (ILITA), which is invested with powers of investigation and intervention, and which acts completely independently.
2. The competent supervisory authority of the State of Israel for the application of the legal data protection standards in the State of Israel is the ‘Israeli Law, Information and Technology Authority (ILITA)’, referred to in the Annex to this Decision.
(a)
where a competent Israeli authority has determined that the recipient is in breach of the applicable standards of protection; or
(b)
where there is a substantial likelihood that the standards of protection are being infringed, there are reasonable grounds for believing that the competent Israeli authority is not taking or will not take adequate and timely steps to settle the case at issue, the continuing transfer would create an imminent risk of grave harm to data subjects and the competent authorities in the Member State have made reasonable efforts in the circumstances to provide the party responsible for processing established in the State of Israel with notice and an opportunity to respond.
2. The suspension shall cease as soon as the standards of protection are assured and the competent authority of the Member States concerned is notified thereof.
3. If the information collected under Article 3 and under paragraphs 1 and 2 of this Article provides evidence that any body responsible for ensuring compliance with the standards of protection in the State of Israel is not effectively fulfilling its role, the Commission shall inform the competent Israeli authority and, if necessary, present draft measures in accordance with the procedure referred to in Article 31(2) of Directive 95/46/EC with a view to repealing or suspending this Decision or limiting its scope.
For the Commission
Viviane REDING
Vice-President
(1) OJ L 281, 23.11.1995, p. 31.
(2) Document WP114 of 25 November 2005. Available at http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2005/wp114_en.pdf
(3) Opinion 6/2009/EC on the level of protection of personal data in Israel. Available at http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2009/wp165_en.pdf
ANNEX
Competent supervisory authority referred to in Article 1(2) of this Decision:
The Israeli Law, Information and Technology Authority
The Government Campus
9th floor
125 Begin Rd
Tel Aviv
Israel
Mailing address:
PO Box 7360
Tel Aviv, 61072
Tel. + 972-3-7634050
Fax + 972-2-6467064
Website: http://www.justice.gov.il/MOJEng/RashutTech/default.htm