View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
September 6, 2018updated 07 Sep 2018 12:31am

Europe, Japan One Step Closer to Creating “World’s Largest Area of Safe Data Flows”

Agreement would complement existing EU-Japan Economic Partnership Agreement

By CBR Staff Writer

The European Union and Japan are one step closer to agreeing on a system of data sharing and data privacy trust that requires no additional safeguards or authorisations.

If agreement is reached, it would give European businesses privileged access to the personal data of 127 million Japanese consumers, complementing the existing EU-Japan Economic Partnership Agreement, which was signed in July.

Europe Japan Agreement “First Fully Reciprocal Recognition”

It would also represent the first time that the EU and a third country have agreed on a fully reciprocal recognition of an “adequate level of protection.”

The European Union maintains a whitelist of countries that data can flow to without additional safeguards, but many of these limited in scope.

In order for the EU to add a country to the whitelist it must make an “adequacy decision“. This involves putting a proposal by the European Commission (EC) and an opinion from the European Data Protection Board (EDPB) forward for EU approval.

See also: Deadline Looms for “Privacy Shield” Data Transfer Demands

Japan and the European Union are one step closer to agreement after a draft adequacy decision was circulated by the European Commission this week.

The final steps in the procedure are the formulation of an opinion from the EDPB and a consultation with member state representatives. Once these steps have been taken the College of Commissioners will adopted the adequacy decision.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Věra Jourová, Commissioner for Justice, Consumers and Gender Equality commented in a released statement that: “We are creating the world’s largest area of safe data flows.”

“Personal data will be able to travel safely between the EU and Japan to the benefit of both our citizens and our economies. Our partnership will promote global standards for data protection and set an example for future partnerships in this key area.”

Europe Japan Close to Agreeing on Data Privacy

The Japanese government has given assurances to the EU that Japanese’s authorities accessing personal data for national security or law enforcement purposes will do so in a responsible manner, with any such requests subject to independent oversight and redress mechanisms.

A key part of the adequacy decision is the establishment of a complaint-handling authority. Japan has in recent years established such a body which is overseen by the Japanese independent data protection authority.

A major factor in the movement of the adequacy decision is Japan’s legislators’ reformation of their privacy laws which came into force on May 30th 2017. The establishment of a Personal Information Protection Commission, a government body charged with the regulation and protection of personal information in Japan, was a huge step forward in harmonising EU and Japanese privacy standards.

See Also: GDPR is Here to Stay and Ongoing Compliance Needs Constant Vigilance

As part of the privacy reforms Japan has amended its Act on the Protection of Personal Information which sees it come more in line with the regulations and values expressed in the EU regulations of GDPR.

In the absence of an adequacy decision international transfers of information do take place, but are subjected to alternative transfer tools such as standard contractual clauses and binding corporate rules.

Decisions on Canada and the U.S, for example, are “partial” adequacy decisions. The decision on Canada applies only to private entities falling under the scope of the Canadian Personal Information Protection and Electronic Documents Act.

The troubled EU-US Privacy Shield framework is also  “partial” adequacy decision, as, in the absence of a general data protection law in the U.S., only the companies committing to abiding by the binding Privacy Shield principles benefit from easier data transfers. It also faces sustained legal attack in the EU.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU