Japanese FinTech Regulations Set For Further Changes In 2020

Morrison & Foerster LLP

Morrison & Foerster LLP

Part 1: Proposed regulatory amendments concerning payment settlement services and the introduction of a one-stop intermediary license for marketing financial products

It is generally expected that a bill will soon be proposed to the Diet designed to amend the Payment Services Act[1] (“PSA”) and other relevant statutes to change the regulations applicable to fund remittance services and introduce a new cross-segment financial intermediary service license.

On December 20, 2020, a “Working Group” of the Financial Services Agency of Japan (“FSA”) published a report (“Report”) regarding the regulatory regime for the provision of settlement services and financial intermediary services in Japan.[2]

The Report consists of two major sections. The first section concerns amending regulations governing settlement service providers, and the second section addresses the provision of industry-wide intermediation services dealing with various products of financial service providers.

The proposals in the Report are: (1) to amend the system for granting licenses to fund transfer service providers and (2) to introduce a new type of license for financial service intermediaries.

In most cases, the FSA takes steps to reflect the proposals of this kind of Working Group by amending the relevant statute and regulations, and we expect the same will be the case for the Report. On January 22, 2020, the Nikkei reported that the administration will propose a bill to the Diet to amend the PSA and other statutes and implement the Report’s proposals during the current session, with the expectation that the amendments will come into effect in 2021.[3]

Summary of proposals in the Report (1): Reform of license system for fund transfer service providers

1. In Japan, it used to be the case that a “fund transfer service” (or payment settlement services, which have been defined by the court cases very broadly to mean “the services to intermediate payments between locations with some distance without physical transportation of cash between such locations” – such definition has not been modified or supplemented by statutory amendments) could only be provided by licensed, deposit‑taking financial institutions. This restriction was amended in 2009 with the enactment of the PSA. Under the PSA, an entity registered with the FSA, even though it is not a licensed deposit taking financial institution, may provide fund remittance services subject to certain restrictions. The major restrictions applicable to registered fund transfer service providers, which are not imposed on licensed deposit taking financial institutions, are (a) a limitation on the maximum remittance amount per transaction of JPY 1 million (approximately USD 10,000) and (b) a requirement that the service provider deposit cash with a governmental agency in the amount equal to the total value of the remittances for which the service provider has received funds from customers but has not yet completed the remittance transaction (this deposit may be substituted by a bank guarantee or by maintaining a trust account).

2.The Report proposes to modify (a) in paragraph 1 above, by introducing three categories of registrations to replace the single category under the current provisions of the PSA (in Chapter 3 under the title “Fund Transfer”):

Category 1: Registration where there is no restriction on the maximum amount per transfer. Registrations under Category 1 will be subject to more stringent regulatory requirements because of the potentially greater impact on the systemic risks on the settlement systems, money laundering risks, and the greater risks for customers. As a condition for registration under Category 1, it is proposed that service providers will be prohibited from accepting cash from customers in advance without receiving a specific instruction to remit the cash in the same amount and that the permitted time lag between acceptance of the cash and the deposit described in paragraph 1(b) will be shortened.

Category 2: Registration where transfers are subject to a maximum permissible amount of JPY 1 million or its equivalent. For this Category 2, the Report suggests as an additional requirement that acceptance of funds in advance from customers exceeding JPY 1 million or its equivalent will be prohibited and that service providers will be restricted from accepting advance payment of funds unless the funds are reasonably expected to be used for fund transfer(s) in light of various factors, including the amount received, the period during which the funds remain unused, the past records of fund remittances by the same customer, and the purpose of the remittance. Because the Report does not provide additional detail regarding these suggested requirements, it will be necessary to wait for the publication of the bill and related regulations to understand further how service providers are expected to make such determinations.

The Report also suggests that, where a bank guarantee is procured in lieu of the deposit of cash (referred to in paragraph 1(b) above), a service provider will be expressly prohibited from using the customer funds for a service provider’s money lending business.

Category 3:Registration where transfers are subject to a maximum capped amount much smaller than Category 2. In this case, the requirement for the cash deposit (referred to in paragraph 1(b) above) will be somewhat relaxed.

This category will be created so that the service providers (expected to include new players entering the market) may provide smaller amounts of fund transfer services at much lower costs.

3. The Report also expresses ongoing concern that some registered issuers of prepaid payment instruments (“PPIs”) continue to offer services to users enabling them to assign or transfer PPIs among themselves without obtaining a license as a fund transfer service provider.

