Episode 85 - Japan’s New Data Privacy Act, 4 Key Developments

Japan’s Act on the Protection of Personal Information (APPI) becomes effective on April 1, 2022. The APPI strengthens the country’s comprehensive personal data privacy code and affects all businesses that collect or process personal information of Japanese residents. Yugo Nagashima of Frost Brown Todd LLC explores four key developments that affect global business: 1. “Person Related Information” – a new category of data – with consent required to transfer such data to a person related information handler. 2. Extra-Territorial Reach – Instead of an adequacy approach (like the EU), Japan requires a business that will handle Japanese personal information outside Japan to have the consent of those persons after a clear description of the data privacy laws of the foreign jurisdiction. 3. Data Breach Notification – A two-step notification process is mandatory for data breaches, with a low threshold of 1,000 persons triggering mandatory notification. 4. Pseudonymous Information – Specific definition of pseudonymized data and exemption from data breach notification when pseudonymous data has been hacked. If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.
This podcast was created for general informational purposes only as of the time of its creation and does not constitute legal advice, the formation of an attorney client relationship, or a solicitation to provide legal services. The laws governing legal advertising in some states require the following statement in any publication of this kind: “THIS IS AN ADVERTISEMENT.” All rights reserved