The Israeli Parliament recently adopted a new amendment to the Israeli Privacy Protection Law, 5741-1981 (PPL), entering into force on August 14, 2025.  

The Amendment, titled Amendment 13, is a very extensive amendment to a law that has not been amended for many years and brings Israeli data protection law closer to other modern data protection laws, primarily the General Data Protection Regulation (GDPR).  

The need for this amendment was primarily driven by the lack of sanctions on breach of the Protection of Privacy Regulations (Data Security) 5777-2017 (the Security Regulations) which include detailed requirements of security measures and procedures, specifically in light of an increase in cyberattacks and the reaffirmed adequacy status by the EU Commission in January 2024. Although adequacy was reaffirmed, the Commission recommended in its report enshrining in legislation the protections that have been developed at the sub-legislative level and by case law and specifically referred to the adoption of Amendment 13, which was then under discussion in the parliamentary Constitution Committee. 

The Amendment mainly amends the chapter regarding databases, which are defined as a collection of personal data by digitized means. There is no change in the provisions regarding the traditional material privacy rights in the PPL and consent remains the legal basis for processing. 

In this Article, Dalit Ben-Israel, from Naschitz Brandes Amir, reviews some of the key changes introduced by the Amendment.  

In a significant development within the State of Kuwait's regulatory landscape, the Communication and Information Technology Regulatory Authority (CITRA) has taken decisive steps to fortify data protection measures in the realm of telecom and IT services. Under Decision No. 26 of 2024, CITRA introduced a new set of Data Privacy Protection Regulations (the Regulations), effectively replacing the prior regulations. Concurrently, CITRA has repealed its former Data Classification Policy under Decision No. 34 of 2024, signaling a strategic shift towards more comprehensive safeguards for sensitive information.

This proactive update reflects CITRA's recognition of the growing need for strong data security measures as Kuwait's telecom and IT sectors expand. These regulatory changes also match Kuwait's big-picture plan for progress outlined in the New Kuwait 2035 strategy, emphasizing a focused push for better technology resilience and privacy standards in the country's digital world. Asad Ahmad and Salma Farouq, of GLA & Company, discuss the Regulations, highlighting the key provisions that individuals and entities should be aware of.

Part one of this comparison outlined the differences in the scope, definitions, and legal bases for processing between the Jordanian Personal Data Protection Act 2023 (JPDPA) and the General Data Protection Regulation (GDPR). In part two of the comparison between the two laws, Mariana Abudayah, of Nsair & Partners – Lawyers, explores the differences in controller and processor obligations, data subject rights, and enforcement for a better understanding of the two frameworks. This article will also consider the unique challenges and compliance considerations that companies and organizations may encounter.

In this Insight article, Nick O'Connell and Fatma Al Zadjali, from Al Tamimi & Company, delve into Oman's recent strides in data protection, highlighting the significance of the newly revealed Executive Regulation (the Regulation) of the Omani Personal Data Protection Law (PDPL).