Israel promotes responsible AI innovation through policy and sector-specific guidelines to address core issues and ethical principles.
Laws/Regulations directly regulating AI (the “AI Regulations”)
Currently, there are no specific codified laws, statutory rules or regulations in Israel that directly regulate AI.
AI Policy: Israel's Ministry of Innovation, Science and Technology ("MIST"), in collaboration with the Ministry of Justice ("MOJ"), published: (i) a White Paper on AI in 2022; and (ii) following public consultations, its first policy on "Artificial Intelligence Regulations and Ethics" in 2023 (the "AI Policy") (at the time of writing, a full English translation is yet to be published).
The AI Policy encourages "responsible AI innovation in the private sector"1 through a principled-based, sector-specific regulatory approach using 'soft' tools, such as non-binding ethical principles and voluntary standards. While sector-specific regulation is intended to promote flexibility, the AI Policy also allows for the potential adoption of horizontal legislation if common challenges across sectors arise.
According to the AI Policy, the Israeli government's policy on public sector applications of AI is being developed separately.
Other AI-related Developments: The AI Policy forms part of a wider effort by the Israeli government to address the benefits and risks of AI, which include:
-
Government Decision No. 212 of 1 August 2021 ("Decision 212") – a decision on the reinforcement of technological leadership in Israel which tasked MIST with: (i) advancing a national AI plan for Israel; and (ii) implementing the first phase of the "TELEM Outline," an initiative to (among other things) develop research, human capital, infrastructure and tools in the field of AI (see here, in Hebrew)
-
Publications by the MOJ, or an Office of the MOJ, on the use of AI in financial services2 and IP challenges in the context of large-scale AI models3
-
A proposed national-level forum for public participation on AI policy in Israel, comprised of regulators and experts in technology, policy and law, to promote coordination and coherence in sectoral AI regulation
-
A proposed AI Policy Coordination Centre within MIST and in collaboration with the MOJ to organize and coordinate on regulatory issues relating to artificial intelligence, including (among other responsibilities) to implement and update the AI Policy
-
MIST's active participation in various multinational forums to develop AI regulation and standards, including the OECD's Working Party on AI Governance and the Council of Europe's Committee on AI.
Status of the AI Regulations
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI.
Other laws affecting AI
There are various laws that do not directly seek to regulate AI, but may affect the development or use of AI in Israel. A non-exhaustive list of key examples includes:
- The Copyright Act 20074
- The Protection of Privacy Law5 and related regulations
Although not legally binding, various opinions have also been published on the aforementioned areas:
- The MOJ has published an opinion on IP challenges in the context of large scale AI models6
- The Israeli privacy regulator has published an opinion clarifying that the collection and use of personal data using algorithm or AI-based decision-making must conform with notification obligations7
Definition of “AI”
As noted above, there are currently no specific laws in Israel that directly regulate AI. As such, there is no single legally recognized definition of "AI" in Israel. Nevertheless, the AI Policy describes "AI systems" as having "a wide range of applications such as autonomous vehicles, medical imaging analysis, credit scoring, securities trading, personalized learning and employment," notwithstanding that "the list of applications is constantly expanding."8
Territorial scope
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI. In addition, the AI Policy does not specify a territorial scope.
Sectoral scope
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI.
The AI Policy directs its guidelines and recommendations to sector-specific regulators for AI regulation in areas such as health, education, finance, and more, as it advocates for tailored sectoral regulations instead of broad horizontal legislation.9
While there are overarching recommendations in the AI Policy to foster cooperation between the public and private sectors, the Israeli government's policy on public sector applications of AI is stated as being developed separately.
Compliance roles
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI. Accordingly, there are currently no specific or unique obligations imposed on developers, users, operators and/or deployers of AI systems.
Nevertheless, the AI Policy urges sectoral regulators to determine suitable regulations for developers, users, operators and deployers of AI systems, including micro to medium enterprises. These actors should anticipate regulatory changes (whether legally binding or voluntary) based on the policy's recommendations.
Core issues that the AI Regulations seek to address
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI. Nevertheless, the AI Policy identifies seven core challenges:
- Discrimination risks, which could arise from existing biases in training data and lead to discriminatory outcomes
- An absence of human oversight in AI decision-making, which could undermine overall accountability and result in harmful decisions or errors10
- The concept of 'explainability' (i.e., the inability to easily explain how a particular AI system operates or provide reasons for a specific AI-based decision or recommendation, due to the 'black box' effect of extracting the logic which underlies the AI models). This could result in arbitrary or erroneous decisions that are not always detectable or understandable while also creating potential IP issues for developers and deployers of AI systems
- The appropriate scope of disclosure of AI interactions, as individuals may not be aware of whether and how AI systems are being used (particularly so with vulnerable groups) which could increase the risk of disinformation and consumer manipulation
- Ensuring the technical safety and security of AI systems, which are susceptible to technical faults and manipulation11
- Accountability and liability for harms caused by an AI system, particularly regarding moral, social and legal accountability and responsibility (both criminal and civil)12
- Protecting privacy in the AI context, as some AI-related activities (such as processing large quantities of data) may conflict with data minimization requirements13
Risk categorization
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI. AI is also not generally classified according to risk in the relevant frameworks and principles.
