On 5 June 2020 the Parliament of Japan passed Amendments to its Act on the Protection of Personal Information (Act No. 57 of 2003 as amended in 2015) (‘APPI’). The Amendments introduce new obligations for data controllers, including mandatory data breach reporting, further restrictions on cross-border data transfers, and an expanded scope of application. The Amendments also provide enhanced rights for data subjects and address pseudonymization. While some of the Amendments have already been entered into effect, the Amended APPI will be fully effective 1 April 2022.
In this OneTrust DataGuidance webinar, legal experts discussed the Amendments to the APPI and its impact on organizations operating in Japan.
Key Takeaways Include:
- An overview of Japan’s APPI and the Amendments
- Analysis of the new data controllers’ obligations and additional restrictions on cross border transfers
- Discussions regarding pseudonymization under the Amended APPI and data subject rights
- Steps to take in preparation for the enforcement