Skip to main content
SpringerLink
Log in

A Tale of Two Privacies: Enforcing Privacy with Hard Power and Soft Power in Japan

  • Chapter
  • First Online:
Enforcing Privacy

Part of the book series: Law, Governance and Technology Series ((ISDP,volume 25))

Abstract

The chapter shows that the enforcement mechanism under the Japanese data protection laws is unique because of a lack of the single data protection authority. Yet, Japan has developed its own enforcement mechanism with trustmarks, authorised organisations, and the strong social norm to respect privacy. In light of the recent international co-operation on enforcing privacy, Japan is seriously considering the need to establish an independent authority to supervise the complex global issues on data protection. The author illustrates the Japanese enforcement mechanism as soft power based on the cultural value of privacy. For the effective enforcement, he argues that it is desirable to use soft power as well as hard power (i.e., legal sanctions).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Nye, Joseph, Soft Power: The Means to Success in World Politics, Public Affairs, 2004, p. 5.

  2. 2.

    Although the UK Information Commissioner’s Office is based in Wilmslow, London is used here as a metonymy, i.e., to represent the UK or, more particularly, the UK approach to privacy enforcement.

  3. 3.

    Information Commissioner’s Office, “Sony fined £250,000 after millions of UK gamers’ details compromised”, news release, 24 January 2013. http://ico.org.uk/news/latest_news/2013/ico-news-release-2013

  4. 4.

    For the UK enforcement approach, see Carey, Peter, Data Protection: A Practical Guide to UK and EU Law Fourth Edition, Oxford University Press, 2015.

    Ministry of Economy, Trade and Industry, Instruction based on the Act of the Protection of Personal Information against Sony Computer Entertainment, 27 May 2013.

  5. 5.

    Nikkei Shimbun, Sony lost four per cent shares in the stock market: disgust of the personal information leakage, 29 April 2011, p. 13.

  6. 6.

    CNIL , “Google Street View : CNIL pronounces a fine of 100,000 Euros” (Pour approfondir Délibération n°2011-035 de la formation restreinte prononçant une sanction pécuniaire à l’encontre de la société GOOGLE Inc.), 21 March 2011.

    http://www.cnil.fr/fileadmin/documents/La_CNIL/actualite/D2011-035.pdf

  7. 7.

    Nye, op. cit., p. x.

  8. 8.

    Warren, Samuel D., and Louis D. Brandeis , “The Right to Privacy”, Harvard Law Review, Vol. 4, No. 5, 15 Dec 1890, p. 216. Brandeis considered breach o f “contract” or “property” to be too narrow, so he used breach of “decency ” instead. See Pember, Don R., Privacy and the Press: The Law, the Mass Media, and the First Amendment, University of Washington Press, 1972, p. 53.

  9. 9.

    Olmstead v. United States, 277 U.S. 438, 485 (1928) (Brandeis, J., dissenting). Justice Brandeis regarded the snooping government as “evil-minded rulers” and “lawbreakers”. Ibid., p. 479.

  10. 10.

    Ibid., p. 483 (Brandeis, J., dissenting).

  11. 11.

    Restatement (Second) of Torts , §652D, Comment h. (1977) at 391.

  12. 12.

    Post, Robert C., Constitutional Domains: Democracy , Community, Management, Harvard University Press, 1995, pp. 64–67.

  13. 13.

    See generally Miyashita, Hiroshi, “The Evolving Concept of Data Privacy in Japanese Law”, International Data Privacy Law, Vol. 1, No. 4, 2011, p. 229.

  14. 14.

    The observation of the Japanese concept of breach of trust is the basis of privacy. See Rosen, Dan, “Private Lives and Public Eyes: Privacy in the United States and Japan”, Florida Journal of International Law, Vol. 6, No. 1, 1990, p. 141.

  15. 15.

    Mishnah Baba Bathra 22a. In addition, the Jewish concept of tikkun olam, the duty that each of us has to heal a broken world, seems to have influenced Brandeis’s privacy. See Chemerinsky, Erwin, “Rediscovering Brandeis’s Right to Privacy”, Brandeis Law Journal, Vol. 45, No. 3, 2007, p. 643.

  16. 16.

    Ito, Masami, Puraibashiii no Kenri [The Right to Privacy], Iwanami Shoten, 1963, p. 7. A year after Professor Ito’s publication, the Tokyo District Court, for the first time in history of Japan, affirmed that “the right to privacy is recognized as the legal protection or the right so as not to be disclosed of private life” (‘After the Banquet’ case). Judgment of Tokyo District Court, 28 Sep. 1964, Hanreijiho vol. 385, p. 12.

  17. 17.

    See Miyashita, Hiroshi, The New ID Number System and Personal Information Protection in Japan, Sungkyunkwan Journal of Science & Technology Law, Vol. 8, No.1, 2014, p. 39.

