In our previous special client update we reported about the ECJ's ruling which invalidated the Safe Harbor Framework (which governs the transfer of personal data from the EU to the US).
 
According to the Israeli Privacy Protection (Transfer of Data to Databases Abroad) Regulations, 2001, the transfer of personal data outside of Israel is only allowed under certain conditions, one of which is that the data "is transferred to a database in a country… which receives data from Member States of the European Community, under the same terms of acceptance." Consequently and following the ECJ's ruling, the Israeli Data Protection Authority has recently announced that Israeli companies may no longer rely upon the Safe Harbor Framework for the purpose of transferring personal information outside of Israel.
 
Following these decisions we encourage all of our clients who transfer personal data of Israeli or European data subjects to servers or companies located in the US, or who outsource personal data processing from the EU or Israel to non-EU states, particularly via services and companies which are certified with the Safe Harbor Framework, to take immediate steps to address the legal risks arising from this ruling.