In 2016, Japan significantly amended its Personal Information Protection Act almost a decade and a half after its enactment in 2003 (the act went into full effect on May 30, 2017). The amendment was part of a global push to protect personal information, especially in response to the EU’s General Data Protection Regulation (GDPR). In addition, Japan needed to update the law to cover such new developments as IoT (Internet of Things) and big data. One of the objectives of the amendment was to convince the EU to formally recognize Japan as providing “essentially equivalent” data protection as EU countries do. This status would allow EU countries to share personal data with Japan without requiring any further safeguards. Japan and the EU recently agreed on a framework that should pave the way for the EU to provide Japan with formal recognition as early as this fall.
Please see full Chapter below for more information.