TY - JOUR
T1 - The puzzle of Japanese data privacy enforcement
AU - Greenleaf, Graham
AU - Shimpo, Fumio
N1 - Publisher Copyright:
© The Authors 2014. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com
PY - 2014/5/1
Y1 - 2014/5/1
N2 - Japan's data privacy laws have been in force for nearly a decade, sufficient time for evidence of their enforcement to become apparent and be assessed. After explaining briefly the legislative and administrative structure of Japanese data privacy law, this article examines each aspect of the legislation (and associated administrative practices) relevant to enforcement and considers the available evidence of its effectiveness. The article documents the very limited evidence of use and effectiveness of each of the possible types of statutory enforcement in relation to the public sector, and the private sector, and by the co-regulatory systems. It shows that the enforcement mechanisms in the Japanese system are not used to any significant extent, that the ways in which they work are not transparent enough, and that the range of enforcement mechanisms is very limited. Strong but unsubstantiated claims are made by government bodies and academics that Japanese businesses comply with the legislation without being required to do so, but the extent of compliance is a separate enquiry outside the scope of this article. The result is a system that asks observers to take it on trust that it is effective. The absence of evidence is in itself a deficiency, a failure to provide transparency of the enforcement system. Put politely, the effectiveness of Japanese data privacy law remains a puzzle. Major reforms are proposed by the government which may provide much more effective means of enforcement, but are only likely to succeed if they also make that enforcement more transparent.
AB - Japan's data privacy laws have been in force for nearly a decade, sufficient time for evidence of their enforcement to become apparent and be assessed. After explaining briefly the legislative and administrative structure of Japanese data privacy law, this article examines each aspect of the legislation (and associated administrative practices) relevant to enforcement and considers the available evidence of its effectiveness. The article documents the very limited evidence of use and effectiveness of each of the possible types of statutory enforcement in relation to the public sector, and the private sector, and by the co-regulatory systems. It shows that the enforcement mechanisms in the Japanese system are not used to any significant extent, that the ways in which they work are not transparent enough, and that the range of enforcement mechanisms is very limited. Strong but unsubstantiated claims are made by government bodies and academics that Japanese businesses comply with the legislation without being required to do so, but the extent of compliance is a separate enquiry outside the scope of this article. The result is a system that asks observers to take it on trust that it is effective. The absence of evidence is in itself a deficiency, a failure to provide transparency of the enforcement system. Put politely, the effectiveness of Japanese data privacy law remains a puzzle. Major reforms are proposed by the government which may provide much more effective means of enforcement, but are only likely to succeed if they also make that enforcement more transparent.
UR - http://www.scopus.com/inward/record.url?scp=84929092346&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84929092346&partnerID=8YFLogxK
U2 - 10.1093/idpl/ipu007
DO - 10.1093/idpl/ipu007
M3 - Article
AN - SCOPUS:84929092346
SN - 2044-3994
VL - 4
SP - 139
EP - 154
JO - International Data Privacy Law
JF - International Data Privacy Law
IS - 2
ER -