Problems and Recommendations on Current Information Legislation in Japan

Kazuhiko Takano

doi:10.20965/jdr.2011.p0244

single-dr.php

« previous

JDR Vol.6 No.2 pp. 244-252

(2011)

doi: 10.20965/jdr.2011.p0244

Paper:

Views over last 60 days: 402

Problems and Recommendations on Current Information Legislation in Japan

Kazuhiko Takano

Graduate School and Faculty of Safety Science, Kansai University, 7-1 Hakubai, Takatsuki, Osaka 569-1098, Japan

Received:

October 18, 2010

Accepted:

January 30, 2011

Published:

April 1, 2011

Keywords:

EU Data Protection Directive, privacy, personal information, trade secret

Abstract

Although Japanese enterprises have already spent considerable money and labor on protection of personal information, the European Union does not assess Japan as a country taking appropriate measures for “adequate levels of protection.” Japan should establish new legislation accepted internationally that reduces massive personal information leaks and revitalizes enterprises and solves domestic problems. Enactment of such legislation is an obligation for Japan, a leading country in the corporate social responsibility (CSR) sector. This paper summarizes current problems, recommends amendments to current legislation and proposes a framework on personal information protection.

Cite this article as:

K. Takano, “Problems and Recommendations on Current Information Legislation in Japan,” J. Disaster Res., Vol.6 No.2, pp. 244-252, 2011.

Data files:

