Author: Marketing Assistant

The Ministry of Finance’s November 2023 outline, as amended and approved to date:

The Israeli Employment Service has outlines certain concessions (summarized at the bottom of the Ministry of Finance’s circular) regarding the ability for businesses to put staff on unpaid leave, and the corresponding rights of those on whom unpaid leave is imposed.

These concessions include:

  • reducing the requirement to first offset accrued vacation days before putting staff on unpaid leave;
  • Extending unemployment benefits for those who would otherwise have used up 180% of their eligibility days within the last 4 years;
  • reducing the minimum period of employment to qualify for unemployment benefits (to 14 days down from 30);
  • reducing the period of paid employment required to just 6 of the last 18 months, so as to qualify for benefits;
  • providing special grants to people who have been displaced as a result of the Swords of Iron war;
  • providing special grants to people aged 67 or above who have become unemployed during the war; and
  • suspending the lapse of the 60-day protection period (in which those returning from parental leave cannot be rendered unemployed).

In matters relating to employment, even more so than in other areas, the law and practice changes frequently in accordance with official circulars. As such, we recommend consulting with our employment law department in case of any queries, to ensure the most up to date information is available to you.

* This newsletter is provided for informational purposes only, is general in nature, does not constitute a legal opinion or legal advice and should not be relied on as such. If you are seeking legal advice, it is essential to review the specific facts of each case in detail with a qualified lawyer.

In a significant move to fortify Israel’s high-tech sector during this period of uncertainty caused due to the on-going Swords of Iron war, the Israel Innovation Authority (the “IIA”) has acted to provide certain benefits to Israel’s start-up eco-system:

Fast-Track to extend startups runway: the IIA has launched a fast-track funding option – with a current allocation of NIS 400m, to help fund Israeli startup companies with significant technological assets, and short runways and which are struggling to raise funds from their existing investors and shareholders.

This track has launched in November 2023 and will continue until the end of February 2024, with application dates every two weeks.

Under this track, companies will be entitled to receive up to NIS 7.5m capped at 50% of the associated budget applied for.

The main criteria for evaluating the applicant companies include:

Technological: (i) technological and functional innovation; (ii) competitive advantage and strength of underlying intellectual property; (iii) growth potential; (iv) applicant strengths (technology, products, sales, customers, partners, and team); and (v) the potential for return to the Israeli economy.

Financial: (i) runway of no more than six (6) months and the grant’s contribution to its extension; and (ii) low capital availability from existing company investors and shareholders.

Reliefs and supporting measures for a period of 90 days: the IIA has approved (for an initial period of 90 days from 19 October 2023), a series of relief and supportive measures for companies subject to current funding obligations with the IIA, in order to help them deal with the difficulties that have arisen since the outbreak of the Swords of Iron war.

These concessions include extended periods for filings, presentation of complementary funding, and signature of case activation documents, enabling of remote (zoom) execution of documents, an automatic 20% budget increase per line item, and allowing for an additional program change request where needed.

* This newsletter is provided for informational purposes only, is general in nature, does not constitute a legal opinion or legal advice and should not be relied on as such. If you are seeking legal advice, it is essential to review the specific facts of each case in detail with a qualified lawyer.

Though we – as humans, as lawyers, as a firm and as a country – are still reeling from the horrendous attack we faced on 7 October, the economy and Israel’s energy sector specifically, remain of paramount importance. We are therefore thrilled to congratulate our client, Phoenix Insurance Company, for their agreement to invest an amount of up to NIS 700 million into Meshek Energy. This strategic investment will provide Meshek Energy with the capital needed as part of its bid to acquire the major Eshkol power station from the Israel Electric Corporation at a value of at least NIS 9 billion, and is a significant milestone in the energy sector.

Phoenix Insurance was represented by partners, Amnon Epstein and Ron Abelski, with senior associate Itamar Lev Eldar, and interns Roni Ghouila and Ronnie Kohn.

For the full article in Hebrew, click 

On 21 September 2023, the UK Department for Science, Innovation and Technology announced further details on the new transatlantic data flow mechanism for UK-to-US personal data transfers. The new adequacy regulations were laid in Parliament and will take effect on 12 October 2023. From that date on, organisations in the United Kingdom will be able to transfer personal data to US organisations that are certified to the “UK Extension to the EU-US Data Privacy Framework” without the need for additional data protection safeguards.