The Report suggests that, because such services provided by registered issuers of PPIs resemble fund transfer services, certain additional requirements (e.g., a restriction on maximum quantity of PPIs that may be held by a customer, a requirement to introduce a system for monitoring transfers, etc.) must be introduced and/or the amount of the necessary deposit (which is currently 50% of the issued and unused outstanding amount of the PPIs) must be increased to 100% (equivalent to the deposit required of a fund transfer service provider).

4. Currently, a receiving agent service (called “shuno daiko” in Japanese) is generally considered distinct from a fund transfer service, meaning that registration under the PSA is not required. A typical example of shuno daiko is acceptance of payment for utility bills by a convenience store on behalf of the utility service providers. However, consumer-to-consumer shuno daiko, such as services using a platform on a smart phone to enable a group of users to split payment at a restaurant, etc., have been recently developed and offered by service providers without registering as a fund transfer service provider.

The Report anticipates that such “C2C” services should be treated as fund transfer services and that the PSA will be amended to clarify this position, requiring entities offering such services to register with the FSA as fund transfer service providers subject to regulations applicable to the fund transfer service providers.

Summary of proposals in the Report (2): Introduction of industry wide, one-stop service financial intermediary license

Currently, the services to assist promotion and marketing of the products provided by players in the finance sector are regulated on an industry-by-industry basis. This regulatory approach is based on the premise that an intermediation service provider in some financial industry is acting for, or on behalf of, a particular licensed entity in that financial services industry. For example, an insurance sales agent is required to be licensed under the insurance business law and to act as an agent for a particular insurance company, subject to the applicable company’s supervision. As a result, the current regulatory regime requires these service providers to obtain an intermediary license on a sector-by-sector basis, subject to differing sets of statutory requirements and regulatory requirements applicable to each sector.

The Report proposes to introduce a new type of registration under which a service provider may act as an intermediary (but not as an agent) and sell a variety of financial products from various third parties active in a number of financial sectors on a one-stop basis.

As this type of intermediary, a service provider will not be subject to supervision by any particular provider of financial products and will remain independent. However, the new regulations will require that the products from various respective sectors that such an intermediary may deal with be limited to relatively simple products.

As a result, this new type of intermediary will be able to deal with products provided by competing players in various sectors that are similar to each other, thus enabling customers to compare those products on a one-stop basis.

The Report contemplates that appropriate conduct rules will be put in place to regulate these entities, such as restrictions on holding customer assets in custody, data and information security requirements, and obligations of fair dealing, to disclose fees, to provide proper explanations regarding the products/transactions, etc.

Part 2: FSA has published for public comment the draft amendments to the regulations under the Payment Services Act and the Financial Instruments and Exchange Act to enforce the statutory amendments concerning Crypto Asset related transactions

In March 2019, the FSA proposed amendments to the PSA and the Financial Instruments and Exchange Act (“FIEA”) to strengthen the protections for investors in crypto assets.[4] The proposed amendments were adopted by the Diet on May 31, 2019, and will come into effect within one year from the publication of the amendments.[5]

On January 14, 2020, the FSA published for public comment draft amendments to certain regulations under the PSA and the FIEA to reflect and enforce these statutory amendments.[6] The comment period ended on February 13, 2020. The final texts of the amended regulations will be published, together with the FSA’s answers to public comments, in a couple of months.

Below is a brief summary of the primary proposed amendments. The proposed amendments to the FIEA also include changes to regulations related to electronically transferrable forms of securities, but we do not cover those amendments in this summary.

1. Proposed amendments to PSA regulations

The PSA regulates, among others, the crypto asset exchange service providers, which is defined to include persons engaged in the business of selling, purchasing, and intermediating the sale and purchase of, or providing custody services for, crypto assets.

(1) Certain additional requirements will apply with respect to applications for registration as a crypto asset exchange service provider, including:

Holders of 10% or more of the voting rights in the applicant are required to be disclosed.[7]

With respect to capitalization and net assets, crypto asset exchange service providers will be required to maintain net assets of not less than the aggregate value of the crypto assets held in custody for customers in hot wallets, if the crypto asset exchange service provider holds customer assets in custody.[8] This is in addition to existing requirements that a crypto asset exchange service provider have a minimum stated capital of at least JPY 10 million and a positive amount of total “net assets” (total assets minus total liabilities as reflected on its most recent balance sheet).

