Advancements in the Personal Information Protection System in Japan

Abstract

This article aims to overview the recent amendment of the Act on the Protection of Personal Information in Japan and discusses how it has made advancements and how it should address new challenges; furthermore, it shows future perspectives of Japanese data protection regime from both the national and international viewpoints. Overall, this amendment has heightened data protection levels by strengthening individual rights, reinforcing the obligations of Business Operators Handling Personal Information, raising the maximum amount for pecuniary fines, strengthening enforcements, and enhancing transparency. There are certain similarities and differences between the General Data Protection Regulation in the EU and the Japanese Act on the Protection of Personal Information. It is important to elaborate on international coordination between enacting sanctions delivered by multiple jurisdictions. In addition to the amended Act, the Cabinet Secretariat and the Personal Information Protection Commission in Japan jointly launched the Expert Committee on Reviewing Personal Information Protection System in order to review Japan’s overall data protection regime. The current Japanese personal information protection system stipulates multiple regulations depending on the category of entities that handle personal information. Creating a comprehensive data protection mechanism by eliminating unnecessary divergences in data protection provisions would be a great advancement in achieving ideal data protection system. Personal Information Protection, Japan, General Data Protection Regulation, Adequacy