"Newsletter Data Protection (February 2018)"

Newsletter Data Protection (February 2018)

Published: (Thu) 01 Feb 2018

Due to the continuing digitalization of society and business the issue of data protection gains increasing importance also from a legal perspective. Faced with the rapid technological developments, Japan has reformed the Japanese Data Protection Act (“Act on Protection of Personal Information“ – “APPI“), which has become effective on 30 May 2017 (“Amendment”). The Amendment is the first major reform of the APPI since its enactment in 2005. This special newsletter provides an overview of the main changes to the APPI as well as the measures companies need to consider in light of the Amendment.

1. Reform of the data protection law in Japan
The only statutory law on the protection of personal information in Japan is the APPI. The APPI establishes rules concerning handling of personal information, including the acquisition, use and transfer of such personal information. While not legally binding, for certain areas guidelines established by the competent ministry inter alia include suggestions for interpreting the APPI, e.g. the “Financial Services Agency of Japan Guidelines” (“FSA Guidelines”), the “Ministry of Economy, Trade and Industry of Japan Guidelines” (“METI Guidelines”), and the “Ministry of Health, Labor and Welfare Guidelines” (“MHLW Employment Guidelines”).

a) Under the Amendment, the scope of the APPI has been extended. In its pre-amended version, the APPI was not applicable to business operators having no more than 5,000 identifiable individuals in its database on any day during the past six months. For a large number of companies, in particular small and medium-size subsidiaries of foreign companies, the APPI therefore did not apply. This has changed with the Amendment. Due to the extension of the scope, also those business operators, handling a smaller number of data, so-called “Small-Size Database Operators“, are now covered and need to comply with the requirements of the APPI.

b) For the first time the Amendment introduces and defines the term “Sensitive Personal Information“. This new category includes information, such as race, religious beliefs, social status, criminal records, and medical history or any other information that may lead to a discrimination or prejudice. The collection and handling of Sensitive Personal Information by a business operator requires a prior explicit consent of the individual concerned. Several directives (such as of the FSA) further include additional provisions concerning the handling of such sensitive personal information.

c) Likewise a new category of “Anonymized Data“ has been introduced. This category includes any personal data that does not contain particular descriptions or items that could be used to identify a person. No prior consent is necessary for the transfer of anonymized data to third parties under certain conditions.

d) Additionally, a New Data Protection Committee for Supervision and Enforcement of Data Protection Regulations was established. The Committee, which consists of experts from practice and academics, operates as a first point of contact for questions regarding data protection as well as supervisory body. The further responsibilities include defining the countries which will be considered as having an adequate level of data protection as Japan as further described under item 1. e) below.


Continue Reading (PDF)

More Newsletters…

Newsletter Major Trends in Offshore Wind Power Generation in Japan (Oct 2020)

Being designated by the Japanese government as a main power source, new policies to proactively promote renewable energy have been adopted in Japan. Among several renewable energy sources, offshore wind power generation has attracted the most attention because, while the lands suitable for land wind power are limited, Japanese waters offer relatively favorable offshore sites for offshore wind power generation, and thus it is necessary for Japan to introduce wind power generation using such offshore sites (cf. the 5th Basic Energy Plan approved by the Cabinet on July 3, 2018).

read more

Newsletter Amendments to Renewable Energy Related Laws and Regulations (September 2020)

The Act to Amend the Electricity Business Act, Etc. for Establishing a Resilient and Sustainable Electricity Supply System (the “Energy Resilience Act”) was enacted effective as of June 5, 2020 upon the passage of the bill therefor by the House of Councilors of the Japanese Diet. The Energy Resilience Act provides for various amendments to energy-related laws, such as the Act on Special Measures Concerning Procurement of Electricity from Renewable Energy Sources by Electricity Utilities (the “Renewable Energy Special Measures Act”) and the Electricity Business Act, and is planned to be enforced starting from April 1, 2022.

read more

Newsflash BOJ Filing and FDI Category Expansion (August 2020)

On 7 June 2020 a significant amendment concerning filing obligations of foreign investors in Japan under the Japanese Foreign Exchange and Foreign Trade Act (FEFTA) came into effect which widely expanded the scope of mandatory prior-notification obligations to the competent governmental authorities (i.e. the Ministry of Finance (MOF) and the Ministry or Agency supervising the area of the business concerned) through the Bank of Japan (BOJ).

read more