Data Protection in Japan

Data protection laws in Japan

The Act on the Protection of Personal Information ("APPI") regulates privacy protection issues in Japan and the Personal Information Protection Commission ("PPC"), a central agency acts as a supervisory governmental organization on issues of privacy protection.

The APPI was originally enacted in 2003 but was amended and the amendments came into force on 30 May 2017. On 5 June 2020, the Japanese Diet approved a bill to further amend the APPI ("Amended APPI"). The Amended APPI came into force on April 1, 2022. Also, there was a separate data protection law for public sector. However, the data protection law for public sector was integrated into the APPI and became effective on April 1, 2022 (the data protection law for local governments became effective after April 1, 2023).

Currently, discussions are underway regarding amendments to the APPI from 2025 onward. Key topics include the introduction of an administrative monetary penalty system in addition to the current fines, as well as the establishment of systems for injunction claims and remedies for damages initiated by organizations like qualified consumer organizations. However, the specific timing for the enactment and implementation of the APPI amended provisions remains unclear at this time.

Continue reading

  • no results

Back to top