© All rights reserved to Barnea Jaffa Lande Law offices

Together is powerful

Fine Imposed on Israeli Cyber Tech Company for Violating European GDPR

Greece’s privacy protection authority recently announced it was fining Intellexa, an Israeli cyber tech company, EUR 50,000.

 

The Hellenic Data Protection Authority (HDPA) imposed the fine as part of an investigation it conducted into spyware-infected mobile phones and the wiretapping of journalists and high-ranking politicians in Greece. In this context, the HDPA stated that when its representatives tried to perform audits at the company’s registered addresses in Athens and an adjacent suburb, they discovered there was no business activity at those addresses.

 

As a result, the HDPA ruled the company violated Article 31 of the General Data Protection Regulation (GDPR). This clause obligates companies that process personal information to cooperate with requests from the relevant authority when it is carrying out its activities. In addition to the fine, the HDPA ordered the company to immediately forward all invoices and receipts it had issued and all of the company’s contracts pertaining to information processing in any software or hardware.

 

It is important to note that although Intellexa is an Israeli company, it also faces exposure to European regulation within the context of privacy protection laws. This is because the GDPR applies directly to companies that engage in business activities in Europe, even when the information collected is neither stored nor processed in Europe.

 

This case demonstrates why we recommend that all Israeli companies with international business activities carefully examine their possible exposures to cybersecurity and privacy protection laws and formulate an appropriate risk management strategy. 

 

 ***

 

Our Privacy and Data Protection Department is available if you have any questions or require clarifications in this regard or in relation to other privacy protection and data security issues.

 

Adv. Dr. Avishay Klein leads the Firms Privacy and Data Protection practice.

 

Adv. Ben norman is an associate in the firm’s Regulation Department.

 

Tags: Cyber | Espionage | GDPR