References

[1] See Local Authorities Systems Development Center, “List of Numbers of Municipalities According to Prefectures (as of April 1, 2010),”
http://www.lasdec.nippon-net.ne.jp/cms/1,19,14,151.html
[accessed: January 20, 2011]
[2] In May 2010, a survey was conducted of 53 member enterprises of the Business Ethics Research Center in which the author serves as a fellow. The 21 responses were made under the condition that companies remain anonymous.
[3] Masao Horibe, “International Coordination of Privacy and Personal Information,” in “New Problems on Privacy and Personal Information” edited and written by Masao Horibe, Shoji-Homu Publishing Co., 2010, p. 52. At the BJA-Conference on Data Protection held in Brussels on April 23, 2009, the presentation made by Hana Pachackova, the desk officer of Unit 5 – Data Protection, Legal Affairs, and Policy Division, the Directorate-General for Justice, Freedom and Security of the European Commission, is introduced.
[4] At the 18^th meeting for study presentation of Japan Society for Business Ethics Study held at Sophia University on October 16, 2010, the author presented the study under the title of “Introduction of personal identification number system and proposal for new legislation on privacy protection” and introduced the EU’s assessment of Japan.Many practitioners listening to the presentation mentioned similar remarks.
[5] Directive 95/46/EC of the European Parliament and of the Council of October 24, 1995, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, 31995L0046, Official Journal L281, pp. 0031-0050, 23/11/1995,
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML
[accessed: October 15, 2010].Among many reviews on the EU Data Protection Directive, Masao Horibe, “Advocacy and Discussion on Personal Information Act,” July 31, 2002, pp. 7-10; Fumio Shimpo, “Establishment and Development of Privacy Right,” Seibundo Publishing Co., 2000, pp. 285-288 are referenced.
[6] According to the provisions of Article 189 of the EU Treaty, “regulation” is automatically integrated into the national laws of all EU member states, and all member states are obliged to enact national laws based on the “directive.” The “decision” has legal binding power on specific member states, but “recommendation” and “opinion” have no such power.
[7] The Japanese translation of Article 25 Section 1 and Article 26 Section 1 of the EU Data Protection Directive is cited from the reference materials of “Interim Report on Protection of Personal Information in Electronic Commerce” made by the Working Group Examining Privacy Problems, Next-Generation Electronic Commerce Promotion Council of Japan (ECOM).
[8] Horibe op. cit. in , p. 49. The Article 29 Working Party has certified Switzerland, Canada, Argentina, Safe Harbor Rule of the US, Guernsey, Isle of Man, Jersey, and Faeroe Islands as “adequate” and adopted the opinion for certification of adequacy of Israel and Andorra on December 1, 2009.
[9] “Report – Survey on Measures for Protection of Personal Data of Enterprises in International Transfer,” March 2010, pp. 25-29, “(3) Measures by Japanese Enterprises.”
[10] Theoretically, the interpretation of Article 25 Section 1 of Japan’s Personal Information Protection Law is divided into negative and positive theory in terms of the concrete concept of right to claim release. As negative theory, the following opinions can be given: “Release is legal obligation of entrepreneur treating personal information,” Itsuo Sonobe, “Explanation of Personal Information Protection Law,” Gyosei Publishing Co., 2003, p. 156 and 159; “Release cannot be interpreted as grant of right of claim in trial,” Masatomo Suzuki, “Personal Information Protection Law and Right of Privacy – Legal Character of “Claim for Release,” in “New Problems on Privacy and Personal Information” edited and written by Masao Horibe, Shoji-Homu Publishing Co., 2010, p. 89. As positive theory, the following opinion can be given: “Concrete concept of right should be affirmed taking the intention of the legislator into consideration,” based on the fact that the Minster of State Mr. Hosoda replied in the deliberation of the bill that such right was provided as the intention of the legislator, Michihisa Okamura, “Personal Information Protection Law,” Shoji-Homu Publishing Co., 2009, p. 270. Based on the decision by the Tokyo District Court on June 27, 2007 (Case Report No.1978, p. 29), the concept of right of claim for release was rejected.
[11] Also in Japan, claim for release by the person in question constitutes right in the Act for Protection of Personal Information Retained by Administrative Organs and the Act for Protection of Personal Information Retained by Independent Administrative Institutions. If the person in question claims release of the information concerned but such release is not conducted appropriately, the person can lodge appeal based on the Administrative Appeal Act.
[12] Horibe op. cit. in , p. 44.
[13] Op. cit. .
[14] “About the leaks of customer information – the measures to strengthen supervision of illegal use” issued by Alico Japan on November 11, 2009,
http://www.alico.co.jp/about/press/09_1111.pdf
[accessed: 15 October 2010]
[15] Osamu Sakuma, “Protection of Intangible Property in Criminal Laws,” Seibundo Publishing Co, 1991, p. 1-.
[16] Consumer and antipollution movement were active at the time. This opinion took the stand that introduction of such penalties would hamper these movements.
[17] Atsushi Yamaguchi, “Protection of Trade Secrets,” Jurist No.852, p. 48, 1986.
[18] Economic Espionage Act of 1996, 18 U.S.C. §§1831-1839 (2006).
[19] 18 U.S.C. §1831.
[20] 18 U.S.C. §1832.
[21] The statement of President Bill Clinton at the signature of the Act. The same statement is published by the US Department of Justice on the website,
http://www.usdoj.gov/criminal/cybercrime/usamay2001_6.htm
[accessed: 15 October 2010]
[22] Michael T. Clark, “Economic Espionage, The Role of the US Intelligence Community,” 3 J. Int’l Legal Stud., 254, 1997.
[23] Susan W. Brenner and Anthony C. Crescenzi, “State-Sponsored Crime: The Futility of the Economic Espionage Act,” 28 Hous. J. Int’l L, 392, 2006.
[24] Id., at 406.
[25] David J. Loundy, “Computer Crime, Information Warfare, and Economic Espionage ,” 546, 2003.
[26] United States v. Takashi Okamoto, Hiroaki Serizawa, (N.D. Ohio, May 8, 2001). See “The Trade Secrets Homepage” by R. Mark Halligan.
[27] United States v. Jiangyu Zhu, a/k/a Jiang Yu Zhu and Kayoko Kimbara (June 19, 2002).
[28] The Japanese Government established “the Intellectual Property Strategy Council,” an informal social gathering responsible directly to the Prime Minister, to work out the state strategy for intellectual property and examine its protection and effective utilization. On July 3, 2002, the Council adopted “the Intellectual Property Strategy Outline,” an action plan to revitalize the economy by strengthening the protection of copyrights and trade secrets. The Unfair Competition Prevention Subcommittee in the Intellectual Property Policy Committee in the Industrial Structural Council in the Ministry of Economy, Trade, and Industry, protection of trade secret by means of revision of the Unfair Competition Prevention Act was discussed. Based on the report published by the Subcommittee in February 2003, “the disputes such as illegal acquisition of trade secret that is intangible information have increased due to digitization of information and mobilization of human resources. Such situation was not supposed at the time of enactment of the criminal laws. And the damage caused by these unlawful acts has also become more immense due to the increase of value of trade secret.” The report concluded that criminal penalties should be introduced for acts with a high degree of illegality.
[29] To get rid of the inconvenience in trade between states brought by the different state laws on trade secrets, the National Conference of the Commissioners on Uniform State Law adopted the draft of the Uniform Trade Secrets Act in 1979. After several amendments, the current version of the Uniform Trade Secrets Act was adopted on August 8, 1985.
[30] Ministry of Economy, Trade and Industry, “Guideline on Management of Trade Secrets,” revised on April 9, 2010, p. 28.
[31] The decision by the Tokyo District Court on July 7, 1998, Case Report No.1683, p. 160.
[32] However, if the obtaining, disclosing, or procuring of personal data is necessary for the purpose of preventing or detecting crime, or is required or authorized by or under any enactment, by any rule of law or by the order of a court, or is justified as being in the public interest, the application of subsection (1) is excluded.
[33] Decision at the Cabinet meeting, “Basic Policy of Economic and Financial Reform 2009 –Security, Vitality, Responsibility–,” p. 13, June 23, 2009,
http://www.kantei.go.jp/jp/singi/keizai/kakugi/090623kettei.pdf
[accessed: October 15, 2010]
[34] National Policy Unit of Cabinet Secretariat, “Meeting for Examining Personal Identification Number System on Social Security and Taxes – Interim Report,” June 29, 2010,
http://www.npu.go.jp/policy/policy03/pdf/20100629/20100629syakaihosyou_6_haihu.pdf
[accessed: October 15, 2010]
[35] In May 2007, in the deliberation on the bill on reform of the Social Insurance Agency in the Japanese Diet, it was pointed out that there were many mistakes and imperfections in pension records input by the Social Insurance Agency using computers. It was found that 50 million cases of pension records had not been integrated into the basic pension number system.
[36] In 2010, cases in which whereabouts of seniors over 100 years old were unknown were widely reported. Some local governments explained that personal information retained by welfare and nursing care insurance sections could not be compared because the Personal Information Protection Law prohibits other uses of personal information than the original one. Overreaction to the Act was pointed out.
[37] Technologies to analyze and record via the Intranet the situation of accesses to corporate information resources and outside networks.
[38] Noncontact recognition technologies automatically using electronic waves. Information on entering and leaving rooms is collected by embedding IC chips with antennas in employee cards.