Nevertheless, in line with the approach taken by the OECD AI Recommendations, the AI Policy recommends adopting a risk-based approach through a risk assessment undertaken by the appropriate sector-specific regulator. Such an undertaking should take into account the type of technology, potential benefits and mitigation measures in the context of that specific use. It remains to be seen what categories of risk will be incorporated into this proposed risk assessment.
Key compliance requirements
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI.
Nevertheless, the AI Policy proposes the adoption of a common set of ethical AI principles to achieve responsible innovation, which are largely based upon the OECD AI Principles:
- AI should promote growth, development and Israeli leadership in innovation: This is in line with the recent Israeli Regulation Act, which contains the same principles to guide any new regulation.
- AI should be 'human-centric,' which means it respects the rule of law, fundamental rights and public interests, while maintaining privacy and human dignity.
- AI should encourage equality and minimize discrimination arising from risks of algorithmic bias against individuals or groups.
- AI should be transparent and explainable, meaning individuals are informed about their interactions with AI systems and provided with understandable explanations of AI-based recommendations or decisions involving them.
- AI should be reliable and safe, which means suitable measures should be taken in accordance with accepted professional risk management standards, in order to mitigate potential safety and cyber-related risks throughout the AI system's lifecycle.
- Developers, operators and users of AI should be accountable for the AI system's proper functioning and for the implementation of other ethical principles. This requires a risk-based management approach which ultimately holds responsible persons to account for and to minimize risks to fundamental rights and public interests.
It is important to note that the AI Policy states that these principles are not legally binding on regulators or organizations and that they do not constitute a tool for legal interpretation.
Regulators
Currently, there is no AI-specific regulator in Israel. The MIST is the executive agency for national AI-related strategies and appears to work in close collaboration with the MOJ. The AI Policy encourages the applicable sector-specific regulator(s) to assess the need for any regulation for the development and use of AI.
Enforcement powers and penalties
As noted above, there are currently no specific laws or regulations in Israel that directly regulate AI. As such, enforcement and penalties relating to the creation, dissemination and/or use of AI are currently governed by related violations in non-AI legislation.
1 See the AI Policy (English Summary Version) at pg. 2.
2 See a report published by the Office of Legal Counsel and Legislative Affairs at the MOJ in 2022 (in Hebrew).
3 An opinion published by the MOJ on 18 December 2022. This opinion is further discussed below.
4 https://www.wipo.int/wipolex/en/legislation/details/11509.
5 https://www.gov.il/BlobFolder/legalinfo/legislation/en/ProtectionofPrivacyLaw57411981unofficialtranslatio.pdf (unofficial English translation).
6 The opinion published by the MOJ on December 18, 2022 is available here. To summarize, the opinion concluded that apart from exceptional cases, the use of copyrighted materials for machine learning purposes as it applies to the learning process itself (rather than the output of machine-learning based systems) is generally permitted.
7 From third-party articles, we understand that the opinion by the Israeli privacy regulator, published on July 31, 2022 (see article here), clarifies that the collection and use of personal data using algorithm or AI-based decision-making systems must fully conform with notification obligations and recommends that the notifications include a description of the systems, the way they operate and the source of data processed.
8 See the AI Policy (English Summary Version) at pg. 2.
9 See the AI Policy (English Summary Version) at pg. 2.
10 The AI Policy does, however, note that consideration must be given to responsibility in the respective roles between a human and an AI system which requires "legal and regulatory certainty" (see the AI Policy (English Summary Version) at pg. 4, link here).
11 The AI Policy notes that "additional regulatory intervention is justified" in relation to this challenge (see the AI Policy (English Summary Version) at pg. 5).
12 The AI Policy notes that this challenge calls for, on a case-by-case basis, internal governance structures and risk assessments within organizations and AI companies across regulated sectors.
13 The AI Policy notes that existing privacy regulations require elaboration to address privacy concerns in the development and use of AI systems.
Gornitzky contributors -Netta Shaked-Stadler, Ziv Rotenberg, and Assaf Harel.