Skip to content
Close
SEARCH
Contact Us
Contact Us

AI Governance and Compliance

AI Governance

AI Maturity Model

AI Management System

AI Governance Tooling and Technologies

Regulatory Compliance

AI Trust for Goverments

AI Embeded in Products and Software

AI Trust Mark

AI Embedded in Products

Digital Trust

Other Services

Trainings and Workshops

AI Trust Hub

ai_academy_1

AI Academy

Learn More

Regulations

EU AI Act (Europe)

NIST RMF 1.0 (USA)

United Kingdom

United Arab Emirates

Medical Devices Regulation (EU)

Ethics Guidelines for Trustworthy AI

All Regulations


 

Standards

ISO/IEC 42001

ISO/IEC 42005

ISO/IEC TR 24027

ISO/IEC TR 24028

ISO/IEC TR 24029-1

ISO/IEC 22989

EU Harmonized Standards

COBIT Framework

All Standards

Webinars

Our Webinars

Upcoming Webinars


Other Resources

AI Trust Hub

eu_ai_act_1

Webinars

Learn More
ai_trust_hub_1

AI Trust Hub

Learn More

Explore Our Insights

Digital Trust

AI Trust

Data Privacy

AI Maturity

AI Safety and Robustness

EU AI Act

ISO/IEC 42001

Cybersecurity

Nemko Digital News

AI - Artificial Intelligence

AI Trust

EU AI Act

GPAI Code of Practice

Korean AI Trust Mark

Webinar Announcements

About us

About
Nemko Digital Learn about us here

careers-2

Careers
Contribute towards responsible AI

ai-regulation-israel

AI Regulation in Israel: Where Things Stand

Balancing privacy law with sector-specific guidance

Israel’s sector-based AI approach, guided by the 2023 Responsible Innovation policy and 2025 draft privacy guidelines, emphasizes transparency, accountability, data protection, and multi-stakeholder coordination.

Israel has not yet enacted an AI-specific law. Instead, it relies on sector regulators and horizontal privacy law to guide responsible use. The government has opted for a policy-led, principle-driven approach rather than a single overarching AI Act. This means organizations must keep track of both general requirements and sector-specific updates.

 

Snapshot (as of September 2025)

  • No AI-specific statute is in force in Israel. The government’s approach is policy-led and sector-based, steering regulators (health, finance, education, etc.) to tailor rules rather than adopting a single horizontal AI law.
  • Cross-sector privacy law applies: the Protection of Privacy Law (PPL) 1981—as Amendment 13 takes effect 14 August 2025—strengthens enforcement and expectations relevant to AI that processes personal data.
  • Policy + guidance are active:
    • Israel’s AI Policy (Dec 2023) sets “Responsible Innovation” as the guiding principle and directs sector regulators to craft fit-for-purpose rules.
    • The Privacy Protection Authority (PPA) issued draft AI guidance (Feb 2025) clarifying how the PPL applies to AI/automated decision-making.
    • A National AI Program (Innovation Authority) supports infrastructure, talent, standards work, and gradual establishment of regulatory mechanisms.

 

What’s in Force (applies today)

​The most important legal instrument is the Protection of Privacy Law (PPL) 1981, which governs the use of personal data. Its Amendment 13, effective 14 August 2025, introduces stricter enforcement and modernizes compliance duties. For AI systems that process personal data or make automated decisions, the PPL sets the baseline: privacy-by-design, transparency, security, and lawful processing are non-negotiable.

Other than the PPL, there is no horizontal AI law. Instead, businesses should expect sector regulators (such as in health or finance) to issue AI-related rules first.

 

Soft Law and Policy (Shaping What’s Next)

The Israeli government published an AI Policy in December 2023, which set “responsible innovation” as the guiding principle. The policy directs regulators to craft fit-for-purpose rules for their sectors, and it emphasizes fairness, transparency, and accountability without stifling innovation.

Building on this, the Privacy Protection Authority (PPA) released draft guidance on AI in February 2025. This document explains how existing privacy rules apply to automated decision-making and AI use cases. While still draft, it signals the regulator’s priorities: risk assessments, transparency to users, safeguards against bias, and human oversight for impactful decisions.

Finally, Israel’s National AI Program, coordinated by the Innovation Authority, supports the country’s AI ecosystem. It funds infrastructure and skills, promotes international standards, and lays the groundwork for gradual regulatory mechanisms.

 

Israel’s distinct approach

​Unlike the European Union, which has proposed a comprehensive risk-based AI Act, Israel has chosen a sector-based model. Domain regulators will adapt rules to their industries, recognizing that medical AI, financial AI, and education technology each carry different risks. This pragmatic strategy avoids “one-size-fits-all” regulation but requires organizations to closely monitor developments across multiple authorities.

 

Practical compliance checklist (Now)

To prepare for Israel’s evolving framework, organizations should already be strengthening compliance under the PPL and aligning with regulator expectations. Key priorities include:

  • Mapping data flows in AI systems and confirming lawful bases for processing.
  • Providing clear user notices and, where possible, meaningful explanations of automated decisions.
  • Testing and monitoring datasets to detect and mitigate bias.
  • Ensuring security measures and vendor agreements meet PPL standards.
  • Staying alert to guidance or new rules issued by sector regulators.Likely direction of travel
  • Expect more regulator guidance (especially from the PPA) on automated decision-making and AI model governance where personal data is involved.
  • The government’s National AI Program suggests continued investment plus gradual, targeted regulation rather than a sweeping AI Act.

Looking ahead

Israel’s regulatory trajectory is gradual but deliberate. Expect further guidance from the PPA, particularly around automated decision-making and AI model governance. At the same time, sector regulators are likely to introduce their own requirements before any general AI statute is considered. For businesses, this means compliance must be proactive and flexible, with an eye on both privacy law and sector-specific developments.

 

How Nemko Digital can help

Israel’s evolving AI framework can be complex to navigate. Nemko Digital helps organizations by interpreting new requirements, conducting pre-compliance assessments, and embedding governance practices such as bias management, transparency, and security across the AI lifecycle. This ensures that your AI systems are not only compliant under the Protection of Privacy Law but also ready for sector-specific guidance as it arrives.

Contact Nemko Digital to explore an AI compliance gap analysis for your Israel use cases.

Dive further in the AI regulatory landscape

Nemko Digital helps you navigate the regulatory landscape with ease. Contact us to learn how.

Contact Us

Get Started on your AI Governance Journey

Contact Us