This article is published under a Creative Commons Attribution-NoDerivatives 4.0 Internationa License.

[1] [1] See Local Authorities Systems Development Center, “List of Numbers of Municipalities According to Prefectures (as of April 1, 2010),”
http://www.lasdec.nippon-net.ne.jp/cms/1,19,14,151.html
[accessed: January 20, 2011]

[2] [2] In May 2010, a survey was conducted of 53 member enterprises of the Business Ethics Research Center in which the author serves as a fellow. The 21 responses were made under the condition that companies remain anonymous.

[3] [3] Masao Horibe, “International Coordination of Privacy and Personal Information,” in “New Problems on Privacy and Personal Information” edited and written by Masao Horibe, Shoji-Homu Publishing Co., 2010, p. 52. At the BJA-Conference on Data Protection held in Brussels on April 23, 2009, the presentation made by Hana Pachackova, the desk officer of Unit 5 – Data Protection, Legal Affairs, and Policy Division, the Directorate-General for Justice, Freedom and Security of the European Commission, is introduced.

[4] [4] At the 18^th meeting for study presentation of Japan Society for Business Ethics Study held at Sophia University on October 16, 2010, the author presented the study under the title of “Introduction of personal identification number system and proposal for new legislation on privacy protection” and introduced the EU’s assessment of Japan.Many practitioners listening to the presentation mentioned similar remarks.

