English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Language
English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Home
About us
About us
CV at a glance
Global reach
Pro Bono
What we do
Practice area
The team
Knowledge center
Insights & News
Client updates
Credentials
Doing business in Israel
Join us
Contact
Barnea Blog
© All rights reserved to Barnea Jaffa Lande Law offices

Together is powerful

Client updates
25 January 2023
by Avishay Klein
Ben Norman
         
Antitrust and Competition
Banking & Finance
Capital Markets
Corporate
Employment
Infrastructure
Internet
Litigation
NPO
Private Clients
Real Estate
Regulation
Tax
High Tech

Fine Imposed on Israeli Cyber Tech Company for Violating European GDPR

Greece’s privacy protection authority recently announced it was fining Intellexa, an Israeli cyber tech company, EUR 50,000.

 

The Hellenic Data Protection Authority (HDPA) imposed the fine as part of an investigation it conducted into spyware-infected mobile phones and the wiretapping of journalists and high-ranking politicians in Greece. In this context, the HDPA stated that when its representatives tried to perform audits at the company’s registered addresses in Athens and an adjacent suburb, they discovered there was no business activity at those addresses.

 

As a result, the HDPA ruled the company violated Article 31 of the General Data Protection Regulation (GDPR). This clause obligates companies that process personal information to cooperate with requests from the relevant authority when it is carrying out its activities. In addition to the fine, the HDPA ordered the company to immediately forward all invoices and receipts it had issued and all of the company’s contracts pertaining to information processing in any software or hardware.

 

It is important to note that although Intellexa is an Israeli company, it also faces exposure to European regulation within the context of privacy protection laws. This is because the GDPR applies directly to companies that engage in business activities in Europe, even when the information collected is neither stored nor processed in Europe.

 

This case demonstrates why we recommend that all Israeli companies with international business activities carefully examine their possible exposures to cybersecurity and privacy protection laws and formulate an appropriate risk management strategy. 

 

 ***

 

Our Privacy and Data Protection Department is available if you have any questions or require clarifications in this regard or in relation to other privacy protection and data security issues.

 

Adv. Dr. Avishay Klein leads the Firms Privacy and Data Protection practice.

 

Adv. Ben norman is an associate in the firm’s Regulation Department.

 

Tags: Cyber | Espionage | GDPR