Client updates /  Privacy

A significant development occurred last week at the interface between artificial intelligence and intellectual property following the settlement agreement reached by Anthropic in the class action lawsuit filed against it with the US District Court for the Northern District of California.

Amendment 13, which significantly updates privacy laws in Israel, has come into effect! If you still don’t know what to do to comply with the requirements, we’ve prepared a guide to help you address the main issues (not all of them) right now! In this guide, you can find simple tips to implement in your organization to improve compliance with Israeli privacy law requirements.

Amendment 13 to the Israeli Privacy Protection Law is expected to come into effect in mid-August 2025. The amendment prescribes, inter alia, organizations’ obligation to appoint a data protection officer. The Privacy Protection Authority recently published a draft directive on implementing this obligation. The draft is not final and is open for public comments.

At the end of June 2025, the Northern California District Court issued two precedent-setting rulings addressing the legal question: Is it lawful to use copyrighted works for machine training of AI-based large language models (LLMs)?

Earlier this month, the European Data Protection Board (EDPB) issued draft guidelines on the processing of personal data through blockchain technologies.

A recent ruling by the National Labor Court establishes that placing cameras near an employee’s workstation does not necessarily constitute a substantial deterioration in working conditions.

As of January 1, 2025, the Israeli Privacy Protection Regulations (Instructions for data being transferred to Israel from the European Economic Area) will also apply to data being stored or processed in Israel or in other countries, such as the US and the UK, if these databases also contain data transferred from Europe. In other words, this means that as soon as a database in Israel or another country also contains personal information transferred from Europe, all data in the database must comply with the regulations’ requirements – not just the data that came from Europe, but also the local data or data that came from other countries.

Until now, the HHS guidance provided a very broad interpretation of what constituted “protected health information” (PHI). This interpretation severely restricted data analytics service providers’ ability to cater to hospitals and for hospitals to manage their digital assets, in addition to exposing them to class action lawsuits. A federal court’s ruling to vacate the guidance is expected to facilitate both service providers and hospitals.

Uber’s insufficiently clear privacy protection policy and lack of transparency about the collection of personal information on its employees resulted in a heavy fine.

2023 trends are expected to continue in 2024, including the constantly evolving regulation of AI tools and new privacy protection and data security issues, as well as attempts by Israeli and global authorities to keep up with the pace at which technology is evolving and changing the face of the business world.