  18. 18.

    In fiscal year (FY) 2013, there were two cases of collection of reports on incidents, by the Financial Services Agency: Consumer Affairs Agency, Study on the Implementation Status of Businesses on the Protection of Personal Information, October 2014, p. 2 [in Japanese].

  19. 19.

    In the public sector, there was one criminal prosecution of a case by the National Tax Administration Agency in FY 2012: Ministry of Internal Affairs and Communications, Implementation Status of the Protection of Personal Information of Administrative Organs and the Incorporated Administrative Agencies in FY 2012, August 2013, p. 29 [in Japanese].

  20. 20.

    See, e.g., Ministry of Internal Affairs and Communications (then Ministry of Posts and Telecommunications), Guidelines on the Protection of Personal Information in Telecommunications, 1991; Ministry of Economy, Trade and Industry (then Ministry of International Trade and Industry), Guidelines on the Protection of Personal Information with regard to Computer Processing in Private Sector, 1997.

  21. 21.

    Koizumi was Prime Minister from 2001 to 2006. See also Miyashita, Hiroshi, Policies on the Protection of Personal Information [Kojin Joho no Shisaku], Choyokai, 2010, p. 110.

  22. 22.

    Sonobe, Itsuo, Commentary on the Protection of Personal Information [Kojin Joho Hogoho no Kaisetsu], Gyosei, 2005, p. 213.

  23. 23.

    As of October 2014, there were 39 authorised organisations, which handled 505 complaints from consumers with 140 instructions in FY 2013.

  24. 24.

    For an excellent comparative study on privacy seal schemes, see Rodrigues, Rowena, David Wright and Kush Wadhwa, “Developing a Privacy Seal Scheme (That Works)”, International Data Privacy Law, Vol. 3, No. 2, 2013, p. 100.

  25. 25.

    English information is available at http://privacymark.org/index.html

  26. 26.

    Guidelines for Personal Information Protection Management System Implementation based on JIS Q 15001: 2006. http://privacymark.org/reference/pdf/PMS%20guideline.pdf

  27. 27.

    There were 1,627 data breach cases reported to JIPDEC in FY 2013. JIPDEC, The Trend and Cautions in the Reported Incidents on Handling Personal Information in FY 2013, 25 Aug 2014 [in Japanese].

  28. 28.

    In FY 2013, 368 cases were submitted to JIPDEC and 354 cases were resolved. JIPDEC, The Overview of Coping with Consumer Consultations in FY 2013, 30 Sep 2014 [in Japanese].

  29. 29.

    For a recent empirical study on the importance of trust worthiness and reputation, see Orito, Yoko, Kiyoshi Murata and Yasunori Fukuta, “Do Online Privacy Policies and Seals Affect Corporate Trustworthiness and Reputation?”, International Review of Information Ethics, Vol. 19, 2013, p. 52.

  30. 30.

    Consumer Affairs Agency, Study on the Implementation Status of Businesses on the Protection of Personal Information, March 2012, p. 62 [in Japanese].

  31. 31.

    JIPDEC , Decision ofRequestto Dai Nippon Printing Co. in the Data Breach Case, 23 March 2007. This decision indicated the possibility of revocation if the company did not follow the requested measures.

  32. 32.

    JIPDEC, Decision of Benesse Corp., 26 Nov 2014. This case involved a security breach by an employee who stole over 20 million personal information items for selling to several data brokers.

  33. 33.

    JIPDEC, Decision of the false application in the process of review, 14 Nov 2014.

  34. 34.

    Quality-of-Life Policy Council, Summary of Opinions on the Protection of Personal Information, 29 June 2007.

  35. 35.

    Consumer Affairs Agency, Study on the Implementation Status of Businesses on the Protection of Personal Information, March 2012, pp. 110, 112 [in Japanese].

  36. 36.

    A PEC Electronic Commerce Steering Group, Joint Oversight Panel, Findings Report regarding Japan’s intent to participate in the CBPR system, 25 Apr 2014.

  37. 37.

    A PEC Electronic Commerce Steering Group, Joint Oversight Panel, Recommendation Report on APEC Recognition of TRUSTe , 19 February 2013 as amended 18 June 2013.

  38. 38.

    European Commission, Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with regard to the Processing of Personal Data and the Free Movement of Such Data, Brussels, 25 January 2012, Art. 39.

  39. 39.

    Article 29 Working Party , Opinion 02/2014 on a referential for requirements for Binding Corporate Rules submitted to National Data Protection Authorities in the EU and Cross Border Privacy Rules submitted to APEC CBPR Accountability Agents, adopted on 27 February 2014, p. 8.

  40. 40.

    Ibid.

  41. 41.

    See Kuner, Christopher, Transborder Data Flows and Data Privacy Law, Oxford University Press, 2013, p. 180.

  42. 42.

