Ben is an associate in the firm’s Privacy and Data Protection Department.
Ben advises these companies on various aspects of internet law, as well as on privacy and data protection matters.
As part of his services, Ben advises on local and global compliance and standardization procedures in the field of privacy and data protection. This includes compliance with international regulatory requirements like the GDPR, CCPA, CPRA, and EU AI ACT, and the implications of this regulation on clients’ business activities.
Ben also assists clients in managing cyber crises and preparing commercial agreements, including with regard to the privacy aspects of merger and acquisition transactions.
In addition, Ben advises clients on formulating preparedness and response plans for cyber incidents and data security; preparing documents required for internet activity, such as privacy policies; and registering and updating databases in Israel’s Registrar of Databases.
Ben completed a data protection officer course at Tel Aviv University in 2021.
Before joining Barnea, Ben worked at a leading accounting firm. As part of his work there, Ben gained vast experience in preparing compliance and monitoring plans in the areas of privacy and data protection.
Reichman University, LL.B. and B.A in Government, 2017
Member of the Israel Bar Association since 2019
Insights & News - Ben Norman:
New EU-US Data Privacy Framework (DPF)
The new arrangement for transferring information about EU citizens to the United States offers European and foreign companies a simpler mechanism to enable their privacy protection procedures to be recognized as GDPR-compliant.
California: Class Action against ChatGPT for Breach of Privacy
Who is responsible for protecting the privacy of the information AI technologies collect? A new class action in California joins a series of AI-related lawsuits that may clarify this question.
European Union v. Facebook: EUR 1.2B Privacy Infringement Fine
An EUR 1.2 billion fine was imposed on Meta after the EDPB ruled the company was systematically transferring the personal data of millions of Facebook users from the European Union to servers in the United States in violation of the European GDPR.