Skip to main content
  • Data Protection

Proposed Amendment to the Ministerial Ordinances of the Act on the Protection of Personal Information of Japan: Data Breach Notification (Part II)

In Part II of this series, we will address the details of the data breach notification in the case of Data Breach Incidents.  Please refer to Part I to this newsletter for a general introduction of the proposed amendment to the ministerial ordinances of the Act on the Protection of Personal Information (“APPI”).  Under the 2020 Amendment, the current framework (non-legally binding reporting and notification obligation) is replaced with legally binding and enforceable obligations.  The 2020 Amendment provides that when any leak or loss of, or damage to, personal data processed by a business operator or any other incident concerning the security of personal data (each, a “Data Breach Incident”) occurs and such Data Breach Incident is highly likely to...To read the full article, please see the PDF file

*Updated to reflect the March 24 (2021) amendment to the relative ministerial ordnances. (March 29, 2021)

It is also available in PDF.
Data Protection Newsletter (March 9, 2021) (1.03 MB / 5 pages) Download PDF [1.03 MB]


石川 智也


  • Partner
  • Frankfurt / Düsseldorf

Noriya advises national and international clients from various industries, with a focus on multi-national data protection law projects, such as drafting policy, data transfer agreements and out-sourcing agreements, IT compliance questions, and data breach issues. Since he has experience working with local counsel in more than 80 jurisdictions, he has in depth knowledge of the similarities and differences among data protection laws in many jurisdictions. He can provide his advice taking into account the difference of Japanese laws and other main data protection laws such as the GDPR, CCPA, and PIPL (China).