The Israeli Law, Information and Technology Authority (ILITA), was established by the Ministry of Justice of Israel in September 2006 to become Israel's data protection authority. The mission of ILITA is to reinforce personal data protection, regulate the use of electronic signatures, and increase the enforcement of privacy and IT-related offences. ILITA also acts as a central knowledge-base within the Government for technology-related legislation and governmental IT large projects, such as eGov.
ILITA as a data protection regulator constitutes a merger of three pre-existing regulatory functions:
· The Database Registrar which according to Privacy Law, 5761-1981is responsible for data protection regulation and enforcement.
· The Credit Data Services Registrar which according to Credit Data Services Act, 5782-2002 is responsible for the licensing and oversight of credit data bureaus.
· The Certification Authorities Registrar which according to Electronic Signature Act, 5781-2001 is responsible for the registration and supervision of electronic signature certification authorities.
ILITA’s mandate and regulatory authority, as set forth in these three laws, apply to both the private and public sector. These powers include:
· Inspections at data controllers and license holders, including powers of search and seizure;
· Complaint handling;
· Investigation of criminal offences;
· Imposition of administrative fines;
· licensing of credit data services and certification authorities;
· Registration of databases that include personal infomation
· Setting guidelines and standard codes of practice for data controllers and license holders;
· Raising public awareness to the right to informational privacy among both data controllers and data subjects;
ILITA represents Israel in the international data protection arena and promotes international cooperation:
· Acting as delegate of the Israeli government to the ICCP and WPISP committees of the OECD
· Handling Israel’s application to the EU for recognition under Article 25(6) of Directive 95/46/EC as offering an ”adequate level of protection” for personal data
· Conducting a twinning Data Protection program funded by the EC in collaboration with the Agencia Española de Protección de Datos (AEPD(