Japan

Japan FlagIn the midst of revising the Japan Civil Code and the foreign attorney laws, Japan has recently passed amendments to its data privacy law, the Act on the Protection of Personal Information (“APPI”).  Some of these changes put Japan’s law closer in line with the EU’s General Data Protection Regulation “GDPR” as to which both have recognized the adequacy of each other’s data privacy regimes.  As a result, transfers of personal information from Japan to all third countries will be subject to stricter controls when the amendments become fully enforceable, which is expected to occur in 2022.
Continue Reading New Amendments Passed to Japan’s Data Privacy Law

The European Commission announced on 23 January 2019 that it has adopted an adequacy decision on Japan (its press release can be found here).[1] This is a result of the assessment process which began on 5 September 2018, the background of which can be found in our previous blog here.

Japan’s data protection authority, the Personal Information Protection Commission (PPC), has also adopted its equivalent decision on Japanese personal data flows to the EU. This mutual recognition allows the safe free flow of personal data between the two territories, creating the world’s largest arena of secure data flows.

Continue Reading European Commission Adopts Adequacy Decision on Japan

What’s New?

On 5 September 2018, the EU Commission commenced proceedings to adopt an Adequacy Decision in relation to Japan’s protection of personal data by issuing a draft ‘Commission Implementing Decision’. This is an important step towards the culmination of discussions between the EU and Japan that were initiated in January 2017, with the aim of permitting the free flow of personal data between the parties. These discussions were part of the broader free trade negotiations between Japan and the EU, which concluded with a successful agreement on 17 July 2018. 
Continue Reading Procedure Launched for Japan and the European Union to Become the World’s Largest Area of Safe Data Transfers

As 2018 picks up steam from its start, we are beginning to see traction in relation to various new regional data privacy and cybersecurity laws.  Many of the provisions seem designed to enable countries to seek an EU Adequacy Finding, which is akin to the Privacy Shield provisions between the EU and the US.  This would allow the easier transfer of EU data between the countries.
Continue Reading Security and Privacy: A View from Asia and the Middle East