(2) Requirements related to customer assets:

The amendment to the PSA made significant changes affecting crypto asset exchange service providers, including: a requirement that customer cash must be held in a trust account and an obligation to hold crypto assets in cold wallets, with the limited exceptions and requirement that a crypto asset exchange service provider must hold its own crypto assets as security for potential customer claims in an amount equivalent to the customer assets held in hot wallets for exchange purposes. The proposed amendments to the PSA regulations set forth additional details of the requirements newly introduced by the related statutory amendments to the PSA. The draft amendments to the regulations require that the portion of crypto assets that can be held in a hot wallet must be 5% or less of the aggregate value of the customer crypto assets held in custody.

(i) Cash[9]

Any cash held by a crypto asset exchange service provider for customers must be segregated from its own cash and maintained in a trust account opened with a licensed trustee and with the service provider’s customers designated as beneficiaries. The agents acting for the beneficiaries must be appointed by the crypto asset exchange service provider, at least one of which must be an attorney, an attorney corporation, a CPA, an accounting corporation, a tax accountant, a tax accountant corporation, or such other professional designated by the FSA. The trust assets may be invested in certain low-risk financial instruments, but this is subject to stringent restrictions. If the crypto asset exchange service provider loses its license or has its license suspended, becomes insolvent, or exits from the business, the trust assets will be placed under the control of the appointed agent who is one of the aforementioned professionals in favor of the beneficiary. In addition, crypto asset exchange service providers are required to compare the aggregate amount of customer cash held by such entity with the outstanding amount of trust assets every business day and, if there is any shortfall, must adjust the amount of the trust assets within two business days to become equivalent to or greater than customer cash held.

(ii) Crypto Assets

The customers’ crypto assets must be segregated from the crypto asset exchange service provider’s own assets and be maintained in cold wallets, except to the extent necessary to facilitate the smooth operation of the exchange services. However, the portion of the customers’ crypto assets that may be maintained outside a cold wallet (which must also be segregated) may not exceed 5% of the total value of all customer crypto assets under the custody of the crypto asset exchange service provider. [10]

With respect to that portion of crypto assets not maintained in a cold wallet, the crypto asset exchange service provider must keep its own crypto assets (of the same kind and in the same quantity) segregated in a separate cold wallet, over which its customers will have priority claim over other creditors. [11]

(iii) Audit[12]

Crypto asset exchange service providers will have to have their administration and management of the assets referred to in (i) and (ii) above audited by a CPA or an accounting firm qualified to conduct such audit at least once a year.

(iv) Contingency plan[13]

Crypto asset exchange service providers must adopt and implement policies and plans to prepare for cases where such crypto asset service provider becomes unable to deliver crypto assets to the customers as required under its contracts with customers.

(3) Best execution, etc.

The proposed amendments to the PSA also seek to impose additional requirements on crypto asset exchange service providers, similar to those applicable to the securities brokers/dealers or the dealers of foreign exchange products pursuant to the FIEA (and regulations thereunder).

The crypto asset exchange service provider must make available to its customers information regarding the most updated (recent) price at which it has executed orders for other customers, and the price quoted by the self-regulatory association (currently, Japan Virtual Currency Exchange Association).[14]

The crypto asset exchange service provider must adopt appropriate procedures and policies for realizing “best executions” and publish such policy. The crypto asset exchange service provider must notify a customer if the service provider acted as the counter party in a transaction and explain why such activity is consistent with the best execution policy with supporting information in writing.[15]

The crypto asset exchange service provider must adopt a system and policies to detect and monitor conflicts of interest in the transactions it facilitates and publish such policy.[16]

The crypto asset exchange service provider must adopt measures to detect and suspend inappropriate trading (i.e., fraudulent conduct, market price manipulation, etc.).[17]

The crypto asset exchange service provider is required to adopt the following measures[18]:

  • Measures to avoid dealing with high-risk crypto assets;[19]
  • Measures to administer non-public material information that may affect a customer’s decision as to whether to enter into transactions regarding crypto assets;
  • Disclosure of its accounting statements delivered to the FSA; and
  • If it borrows crypto assets, measures to inform the counter party regarding the accompanying risks and measures to avoid excessive borrowings.