As previously described by ERM (here and here), the EU-US Data Privacy Framework (“DPF”) is a mechanism that allows personal data to be transferred from the EU to US companies that are certified under the DPF without the need for additional data protection safeguards. Companies that wish to self-certify under the DPF need to commit to the “DPF Principles” and comply with a detailed set of privacy obligations.

How does the Data Bridge Work?

The UK Extension to the DPF, also known as “UK-US Data Bridge”, extends the DPF to data flows from the UK to the US. US organisations that already participate in the Data Privacy Framework can opt in to receive data from the UK. Those that wish to do so can elect to participate in the UK-US Data Bridge either as part of their annual re-certification to the EU-U.S. Data Privacy Framework, or outside of their annual certification to the EU-US Data Privacy Framework provided that they make their election no later than January 16, 2024.

What should Companies do next?

UK companies transferring personal data from the UK to the US should check whether the US businesses they work with participate (or plan to participate) in the UK-US data bridge, check US businesses’ privacy policies and assess whether the particular data transfer in question is covered by the Data Bridge.

Both UK and US companies may need to update their privacy policies, agreements and records of processing in order to reflect that they rely on or are certified under the UK-US data bridge.

Where businesses cannot rely on the new UK-US Data Bridge, they will have to continue using one of the already existing safeguards for data transfers, such as the international data transfer addendum to the European Commission’s standard contractual clauses for data transfers or binding corporate rules.

ERM is ready to support clients in the process of certifying under the Data Privacy Framework and on any other matters relating to privacy and data protection laws. Please reach out to us for more information.

The review was written by Rotem Perelman – Farhi, Partner and Heads of the firm’s Technology, IP & Data Department and Dr. Laura Jelinek, Associate in the the firm’s Technology, IP & Data Department.

* This newsletter is provided for informational purposes only, is general in nature, does not constitute a legal opinion or legal advice and should not be relied on as such. If you are seeking legal advice, it is essential to review the specific facts of each case in detail with a qualified lawyer.

Congratulations to our client, Mekorot, Israel’s largest water company, for publishing the first tender for the design, finance, build and operate of a 75MW solar plant, including storage, over the Israeli National Water Carrier. This tender is the first of its kind in the novice coverage of the National Water Carrier (in Stage 1 over 1300 dunams in the Netofa area of the canal). This is the second large scale solar tender that Mekorot has initiated being in the forefront of Israeli governmental companies helping to achieve the goal of boosting the proportion of power generated from renewable sources in Israel to 30% of total power production by 2030.
Amnon Epstein, Founding Partner and head of ERM’s Energy & Infrastructure, together with Associate Tal Ishay, led the team and were assisted by interns Maya Shoshani and Roei Dayan.

As previously reported by ERM [], the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework on 10 July 2023. US companies that are certified under the Data Privacy Framework (“DPF”) may now receive personal data from EU-based data exporters without the need for additional data protection safeguards.

One noteworthy change brought by the DPF is the new redress mechanism. This mechanism allows EU individuals to seek redress through their national authorities via the proposed Data Protection Review Court (“DPRC”). It is generally seen as a significant step forward in the development of EU-US data transfers. However, questions remain regarding the court’s independence and the transparency of the mechanism.

How will it work?

  1. EU individuals may lodge a complaint regarding a possible violation of their personal data rights arising from US signals intelligence activities to a specified “appropriate public authority” in their home country. The appropriate public authority verifies the complainant’s identity and ensures the complaint constitutes as a “qualifying complaint.”
  2. If the complaint is found to be qualified, it will be sent to the Civil Liberties and Privacy Officer (“CLPO”), who is part of the US Office of the Director of National Intelligence, and who will investigate the complaint.
  3. Following the investigation, the CLPO will notify the appropriate public authority either (i) that there was no violation or (ii) that a remediation has been issued.
  4. As a second step, the complainant can then, via the public authority, appeal to the Data Protection Review Court. At the DPRC, a 3-judge panel will review the CLPO’s investigation and may request additional information from the relevant authorities.
  5. The DPRC will then decide whether (a) the CLPO’s determination regarding whether a covered violation occurred was legally correct and (b) the remediation was consistent with the law.
  6. The DPRC will inform the appropriate public authority when the investigation is completed that (i) there was no violation or that (ii) a remediation has been ordered. Its decision will be final and binding.

Is the mechanism sufficient?

