Israeli Credit Data Bill Headed for Final Enactment into Law

The Economic Affairs Committee of the Knesset (the Israeli Parliament) has approved the proposed Credit Data Bill, 5776-2015 for second and third (final) reading at the Knesset. The bill seeks to enhance competition in the Israeli consumer credit market, by establishing a central database at the Bank of Israel (Israel’s central bank) with information concerning the creditworthiness of Israelis. The database will enable assessment of the insolvency risks of prospective borrowers. 
Proponents of the forthcoming law emphasize that 60% of credit information about Israelis is held by the two largest Israeli banks, whereas under the new law, additional banks and non-bank credit providers will be able to offer more competitive interest rates because they will be in a better position to assess the borrower’s financial risk based on the information maintained in the newly established creditworthiness database. Those opposed to the new law have warned of the adverse privacy implications on the Israeli public, given the risk of data breach and given that sensitive financial data will be collected into the database without need for prior consent of data subjects.
The new bill provides a set-up period of a couple of years, during which the Bank of Israel will establish the creditworthiness database, collecting information concerning all credit activities by Israelis. The database will contain, among others, information about loans extended by banks and non-bank credit providers. The data will be collected without need of any prior consent of the data subjects. Individuals who wish to opt-out of having information about them collected will be able to do so, except that certain so-called ‘negative data’, such as bounced checks and loan defaults will nevertheless be mandatorily collected and processed in spite of any opt-out. The Bank of Israel will appoint a data protection officer to supervise the database’s operation and guide the Bank of Israel on privacy and data protection compliance with the Israeli Protection of Privacy Law.
The law will also establish “Credit Bureaus” that will acquire pseudonymized data from the database in order to develop risk assessment models. Only when an individual seeks a loan or credit and consents to having his or her financial risk profile compiled will the bureaus will be able to re-identify the information by cross-referencing the pseudonymized data with identifying information. Pursuant to such individual consent, credit providers will be able to request information concerning the person’s solvency. Most of the raw financial data will be retained in the Bank of Israel’s database for 12 years, but only data pertaining to the three most recent years will be divulged to credit providers when they seek to evaluate a person’s solvency. Source: TheMarker (In Hebrew, by: Meirav Arlozorov and Michael Rochverger).