[5] [5] Directive 95/46/EC of the European Parliament and of the Council of October 24, 1995, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, 31995L0046, Official Journal L281, pp. 0031-0050, 23/11/1995,
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML
[accessed: October 15, 2010].Among many reviews on the EU Data Protection Directive, Masao Horibe, “Advocacy and Discussion on Personal Information Act,” July 31, 2002, pp. 7-10; Fumio Shimpo, “Establishment and Development of Privacy Right,” Seibundo Publishing Co., 2000, pp. 285-288 are referenced.

[6] [6] According to the provisions of Article 189 of the EU Treaty, “regulation” is automatically integrated into the national laws of all EU member states, and all member states are obliged to enact national laws based on the “directive.” The “decision” has legal binding power on specific member states, but “recommendation” and “opinion” have no such power.

[7] [7] The Japanese translation of Article 25 Section 1 and Article 26 Section 1 of the EU Data Protection Directive is cited from the reference materials of “Interim Report on Protection of Personal Information in Electronic Commerce” made by the Working Group Examining Privacy Problems, Next-Generation Electronic Commerce Promotion Council of Japan (ECOM).

[8] [8] Horibe op. cit. in , p. 49. The Article 29 Working Party has certified Switzerland, Canada, Argentina, Safe Harbor Rule of the US, Guernsey, Isle of Man, Jersey, and Faeroe Islands as “adequate” and adopted the opinion for certification of adequacy of Israel and Andorra on December 1, 2009.

[9] [9] “Report – Survey on Measures for Protection of Personal Data of Enterprises in International Transfer,” March 2010, pp. 25-29, “(3) Measures by Japanese Enterprises.”

[10] [10] Theoretically, the interpretation of Article 25 Section 1 of Japan’s Personal Information Protection Law is divided into negative and positive theory in terms of the concrete concept of right to claim release. As negative theory, the following opinions can be given: “Release is legal obligation of entrepreneur treating personal information,” Itsuo Sonobe, “Explanation of Personal Information Protection Law,” Gyosei Publishing Co., 2003, p. 156 and 159; “Release cannot be interpreted as grant of right of claim in trial,” Masatomo Suzuki, “Personal Information Protection Law and Right of Privacy – Legal Character of “Claim for Release,” in “New Problems on Privacy and Personal Information” edited and written by Masao Horibe, Shoji-Homu Publishing Co., 2010, p. 89. As positive theory, the following opinion can be given: “Concrete concept of right should be affirmed taking the intention of the legislator into consideration,” based on the fact that the Minster of State Mr. Hosoda replied in the deliberation of the bill that such right was provided as the intention of the legislator, Michihisa Okamura, “Personal Information Protection Law,” Shoji-Homu Publishing Co., 2009, p. 270. Based on the decision by the Tokyo District Court on June 27, 2007 (Case Report No.1978, p. 29), the concept of right of claim for release was rejected.

[11] [11] Also in Japan, claim for release by the person in question constitutes right in the Act for Protection of Personal Information Retained by Administrative Organs and the Act for Protection of Personal Information Retained by Independent Administrative Institutions. If the person in question claims release of the information concerned but such release is not conducted appropriately, the person can lodge appeal based on the Administrative Appeal Act.

[12] [12] Horibe op. cit. in , p. 44.

[13] [13] Op. cit. .

[14] [14] “About the leaks of customer information – the measures to strengthen supervision of illegal use” issued by Alico Japan on November 11, 2009,
http://www.alico.co.jp/about/press/09_1111.pdf
[accessed: 15 October 2010]

[15] [15] Osamu Sakuma, “Protection of Intangible Property in Criminal Laws,” Seibundo Publishing Co, 1991, p. 1-.

[16] [16] Consumer and antipollution movement were active at the time. This opinion took the stand that introduction of such penalties would hamper these movements.

[17] [17] Atsushi Yamaguchi, “Protection of Trade Secrets,” Jurist No.852, p. 48, 1986.

[18] [18] Economic Espionage Act of 1996, 18 U.S.C. §§1831-1839 (2006).

[19] [19] 18 U.S.C. §1831.

[20] [20] 18 U.S.C. §1832.

[21] [21] The statement of President Bill Clinton at the signature of the Act. The same statement is published by the US Department of Justice on the website,
http://www.usdoj.gov/criminal/cybercrime/usamay2001_6.htm
[accessed: 15 October 2010]

[22] [22] Michael T. Clark, “Economic Espionage, The Role of the US Intelligence Community,” 3 J. Int’l Legal Stud., 254, 1997.