We can expect ongoing dialogue and collaboration between the EU and the US to ensure the DPF’s effective implementation. Nonetheless, uncertainties remain, particularly because Austrian privacy activist Max Schrems has already announced a legal challenge. Points of criticism are:

  • The DPRC is an executive body, not part of the judicial branch, raising concerns about its independence and impartiality when resolving complaints from Europeans.
  • Moreover, the court can only provide a simple decision without confirming or denying complainants’ exposure to US signals intelligence activities, which raises transparency questions. This lack of clarity may result in a lack of trust in the process among complainants and the public.
  • The effectiveness of the redress mechanism will depend largely on its implementation in practice. It remains to be seen how easily EU individuals can access the mechanism, how quickly complaints will be handled, and if the DPRC’s decisions will genuinely address and remedy privacy violations.

For more information on the process and for assistance with the process of certifying under the Data Privacy Framework, please reach out to us at ERM.

 

The review was written by Rotem Perelman – Farhi, Partner and Heads of the firm’s Technology, IP & Data Department and Dr. Laura Jelinek, Associate in the the firm’s Technology, IP & Data Department.

* This newsletter is provided for informational purposes only, is general in nature, does not constitute a legal opinion or legal advice and should not be relied on as such. If you are seeking legal advice, it is essential to review the specific facts of each case in detail with a qualified lawyer.

The European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework on 10 July 2023.

According to the adequacy decision, “the Commission concludes that the United States ensures an adequate level of protection for personal data transferred under the EU-U.S. Data Privacy Framework from a controller or a processor in the Union to certified organisations in the United States”.

This means that now personal data can flow safely from the EU to US companies that participate in the EU-U.S. Data Privacy Framework (the “DPF”), without the need for additional data protection safeguards. This is especially relevant for Israeli companies with US affiliates or those that rely on data processors in the United States.

The DPF replaces the “Privacy Shield” which was invalidated by the Court of Justice of the EU in its Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (called “Schrems II case”), and addresses the issues raised by the Court:

The DPF introduces new binding safeguards on US intelligence services and certain privacy obligations on US companies that wish to self-certify under the DPF. This includes limiting access to EU data by US intelligence services to what is necessary and proportionate, and establishing a Data Protection Review Court (DPRC), to which EU individuals will have access. The DPRC will independently investigate and resolve complaints, including by adopting binding remedial measures. For example, if the DPRC finds that data was collected in violation of the new safeguards, it will be able to order the deletion of the data.

It is worth pointing out that only those transfers to US importers that are registered under the DPF are justified under the adequacy decision. The DPF principles are very similar to the principles already developed for the Privacy Shield, so that presumably all companies that have already been certified under it are likely to also be certified under the DPF. Those that are not will need to comply with a detailed set of privacy obligations, for instance the requirement to delete personal data when it is no longer necessary for the purpose for which it was collected, and to ensure continuity of protection when personal data is shared with third parties.

ERM is ready to support clients in the process of certifying under the Data Privacy Framework and on any other matters relating to privacy and data protection laws. Please reach out to us for more information.

The review was written by Rotem Perelman – Farhi, Partner and Heads of the firm’s Technology, IP & Data Department and Dr. Laura Jelinek, Associate in the the firm’s Technology, IP & Data Department.

* This newsletter is provided for informational purposes only, is general in nature, does not constitute a legal opinion or legal advice and should not be relied on as such. If you are seeking legal advice, it is essential to review the specific facts of each case in detail with a qualified lawyer.

ERM partner and head of our German desk, Ron Abelski was interviewed in the leading German industry ‘Venture Capital Magazine’, about Israel’s start-up ecosystem and venture capital investments.

“In the last few years, I have also seen extensive investment activities by corporate venture capitalists – including many DAX30 and Mittelstand companies – searching for and investing in Israeli start-ups with the aim of utilizing these start-ups’ technologies in their products or companies.”

For the full article press here

We congratulate our client Prime Energy on the sale of 50% of its interest in the Tlamim project to Helios. The Tlamim project is a 14 megawatt (AC) land-based photovoltaic project, valued at approximately NIS 72.5 million.

The Epstein Rosenblum Maoz’s (ERM) team advising Prime Energy was led jointly by Amnon Epstein, founding partner and head of ERM’s Energy, Infrastructure, and Climate practice, and Chen Weiss, partner. Associate Tal Ishay also advised.

For the full article (in Hebrew) please click here