Skip to main content

Japan adopts amendment to its privacy act

-

Japan adopts amendment to its privacy act

Addleshaw Goddard LLP
Japan September 25 2015

Image result for japanThe Japanese government has amended the Act on the Protection of Personal Information (APPI) establishing a new Personal Information Protection Commission as of 1st January 2016. The new law includes some restrictions concerning overseas transfers of personal data, and imposes restrictions on the processing of sensitive information. The amendment was due to be passed in the Summer but was delayed because of a data breach incident involving pension records.



The amended APPI expands the definition of “personal information” to include a person’s bodily information, such as fingerprint data and face recognition data. Numeric codes associated with an individual will also be covered by the new definition, such as passport numbers and driver’s license numbers. A new government authority will be established, which will be called the “Personal Information Protection Committee” (the “Committee”). The Committee will have the authority to exercise certain functions, such as the ability to request data controllers to submit reports, conduct onsite inspections and issue administrative orders. How large and structured this Committee will be is still uncertain.
Image result for japan data privacy lawThe amended APPI creates obligations on business operators when anonymizing personal data to be transferred to third parties. For example, a business operator must create the anonymized data pursuant to the regulations of the Committee, and ensure that the original pre-anonymized data may not be recreated. Under the previous APPI, there were no specific definitions concerning sensitive data such as race, religion or medical history.

Under the amended APPI, business operators are prohibited from obtaining such sensitive data without the data subject’s consent. It is likely that other restrictions will also be imposed on sensitive data. Under the amended APPI, a business operator which receives personal data which has been transferred to them will need to confirm how the personal data was obtained, and retain for a certain period, a record of when the personal data was received. Under the amended APPI, individuals who are involved in the handling of personal data which has been subject to misuse or which has been stolen for unjust profit will be subject to a criminal penalty. Under the previous APPI, a business operator may transfer personal data to third parties without the data subject’s consent if the data subject opts-out from doing so. Under the amended APPI, a prior notification to the Committee is necessary in order to use this opt-out arrangement.
Image result for japan data privacy law
The amended APPI provides that personal data may be transferred to a foreign country only when the country has a legal system that is deemed equivalent to the Japanese personal data protection system, or to a third party which undertakes adequate precautionary measures for the protection of personal data, as specified by the Committee. The effective date of the amended APPI has not yet been fixed, however, the law will take effect two years from its date of publication.

Reference:http://www.lexology.com

Comments

Post a Comment

Please share your valuable comments and thoughts on this article. Thanks!

Popular posts from this blog

Responding to Software Review Audits- Good tips on how to handle audit requests and settlements

-
Image
Managing Audits to Prevent Unauthorized Disclosures by Technology Teams by Keli Johnson Swan in Blogs , Software Audits Disputes involving software usage are on the rise for businesses of all sizes. In some cases, technical teams respond to a software publisher’s or a third party’s audit request and provide significant amounts of data without notifying anyone on the corporate governance or the legal teams.  It is critical for those teams to evaluate the publisher’s legal ability to audit, and to identify the data the publisher is entitled to request. It is not uncommon for the legal team to discover the existence of a software audit or license verification after the company has received a demand for damages arising from alleged over-usage of software. Often, employees responding to an audit request do not understand the request and provide inaccurate or incomplete information. Once this information is disclosed, it can expose the business to a damages cla
Read more

"What is the right thing to do?" What's The Difference Between Compliance And Ethics?

-
Image
  What's The Difference Between Compliance And Ethics? Bruce Weinstein, Ph.D. Contributor Customized ethics keynotes, training, and online courses for CE credit May 9, 2019, 01:19pm EDT  TWEET THIS High-character leaders ask, "What is required of me?" but they don't leave it at that. Ethical leaders also ask, "What is the right thing to do? How would an honorable person behave in this situation?" I've noticed some confusion about the roles that ethics and compliance play in organizations. This confusion arises, in part, from the way these two fields are identified. Some companies have only a compliance department. Others have a compliance  and  ethics (or ethics and compliance) department. Some companies have a Chief Ethics Officer separate from compliance. To get some clarity on these crucial roles, I asked seven leaders who are involved in both ethics and compliance to explain the similarities and differences as they saw them. I'll present their vi
Read more

Influencers in the workplace: Can promotional work on social media be regarded as moonlighting?

-
Image
  Lawtons Africa Jun 9, 2023 4 min read Influencers in the workplace: Can promotional work on social media be regarded as moonlighting? Author: Andile Mphale– Candidate Attorney Supervised by: Lavery Modise– Consultant https://www.lawtonsafrica.com/post/influencers-in-the-workplace-can-promotional-work-on-social-media-be-regarded-as-moonlighting The use of social media has many benefits; one of them being the creation of work and income opportunities, such as doing promotional work on social media. Promotional work on social media has also given rise to the term “influencer”. An influencer is someone with a substantial following or a notable online presence, who can influence potential consumers into purchasing a product or service through social media endorsements or recommendations and receive a reward for that. There are influencers who do promotional work on social media on a full-time basis and make a living from it. There are also influencers who do promotional work on social med
Read more