May 29, 2018
Reflecting the business circles’ demand for new services to utilize data held by the government, the Abe government has established a program that encourages corporations to use personal data stored in government ministries and other public organizations to increase profits.
The government has already faced mounting criticism arguing that the promotion of the use of officially obtained information by for-profit corporations without proper protection will lead to violations of people’s privacy guaranteed under the Constitution.
The newly-introduced government measure is a part of the legislation which was enacted in the current Diet session for the alleged purpose of “productivity improvement”. Under the program, government bodies and independent administrative entities will provide personal information to authorized business operators upon request.
In Diet deliberations, the government explained that what official organizations offer will be anonymously processed information which contains no personal identifier, including the name and address of individuals. Despite the government explanation, there is a risk that information users can identify a specific individual by linking provided government data with information of people who participate in social media with their photos, names, and other personal data. This will lead to the danger of private information leakage and invasion of privacy. However, the government neglected to incorporate in the program necessary measures to prevent the misuse and leakage of identified persons’ data.
Japan is the only nation which has a system that allows the for-profit business sector to access private data stored with government organizations even though the data may be partially protected. In contrast, European nations have tightened the rules regarding the protection of personal information in response to a situation in which a handful of large corporations enjoy dominance in the database market.
The European Commission on May 25 implemented the General Data Protection Regulation (GDPR) to toughen regulations on companies dealing with personal data. With the aim of protecting individual privacy, the GDPR stipulates provisions regarding people’s rights such as the right to erasure (the “right to be forgotten”) and the right to data portability. The right to be forgotten, for example, ensures that individual persons can urge corporations to delete data they presented and the right to data portability allows individuals to transfer their data from one company to another in a safe and secure way. Japan’s law on the protection of personal information has no such provision.
The government has already faced mounting criticism arguing that the promotion of the use of officially obtained information by for-profit corporations without proper protection will lead to violations of people’s privacy guaranteed under the Constitution.
The newly-introduced government measure is a part of the legislation which was enacted in the current Diet session for the alleged purpose of “productivity improvement”. Under the program, government bodies and independent administrative entities will provide personal information to authorized business operators upon request.
In Diet deliberations, the government explained that what official organizations offer will be anonymously processed information which contains no personal identifier, including the name and address of individuals. Despite the government explanation, there is a risk that information users can identify a specific individual by linking provided government data with information of people who participate in social media with their photos, names, and other personal data. This will lead to the danger of private information leakage and invasion of privacy. However, the government neglected to incorporate in the program necessary measures to prevent the misuse and leakage of identified persons’ data.
Japan is the only nation which has a system that allows the for-profit business sector to access private data stored with government organizations even though the data may be partially protected. In contrast, European nations have tightened the rules regarding the protection of personal information in response to a situation in which a handful of large corporations enjoy dominance in the database market.
The European Commission on May 25 implemented the General Data Protection Regulation (GDPR) to toughen regulations on companies dealing with personal data. With the aim of protecting individual privacy, the GDPR stipulates provisions regarding people’s rights such as the right to erasure (the “right to be forgotten”) and the right to data portability. The right to be forgotten, for example, ensures that individual persons can urge corporations to delete data they presented and the right to data portability allows individuals to transfer their data from one company to another in a safe and secure way. Japan’s law on the protection of personal information has no such provision.