Archive for the ‘Privacy: Israel’ Category

Israeli DP Law: Constitutional, Statutory and Regulatory Reform

October 25, 2007

In this article, published in the October 2007 issue of Privacy and Data Protection, I review recent changes in Israeli privacy and data protection law. The elevation of the right of privacy to constitutional status has moved the Israeli Supreme Court to extend privacy and data protection beyond the scope of the Privacy Protection Act of 1981 (“PPA”). And the PPA too is changing: driven by technological developments and the will to harmonize Israeli law with European standards, a government committee has recently proposed a wholesale reform of the statute’s data protection chapter (the Schofman Report). To increase compliance and enforcement levels, Israel has established a new data protection authority – the Israeli Law and Information Technologies Authority (“ILITA”) – to replace the former Database Registrar. I review in this article the spate of recent changes in Israeli data protection law and comment on persisting discrepancies between Israeli and European data protection.

Court Imposes Israeli Law on Gibraltar Gambling Website

February 4, 2007

An Israeli Magistrate’s Court ruled last week that the operation of a Gibraltar-based gambling website constitutes a criminal offence in Israel under Israeli law (Israeli Police v. Michael Carlton (in Hebrew)). The website, is based in Gibraltar, where gambling is legal. Judge Abraham Hyman reasoned that the website targeted Israeli customers by providing a Hebrew interface and advertising on billboards in Israel, and is therefore deemed to have operated in Israel, despite the foreign location of its web servers and corporate headquarters. Judge Hyman added, that in the context of online commerce the locus of the activity is the end user’s PC (country of destination rule), as opposed to the Website’s servers or corporate establishment (country of origin rule). Judge Hyman’s decision tackles the dense problem of personal jurisdiction in the online environment. The law usually allocates jurisdiction according to the geographical location of the activity or one of the parties (typically, the defendant). Yet, as Joel Reidenberg once explained, “the entire architecture of the Internet is based on the principle of geographic indeterminacy”. Determining where a particular action took place (between websites, advertisers, hosts, servers, routers, end users’ PC) is very difficult in cyberspace. Indeed, Michael Geist named his 2001 article on the subject “Is There a There There? Toward Greater Certainty Internet Jurisdiction” (BERKELEY TECH. L.J. 1345 (2001)), questioning whether any useful distinctions can be made based on geographical location in cyberspace. The Israeli court’s application of a country of destination rule is not surprising, particularly given this was a matter of consumer protection and criminal law, where the law of the forum typically prevails. Judge Hyman referred to the Yahoo v. LICRA affair, where Yahoo sought protection from an American court against enforcement of a French court’s judgment for violation of French laws prohibiting the sale of Nazi-era memorabilia. Judge Hyman effectively applied a “targeting test”, imposing jurisdiction due to the Website’s “purposeful availment” of its services in Israel. The targeting and purposeful availment tests are taken from US jurisprudence on the topic, namely the oft-cited Zippo test (Zippo Mfr. Co. v. Zippo Dot Com, Inc., 952 F. Supp. 1119 (W.D. Pa. 1997)), the Calder test (Calder v. Jones, 465 U.S. 783 (1984)), and Professor Geist’s own contractual  and technological targeting tests. The problematic aspects of such extensions of jurisdictions are clear: criminalizing activities which may be legal where performed, issuing unenforceable decisions (e.g., the Yahoo case itself), and instigating potential diplomatic incidents.

Googled to prison?

January 30, 2007

Privacy and data protection in search engine data has taken center stage last year, with the unfortunate revelation by AOL of detailed search records of over 600,000 users (ultimately leading to the resignation of the company’s CTO), and Google’s legal battle with the US government over use of search logs for law enforcement purposes (See US District Court decision, accepting the governments request for data in part, here). Search engines collect a massive amount of highly personal data concerning our interests, hopes, desires, health, finances, travel plans, job searches and more. This invaluable asset attracts the interest not only of the government, but also of private litigants (e.g., copyright enforcement by the music industry, husband-wife custody battles), advertising companies and hackers. Hence, for example, in a recent 7th Circuit Court of Appeals case, a wireless hacker was convicted based on his Google search records. In a North Carolina case last year, a man was found guilty of murder in part because he searched for the words “neck,” “snap,” “break” and “hold” before his wife was killed. The Norwegian press reported yesterday that the Norwegian Data Protection Authority is investigating Google’s vast data storage pratices. Google responded that it can only link a search request to an IP address, not to the individual person behind such address, and in any event is not willing to pass on such information to others. The problem is that Google (and other search engines, for that matter) can personalize the data by use of cookies and additional services, such as the ubiquitous Gmail, and that even anonimized data may be linked to individuals, as illustrated by a NYT reporter in the AOL case. (I am lecturing on the topic at the upcoming annual meeting of the Israeli Internet Association on February 19).

Conference: The Law Of Search Engines‏

November 26, 2006

The University of Haifa School of Law is holding a conference on the Law of Search Engines, touching on issues such as privacy and data protection, freedom of speech, intellectual property. Some of the field’s leading names are scheduled to participate, including Helen Nissenbaum of NYU and Michael Geist of Ottawa. The event is organized by Haifa Profs Niva Elkin-Koren and Michael Birnhack.