Israeli businesses apparently will have to follow GDPR-style privacy rules when it comes to email lists.
An opinion by Israel’s Privacy Protection Authority states that firms with 10,000 or more email contacts would have to follow Israel’s Privacy Protection Act, which defines such lists as databases, according to Bloomberg Law.
The ruling, which is likely to affect small businesses, takes place immediately.
That means companies have to appoint a database manager and draft internal procedures to protect the data, Bloomberg says.
Even small business owners could face fines of up to 100,000 shekels ($26,800) and a year’s imprisonment for each injured party, Bloomberg writes.
Those penalties apply even if the firms have no sensitive data on file. However, the Authority told Bloomberg that email lists can be used to discern such details as occupation and marital status, and thus qualify as personal information.
The Israeli law requires that firms register their databases of customers and suppliers, Bloomberg reports.