    Cabinet Decision, Basic Policy on the Protection of Personal Information, 2 April 2004. The Basic Policy is the formal legal document based on Art. 7 of the Act to provide the basic direction regarding promotion of policies on the protection of personal information.

  43. 43.

    Financial Services Agency, Guidelines on the Protection of Personal Information in the Financial Sector, 20 November 2009; Q &A on the Protection of Personal Information in Financial Corporations [in Japanese].

  44. 44.

    Consumer Affairs Agency, Implementation Status of the Protection of Personal Information in FY 2013, October 2014 [in Japanese].

  45. 45.

    Ministry of Internal Affairs and Communications, Implementation Status of the Protection of Personal Information of Administrative Organs and the Incorporated Administrative Agencies in FY 2012, August 2013 [in Japanese].

  46. 46.

    Financial Services Agency, Administrative Decision on Michinoku Bank, 20 May 2005. See also Nikkei Shimbun, Michinoku Bank lost 1.31 million consumers’ information, 23 Apr 2005, p. 39.

  47. 47.

    Financial Services Agency, Administrative Decision on Mitsubishi UFJ Securities , 25 June 2009. See also Nikkei Shimbun, Financial Services Agency issued recommendation to Michinoku Bank: the first time under the Act on the Protection of Personal Information, 20 May 2009, p. 4.

  48. 48.

    Financial Services Agency, Administrative Decision on Alico Japan, 24 February 2010. See also Nikkei Shimbun, Alico’s apology money: 500 million yen in total, 7 Oct 2009, p. 4.

  49. 49.

    The Court also took into account the payment of voluntary compensation and deducted that amount from the total compensation. Judgment of Osaka District Court on 19 May 2006, Hanrei Jiho, Vol. 1948, p. 122.

  50. 50.

    Nikkei Shimbun, Disclosing the domestic violence victim’s new address: mishandling a mail in Kashiwa city, 20 Nov 2013 (evening edition), p. 15.

  51. 51.

    See Horibe, Masao, Contemporary Privacy [Gendai no Puraibashiii], Iwanami, 1980, p. 206.

  52. 52.

    Judgment of Supreme Court, 6 March 2008, Minshu Vol. 62, No. 3, p. 665. Article 13 of the Constitution provides: “All of the people shall be respected as individuals. Their right to life, liberty, and the pursuit of happiness shall, to the extent that it does not interfere with the public welfare, be the supreme consideration in legislation and in other governmental affairs.”

  53. 53.

    The Supreme Court held that the Constitution does not directly apply to private parties, but the general regulation s in the Civil Code may provide a solution in certain contexts. See Judgment of Supreme Court on 12 December 1973, Minshu Vol. 27, No. 11, p. 1536 (Mitsubishi Jushi Case).

  54. 54.

    Cabinet Decision on the Amendment on the Act of the Protection of Personal Information, 10 March 2015; IT Strategic Headquarters, the Cabinet, Policy Outline of the Institutional Revision for Utilization of Personal Data, 24 June 2014; Policy on the System Review on the Use of Personal Data , 20 December 2013.

  55. 55.

    See Solove, Daniel J., “Privacy Self-Management and the Consent Dilemma”, Harvard Law Review, Vol. 126, No.7, 2013, pp. 1880–1903 [p. 1888].

  56. 56.

    Judgment of Supreme Court, 6 March 2008, Minshu, Vol. 62, No. 3, p. 665.

  57. 57.

    This decision is not understood as recognition of the right to control one’s personal information, according to the law clerk (chosakan) explanations. See Masumori, Tamami, Explanations on the Supreme Court Cases in 2008 [Saiko Saibansho Hanrei Kaisetsu Minjihen], p. 141. On the contrary, since the 1970s, most constitutional scholars defended the right to control one’s personal information. See, e.g., Sato, Koji, “The Constitutional Position on Privacy: A Comparative Study of Japan and the United States [Puraibashii no Kenri (Sono Kohotekisokumen) no Kenporontekikosatsu]”, Hogaku Ronso Vol. 86, No. 5, 1970, p. 12.

  58. 58.

    Yamamoto, Tatsuhiko, “The Right to Privacy [Puraibashii no Kenri]”, Jurist, No. 1412, 2010, p. 87.

  59. 59.

    For a critique of Japanese privacy laws, see Greenleaf, Graham, Asian Data Privacy Laws, Oxford University Press, 2014 p. 228–265.

  60. 60.

    New State Ice Co. v. Liebmann, 285 U.S. 262, 311 (1932) (Brandeis, J., dissenting).

  61. 61.

    Ibid.

References

  • Article 29 Working Party, Opinion 02/2014 on a referential for requirements for Binding Corporate Rules submitted to National Data Protection Authorities in the EU and Cross Border Privacy Rules submitted to APEC CBPR Accountability Agents, adopted on 27 February 2014.