(4) Prohibited actions[20]

A section entitled “prohibited actions” is also proposed to be added to the PSA. Once again, these requirements are similar to those applicable to securities brokers/dealers and/or the dealers of foreign exchange products pursuant to the FIEA (and regulations thereunder). The requirements imposed on crypto asset exchange service providers are quite detailed and beyond the scope of this article, but generally include:

  • Provision of information on crypto assets or the crypto asset exchange service provider that is not based on reasonable grounds or supporting evidence;
  • Solicitation without disclosing material information;
  • Uninvited solicitation;
  • Solicitation of transaction that is not suitable for respective customers;
  • Indication of assertive judgment on uncertain matters;
  • Accepting orders with knowledge that the customer may be engaged in use of non-public material information or trading for other inappropriate purpose;
  • Market price manipulations or its assistance;
  • Communication or use of non-public material information that would affect investment decisions;
  • Front running; and
  • Acts or omissions in violation of the rules of the JVCEA.[21]

(5) Regulations on margin trading transactions[22]

With respect to any margin trading transactions undertaken by a crypto asset exchange service provider, the proposed PSA amendment seeks to impose rules similar to those currently applicable to foreign exchange dealers. These rules include requirements of appropriate disclosure and explanations on the transaction terms (including those concerning security deposits) and accompanying risks, mandatory obligations to receive security deposits (the minimum amount of which shall be not less than 50% of the value of the trade or, alternatively for corporate customers, at a percentage calculated by the method prescribed by the order of the director general of the FSA), implementation of loss-cut rules, etc.

(6) Restrictions on advertisements and marketing

With respect to any advertisements for the crypto asset exchange services, the amendments to the PSA will require that the following information be indicated “in accordance with the provisions in the Cabinet Office Ordinance”[23]:

  • Corporate/trade name;
  • The fact that it is a registered crypto asset exchange service provider and its registration number;
  • The fact that crypto assets are not “currencies”[24]; and
  • The nature of the applicable crypto assets, which may be material to a customer’s decision as to whether they enter into the transactions “and are designated in the cabinet Office Ordinance as such.

The Draft PSA Ordinance requires, in this respect, that the notification of these matters be made clearly and correctly and that the latter two items must be conveyed using letters not smaller than the largest characters used in the same advertisement.[25]

The “natures of crypto assets” that are designated by Draft PSA Ordinance as having to be indicated in advertisements are:[26]

  • If the customer may suffer loss due to fluctuations in the value of the crypto assets, such fact and the reason why the customer may suffer loss; and
  • The fact that crypto assets can be used for payments only if the counter party consents to accept the crypto assets as payment.

The amended PSA also requires that, in conducting solicitations, a crypto asset service provider may not make any statements that may be misleading “concerning the matters designated by the Cabinet Office Ordinance.” [27] The following matters are designated as such in the Draft PSA Ordinance[28]:

  • Matters concerning the system for ownership and assignment of crypto assets;
  • Trends in trade volumes and market prices concerning crypto assets or forecasts related thereto;
  • The financial strength or credit of the crypto asset exchange service provider;
  • Past performance of the crypto asset exchange service provider;
  • Financial strength, credit, or business of the persons who are the issuer or obligor of the crypto assets or a person who can exercise material influence upon the value of or system concerning the crypto assets; and
  • The amount, the maximum amount, or the method to calculate the amount of the fees or expenses payable by the customer.

The Draft Cabinet Ordinance requires that, if any of these matters are indicated in an advertisement by the crypto asset service provider for its services, reasonable supporting evidence must also be provided.[29]

It must also be noted that, under the amended PSA, it will be prohibited to indicate in an advertisement any expression that would promote trades in crypto assets solely for the purpose of realizing capital gains as opposed to the purpose of using crypto assets as payment methods.[30]

2. Proposed amendments to FIEA related regulations

Under the statutory amendments adopted by the Diet on May 31, 2019, the FIEA was amended so that, among others, (i) the crypto assets are included in the definition of the “Financial Instruments”; (ii) investment interests in partnerships, etc.. transferrable through a blockchain are treated as “securities” (i.e., not as “deemed securities” like usual partnership securities, the transfer of which is not in electronic methods); and (iii) fraudulent or deceptive acts, market manipulations, and other inappropriate conducts concerning crypto assets are prohibited and made subject to criminal sanctions.

As a result of (i) above, crypto asset-related derivatives are included in the definition of “derivatives” regulated under the FIEA, and engaging in business to provide or intermediate crypto asset-related derivatives products/transactions constitutes the Type 1 Financial Instrument Business, and engaging in business to provide investment advice or management concerning crypto asset-related derivatives constitutes the Investment Advisory Business or Investment Management Business. To engage in any of such businesses, the relevant registration under the FIEA is required.

As a result of (ii) above, the broker/dealer business concerning the tokens, the holder of which will participate in profit/loss of some business in which the proceeds from the tokens are invested, constitutes the Type 1 Financial Instrument Business (rather than the Type 2 Financial Instrument Business, which is the broker/dealer business concerning usual partnership interests, etc., and subject to less stringent set of regulatory requirements than the Type 1 Financial Instrument Business). In addition, to operate an exchange market for such tokens will be deemed as engaged in operation of securities exchange market, which requires much more stringent license and operational requirements.

The proposed amendments to the regulations under the FIEA include certain conduct rules applicable to the operator of the Type 1 Financial Instrument Business related to crypto asset derivatives, many of which are similar to those applicable to the operator of currency derivatives business. Also included are requirements to provide information on the relevant crypto assets and accompanied risks, to implement rules and procedures for detecting and preventing transactions violating prohibition of deceptive or fraudulent trades, market price manipulations, and other inappropriate conducts, which are similar to those applicable to crypto asset exchange service providers under the PSA.

For example, uninvited solicitations are restricted, and it is required to receive security deposits for derivatives transactions subject to the requirements similar to those applicable to the margin transactions operated by the crypto asset exchange service providers.

[1] Law No. 59 of 2009, as amended.

[2] See https://www.fsa.go.jp/singi/singi_kinyu/tosin/20191220/houkoku.pdf.

[3] See https://www.nikkei.com/article/DGKKZO54882830X20C20A1MM8000/.

[4] “Crypto assets” is the term assigned by the amended PSA to the crypto currencies/virtual currencies. See Article 2, Paragraph 5 of the amended PSA.

[5] For the outline of these amendments, see: https://www.mofo.com/resources/insights/190409-japanese-crypto assets.html.

[6] See https://www.fsa.go.jp/news/r1/sonota/20200114/20200114.html.

[7] Article 5, Item 3, and Article 8 of the draft amendments to the Cabinet Office Ordinance Concerning Crypto Asset Exchange Service Providers (“Draft PSA Ordinance”).

[8] Article 9, Paragraph 1, Item 2 of the Draft PSA Ordinance.

[9] Article 26 of the Draft PSA Ordinance.

[10] Article 27 of the Draft PSA Ordinance.

[11] Article 29 of the Draft PSA Ordinance.

[12] Articles 28 and 30 of the Draft PSA Ordinance.

[13] Article 23, Paragraph 3 of the Draft PSA Ordinance.

[14] Article 23, Paragraph 2, Item 1 of the Draft PSA Ordinance.

[15] Article 23, Paragraph 2, Item 2 of the Draft PSA Ordinance. The proposed amendments to the Administrative Guidelines concerning crypto asset exchange service providers state in II-2-2-1-2 (8) that, if the crypto asset exchange service provider will deal with crypto assets with its customers in more than one transaction method alternatives (i.e., exchange, intermediary or dealing), the crypto asset exchange service provider must adopt rules concerning its choice of transaction method for each type of crypto asset, which it deals with, from the view point of realizing “best execution” for the customer.

[16] Article 23, Paragraph 2, Item 3 of the Draft PSA Ordinance.

[17] Article 23, Paragraph 2, Item 4 of the Draft PSA Ordinance.

[18] Article 23, Paragraph 1 of the Draft PSA Ordinance.

[19] The Administrative Guidelines concerning crypto asset exchange service providers state in I-1-2-3 that the following factors shall be considered in determining whether a particular crypto asset may be dealt with by a crypto asset exchange service provider: difficulties in preventing use for provisions of funds to terrorists or money launderings or other criminal purposes, the suitability to the crypto asset exchange service provider’s own systems and organizations to manage the crypto assets, difficulties in keeping or updating records of the transactions and safekeeping, difficulties for auditors to audit the trades and safekeeping, feasibility of safe administration and delivery, and other difficulties in complying with the requirements under the PSA.

Also, the rules of the JVCEA (to which the registered crypto asset exchange service provider will be required to comply with) set forth certain items to be reviewed, and its members’ obligations to obtain clearance by the JVCEA before commencing dealing with additional kinds of crypto assets.

[20] Article 20 of the Draft PSA Ordinance.

[21] For JVCEA rules, see https://jvcea.or.jp/about/rule/. Some of these rules will be revised to reflect the amendments to the PSA and the FIEA and the regulations thereunder.

[22] Article 25 of the Draft PSA Ordinance.

[23] Article 63-9-2 of the amended PSA.

[24] “Currency” in this context means hard currency, the mandatory acceptance of which as payment is legally warranted by statute or regulation of some jurisdiction.

[25] Article 17 of the Draft PSA Ordinance.

[26] Article 18 of the Draft PSA Ordinance.

[27] Article 63-9-3 of the amended PSA.

[28] Article 19 of the Draft PSA Ordinance.

[29] Article 20, Item 1 of the Draft PSA Ordinance.

[30] Article 63-9-3, Item 3.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP | Attorney Advertising

Written by:

Morrison & Foerster LLP

Morrison & Foerster LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide

JD Supra Privacy Policy

Updated: May 25, 2018:

JD Supra is a legal publishing service that connects experts and their content with broader audiences of professionals, journalists and associations.

This Privacy Policy describes how JD Supra, LLC ("JD Supra" or "we," "us," or "our") collects, uses and shares personal data collected from visitors to our website (located at www.jdsupra.com) (our "Website") who view only publicly-available content as well as subscribers to our services (such as our email digests or author tools)(our "Services"). By using our Website and registering for one of our Services, you are agreeing to the terms of this Privacy Policy.

Please note that if you subscribe to one of our Services, you can make choices about how we collect, use and share your information through our Privacy Center under the "My Account" dashboard (available if you are logged into your JD Supra account).

Collection of Information

Registration Information. When you register with JD Supra for our Website and Services, either as an author or as a subscriber, you will be asked to provide identifying information to create your JD Supra account ("Registration Data"), such as your:

  • Email
  • First Name
  • Last Name
  • Company Name
  • Company Industry
  • Title
  • Country

Other Information: We also collect other information you may voluntarily provide. This may include content you provide for publication. We may also receive your communications with others through our Website and Services (such as contacting an author through our Website) or communications directly with us (such as through email, feedback or other forms or social media). If you are a subscribed user, we will also collect your user preferences, such as the types of articles you would like to read.

Information from third parties (such as, from your employer or LinkedIn): We may also receive information about you from third party sources. For example, your employer may provide your information to us, such as in connection with an article submitted by your employer for publication. If you choose to use LinkedIn to subscribe to our Website and Services, we also collect information related to your LinkedIn account and profile.

Your interactions with our Website and Services: As is true of most websites, we gather certain information automatically. This information includes IP addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data. We use this information to analyze trends, to administer the Website and our Services, to improve the content and performance of our Website and Services, and to track users' movements around the site. We may also link this automatically-collected data to personal information, for example, to inform authors about who has read their articles. Some of this data is collected through information sent by your web browser. We also use cookies and other tracking technologies to collect this information. To learn more about cookies and other tracking technologies that JD Supra may use on our Website and Services please see our "Cookies Guide" page.

How do we use this information?

We use the information and data we collect principally in order to provide our Website and Services. More specifically, we may use your personal information to:

  • Operate our Website and Services and publish content;
  • Distribute content to you in accordance with your preferences as well as to provide other notifications to you (for example, updates about our policies and terms);
  • Measure readership and usage of the Website and Services;
  • Communicate with you regarding your questions and requests;
  • Authenticate users and to provide for the safety and security of our Website and Services;
  • Conduct research and similar activities to improve our Website and Services; and
  • Comply with our legal and regulatory responsibilities and to enforce our rights.

How is your information shared?

  • Content and other public information (such as an author profile) is shared on our Website and Services, including via email digests and social media feeds, and is accessible to the general public.
  • If you choose to use our Website and Services to communicate directly with a company or individual, such communication may be shared accordingly.
  • Readership information is provided to publishing law firms and authors of content to give them insight into their readership and to help them to improve their content.
  • Our Website may offer you the opportunity to share information through our Website, such as through Facebook's "Like" or Twitter's "Tweet" button. We offer this functionality to help generate interest in our Website and content and to permit you to recommend content to your contacts. You should be aware that sharing through such functionality may result in information being collected by the applicable social media network and possibly being made publicly available (for example, through a search engine). Any such information collection would be subject to such third party social media network's privacy policy.
  • Your information may also be shared to parties who support our business, such as professional advisors as well as web-hosting providers, analytics providers and other information technology providers.
  • Any court, governmental authority, law enforcement agency or other third party where we believe disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights, the rights of any third party or individuals' personal safety, or to detect, prevent, or otherwise address fraud, security or safety issues.
  • To our affiliated entities and in connection with the sale, assignment or other transfer of our company or our business.

How We Protect Your Information

JD Supra takes reasonable and appropriate precautions to insure that user information is protected from loss, misuse and unauthorized access, disclosure, alteration and destruction. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. You should keep in mind that no Internet transmission is ever 100% secure or error-free. Where you use log-in credentials (usernames, passwords) on our Website, please remember that it is your responsibility to safeguard them. If you believe that your log-in credentials have been compromised, please contact us at privacy@jdsupra.com.

