Section 7 of The Basic Law on Human Dignity and Freedom (1992) states: "(a) All persons have the right to privacy and to intimacy. (b) There shall be no entry into the private premises of a person who has not consented thereto. (c) No search shall be conducted on the private premises or body of a person, nor in the body or belongings of a person. (d) There shall be no violation of the confidentiality of the spoken utterances, writings or records of a person."[1532] According to Supreme Court Justice Mishael Cheshin, this law elevated the right of privacy to the level of a basic right.[1533]
The Protection of Privacy Law regulates the processing of personal information in computer data banks in an effort to protect privacy.[1534] The law sets out 11 categories of prohibited activities and provides for civil and criminal penalties for violations of an individual's privacy.[1535]
Under the Privacy Law, privacy in databases is also protected. Specifically, all holders of data banks containing more than 10,000 names or various confidential information must register with the Registrar of Databases and report their purpose, use, means of data collection, and data security measures implemented.[1536] The law limits the use of information in these databases to the purposes for which they were intended, and database holders must provide access to database subjects. There are broad exemptions for police and security services as well as a wide range of defenses to the Privacy Law.[1537] For example, actions in good faith or in furtherance of the public interest serve as defenses to violations of the law. The law also sets up basic privacy regulations relating to surveillance, publication of confidential information, criminal records, and the legal obligations of the government with respect to confidential information. The Privacy Law was last amended in 1996 to broaden the databases covered and increase penalties for violations.[1538] Currently there are several pending bills for the amendment of the Privacy Law,[1539] covering a variety of issues, from protection of the privacy of victims of sex crimes, to restrictions on submission and use of information by state authorities. However, the chances of any of these proposed amendments being accepted by the Knesset, the Israeli Parliament, and actually enacted are unclear.
The Registrar of Databases within the Ministry of Justice enforces the Privacy Law with regard to databases. The Registrar maintains the register of databases and can deny registration if he or she believes that a database is used for illegal activities. The Registrar also investigates violations of the Privacy Law.[1540] Pursuant to the Privacy Law, every individual may inspect information about him in a database and the owner of the database must provide for such inspection in Hebrew, Arabic, or English.[1541] As of mid-1998, 5,200 databases were registered.[1542] A Public Council for the Protection of Privacy has also been set up to advise the Justice Minister on legislative matters related to the Protection of Privacy Law and its subsidiary regulations and orders. The council sets guidelines for the protection of computerized databases and guides the work of the Registrar of Databases. The European Commission considers Israel's data protection laws likely to offer an adequate level of protection for personal data transferred to Israel from countries in the European Union.[1543] In recent years, the Registrar's Office has advanced measures to increase database registration.[1544] The Registrar of Databases may appoint inspectors to examine databases and enforce compliance with registration laws. It should be noted that the Registrar's Office is reportedly encountering budgetary difficulties and, as a result, difficulties in efficiently exercising its authority.[1545]
The Credit Data Service Law was enacted in 2002 to create a shared center for storing consumers' credit information among different competing creditors and break up the dominance of the two banks that controlled most credit information.[1546]Although the law gives consumers access to their information, the opportunity to correct information collected, includes "positive" records, such as evidence of good credit, and features a procedure for opting out of collection, some politicians have argued that it unduly invades privacy by automatically sharing credit information and penalizing those who opt out of the database.[1547] The law will come into effect by the end of July 2003. However, to date, the regulations specified under the law and necessary for it to come into force have not been enacted.
During 2002, several public-sector workers were convicted, as part of a plea bargain, for selling information from the classified database on the country's inhabitants. The information, some of which was sold to private detectives, included criminal records, lists of outgoing telephone calls, salaries and property ownership. These convicted workers, who were employed by the police, tax, insurance, telecommunications, and other government departments, were charged and convicted with accepting bribes, violation of privacy, illegal use of the database, and conspiracy.[1548]
The Secret Monitoring Law of 1979 governs the interception of communications.[1549] The law was amended in 1995 following a finding by the State Comptroller that police were abusing wiretap procedures. Although the amendments sought to tighten procedures, they also expanded the Secret Monitoring Law to cover new technologies, such as mobile phones and e-mail. In addition, the amendments increased penalties for illegal taps while allowing interception of privileged communications, such as those with a lawyer or doctor.[1550]
The police must receive permission from the President of the District Court to intercept any form of wire or electronic communication or plant a microphone for a period up to three months, which can be renewed. According to the Israeli government, the number of wiretap orders "has averaged roughly 1,000 to 1,100 annually over the last several years. Roughly half of these wiretap permits are given in connection with drug-related offences."[1551] Intelligence agencies may wiretap people suspected of endangering national security after receiving written permission from the Prime Minister or Defense Minister. These agencies must present an annual report to the Knesset detailing such activities. The 2002 annual report indicates that, of the 1,095 requests filed by the police, the courts approved 1,089.[1552]