    Google Scholar 

  • Carey, Peter, Data Protection: A Practical Guide to UK and EU Law, Fourth Edition, Oxford University Press, 2015.

    Google Scholar 

  • Chemerinsky, Erwin, “Rediscovering Brandeis’s Right to Privacy”, Brandeis Law Journal, Vol. 45, No. 3, 2007.

    Google Scholar 

  • Greenleaf, Graham, Asian Data Privacy Laws, Oxford University Press, 2014.

    Google Scholar 

  • Horibe, Masao, Contemporary Privacy [Gendai no Puraibashiii], Iwanami, 1980.

    Google Scholar 

  • Ito, Masami, Puraibashiii no Kenri [The Right to Privacy], Iwanami Shoten, 1963.

    Google Scholar 

  • Kuner, Christopher, Transborder Data Flows and Data Privacy Law, Oxford University Press, 2013.

    Google Scholar 

  • Masumori, Tamami, Explanations on the Supreme Court Cases in 2008 [Saiko Saibansho Hanrei Kaisetsu Minjihen].

    Google Scholar 

  • Miyashita, Hiroshi, “The Evolving Concept of Data Privacy in Japanese Law”, International Data Privacy Law, Vol. 1, No. 4, 2011.

    Google Scholar 

  • Miyashita, Hiroshi, The New ID Number System and Personal Information Protection in Japan, Sungkyunkwan Journal of Science & Technology Law, Vol. 8, No.1, 2014.

    Google Scholar 

  • Miyashita, Hiroshi, Policies on the Protection of Personal Information [Kojin Joho no Shisaku], Choyokai, 2010.

    Google Scholar 

  • Nye, Joseph, Soft Power: The Means to Success in World Politics, Public Affairs, 2004.

    Google Scholar 

  • Orito, Yoko, Kiyoshi Murata and Yasunori Fukuta, “Do Online Privacy Policies and Seals Affect Corporate Trustworthiness and Reputation?”, International Review of Information Ethics, Vol. 19, 2013.

    Google Scholar 

  • Pember, Don R., Privacy and the Press: The Law, the Mass Media, and the First Amendment, University of Washington Press, 1972.

    Google Scholar 

  • Post, Robert C., Constitutional Domains: Democracy, Community, Management, Harvard University Press, 1995.

    Google Scholar 

  • Rodrigues, Rowena, David Wright and Kush Wadhwa, “Developing a Privacy Seal Scheme (That Works)”, International Data Privacy Law, Vol. 3, No. 2, 2013.

    Google Scholar 

  • Rosen, Dan, “Private Lives and Public Eyes: Privacy in the United States and Japan”,

    Google Scholar 

  • Restatement (Second) of Torts, §652D, Comment h. (1977).

    Google Scholar 

  • Sato, Koji, “The Constitutional Position on Privacy: A Comparative Study of Japan and the United States [Puraibashii no Kenri (Sono Kohotekisokumen) no Kenporontekikosatsu]”, Hogaku Ronso Vol. 86, No. 5, 1970.

    Google Scholar 

  • Solove, Daniel J., “Privacy Self-Management and the Consent Dilemma”, Harvard Law Review, Vol. 126, No.7, 2013.

    Google Scholar 

  • Sonobe, Itsuo, Commentary on the Protection of Personal Information [Kojin Joho Hogoho no Kaisetsu], Gyosei, 2005.

    Google Scholar 

  • Yamamoto, Tatsuhiko, “The Right to Privacy [Puraibashii no Kenri]”, Jurist, No. 1412, 2010.

    Google Scholar 

  • Warren, Samuel D., and Louis D. Brandeis, “The Right to Privacy”, Harvard Law Review, Vol. 4, No. 5, 15 December 1890.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Policy Studies, Chuo University, 742-1, Higashinakano, 192-0393, Hachioji, Tokyo, Japan

    Hiroshi Miyashita

  2. Harvard Law School, Visiting Scholar, Cambridge, Massachusetts, USA

    Hiroshi Miyashita

  3. Office of Personal Information Protection, Cabinet Office, Tokyo, Japan

    Hiroshi Miyashita

Authors
  1. Hiroshi Miyashita
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hiroshi Miyashita .

Editor information

Editors and Affiliations

  1. Trilateral Research, London, United Kingdom

    David Wright

  2. Vrije Universiteit Brussel Law, Science, Technology & Society (LSTS), Brussels, Belgium

    Paul De Hert

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Miyashita, H. (2016). A Tale of Two Privacies: Enforcing Privacy with Hard Power and Soft Power in Japan. In: Wright, D., De Hert, P. (eds) Enforcing Privacy. Law, Governance and Technology Series(), vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-25047-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25047-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25045-8

  • Online ISBN: 978-3-319-25047-2

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics

Search

Navigation