Children's Information

Our Website and Services are not directed at children under the age of 16 and we do not knowingly collect personal information from children under the age of 16 through our Website and/or Services. If you have reason to believe that a child under the age of 16 has provided personal information to us, please contact us, and we will endeavor to delete that information from our databases.

Links to Other Websites

Our Website and Services may contain links to other websites. The operators of such other websites may collect information about you, including through cookies or other technologies. If you are using our Website or Services and click a link to another site, you will leave our Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We are not responsible for the data collection and use practices of such other sites. This Policy applies solely to the information collected in connection with your use of our Website and Services and does not apply to any practices conducted offline or in connection with any other websites.

Information for EU and Swiss Residents

JD Supra's principal place of business is in the United States. By subscribing to our website, you expressly consent to your information being processed in the United States.

  • Our Legal Basis for Processing: Generally, we rely on our legitimate interests in order to process your personal information. For example, we rely on this legal ground if we use your personal information to manage your Registration Data and administer our relationship with you; to deliver our Website and Services; understand and improve our Website and Services; report reader analytics to our authors; to personalize your experience on our Website and Services; and where necessary to protect or defend our or another's rights or property, or to detect, prevent, or otherwise address fraud, security, safety or privacy issues. Please see Article 6(1)(f) of the E.U. General Data Protection Regulation ("GDPR") In addition, there may be other situations where other grounds for processing may exist, such as where processing is a result of legal requirements (GDPR Article 6(1)(c)) or for reasons of public interest (GDPR Article 6(1)(e)). Please see the "Your Rights" section of this Privacy Policy immediately below for more information about how you may request that we limit or refrain from processing your personal information.
  • Your Rights
    • Right of Access/Portability: You can ask to review details about the information we hold about you and how that information has been used and disclosed. Note that we may request to verify your identification before fulfilling your request. You can also request that your personal information is provided to you in a commonly used electronic format so that you can share it with other organizations.
    • Right to Correct Information: You may ask that we make corrections to any information we hold, if you believe such correction to be necessary.
    • Right to Restrict Our Processing or Erasure of Information: You also have the right in certain circumstances to ask us to restrict processing of your personal information or to erase your personal information. Where you have consented to our use of your personal information, you can withdraw your consent at any time.

You can make a request to exercise any of these rights by emailing us at privacy@jdsupra.com or by writing to us at:

Privacy Officer
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965

You can also manage your profile and subscriptions through our Privacy Center under the "My Account" dashboard.

We will make all practical efforts to respect your wishes. There may be times, however, where we are not able to fulfill your request, for example, if applicable law prohibits our compliance. Please note that JD Supra does not use "automatic decision making" or "profiling" as those terms are defined in the GDPR.

  • Timeframe for retaining your personal information: We will retain your personal information in a form that identifies you only for as long as it serves the purpose(s) for which it was initially collected as stated in this Privacy Policy, or subsequently authorized. We may continue processing your personal information for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research and statistical analysis, and subject to the protection of this Privacy Policy. For example, if you are an author, your personal information may continue to be published in connection with your article indefinitely. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
  • Onward Transfer to Third Parties: As noted in the "How We Share Your Data" Section above, JD Supra may share your information with third parties. When JD Supra discloses your personal information to third parties, we have ensured that such third parties have either certified under the EU-U.S. or Swiss Privacy Shield Framework and will process all personal data received from EU member states/Switzerland in reliance on the applicable Privacy Shield Framework or that they have been subjected to strict contractual provisions in their contract with us to guarantee an adequate level of data protection for your data.

California Privacy Rights

Pursuant to Section 1798.83 of the California Civil Code, our customers who are California residents have the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.

You can make a request for this information by emailing us at privacy@jdsupra.com or by writing to us at:

Privacy Officer
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965

Some browsers have incorporated a Do Not Track (DNT) feature. These features, when turned on, send a signal that you prefer that the website you are visiting not collect and use data regarding your online searching and browsing activities. As there is not yet a common understanding on how to interpret the DNT signal, we currently do not respond to DNT signals on our site.

Access/Correct/Update/Delete Personal Information

For non-EU/Swiss residents, if you would like to know what personal information we have about you, you can send an e-mail to privacy@jdsupra.com. We will be in contact with you (by mail or otherwise) to verify your identity and provide you the information you request. We will respond within 30 days to your request for access to your personal information. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. If you would like to correct or update your personal information, you can manage your profile and subscriptions through our Privacy Center under the "My Account" dashboard. If you would like to delete your account or remove your information from our Website and Services, send an e-mail to privacy@jdsupra.com.