The Chief Military Censor may also intercept international conversations to or from Israel for purposes of censorship.[1553] Although courts are supposed to weigh privacy concerns against law enforcement needs before authorizing wiretaps, authorization is, in practice, almost automatic upon request; out of more than 1,700 wiretap requests made in 1999, only six were refused.[1554]
According to an Internal Security Ministry report released in May 2002, Israeli police carried out 1,685 wiretaps in 2000. The report, an internal review of police wiretapping procedures, cited "lack of oversight and supervision" of police wiretapping and said police consistently fail to destroy non-essential evidence uncovered by wiretapping.[1555] The Knesset Interior Committee held a session in February 2002 to discuss the wiretapping of prominent Israeli politicians, including former Prime Minister Benjamin Netanyahu, and decided at the close of the session to establish a subcommittee to monitor classified work by the police. However, the approval of the Knesset speaker and legal advisers must be obtained before the subcommittee can be established.[1556]
In June 2000, the Tel Aviv District Court held that the State could not order an Internet Service Provider to collect subscriber e-mails to provide to the police, finding that such a practice constituted the equivalent of an illegal wiretap. However, the Court determined that police could request e-mails already collected by the ISP from subscribers against whom an indictment is pending and could then use the e-mails upon indictment if a court found the collection to be justifiable - even if illegal at the time of seizure - when balanced against individual privacy rights.[1557]
In 1996, a Defense Forces employee was tried for misusing the phone records of a journalist.[1558] Several people, including Ma'ariv publisher, Opher Nimrodi, were convicted in 1998 of ordering wiretaps on business people and media personalities, including Science Minister Silvan Shalom.[1559] In November 1998, wiretaps were discovered on the phone of Labor and Social Affairs Minister Eli Yishai. It was suspected that he was wiretapped by a rival political faction inside the Shas party.
Unauthorized access to computers is punished by The Computer Law of 1995.[1560] Many routine activities prohibited by this law, such as accessing a computer or erasing information, are illegal only when performed without proper authorization.[1561] In June 2002, an Israeli teen-ager was sentenced under this law to eighteen months in jail for masterminding a series of high-profile hacks into the computer systems at the Massachusetts Institute of Technology, the National Aeronautics and Space Administration, the Federal Bureau of Investigations, the United States Air Force and the United States Department of Defense.[1562] An appeals court overruled the teen-ager's original sentence of six months community service after the Israeli government, under pressure from the United States, pushed for a stricter sentence.[1563]
The Postal and Telegraph Censor, which operates as a civil department within the Ministry of Defense, has the power to open any postal letter or package to prevent harm to state security or public order.[1564]
The 1996 Patient Rights Law imposes a duty of confidentiality on all medical personnel.[1565] The Genetic Information Law of 2000 protects the rights of individuals with respect to their DNA samples and their genetic information. The Law and existing ethical guidelines cover most issues of informed consent, confidentiality, and rules of access for both identified and non-identified DNA samples or genetic information in the individual or family-based, small-scale collections.[1566]
In August 1999, the Cabinet called on the Ministry of Justice to develop legislation creating a national DNA database for police investigations.[1567] The Health Ministry issued regulations on the use of video surveillance in hospitals in September 1998 after discovering that cameras had been moved to watch patients undressing.[1568]
Criminal records are governed by the Criminal Register and Rehabilitation Law, which allows more than thirty government agencies to access the records.[1569]
Finance Minister Y'aakov Ne'eman issued an authorization in March 1998 giving the director of the Bureau for Counterterrorism full access to the databases of all Israeli taxation authorities, including the Income Tax Authorities and Customs. It gives the Bureau access to the financial records of any citizen in Israel, including the status of their bank account "for urgent cases of preventing terrorist acts."[1570]
Israel contracted with Electronic Data Systems in 1999 to install a biometrics-based border control system to monitor the entrance and exit of about 50,000 Palestinians workers through the Gaza Strip using hand geometry and facial recognition technology.[1571] Israel has also installed a biometrics identification system in Tel Aviv's Ben Gurion Airport. Frequent travelers who submit biographic information and biometric hand-geometry data may use automatic inspection kiosks to go through airport security. Travelers use a credit card for initial identification and then scan their palms into the kiosk to verify their identity. The machine prints a receipt that allows the traveler to proceed through security. Nearly 80,000 Israeli citizens have enrolled in the biometric identification system.[1572]
The obligation to maintain bank secrecy in Israel stems from its adoption of English bank laws in 1922, by Section 46 of the British Order-in-Council.[1573] The obligation of bank secrecy only applies to consumers and not to companies.[1574] The obligation includes information regarding clients' accounts, transactions effected through the account and the collateral toward the account.[1575]
The Supreme Court ruled in Shalit v. Peres that there was a fundamental right for citizens to obtain information from the government.[1576] The Freedom of Information (FOI) Law was approved unanimously by the Knesset in May 1998. The law allows any citizen or resident to access records held by government offices, local councils and government-owned corporations.[1577] Requests for information must be processed within thirty days. A court can review decisions to withhold information. A Jerusalem Post survey in June 1999 found that many agencies had not begun to prepare for the FOI Law.[1578]