[23] [23] Susan W. Brenner and Anthony C. Crescenzi, “State-Sponsored Crime: The Futility of the Economic Espionage Act,” 28 Hous. J. Int’l L, 392, 2006.

[24] [24] Id., at 406.

[25] [25] David J. Loundy, “Computer Crime, Information Warfare, and Economic Espionage ,” 546, 2003.

[26] [26] United States v. Takashi Okamoto, Hiroaki Serizawa, (N.D. Ohio, May 8, 2001). See “The Trade Secrets Homepage” by R. Mark Halligan.

[27] [27] United States v. Jiangyu Zhu, a/k/a Jiang Yu Zhu and Kayoko Kimbara (June 19, 2002).

[28] [28] The Japanese Government established “the Intellectual Property Strategy Council,” an informal social gathering responsible directly to the Prime Minister, to work out the state strategy for intellectual property and examine its protection and effective utilization. On July 3, 2002, the Council adopted “the Intellectual Property Strategy Outline,” an action plan to revitalize the economy by strengthening the protection of copyrights and trade secrets. The Unfair Competition Prevention Subcommittee in the Intellectual Property Policy Committee in the Industrial Structural Council in the Ministry of Economy, Trade, and Industry, protection of trade secret by means of revision of the Unfair Competition Prevention Act was discussed. Based on the report published by the Subcommittee in February 2003, “the disputes such as illegal acquisition of trade secret that is intangible information have increased due to digitization of information and mobilization of human resources. Such situation was not supposed at the time of enactment of the criminal laws. And the damage caused by these unlawful acts has also become more immense due to the increase of value of trade secret.” The report concluded that criminal penalties should be introduced for acts with a high degree of illegality.

[29] [29] To get rid of the inconvenience in trade between states brought by the different state laws on trade secrets, the National Conference of the Commissioners on Uniform State Law adopted the draft of the Uniform Trade Secrets Act in 1979. After several amendments, the current version of the Uniform Trade Secrets Act was adopted on August 8, 1985.

[30] [30] Ministry of Economy, Trade and Industry, “Guideline on Management of Trade Secrets,” revised on April 9, 2010, p. 28.

[31] [31] The decision by the Tokyo District Court on July 7, 1998, Case Report No.1683, p. 160.

[32] [32] However, if the obtaining, disclosing, or procuring of personal data is necessary for the purpose of preventing or detecting crime, or is required or authorized by or under any enactment, by any rule of law or by the order of a court, or is justified as being in the public interest, the application of subsection (1) is excluded.

[33] [33] Decision at the Cabinet meeting, “Basic Policy of Economic and Financial Reform 2009 –Security, Vitality, Responsibility–,” p. 13, June 23, 2009,
http://www.kantei.go.jp/jp/singi/keizai/kakugi/090623kettei.pdf
[accessed: October 15, 2010]

[34] [34] National Policy Unit of Cabinet Secretariat, “Meeting for Examining Personal Identification Number System on Social Security and Taxes – Interim Report,” June 29, 2010,
http://www.npu.go.jp/policy/policy03/pdf/20100629/20100629syakaihosyou_6_haihu.pdf
[accessed: October 15, 2010]

[35] [35] In May 2007, in the deliberation on the bill on reform of the Social Insurance Agency in the Japanese Diet, it was pointed out that there were many mistakes and imperfections in pension records input by the Social Insurance Agency using computers. It was found that 50 million cases of pension records had not been integrated into the basic pension number system.

[36] [36] In 2010, cases in which whereabouts of seniors over 100 years old were unknown were widely reported. Some local governments explained that personal information retained by welfare and nursing care insurance sections could not be compared because the Personal Information Protection Law prohibits other uses of personal information than the original one. Overreaction to the Act was pointed out.

[37] [37] Technologies to analyze and record via the Intranet the situation of accesses to corporate information resources and outside networks.

[38] [38] Noncontact recognition technologies automatically using electronic waves. Information on entering and leaving rooms is collected by embedding IC chips with antennas in employee cards.