Changes in Our Privacy Policy

We reserve the right to change this Privacy Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our Privacy Policy will become effective upon posting of the revised policy on the Website. By continuing to use our Website and Services following such changes, you will be deemed to have agreed to such changes.

Contacting JD Supra

If you have any questions about this Privacy Policy, the practices of this site, your dealings with our Website or Services, or if you would like to change any of the information you have provided to us, please contact us at: privacy@jdsupra.com.

JD Supra Cookie Guide

As with many websites, JD Supra's website (located at www.jdsupra.com) (our "Website") and our services (such as our email article digests)(our "Services") use a standard technology called a "cookie" and other similar technologies (such as, pixels and web beacons), which are small data files that are transferred to your computer when you use our Website and Services. These technologies automatically identify your browser whenever you interact with our Website and Services.

How We Use Cookies and Other Tracking Technologies

We use cookies and other tracking technologies to:

  1. Improve the user experience on our Website and Services;
  2. Store the authorization token that users receive when they login to the private areas of our Website. This token is specific to a user's login session and requires a valid username and password to obtain. It is required to access the user's profile information, subscriptions, and analytics;
  3. Track anonymous site usage; and
  4. Permit connectivity with social media networks to permit content sharing.

There are different types of cookies and other technologies used our Website, notably:

  • "Session cookies" - These cookies only last as long as your online session, and disappear from your computer or device when you close your browser (like Internet Explorer, Google Chrome or Safari).
  • "Persistent cookies" - These cookies stay on your computer or device after your browser has been closed and last for a time specified in the cookie. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use them to remember your preferences for the next time you visit.
  • "Web Beacons/Pixels" - Some of our web pages and emails may also contain small electronic images known as web beacons, clear GIFs or single-pixel GIFs. These images are placed on a web page or email and typically work in conjunction with cookies to collect data. We use these images to identify our users and user behavior, such as counting the number of users who have visited a web page or acted upon one of our email digests.

JD Supra Cookies. We place our own cookies on your computer to track certain information about you while you are using our Website and Services. For example, we place a session cookie on your computer each time you visit our Website. We use these cookies to allow you to log-in to your subscriber account. In addition, through these cookies we are able to collect information about how you use the Website, including what browser you may be using, your IP address, and the URL address you came from upon visiting our Website and the URL you next visit (even if those URLs are not on our Website). We also utilize email web beacons to monitor whether our emails are being delivered and read. We also use these tools to help deliver reader analytics to our authors to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

Analytics/Performance Cookies. JD Supra also uses the following analytic tools to help us analyze the performance of our Website and Services as well as how visitors use our Website and Services:

  • HubSpot - For more information about HubSpot cookies, please visit legal.hubspot.com/privacy-policy.
  • New Relic - For more information on New Relic cookies, please visit www.newrelic.com/privacy.
  • Google Analytics - For more information on Google Analytics cookies, visit www.google.com/policies. To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. This will allow you to download and install a Google Analytics cookie-free web browser.

Facebook, Twitter and other Social Network Cookies. Our content pages allow you to share content appearing on our Website and Services to your social media accounts through the "Like," "Tweet," or similar buttons displayed on such pages. To accomplish this Service, we embed code that such third party social networks provide and that we do not control. These buttons know that you are logged in to your social network account and therefore such social networks could also know that you are viewing the JD Supra Website.

Controlling and Deleting Cookies

If you would like to change how a browser uses cookies, including blocking or deleting cookies from the JD Supra Website and Services you can do so by changing the settings in your web browser. To control cookies, most browsers allow you to either accept or reject all cookies, only accept certain types of cookies, or prompt you every time a site wishes to save a cookie. It's also easy to delete cookies that are already saved on your device by a browser.

The processes for controlling and deleting cookies vary depending on which browser you use. To find out how to do so with a particular browser, you can use your browser's "Help" function or alternatively, you can visit http://www.aboutcookies.org which explains, step-by-step, how to control and delete cookies in most browsers.

Updates to This Policy

We may update this cookie policy and our Privacy Policy from time-to-time, particularly as technology changes. You can always check this page for the latest version. We may also notify you of changes to our privacy policy by email.

Contacting JD Supra

If you have any questions about how we use cookies and other tracking technologies, please contact us at: privacy@jdsupra.com.

- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.